CASED is funded by
Hacker Contest – learning IT Security in a hands-on manner
(in german language)
Although security in information technology (IT) is viewed as a sign of quality nowadays, it is apparent that we are often a long way from achieving the standards of quality that are, for example, considered as being normal in the automobile sector. The quote "complexity is the worst enemy of security" refers to one of the main reasons for this situation:
IT systems and applications have become so complex that it is virtually impossible to predict all possible types of attack and, therefore, implement the required security measures. What’s more, the tools and methods, which are currently available for implementing security, are often time-consuming and expensive. An appropriate level of compatibility is also lacking, which means it is often difficult to integrate the various, different approaches. As a result of this, people with no or little experience in the area of IT security will be unable to avoid errors, if they are suddenly forced to deal with security-relevant activities in addition to their usual daily work.
Concept
The primary objective of the Hacker Contest is to elucidate the term IT security using a variety of multifaceted, hands-on experiments. In doing so, we follow the philosophy of the Chinese strategist and philosopher, Sun Tzu (The Art of War):
He who knows the enemy and himself
Will never in a hundred battles be at a risk;
He who does not know the enemy but knows himself
Will sometimes wins and sometimes lose;
He who knows neither the enemy nor himself
Will be at risk in every battle.
This means the participants assume both the role of attacker as well as the role of the owner (e.g. represented by a system administrator), who has to defend his/her systems. Such an approach improves the ability to learn and understand the respective behavioral patterns and possibilities.
The participants will deal with the principles of hacking and the key attack concepts, and also gather practical experience in the area of attacking and defending Unix/Linux and Windows systems.
This event should not be viewed as a hacker apprenticeship, rather, it is intended to sharpen the awareness of potential weaknesses in the above-mentioned systems and enable the participants to develop possible solutions. This, in turn, will improve their perception of the risks and their own protection requirements.
Schedule and Content
Further details on the schedule and content.
Learning Environment
The course will be held in a CASED seminar room in Darmstadt (close to the main railway station). Multiple instructors will be present at all times during the course to provide the participants with support during the numerous practical exercises.
Participants will be able to practice what they have learned directly on one of the computers provided. This approach not only conveys the techniques needed for blocking attacks, but also insights into the methods and mindsets of hackers.
In addition to this, all participants will receive a Live CD that has been prepared especially for the course, which includes a simulated network environment with virtual firewalls and servers together with all of the tools used. This can be used to practice what has been learned and deepen the knowledge gained once the course is over.
Certification
An examination is held at the end of the course. If completed successfully, the students will be awarded a certificate of attendance from TU Darmstadt.
Instructors
The event will be held Dr. Martin Mink (CASED) and
Frank Hißen and Jörg Beermann from encomit UG. These instructors were and are
responsible for designing and holding the "Hacker Contest" for students and
companies at the TU Darmstadt. Furthermore, each of these instructors has
gained a wealth of experience with numerous national and international research
collaborations related to the area of IT security.
Questions? Please contact:
Dr. Martin Mink
Email: martin.mink
cased.de
Homepage