Courses

Winter Term 2016/2017

Bachelor/Master Seminar WS 16/17

In the Bachelor/Master Seminar each student that writes a bachelor's or master's thesis with a member of the IS&C group has to present the topic of the thesis.

Grundlagen der Cybersicherheit WS 16/17

Students learn the basics of cryptography, system security, network security and privacy-preserving mechanisms. They learn to define security goals and are familiarized with the most common attack scenarios.

Theoretical Aspects of Modern Security & Privacy Research WS 16/17

In this seminar, we will discuss recent theoretical developments in privacy and security research. We will simulate a computer science conference's review process by critically reviewing, presenting and discussing research papers with the participants in a block seminar.

Summer Term 2016

Android Security Lab SS 16

In this practical course, the students deal with different aspects of smartphone security at the example of the open-source Android OS. In general, the awareness and understanding of the students for security and privacy problems in the area of smartphones is increased and they learn to tackle current security and privacy issues on smartphones from the perspectives of different actors in the smartphone ecosystem (e.g., end-users, app developers, market operators, etc.). The focus of this course is on the application-layer of Android.

Read More

Die elektronische Akte und der elektronische Rechtsverkehr - technische und rechtliche Aspekte SS 16

Ausgangspunkt des Seminars ist das Gesetz zur Förderung des elektronischen Rechtsverkehrs mit den Gerichten vom 10.10.2013 (ERV-Gesetz). Das Gesetz wird als historischer Durchbruch zu einem flächendeckenden elektronischen Rechtsverkehr (ERV) und einer elektronischen Akte (E-Akte) in Deutschland angesehen. Papierform soll Vergangenheit sein. Durch das ERV-Gesetz wurde bereits jetzt insbesondere die Zivilprozessordnung (ZPO) nach einem festgelegten Zeitplan für einen elektronischen Rechtsverkehr ausgerichtet und umgestaltet (zum Beispiel § 130a ZPO - elektronisches Dokument, § 130d ZPO - Nutzungspflicht des ERV für Rechtsanwälte und Behörden). Diese rechtlichen Vorgaben zwingen zu umfangreichen technischen und organisatorischen Umsetzungsarbeiten auf Gerichtsebene, aber auch auf der Ebene der Anwaltschaft. Das Seminar befasst sich mit den daraus resultierenden grundsätzlichen technischen und rechtlichen Aspekten unter Einbeziehung vergleichbarer Probleme beim E-Government. Es ist daher als interdisziplinäres Angebot für Studentinnen und Studenten sowohl der Informatik als auch der Rechtswissenschaften konzipiert.

Read More

From Idea to Paper: Usable Security Research in Theory and Practice SS 16

In this course, we will give you introductions into the methods used for usable security and privacy research. We will present you research topics - you are welcome to bring your own ideas! - that focus on usable security and privacy. You will program an application (either mobile or desktop) that helps answer your research question, use it to conduct a user study - the other seminar participants will be your subjects, and you will take part in their user studies, too - and evaluate it. You will write a short report that motivates your research, gives an insight into related work, presents your tool, your study, the results and their implications. In the end, you will give a short presentation about your insights.

Read More

Grundlagen des Rechts für Informatiker SS 16

Ziel der Vorlesung ist es, Informatikern einen Einblick in juristisches Denken und die Vorgehensweise bei der Ausgestaltung und Interpretation von Gesetzen zu geben. Neben allgemeinen Konzepten werden wir exemplarisch etwas genauer in einige ausgewählte Rechtsgebiete schauen, die für Sie praxisrelevant werden könnten. Die Vorlesung soll den Besuch von Rechtsvorlesungen (etwa im Nebenfach Rechtsinformatik) nicht ersetzen, sondern einen Eindruck vermitteln und - sollten Sie sich für den Besuch weiterer Rechtsvorlesungen entscheiden - auch aufzeigen, welche Gebiete für die Vertiefung interessant sein könnten.

Read More

Hacking SS 16

Goal of this Proseminar is to give students a deep understanding of the typical security problems and weaknesses that pervade all kinds of IT systems today. To provide a more solid understanding of the discussed attack techniques, this seminar strongly mixes theoretical and practical aspects. On the one hand, participants are conveyed the typical Proseminar learning contents (e.g., presentation techniques, etc.). On the other hand, the participants are required to also introduce and apply established tools for exploiting and attacking IT systems in the context of capture-the-flag styled exercises.

