The course covers principles of computer systems security.
We will discuss various attack techniques and how to defend against them.
Topics include Network attacks and defenses, Operating system holes,
application security (web, e-mail, databases), viruses, social engineering
attacks, privacy, and digital rights management. Course projects will
focus on building reliable code. The course is intended for senior
undergraduates and first year graduate students.Pre-requisites:
CS140 (operating systems).
Part I: Application security
- Some examples of things that go wrong.
misconfiguration, macro languages, hidden functionality, buggy software.
the security of your site by breaking into it, Dan Farmer, Wietse
overflow attacks and other common bugs.
Exploiting overflows. Defenses.
Stack For Fun And Profit, Aleph One.
Overflows: Attacks and Defenses for the Vulnerability of the Decade,
Crispin Cowan, et al.
Format String Vulnerabilities, team teso.
of designing and writing secure application code.
Programmer-Written Compiler Extensions to Catch Security Holes, Ken
Ashcraft, Dawson Engler
- Dealing with bad (legacy) application code. Sandboxing.
A note on the
confinement problem, Butler Lampson.
environment for untrusted helper applications: confining the wily
hacker, Ian Goldberg, David Wagner, et al.
Fault Isolation, Robert Wahbe, et al.
- Web browser security
Reading: McGraw and Felten, Securing Java,
- Web site security
Kevin Fu, Emil Sit, Kendra Smith, and Nick Feamster,
Dos and Don'ts of Client Authentication on the Web,
Proc. 10th USENIX Security Symposium, Washington, D.C., August 2001.
- Use of cryptography in computer security
Why cryptosystems fail.
Optional: WEP protocol security.
Part II: OS Security
Access control and file system security
Pfleeger, sections 6.3, 6.4; web links in lecture slides.
Secure operating systems
Pfleeger, section 6.2, chapter 7.
You may also enjoy reading
J.H. Saltzer and M.D. Schroeder,
The Protection of Information in Computer Systems.
- Remote file system security. NFS, SMB, SFS.
- User authentication.
passwords, biometrics, smartcards.
Intrusion detection and virus protection
Computer Virus-Antivirus Coevolution.
Comm. ACM, 40(1), pp. 46-51, January 1997.
Bro: A System for Detecting Network Intruders in Real-Time.
Proc. 7th USENIX Security Symposium, San Antonio, TX, January 1998.
Part III: Network security
Insecurity in existing network protocols
Steven M. Bellovin,
Security Problems in the TCP/IP Protocol Suite,
in Computer Communications Review 2:19, pp. 32-48, April 1989,
Using the Domain Name System for System Break-Ins,
in Proc Fifth Usenix UNIX Security Symposium, Salt Lake City,
UT, June, 1995.
- Security protocols: IPsec, DNSsec, SBGP.
Security Architecture for the Internet Protocol, S. Kent, et al.
Secure border Gateway Protocol (SBGP), S. Kent, et al.
- Denial of service attacks.
The TFN distributed denial of service attack tool, D. Dittrich
Practical network support
for IP Traceback, S. Savage, et al.
Part IV: Misc. topics
- Digital Rights Management.
Proposals and breaks: CSS, HDCP,
SDMI, broadcast encryption.
Cryptanalysis of Contents Scrambling System, F. Stevenson
A Cryptanalysis of the High-Bandwidth Digital Content Protection System
, S. Crosby, et al.
Revocation and Tracing Schemes for Stateless Receivers,
D. Naor, et al.
- Electronic transfer of money.
Payment mechanisms on the
Internet. The ACH network. The visa payment system.
- Final topics
Open source/closed source debate. Full disclosure
movement (whitehat vs. blackhat). Ethical hacking.