direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Logo der TU Berlin

SE Communication & Security

Modul: Communication & Security (BINF-KT-SE2)
Semester: Sommersemester 2012
Art: SE (2 SWS / 3 LP)
LV-Nr.: 0435 L 766
Veranstalter: Albayrak, Camtepe, Sivrikaya
Themenvergabe: Mi., 11.04., 18 - 19 Uhr, TEL 1315 - Einzeltermin!

---

Diese Veranstaltung wird online mit ISIS durchgeführt Bitte melden Sie sich dort an!

---

Ihre Anmeldung ist zunächst unverbindlich.
Infos zur Anmeldung, zum Einloggen finden sich hier.

Course Details

Bachelor's degree seminer with following topics from Communication and Security fields:

 

Topic 1: Securing Android-based Devices

Language: Deutsch / English

Trainer: Aubrey-Derrick Schmidt

Smartphones become more and more popular. As the capabilities (cpu, memory, communication, sensing) of these devices increase, they provide mobile computing power that can be used in variety of critical applications. Resulting security and privacy issues become even more series with android open-platform which permits very short innovation cycle for emerge of new smartphone applications without any proper security measures. Our aim in this seminar topic is to identify weaknesses in the Google Android platform and examine appropriate security architectures that can protect against such vulnerabilities.

 

Topic 2: Context-aware Security for Smart Phones

Language: Deutsch / English

Trainer: Leonid Batyuk

In the modern world, everything is connected - anytime, anywhere. A mobile computing device has become our everyday companion. In many cases, it adapts to its environment and is aware of its context. Despite this development, security models stayed static and do not regard context information when making security decisions. Context aware security architecture provides a combination of context awareness and traditional access control mechanisms, aiming at a more secure and fine grained access control.

 

Topic 3: Collaborative Intrusion and Malware Detection

Language: Deutsch / English

Trainer: Rainer Bye

Technological improvements and wide acceptance of Internet brings in security challenges such as complex and collaborative attacks. Collaborative methods appear as a promising method for defending against such distributed and complex security threats. CIMD (Collaborative Intrusion and Malware Detection) enables participants to state their objectives and interests for joint intrusion detection. This helps in establishing groups in a distributed manner for the exchange of security-related data such as monitoring or detection results.

 

Topic 4: A Quantitative Methodology for Online IT Risk Management

Language: Deutsch / English

Trainer: Stephan Schmidt

Risk management and business process management play an increasingly vital role in contemporary corporate infrastructures due to a multitude of operational, technical and regulatory reasons. Increasingly complex interdependencies as well as flexibility demands in rapidly changing networked environments make this effect even more pronounced for companies which are strongly based in the IT domain. Current risk management methodologies are often static in nature and can not meet the demands of operational practices.

We focus on a quantitative framework for organizational IT risk management. The underlying risk management process splits into three phases. The risk assessment phase quantifies asset values at a high level and threats at a low level of abstraction. Augmented by interdependency analysis rooted in graph theory, these values are correlated at the hardware level where tactical risk mitigation strategies are available. Theoretically optimal and scalable risk mitigation strategies based on game and control theory are applied in risk mitigation phase which minimize the total risk over a given finite time horizon utilizing the given security budget. The risk transfer phase includes strategies for redesigning corporate IT infrastructure based on high-risk interdependencies.  

 

Topic 5: Non-Intrusive User Behavior Analysis Using Computerized Systems

Language: Deutsch / English

Trainer: Arik Messerman

There are different ways to authenticate humans to a system. An authentication process consists of the validation of the authorization by any subset of three factors: (i) something you know (password), something you have (smartcard), and something you are (biometrics). Besides classical attacks on password and risk that smartcards can be stolen, biometric have their own disadvantages such as requirement of expensive devices, risk of stolen bio-templates. Moreover existing approaches provide authentication process usually performed only once initially. Non-intrusive and continuous monitoring of user activities emerges as promising solution in hardening authentication process.

 

Topic 6: Identity Management Mechanisms for Smart Homes

Language: Deutsch / English

Trainer: Tarik Mustafic

Recent developments in Ambient Assisted Living (AAL) technologies suggest that in the near future home environment will be surrounded with networked intelligent devices and sensors bringing more comfort and safety. Technical requirements for implementation of innovative services in home environment are largely met, but these services have to be supported by smart and intelligent identity management solutions. Our aim is to investigate smart identity management mechanisms for smart homes that can be applied for private use.

 

Topic 7: Security in Smart Grids

Language: Deutsch / English

Trainer: Joel Chinnow

Smart Grid is a key technology for integrating distributed energy resources to meet the increasing energy demands of our society. Thereby, two concepts gained attention: Virtual power plants and smart metering. But, the required communication technology introduces number of security and privacy concerns. Therefore, the protocols have to be analyzed with regard to confidentiality, integrity and availability. Example protocols which are standardized or under standardization process are: Multi Utility Communication (MUC), Smart Message Language (SML) or DIN 43863-4.

 

Topic 8: AI Techniques in Intrusion Detection and Evaluation of Intrusion Detection Systems

Language: Deutsch / English

Trainer: Dr.-Ing. Karsten Bsufka

Current Intrusion Detection Systems (IDS) employ various AI techniques to detect intrusions. Based on conference on journal publications a comparison of these techniques shall be created. A related topic is the evaluation of such techniques in the context of intrusion detection. Again a comparison of procedures, data sets and result presentation shall be created.

 

Topics in Communications: Please refer to the seminar web page on ISIS.

 

Contact

Dr. Seyit A. Camtepe

Office: TEL 1409 (Ernst-Reuter-Platz 7)

Office Hours: Wednesday 10:00AM – 12:00AM (Tentative)