Read More

Information flow control in systems SS 16

Information flow control (IFC) is a cornerstone of computer security. Existing literature on IFC has examined both theoretical techniques to enforce IFC and systems that implement IFC. This course will focus on the latter. We will study papers that describe implementations of IFC in operating systems, relational databases and programming languages. The course is intended to be self-contained. At the beginning of the course, we will cover the basics of IFC.

Read More

Privacy-Enhancing Technologies SS 16

Privacy is a fundamental human right and privacy enhancing technologies (PETs) help to support this right. In light of worldwide electronic data protection laws, PETs play a fundamental role in the design and development of information systems.

This advanced course focuses on the theoretical as well as practical aspects of PETs, such as:

  • Anonymous communication networks
  • Censorship circumvention techniques
  • Differential privacy
  • Private information retrieval
  • Oblivious protocols
  • Privacy in online advertising and web statistics
  • Privacy in cloud computing
  • Electronic voting
  • Zero knowledge proofs and privacy-preserving credentials
  • Practical secure multiparty computation

Secure Software Engineering SS 16

Ever wondered about Ethernet, IP, UDP/TCP? How does DNS work, and which pitfalls there are? What are Denial-of-Service attacks and botnets? You will like this course if you find such security topics interesting.

This course is a mandatory course for Cyber Security students (6 CP).

Mandatory registration by Sunday April 24th .

Content (preliminary)

  • Data Link Layer (Ethernet)
  • Network Layer (IP, ARP, DHCP, ...)
  • Transport Layer (TCP, UDP)
  • Network programming
  • DNS
  • Secure networking (TLS, Email, P2P networks)
  • Network attacks (DDoS, spoofing, reconnaissance, ...)
  • Network defenses (Firewall, Intrusion Detection, ...)

Read More

Security SS 16

In this course, you will acquire a deep understanding and hands-on experience on a broad spectrum of attack and defense techniques for IT systems.

The content of the course comprises different topics, see the tentative schedule in the course website (notice that the resources will be provided on Piazza).

Read More

Theory of Modern Privacy Research SS 16

In this seminar, we will take a close look at the last decade of research on privacy and privacy enhancing technologies. Our main focus will be on the theory of private data release and data protection. We will simulate a computer science conference's review process by critically reviewing, presenting and discussing research papers with the participants in a 2-day block seminar.

Read More

Winter Term 2015/2016

Grundlagen der Cybersicherheit WS 15/16

Students learn the basics of cryptography, system security, network security and privacy-preserving mechanisms. They learn to define security goals and are familiarized with the most common attack scenarios.

Read More

Usable Security and Privacy WS 15/16

In this course, students will become familiar with the most important research of the last decade in Usable Security and Privacy. Simulating a computer science conference's review process, you will critically read and review papers, give short presentations and discuss the papers with other participants in a weekend seminar. The topics will include (but are not limited to) usability challenges of passwords, warning messages, TLS and permission systems.

Read More

Summer Term 2015

Aktuelle Probleme von Recht und Digitalisierung des Straßenverkehrs SS 15

Read More

App Analysis SS 15

This seminar will explore the existing mobile application analysis techniques. In particular, it cover the following topics: Static mobile app analysis, Dynamic mobile app analysis, Mobile app mining, Mobile app testing, Mobile app sandboxing.

Read More

Cobots - Cooperative Robots SS 15

Usually industrial robots are kept in secured environments, e.g. cages, to protect human workers from injuries and accidents in general. In contrast to this, so called cooperative robots or Cobots are designed to (often literally) work hand in hand with humans. In order to do this without risk, cobots must be aware of their surroundings and of actions of human workers. In this practical proseminar/seminar students will gain hands-on experience with actual robots, newest sensor technologies and software components, and you will combine them to realize cobot scenarios.

Read More

Data Networks SS 15

This course will explain data networks. Internet protocols will be used to motivate and explain basic concepts in data networks, as the Internet is today's data network par excellence. Hands-on experience will be gained in programming labs.

