Content

The lecture is going to be given on Fridays, 10-11:30. It will be streamed and the videos will be available for download, online, subsequent to the corresponding lecture. We will organize the reading group during the first lecture, so please try to make sure that you participate in this event, at least.

Alike the past years there's a limit of 32 students who can participate in this course, as the reading group does not scale to larger groups.

Subject

The lecture resilient networking provides an overview on the basics of secure networks as well as on current threats and respective countermeasures. Especially bandwidth-depleting Denial of Service attacks represent a serious threat. Moreover, over the last years the number of targeted and highly sophisticated attacks on company and governmental networks increased. To make it worse, as a new trend at the moment, the interconnection of the Internet with cyber physical systems takes place. Such systems, e.g., the energy network (smart grid), trans- portation systems and large industrial facilities, are critical infrastructures with severe results in case of their failure. Thus, the Internet that interconnects these systems has evolved to a critical infrastructure as well.

The lecture introduces the current state-of-the-art in the research towards resilient networks. Resilience-enhancing techniques can be generally classified in proactive and reactive methods. Proactive techniques are redundancy and compartmentalization. Redundancy allows to tolerate attacks to a certain extent, while compartmentalization attempts to restrict the attack locally and preventing its expansion across the whole system. Reactive techniques follow a three step approach by comprising the phases of detecting    an attack, mitigate its impacts, and finally restore a system's usual operation.

        Topics

•  excursion to graph theorie
•  overview on BGP routing and the Domain Name Service security
•  Denial of Service attacks and their mitigation
•  techniques to increase the resilience of P2P networks
•  Intrusion detection systems

Organizational matters

Fridays     10:00 hybrid: 50.34:301  online at our bbb server (contact us for the access code)

The course will consist of a lecture (3SWS) and an exercise course (1SWS). The exercise course consists of two parts: we will hold a biweekly reading group and there will be a task assignment. We will read papers from the context of the topics in class in the reading group. Everybody is expected to read all mandatory papers (around 9), and we will choose volunteers for each paper to briefly summarize the content, before the entire group discusses their questions and comments regarding the paper. We hope to discuss two papers during each session. The implementation task will be introduced in the context of the class discussing database publication and differential privacy. Each participant of the course will be tasked to implement a simple solution for data sharing with differential privacy, and the results will be presented and discussed during the last exercise course.

Please register to the mailing list.
There will be an etherpad to organize the reading group

Teaching material

Lecture Schedule (tentative)

Reading Group