CS 491/591: Computer Security and Privacy, Spring 2009
The syllabus is here, and the
addendum to it is here.
Test 4 "key" is here.
Roya's slides are here.
Test 4 is here:
Jong's slides are here.
Sandy's slides are here.
Test 3 key is here.
Lab 4 is here and the lab 4 files are here.
Lab 3 is here.
Homework 2 *.pdf is here and the *.odt is here.
The ethics agreement is here.
Test 2 key is here.
Test 2 is here:
The Test 1 key is here.
The dates of the tests will be:
- Friday, 27 February
- Wednesday, 25 March
- Friday, 17 April
- Wednesday, 6 May
Shasta rules and lab 2 are here.
Files you'll need are here and here.
Lab 1 and a half is here.
Here are the files you need for lab 1:
Lab 0 is here.
Here are the updated files for lab 1:
Here are links to join the mailing lists for the class:
Instructions for accessing video on demand: videoondemand.pdf
Instructor: Jedidiah R. Crandall
Prerequisites: No official prerequisites. Even if you're not a CS major we can make arrangements. E-mail me for a draft syllabus.
Required Texts: Computer Security: Art and Science by Matt Bishop, http://preview.tinyurl.com/6rvefm (this is the graduate version with the brown cover, do not buy the
green undergrad version with a different title.).
Rough plan for material to be covered:
- 3 days on intro to the course and ethics.
- 2 days on history of crypto, symmetric key cryptography, and linear and differential cryptanalysis.
- End of January.
- 2 days on assymetric crypto, including RSA, identity-based encryption, Shor's algorithm, and quantum crypto.
- 1 day on hashing, MAC, authentication, dictionary attacks, salting, password file shadowing
- 1 day on policy, confidentiality, integrity, availability, hybrid policies, access control matrices, take-grant models, RBAC, and MAC
- 2 days on typical UNIX system security/authentication mechanisms (virtual memory, filesystems, signals, SELinux, etc.)
- 1 day on concurrency vulnerabilities and early vulnerability analysis papers (Saltzer and Schroeder, Ware, and Anderson, etc.)
- 1 day on memory corruption exploits, escaping chroot jails
- 1 day on rootkits and kernel exploits
- 1 day on the Windows Access Control Model
- 1 day of review for Test 1
- Test 1
- End of February
- 3 days of going through various network protocols and their security issues (ARP, DNS, BGP, TCP/IP, UDP, IPSec, ICMP, DHCP, FTP/Telnet vs. SSH, and SMTP and IMAP)
- 1 day of talking about packet filtering, IDS, and IPS systems, including RST injection
- 1 day of learning all about nmap
- 1 day on insertion, evasion, and DoS attacks
- 2 days of review
- Test 2
- Almost the end of March
- 3 days on information flow (basic information theory, Dennings lattice model, noninterference, the unwinding theorem, the confinement problem, dynamic and static information flow tracking, covert channel analysis, timing channels, inference channels)
- 2 days on anomaly detection and biologically-inspried approaches to computer and network security
- 1 day on web security (SQL injections attacks, cross-site scripting, etc.)
- 1 day on the security of Mac vs. PC vs. Linux
- 1 day of review
- Test 3 on 17 April
- 3 days on Internet censorship and privacy issues, including privacy-preserving networks such as Tor, censorship technologies, and Internet measurement issues such as routing, tunneling, and protocol dynamics
- 3 days on malicious code, including worms, viruses, botnets, polymorphism, metamorphism, appearance vs. behavior-based analysis, and macro viruses and recombination
- 1 Day of review for Test 4
- Test 4 on 6 May
- 1 day to review for the final
The following are examples of the hands-on simulated attacks students will carry out, and the requisite knowledge that will be gained with each:
- Linear and/or differential cryptanalysis (probability theory, issues in symmetric cryptosystem design)
- Filesystem race conditions (concurrency bugs, filesystems)
- Using nmap (sockets, network protocols, firewall configuration)
- ARP poisoning (Ethernet)
- DNS spoofing and poisoning (DNS)
- Insertion and evasion (TCP/IP, intrusion detection)
- Virus obfuscation (malware detection, string matching algorithms)
- Memory corruption and/or web app exploits (secure programming in C or other languages)
- Using fuzzing tools to discover vulnerabilities (debugging)
- Whatever you are interested in, e-mail me if you have ideas
Grades as of 10 February: here.
Grades as of 14 February: here.
Grades as of 1 March: here.
Grades as of 2 March: here.
Grades as of 28 March: here.
Grades as of 30 April: here.
Grades as of 9 May: here.
Final grades: here.