Read More

Datenschutzrecht SS 15

Read More

Die elektronische Akte und der elektronische Rechtsverkehr - technische und rechtliche Aspekte SS 15

Ausgangspunkt des Seminars ist das Gesetz zur Förderung des elektronischen Rechtsverkehrs mit den Gerichten vom 10.10.2013 (ERV-Gesetz). Das Gesetz wird als historischer Durchbruch zu einem flächendeckenden elektronischen Rechtsverkehr (ERV) und einer elektronischen Akte (E-Akte) in Deutschland angesehen. Papierform soll Vergangenheit sein. Durch das ERV-Gesetz wurde bereits jetzt insbesondere die Zivilprozessordnung (ZPO) nach einem festgelegten Zeitplan für einen elektronischen Rechtsverkehr ausgerichtet und umgestaltet (zum Beispiel § 130a ZPO - elektronisches Dokument, § 130d ZPO - Nutzungspflicht des ERV für Rechtsanwälte und Behörden). Diese rechtlichen Vorgaben zwingen zu umfangreichen technischen und organisatorischen Umsetzungsarbeiten auf Gerichtsebene, aber auch auf der Ebene der Anwaltschaft. Das Seminar befasst sich mit den daraus resultierenden grundsätzlichen technischen und rechtlichen Aspekten unter Einbeziehung vergleichbarer Probleme beim E-Government. Es ist daher als interdisziplinäres Angebot für Studentinnen und Studenten sowohl der Informatik als auch der Rechtswissenschaften konzipiert.

Read More

Ethik für Nerds SS 15

In diesem Proseminar beschäftigen sich Studenten mit den ethischen Aspekten der Tätigkeit als Informatiker oder Wissenschaftler. Sie beginnen mit der Einführung von Michael Sandel. Danach setzen sie sich mit verschiedenen ethischen Leitlinien auseinander, zum Beispiel denen der GI und der ACM. Außerdem betrachten und erörtern sie eine Reihe konkreter Fälle aus dem Alltag eines Informatikers bzw. Forschers.

Read More

Foundations of Dependable Systems SS 15

The course will explain foundations of dependable systems, ranging from static fault trees to dynamic and more advance modelling and evaluation concepts. An emphasis will be put on state-of-the-art compositional Markov modelling approaches.

Read More

Garbled Circuits SS 15

In this seminar students tackle the question of how two or more parties can jointly compute a function over their inputs, while keeping these private. Yao’s Garbled Circuits represent an important corner stone of this research area and in this seminar we will look at some recent developments and different applications.

Read More

Gesellschafts- und IT-Recht SS 15

Das Seminar umfasst eine breite Auswahl an aktuellen Themen zum nationalen und internationalen Gesellschaftsrecht sowie zum IT-Recht. Die Themenbereiche können von den Seminarteilnehmern frei gewählt werden. Vorkenntnisse zu technischen Fragen oder im Internetrecht sind nicht erforderlich.

Read More

Grundlagen des Rechts für Informatiker SS 15

Ziel der Vorlesung ist es, Informatikern einen Einblick in juristisches Denken und die Vorgehensweise bei der Ausgestaltung und Interpretation von Gesetzen zu geben. Neben allgemeinen Konzepten werden Studenten exemplarisch etwas genauer in einige ausgewählte Rechtsgebiete schauen, die für sie praxisrelevant werden könnten. Die Vorlesung soll den Besuch von Rechtsvorlesungen (etwa im Nebenfach Rechtsinformatik) nicht ersetzen, sondern einen Eindruck vermitteln und - sollten Studenten sich für den Besuch weiterer Rechtsvorlesungen entscheiden - auch aufzeigen, welche Gebiete für die Vertiefung interessant sein könnten.

Read More

Hacking SS 15

Goal of this Proseminar is to give students a deep understanding of the typical security problems and weaknesses that pervade all kinds of IT systems today. To provide a more solid understanding of the discussed attack techniques, this seminar strongly mixes theoretical and practical aspects. On the one hand, participants are conveyed the typical Proseminar learning contents (e.g., presentation techniques, etc.). On the other hand, the participants are required to also introduce and apply established tools for exploiting and attacking IT systems in the context of capture-the-flag styled exercises.

Hot Topics in Language Security SS 15

This seminar will cover static and dynamic approaches to enforce security policies in programs, in particular on platforms like the Web or Android. Examples are standard notions like safety properties or noninterference that e.g. guarantee that no secret may leak to public output and related concepts.

Read More

Informationssysteme SS 15

This basic lecture gives an introduction into database systems and information systems.

Read More

Internetsicherheit SS 15

Ziel der Vorlesung ist die Vermittlung von grundlegenden Konzepten der IT-Sicherheit, die den Teilnehmern in der Praxis vermutlich bereits begegnet sind oder ihnen noch begegnen werden. Der Fokus liegt dabei auf der sicheren Kommunikation im Internet.

