Course Syllabus

Spring 2016


Lecture 1: 3/29/16 (DB)	Course overview [pdf, ppt] Reading: Reflections on Trusting Trust, Ken Thompson Measuring Pay-per-Install: The Commoditization of Malware Distribution, by J. Caballero, C. Grier, C. Kreibich, V. Paxson
Part 1: Basics

Lecture 2: 3/31/16 (DB)	Control hijacking attacks: exploits and defenses [pdf, ppt] Reading: Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade, Crispin Cowan, et al. Basic Integer Overflows, blexim Optional: Bypassing Browser Memory Protections, A. Sotirov

Lecture 3: 4/ 5/16 (JM)	Principle of least privilege, access control, and operating systems security [pdf, ppt] Reading: SetUID Demystified, Chen, Dean, and Wagner, 2002. Operating Systems Security, T. Jaegeri, 2008. Chapter 4, Security in Ordinary Operating Systems.

Lecture 4: 4/ 7/16 (JM)	Tools for writing robust application code [pdf, ppt] Reading: KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs, by C. Cadar, D. Dunbar, D. Engler Finding Security Vulnerabilities in Java Applications with Static Analysis, by B. Livshits and M. Lam

Lecture 5: 4/12/16 (DB)	Dealing with legacy code: sandboxing and isolation [pdf, ppt] Reading: Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools, T. Garfinkel Efficient Software-Based Fault Isolation, Robert Wahbe, et al.

Lecture 6: 4/14/16 (inv)	Exploitation techniques and fuzzing (Alex Stamos) [pdf] Reading: How hackers look for bugs by Dave Aitel Real world fuzzing, by Charlie Miller Effective Bug Discovery, vf.
Part 2: Web Security

Lecture 7: 4/19/16 (JM)	Basic web security model [pdf, ppt] Reading: Securing Browser Frame Communication. Adam Barth, Collin Jackson, and John C. Mitchell The Security Architecture of the Chromium Browser. Adam Barth, Collin Jackson, Charles Reis, and the Google Chrome Team Exposing private information by timing web applications. A. Bortz, D. Boneh, and P. Nandy

Lecture 8: 4/21/16 (JM)	Web application security [pdf, ppt] Reading: Cross site scripting explained, Amit Klein SQL Injection attacks, Chris Anley Robust Defenses for Cross-Site Request Forgery. Adam Barth, Collin Jackson, and John C. Mitchell

Lecture 9: 4/26/16 (DB)	Session management and user authentication [pdf, ppt] Reading: Secure Session Management With Cookies for Web Applications. Chris Palmer Origin Cookies: Session Integrity for Web Applications. by Bortz et al.

Lecture 10: 4/28/16 (DB)	Overview of cryptography [pdf, ppt] Reading: The BREACH attack: encryption and compression don't mix, by Gluck, Harris, and Prado The case for prefetching and prevalidating TLS server certificates, by E. Stark, L.S. Huang, et al.

Lecture 11: 5/ 3/16 (DB)	HTTPS: goals and pitfalls [pdf, ppt] Reading: ForceHTTPS: protecting high-security web sites from network attacks, by A. Barth and C. Jackson The case for short-lived certificates. by Topalovic et al.

Lecture 12: 5/ 5/16 (JM)	Content Security Policies (CSP), Web workers, and extensions [pdf, ppt] Reading: Web workers Content Security Policies Sandboxed iFrames cors
Part 3: Network security

Lecture 13: 5/10/16 (DB)	Security issues in Internet protocols: TCP, DNS, and routing [pdf, ppt] Reading: A look back at Security Problems in the TCP/IP Protocol Suite, S. Bellovin, ACSAC 2004. BGP Security in Partial Deployment, Lychev, Goldberg, Schapira, 2013. DNS cache poisoning, Steve Friedl

Lecture 14: 5/12/16 (JM)	Network defense tools: Firewalls, VPNs, Intrusion Detection, and filters [pdf, ppt] Reading: A Security Evaluation of DNSSEC with NSEC3, J. Bau and J.C. Mitchell Distributed Firewalls, S. Bellovin Bro: A System for Detecting Network Intruders in Real-Time, V. Paxon

Lecture 15: 5/17/16 (DB)	Unwanted traffic: denial of service attacks [pdf, ppt] Reading: Details of a recent large-scale DDoS event (2013) Practical network support for IP Traceback, S. Savage, et al. A DoS-Limiting Network Architecture, Yang, Wetherall, and Anderson

Lecture 16: 5/19/16 (DB)	Intel Software Guard Extensions (SGX) [pdf, ppt] Reading: Shielding Applications from an Untrusted Cloud with Haven
Part 4: Security of mobile platforms

Lecture 17: 5/24/16 (JM)	Mobile platform security models: Android and iOS [pdf, ppt] Reading: Understanding Android Security Enck, Ongtang, and McDaniel, 2009 (Security Enforcement section) TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, Enck et al.

Lecture 18: 5/26/16 (JM)	Mobile threats and malware [pdf, ppt] Reading: FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps Arzt et al. A Large-Scale Study of Mobile Web App Security P. Mutchler, A. Doupe, J. Mitchell, C. Kruegel, and G. Vigna.

Lecture 19: 5/31/16 (inv)	Final lecture: Brad Arkin (Adobe)

CS155 Computer and Network Security

Course Syllabus

Spring 2016