CIS 798, Fall 2006
Computer and Information Security
Course Goals
This course aims at providing a comprehensive understanding of computer and
information security. The course materials cover basic cryptography, access
control, authentication, digital identity management, network security,
software security, and social aspects of security. Not only mechanisms for
enhancing security will be taught, a great deal of the course is also to
discuss when and where things can go wrong and how design flaws in a system
can be exploited to compromise security. Common attack techniques will be
introduced and students will have the opportunity to work on course projects
that cover both the defense and offense aspects in cyber space. The goal of
the course is to give students a solid theoretical foundation for computer
and information seucrity, and hands-on experience in applying the theory to
practice. Interesting research topics can also be derived from course
projects.
Course Schedule
- Lecture 1: Introduction and a small example.
Slides.
The source code getscore.c .
The sample score file score.txt .
- Lecture 2: Setuid program and buffer overflow attacks.
Slides.
Assignment 1: Read the paper
Setuid Demystified.
- Lecture 3: More on code injection attacks.
Slides. Source code testsetuid.c
Supplemental readings:
Non-execute bit.
Mitigating buffer overflows by operating system randomization.
Install-time vaccination of windows executables to defend against stack smashing attacks .
Non-control-data attacks are realistic threats.
- Lecture 4: Authentication and Authorization.
Slides.
- Lecture 5: Authentication protocol.
Slides.
Supplemental reading:
MIG-in-the-Middle Attack, Ross Anderson,
Security Engineering, 2.2.2.
-
Lecture 6: Assignment 2: Remote buffer overflow attack.
- Lecture 7: Authentication and Authorization continued.
Slides.
Source code for chroot jail and two-factor authentication:
chroot_jail_sudo.c ,
chroot_jail_sudo.sh ,
sudoers .
check_login.pl .
- Lecture 8: SSH public key-based authentication.
Slides.
- Lecture 9: Kerberos.
Slides.
- Lecture 10: Kerberos continued.
Slides.
Source code for chroot jail in the quiz and the program to break out
of a chroot jail:
chroot_jail.c,
break_chroot.c
Assignment 3: Reading:
Kerberos: An Authentication Service for Computer Networks
The Evolution of the Kerberos Authentication System.
- Lecture 11: Public-key infrastructure.
Slides.
- Lecture 12: X.509 and its problems.
Slides.
Supplemental reading: Peter Gutmann's article
on X.509 and his slides.
- Lecture 13: Logical foundations for authentication and authorization.
Slides.
Handout.
- Lecture 14: Authorization in a distributed environment.
Slides.
Supplemental reading:
Article on SDSI and
Ron Rivest's slides.
The nature of a usable PKI, by Carl Ellison (handed out in class).
- Lecture 15: Logic-based authorization.
Slides. Sample source code:
x509.P
grid.P
Assignment 4: Read the paper
Binder, a Logic-Based Security Language.
Supplemental reading:
What you always wanted to know about Datalog (and never dared to ask)
-
Lecture 16: Assignment 5: A repository manager with logic-based authorization.
Sample policy and messages:
client_credentials.msg
server_challenge.msg
client_response.msg
client_request.msg
server_reply.msg
server_policy.P
client_credentials_transformed.P
main.P
- Lecture 17: Network Security.
Slides.
Supplemental reading:
ARP Poisoning Attack.
DNS Cache Poisoning Attack.
IP Spoofing Attack
.
Using the Domain Name System for System Break-Ins.
- Lecture 18: Network Security -- continued.
Slides.
Supplemental reading:
Security Problems in the TCP/IP Protocol Suite.
SYN flooding and IP spoofing.
- Lecture 19: DNSSEC
Slides.
- Lecture 20: IPSec
Slides.
Assignment 6: Reading:
Fang: A firewall analysis engine.
MulVAL: A logic-based network security analyzer.
- Election-day reading: Voting-machine Security.
Analysis of an Electronic Voting System.
Security Analysis of the Diebold AccuVote-TS Voting Machine.
Ceci n'est pas une urne:
On the Internet vote for the
Assemblée des Français de l'Etranger
.
- Lecture 22: Electronic-voting security:
Slides.
Tabling in XSB. Sample code: reachable.P
lawfirm.P
- Lecture 23: Firewalls.
Slides.
Supplemental readings: Security problems caused by FTP PORT and PASV commands.
US-CERT Vulnerability Note VU#328867
Problems With The FTP PORT Command
- Lecture 24: Logic-based network security analysis.
Slides.
Supplemental reading:
A scalable approach to attack graph generation.
- Lecture 25: Cryptographic Hash Functions.
Slides.
Supplemental video:
Recent Attacks on MD5,
by John Black, University of Colorado at Boulder.
(Courtesy CERIAS , Purdue
University).
- Lecture 26: Message Authentication Code.
Slides.
Supplemental reading:
The HMAC papers
- Lecture 27: Symmetric cipher.
Slides.
Instructor and course meeting times
-
Instructor: Xinming (Simon) Ou.
-
Meeting time:
TTh, 8:05-9:20, in the conference room (Nichols 236).
-
Office hours:
Fri, 2-4, Nichols 318
Prerequisites
Basic understanding of computer systems, including operating systems, networks, compilers, etc.
This is a course that primarily targets graduate students and junior/senior-level undergraduate students in
computer science and computer engineering.
Grading
You will complete several assignments during the semester. An assignment could be a written homework,
a programming project, or a reading task. For every assignment, you have two weeks to finish. At the end of the semester,
you must also turn in a final report that focuses on a particular problem in the field of security. The
topics for the report will be given out throughout the course. You are also welcome to come up with your own
idea on what to write about in the report, but please discuss it with the instructor before start working on
it. There is also a mid-term exam and possibly quizzes in classes. The purpose of the exam and quizzes is
to make sure you understand the materials presented in the lectures and in the reading tasks. The break down
of the final score of the course is:
-
Assignments (including quizzes): 40%
-
Mid-term: 20%
-
Final report: 40%
Contact
Questions can be emailed to xou (put some stuff here) ksu (a little dot) edu.