Resilient Networking
- Type: lecture
- Chair: KIT-Fakultäten - KIT-Fakultät für Informatik - KASTEL – Institut für Informationssicherheit und Verlässlichkeit - KASTEL Strufe
- Semester: winter of 2022/2023
-
Place:
Building 50.34, Room 301
-
Time:
FR 9:45 - 11:15
- Lecturer: Prof. Dr. Thorsten Strufe
- SWS: 3
- Lv-No.: 2400134
- Information: Präsenz/Online gemischt
The Lecture is held in English.
The lecture is going to be given on Fridays, 09:45-11:15. It will be streamed and the videos will be available for download, online, subsequent to the corresponding lecture. We will organize the reading group during the first lecture, so please try to make sure that you participate in this event, at least.
Alike the past years there's a limit of 16 students who can participate in this course, as the reading group does not scale to larger groups.
Subject
The lecture resilient networking provides an overview on the basics of secure networks as well as on current threats and respective countermeasures. Especially bandwidth-depleting Denial of Service attacks represent a serious threat. Moreover, over the last years the number of targeted and highly sophisticated attacks on company and governmental networks increased. To make it worse, as a new trend at the moment, the interconnection of the Internet with cyber physical systems takes place. Such systems, e.g., the energy network (smart grid), trans- portation systems and large industrial facilities, are critical infrastructures with severe results in case of their failure. Thus, the Internet that interconnects these systems has evolved to a critical infrastructure as well.
The lecture introduces the current state-of-the-art in the research towards resilient networks. Resilience-enhancing techniques can be generally classified in proactive and reactive methods. Proactive techniques are redundancy and compartmentalization. Redundancy allows to tolerate attacks to a certain extent, while compartmentalization attempts to restrict the attack locally and preventing its expansion across the whole system. Reactive techniques follow a three step approach by comprising the phases of detecting an attack, mitigate its impacts, and finally restore a system's usual operation.
Organizational matters
Fridays 09:45 hybrid: online at our bbb server (contact us for the pass code)
Access to online lectures through ILIAS.
The course will consist of a lecture (3SWS) and an exercise course (1SWS). The exercise course consists of two parts: we will hold a biweekly reading group and there will be a task assignment. We will read papers from the context of the topics in class in the reading group. Everybody is expected to read all mandatory papers (around 9), and we will choose volunteers for each paper to briefly summarize the content, before the entire group discusses their questions and comments regarding the paper. We hope to discuss two papers during each session. The implementation task will be introduced in the context of the class discussing database publication and differential privacy. Each participant of the course will be tasked to implement a simple solution for data sharing with differential privacy, and the results will be presented and discussed during the last exercise course.
Please register to the mailing list.
There will be an etherpad to organize the reading group.
To facilitate the reading group, do refer to this template from an anonymous benefactor.
Teaching material
Module 1 – Preliminaries
Date | Material |
28.10. | Introduction to the course (organizational), broad background (pdf) |
4.11. | Background (ctd.) |
11.11. | no class |
18.11. | Background on Graphs and Distributed systems (pdf) |
2.12. | Background on Graphs and Distributed systems (pdf) |
9.12. | Routing |
16.12. | Routing Security (pdf) |
13.1. | Name Resolution |
20.1. | Name Resolution Security |
27.1. | DoS |
3.2. | Intrusion Detection and SIEM (invited lecture by Prof. Mathias Fischer, UHH) |
10.2. | 5G/6G Security |
17.2. | 5G/6G Security ctd. |