Foundations of Web Security - Module Descriptions of the CS department

Cybersecurity BSc (English)

Index

- Mathematics for Computer Scientists 1
- Mathematics for Computer Scientists 2
- Elements of Machine Learning
- Fundamentals of Data Structures and Algorithms
- Introduction to Theoretical Computer Science
- Programming 1
- Programming 2
- Statistics Lab
- System Architecture
- Practical Training: Cybersecurity Lab
- Software Engineering Lab
- Cryptography
- Foundations of Cybersecurity 1
- Foundations of Cybersecurity 2
- Proseminar
- Seminar
- Advanced Public Key Cryptography
- Algorithms in Cryptanalysis
- Foundations of Web Security
- Generating Software Tests
- Machine Learning in Cybersecurity
- Mobile Security
- Obfuscation
- Parameterized Verification
- Physical-Layer Security
- Privacy Enhancing Technologies
- Reactive Synthesis
- Secure Web Development
- Side-Channels Attacks & Defenses
- Usable Security and Privacy
- Automated Debugging
- Big Data Engineering
- Concurrent Programming
- Elements of Statistical Learning
- Ethics for Nerds
- Recht der Cybersicherheit – Datenschutzrechtliche Aspekte
- Recht der Cybersicherheit – Strafrechtliche Aspekte
- Topics in Algorithmic Data Analysis
- Bachelor's Seminar
- Bachelor's Thesis

Foundations of Web Security FoWS

General

study semester: 5-6
standard study semester: 6
cycle: occasional
duration: 1 semester
SWS: 4
ECTS: 6
teaching language: English

People

responsible: Dr. Ben Stock
lectures: Dr. Ben Stock

Assessment & Grades

entrance requirements: Security or Foundations of Cybersecurity 1 and 2
assessment / exams: Projekt und schriftliche Abschlussklausur
grade: Das Modul ist insgesamt bestanden, wenn die Prüfungsleistung bestanden wurde.

Workload

course type /weekly hours

  2 h lectures
+ 2 h tutorial
= 4 h (weekly)

total workload

   60 h of classes
+ 120 h private study
= 180 h (= 6 ECTS)

Aims / Competences to be developed

The students will acquire a practical understanding of the security threats a modern Web application is faced with. The students fully comprehend the attack surface of applications and know the necessary countermeasures and mitigations for a wide range of attacks.

Content

Historical evolution of the Web
Client-side security (e.g., Cross-Site Scripting, Cross-Site Script Inclusion, Cross-Site Request Forgery)
User-centric security (e.g., Clickjacking & Phishing)
Server-side security (e.g., SQL injections, command injections)
Infrastructure security (e.g., HTTPS & attacks against it)

Literature & Reading

The teaching material will be in English and it will be announced at the beginning of the lecture.

Additional Information

Curriculum

This module is part of the following study programmes:

Cybersicherheit BSc: Vertiefungsvorlesungen der Cybersicherheit
study semester: 5-6 / standard study semester: 6

Cybersecurity MSc: Vertiefungsvorlesungen Cybersecurity
study semester: 1-3 / standard study semester: 4

Cybersecurity BSc (English): Kernthemen der Cybersicherheit
study semester: 5-6 / standard study semester: 6

italic		italic
bold		bold
_underlined_		underlined
~~striked~~		~~striked~~

* item1 * item2 * item3		item1 item2 item3
1. item1 1. item2 1. item3		item1 item2 item3

italic		italic
bold		bold
_underlined_		underlined
~~striked~~		~~striked~~

* item1 * item2 * item3		item1 item2 item3
1. item1 1. item2 1. item3		item1 item2 item3

italic		italic
bold		bold
_underlined_		underlined
~~striked~~		~~striked~~

Cybersecurity BSc (English)

Grundlagen der Mathematik

Grundlagen der Informatik

Praktika

Spezialisierter Bereich Cybersicherheit

Seminare Cybersecurity

Kernthemen der Cybersicherheit

Komplementäre Themen der Cybersicherheit

Bachelor-Seminar und -Arbeit