| |
|
The course covers principles of computer systems security.
We will discuss various attack techniques and how to defend against them.
Topics include Network attacks and defenses, Operating system holes,
application security (web, e-mail, databases), viruses, social engineering
attacks, privacy, and digital rights management. Course projects will
focus on building reliable code. The course is intended for senior
undergraduates and first year graduate students. Pre-requisites:
CS140 (operating systems).
| Date | Topic |
| |
|
Introduction
|
| |
Lecture 1:
4/ 3/07
(Bon)
|
Course overview
[ppt]
Reading:
Reflections on Trusting Trust, Ken Thompson
|
| |
|
Part 1: Basics
|
| |
Lecture 2:
4/ 5/07
(Bon)
|
Buffer overflows and other common bugs: exploits and defenses
[ppt]
Reading:
Buffer Overflows: Attacks and Defenses for the Vulnerability of
the Decade, Crispin Cowan, et al.
Smashing The Stack For Fun And Profit, Aleph One
Basic Integer Overflows, blexim
Exploiting Format String Vulnerabilities, team teso (optional)
Defeating the Stack Based Buffer Overflow Prevention Mechanism of
Microsoft Windows 2003 Server, David Litchfield (optional)
Once upon a free(), anonymous (Optional but useful for Project 1)
Intel Architecture Guide for Software Developers,
Intel (Optional but pages 155-162 useful for Project 1)
How to hijack the Global Offset Table with pointers for root shells,
c0ntex (Optional but useful for Project 1)
|
| |
Lecture 3:
4/10/07
(Inv)
|
Tools for writing robust application code
[ppt]
Reading:
Using Programmer-Written Compiler Extensions to Catch Security Holes,
Ken Ashcraft, Dawson Engler
Thorough Static Analysis of Device Drivers, Ball et al.
EXE: Automatically Generating Inputs of Death, Cadar et al.
|
| |
Lecture 4:
4/12/07
(Bon)
|
Malware: Computer viruses, Spyware, key-loggers, and bots
Reading:
Hunting for metamorphic, Szor, P. Ferrie
Computer Virus-Antivirus Coevolution.
Nachenberg, Comm. ACM, 40(1), pp. 46-51, 1997
Know your Enemy: Tracking Botnets, Honeynet
The Anatomy of Clickbot.A, Daswani et al. (optional)
|
| |
Lecture 5:
4/17/07
(Maz)
|
Secure system design, access control, and protection
[pdf]
Reading:
The Protection of Information in Computer Systems
J.H. Saltzer and M.D. Schroeder
Setuid Demystified, Chen, Wagner, and Dean (first three pages
and section 5.2)
Windows access control pages
|
| |
Lecture 6:
4/19/07
(Maz)
|
Dealing with bad (legacy) application code: Sandboxing
[pdf]
Reading:
A note on the confinement problem, Butler Lampson
Traps and Pitfalls: Practical Problems in System Call Interposition
Based Security Tools,
T. Garfinkel
Efficient Software-Based Fault Isolation, Robert Wahbe, et al.
|
| |
Lecture 7:
4/24/07
(Maz)
|
Use of cryptography in computer security
[pdf]
Reading:
Why cryptosystems fail, Ross Anderson
|
| |
|
Part 2: Web Security
|
| |
Lecture 8:
4/26/07
(Bon)
|
Web site security: attacks and defenses
[ppt]
Reading:
Cross site scripting explained, Amit Klein
SQL Injection attacks, Chris Anley
Dos and Don'ts of Client Authentication on the Web, Kevin Fu et al.
|
| |
Lecture 9:
5/ 1/07
(Maz)
|
Web site architecture
[pdf]
Reading:
Securing Java, McGraw and Felten, Chapter 2
|
| |
Lecture 10:
5/ 3/07
(Bon)
|
User authentication: Password management, phishing, user interfaces, single sign on
Reading:
Protecting Browser State from Web Privacy Attacks, Jackson et al
|
| |
|
Part 3: Network security
|
| |
Lecture 11:
5/ 8/07
(Maz)
|
Security problems in network protocols: TCP, DNS, SMTP, and routing
[pdf]
Reading:
A look back at Security Problems in the TCP/IP Protocol Suite,
S. Bellovin, ACSAC 2004.
Using the Domain Name System for System Break-Ins,
S. Bellovin, 1995
|
| |
Lecture 12:
5/10/07
(Maz)
|
Network defense tools: Firewalls, Intrusion Detection, and filters
[pdf]
Reading:
Insertion, Evasion, and Denial of Service: Eluding Network
Intrusion Detection, T. Ptacek
Bro: A System for Detecting Network Intruders in Real-Time,
V. Paxon
Linux Firewall - the Traffic Shaper ,
J. Wortelboer and J. Van Oorschot
|
| |
Lecture 13:
5/15/07
(Bon)
|
Denial of service attacks
[ppt]
Reading:
Practical network support for IP Traceback, S. Savage, et al.
A DoS-Limiting Network Architecture, Yang, Wetherall, and Anderson
A detailed DDoS extortion story
|
| |
Lecture 14:
5/17/07
(Maz)
|
Network worms: attacks and defenses
[pdf]
Reading:
Inside the slammer worm, S. Savage
Automated worm fingerprinting, S. Singh et al.
Blocking new attacks without patching, H. Wang et al.
|
| |
Lecture 15:
5/22/07
(Bon)
|
Privacy: Anonymous browsing, mix nets (Tor), voting, PIR
Reading:
Tor: The Second-Generation Onion Router, Dingledine et al.
Simple Verifiable Elections, Benaloh
|
| |
|
Part 5: Final topics
|
| |
Lecture 16:
5/24/07
(Maz)
|
Secure file systems and backups, Byzantine agreement
[pdf]
Reading:
|
| |
Lecture 17:
5/29/07
(Bon)
|
Trusted Computing Systems
[ppt]
Reading:
Experimenting with TCG Hardware, Marchesini, et al.
TCG Specification Architecture Overview
A Virtual Machine-Based Platform for Trusted Computing,
Garfinkel et al.
|
| |
Lecture 18:
5/31/07
(Bon)
|
Digital Rights Management
Reading:
Hardware-assisted circumvention of
self-hashing software tamper resistance, Oorschot et al.
Wikipedia description and links
|
| |
Lecture 19:
6/ 5/07
(Inv)
|
Final lecture: Neil Daswani, Google Inc.
Reading:
The Anatomy of Clickbot.A, Daswani et al. (optional)
|
|