Read More

IT-Recht für Fortgeschrittene SS 15

Read More

Juristisches Internetprojekt SS 15

Das Juristische Internetprojekt Saarbrücken ist ein von Studenten kreiertes und weitergeführtes Informationsportal zu einzelnen Rechtsbereichen. Sie erschließen im Rahmen der wöchentlichen Redaktionssitzungen gemeinsam die wichtigsten Einstiegsseiten für nationale und internationale juristische Informationen, schwerpunktmäßig zum Datenschutzrecht, Persönlichkeitsrecht, Urheberrecht sowie zu aktuellen Entwicklungen. Sie betrachten dabei sowohl Informationen aus dem Saarland, aber auch solche von europäischer Bedeutung und schaffen damit auch Transparenz der juristischen Arbeit für die Öffentlichkeit. Aktualität, juristischer Gehalt und Vernetzung sind ständige Messgrößen.

Read More

Privacy Enhancing Technologies SS 15

Privacy is a fundamental human right and privacy enhancing technologies (PETs) help to support this right. In light of worldwide electronic data protection laws, PETs play a fundamental role in the design and development of information systems.

Read More

Rechtsfragen der Elektronischen Personalakte SS 15

Das Institut für Rechtsinformatik betreibt gemeinsam mit der Staatskanzlei des Saarlandes ein Projekt zur Einführung der elektronischen Personalakte. Für die Seminarteilnehmer besteht daher Gelegenheit die Rechtsfragen anhand eines konkreten Fallbeispiels zu erörtern. Es ist geplant die Seminartagungen als gemeinsame Diskussionsveranstaltungen mit Fachleuten aus der Praxis zu halten.

Read More

Secure Software Engineering SS 15

The lectures covers multiple methods aimed at the creation of secure software, ranging from threat modeling and vulnerability analysis, specification mechanisms, security-aware software development and testing (Security by Design), and general best practices. After attending this course, we expect students are able to create, test and certify secure software and developed a profound understanding of security in the context of software engineering.

Read More

Softwarezuverlässigkeit SS 15

In diesem Proseminar wird ein Überblick zu Methoden zur Verbesserung von Softwarezuverlässigkeit gegeben. Beginnend bei Verfahren wie automatisiertem Testen, werden dann formale Softwaremodelle, Prozessalgebren und Spezifikationen bis hin zu automatischer Softwareverifikation besprochen. Ein Fokus liegt auch auf dem Erlernen wissenschaftlichen Arbeitens.

Read More

Unix for Unix/Linux Beginners SS 15

Diese Vorlesung richtet sich an Informatik-Studenten ab dem dritten Semester, die daran interessiert sind, Unix-artige Systeme Kommando-orientiert über Terminal-Zugang zu bedienen und die vielfältigen und zahlreichen Unix-Werkzeuge über die (Unix-)Kommandoebene tagtäglich einzusetzen. Im Mittelpunkt der Betrachtungen stehen GNU/Linux-Systeme (Fedora, Suse, Ubuntu, Slackware, ...), die auch für die Übungen eingesetzt werden.

Read More

Verification of Real-Time Systems SS 15

Real-time systems play a crucial role in many applications, such as avionic control systems, automotive electronics, telecommunications, industrial automation, and robotics. Such safety-critical applications need to be implemented correctly to prevent serious damage to the environment or even the loss of human lives. In this course, students will study methods to verify the timing behavior of such systems. In particular, this includes fundamentals of worst-case execution time analysis and real-time scheduling theory. In addition to analysis methods, students will also discuss the design of timing-predictable hardware platforms that ease analysis.

Read More

Web Security Reading Group SS 15

This course is a periodic reading group covering papers in the area of web security and web security testing. Our particular focus will be papers on web vulnerabilities and security testing. The idea of the reading group is to discuss one paper per week. Each week one volunteer will present a self-chosen paper, while all other participants should also have read the paper.

Read More

Winter Term 2014/2015

Android Security Lab WS 14/15

In this practical course, the students deal with different aspects of smartphone security at the example of the open-source Android OS. In general, the awareness and understanding of the students for security and privacy problems in the area of smartphones is increased and they learn how to extend Android with new security features to tackle current security and privacy issues.

Applied Cryptography WS 14/15

There is a large gap between theory and practice of cryptography today. In this lecture, we will address some of pressing issues with cryptography in real life. We will start our discussion with theoretical cryptographic basics, visit cryptographic protocols, and finish by engineering and analyzing real-world cryptographic instantiations.

Read More

Automated Debugging WS 14/15

This seminar will explore the existing advanced debugging methods -- from interactive debugging tools to experimental methods.

