Display language
To modulepage Generate PDF

#40933 / #3

SoSe 2022 - WiSe 2023/24


International Information Security Contest


Seifert, Jean-Pierre




Fakultät IV

Institut für Softwaretechnik und Theoretische Informatik

34355100 FG S-Professur Security in Telecommunications

No information


TEL 16

Bauroth, Stephan


Learning Outcomes

Participants of this course obtain practical experience in organising a complex IT project within a team. They collected experience in the development and maintenance a scalable infrastructure, but also in the administrative processes involved in a large project. In addition, they extended their theoretical and practical knowledge of vulnerabilities in IT security, having learned both to detect and to repair even advanced ones. The graduates comprehend even complex and obscure systems. On top, graduates of this module know how to teach information security in a playful manner.


Participants explore software security hands-on with the goal to develop and host an international information security contest (¨Attack/Defense CTF”): contesting teams from all over the world receive virtual machines built during the project. The machines run participants’ services, containing secret tokens ("flags") that other teams have to collect over the wire using exploits as part of the game. To build the contest, participants will dive deep into the security of a platform and language of their choice and create a software project with well-hidden software vulnerabilities in this language. Furthermore, a game server will be developed as a team, including scripts to check the health of services for each contestant. As part of the development and hosting, participants will develop and extend the infrastructure required to host the competition, strengthen their skills in penetration testing and exploitation, and build upon other technical and non-technical abilities, depending on their role in the project. Such skills may include networking, continuous integration, agile development, project management and public relations. Furthermore, students develop and extend the infrastructure, required for the competition. The course gives participants the freedom to explore tools of their choice, build software and find creative ways to corrupt it, with the work done both independently and in small teams.

Module Components


All Courses are mandatory.

Course NameTypeNumberCycleLanguageSWSVZ
International Information Security ContestPJSoSeGerman/English8

Workload and Credit Points

International Information Security Contest (PJ):

Workload descriptionMultiplierHoursTotal
Pre/post processing15.016.0h240.0h
360.0h(~12 LP)
The Workload of the module sums up to 360.0 Hours. Therefore the module contains 12 Credits.

Description of Teaching and Learning Methods

Self-study, active development, weekly meetings

Requirements for participation and examination

Desirable prerequisites for participation in the courses:

* Good Software Development skills in a programming language of your choice * Ability to adapt to new environments and situations * Real interest in information/computer/cyber security * Basic knowledge in some field of IT Security If you did/do your Bachelor at TU: * Grundlagen der Rechnersicherheit (or equivalent) * Programmierpraktikum (or equivalent)

Mandatory requirements for the module test application:

This module has no requirements.

Module completion



Type of exam

Portfolio examination

Type of portfolio examination

100 Punkte insgesamt



Test elements

(Deliverable Assessment) CTF Execution, including test runs20practical2 x 8h
(Deliverable Assessment) Developing a full service, including Quality Assurance25practical15 x 5h
(Deliverable Assessment) Development and Project Work40practical15 x 8h
(Deliverable Assessment) Reviews, Report and Presentation15oral3 x 15 minutes

Grading scale

Notenschlüssel »Notenschlüssel 1: Fak IV (1)«


Test description (Module completion)

No information

Duration of the Module

The following number of semesters is estimated for taking and completing the module:
1 Semester.

This module may be commenced in the following semesters:

Maximum Number of Participants

The maximum capacity of students is 24.

Registration Procedures

1. QISPOS (preferred) 2. Prüfungsamt

Recommended reading, Lecture notes

Lecture notes

Availability:  unavailable


Electronical lecture notes

Availability:  unavailable



Recommended literature
No recommended literature given

Assigned Degree Programs

This module is used in the following Degree Programs (new System):

Studiengang / StuPOStuPOsVerwendungenErste VerwendungLetzte Verwendung
This module is not used in any degree program.

Students of other degrees can participate in this module without capacity testing.


No information