Read More

Automatic Planning WS 14/15

Automatic Planning is one of the fundamental sub-areas of Artificial Intelligence, concerned with algorithms that can generate strategies of action for arbitrary autonomous agents in arbitrary environments. The course will address so-called classical planning, where the actions and environment are assumed to be deterministic; this is a central area in planning, and has been the source of many influential ideas. It is also successfully applied in practice, as we will exemplify in the course. We will examine the technical core of the current research on solving this kind of problem, consisting of four different paradigms for automatically generating heuristic functions (lower bound solution cost estimators): critical paths, ignoring delete lists, abstractions, landmarks. Apart from understanding these techniques themselves, we will learn how to analyze, combine, and compare such estimators. The course consists mostly of research results from the last decade, and is very close to the current research frontier in planning.

Read More

Browser Security WS 14/15

This seminar will approache to improve security in web browsers, like countering drive-by attacks or privacy threats.

Read More

Database Systems WS 14/15

We are flooded with data be it data on the Web (html pages, twitter, facebook, map services, ...), structured data in databases (your money on bank accounts, addresses, cell phone data, school and uni grades, flight information, taxes, medical records, ...), or data in scientific applications (gene data in bioinformatics, telescope data in astronomy, collider data in physics, measurements of seismic activity in geology, ...). In this core lecture you will learn fundamental data managing algorithms and techniques which are used to build (not only) database systems but also search engines (Google), file systems, data warehouses, publish/subscribe systems (like Twitter), streaming systems, map services (google maps), or Amazon's Cloud (EC2), etc.

Read More

Database Systems 2 WS 14/15

Topics will include: main-memory data management

Read More

Datenschutz in Technik und Recht WS 14/15

Read More

Distributed Systems WS 14/15

This course introduces students to the principles, design, and implementation of distributed systems. The lectures focus primarily on the principles and design of distributed systems, and cover communication, distributed storage, naming, synchronization, fault tolerance, peer-to-peer systems and data centers. A course project exposes students to the implementation aspects of distributed systems and serves to solidify students' understanding of the course material.

Read More

Grundlagen der Cybersicherheit WS 14/15

Students learn the basics of cryptography, system security, network security and privacy-preserving mechanisms. They learn to define security goals and are familiarized with the most common attack scenarios.

IT Forensics WS 14/15

The lecture deals with finding and evaluating legal evidence in IT systems, both for criminal prosecution and civil action.

Read More

Logics in Security WS 14/15

This course will explore applications of logics in security. Topics include protocol verification with tools like ProVerif, authorization logics (special modal logics), logics in privacy, and a selection of logics used for proving security properties of programs. This course is intended for graduate and advanced undergraduate students. This is NOT a standard seminar. Scroll down to understand how the course is structured.

Read More

Public-Key Encryption WS 14/15

This course is a research oriented advanced course in cryptography. This course will not give an overview of cryptography. Instead, I will start with the traditional definitions of public key encryption and I will end with more recent result. This course focuses on theoretical aspects of public key encryption, including formal definitions, foundations, and formal proofs of security. The intention of this class is to awake enthusiasm for the research in this area.

Read More

Quantitative Model Checking WS 14/15

Quantitative model checking is concerned with quantities (mostly probabilities) within systems exhibiting random behaviour. Such systems include networked, embedded, or biological systems. Their underlying semantics are usually discrete-time and/or continuous-time Markov chains, possibly extended with nondeterminism. On the respective models, quantitative properties of interest can be verified. The properties can be specified, e.g., by PCTL or LTL for discrete-time models, and CSL for continuous-time models. This course aims to cover both the model construction and the verification techniques for these systems.

Read More

Reverse Engineering WS 14/15

Read More

Security WS 14/15

Read More

Security and Privacy - A Beginner\'s Guide WS 14/15

The latest news about spying on private data and personal information by the US government has received increasing attention among governments, mass media, and the scientific community. This stresses the importance of developing and deploying secure and privacy-preserving systems in our digital lives.

Read More

Static Programm Analysis WS 14/15

Read More

System Security Reading Group WS 14/15

Starting in the winter term 2014/2015, we will have a periodic reading group covering papers in the area of OS and software security. Our particular focus will be papers on exploitation and anti-exploitation. The idea of the reading group is to discuss one paper per week. Each week one volunteer will present a self-chosen paper (informally, e.g., on a whiteboad), while all other participants should also have read the paper.

Read More

Type Systems for Security Verification WS 14/15

Verification WS 14/15

The aim of this course is to introduce Model Checking and related automatic approaches to program verification. The techniques covered are especially suited for verifying properties of concurrent systems which often comprise many nonterminating and communicating processes.

Read More