CIS 751/551, Fall 2011
Computer and Information Security
This course aims at providing a comprehensive understanding of computer and information security.
The course materials cover common attack techniques, application of cryptography in security, authentication and authorization,
network security, enterprise network defense, web security, and economics of security.
Not only mechanisms for enhancing security will be taught, a great deal of the course is also to discuss when and where things can
go wrong and how design flaws in a system can be exploited to compromise security. Students will have the opportunity to work on
course projects that cover both the defense and offense aspects in cyber space. The goal of the course is to provide a solid
theoretical foundation for computer and information security, and hands-on experience in applying the theory to practice.
Interesting research topics can also be derived from course projects.
- Aug 23.
Lecture 1: Introduction
Video: Part 1,
- Aug 25.
Lecture 2: Buffer-overflow exploits
The source code getscore.c .
The sample score file score.txt .
The sample exploit generators exploit_gen_with_esp.c
and exploit_gen_indirect_jump.c .
- Aug 30.
Lecture 3: Buffer-overflow exploits (continued)
- Sept 1. Lecture 4: Mitigation of buffer-overflow exploits.
Video. VMware player demo.
Reading Assignment 1:
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks.
Presentation: Richard Bell, Sept 13.
Reading Assignment 2:
The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86).
Presentation: Paul Cain, Sept 15.
Defeating compiler-level buffer overflow protection.
Bypassing stackguard and stackshield.
Getting around non-executable stack (and fix).
Microsoft compiler flaw technical note.
The advanced return-into-lib(c) exploits: PaX case study.
Install-time vaccination of windows executables to defend against stack smashing attacks.
Non-control-data attacks are realistic threats.
x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique.
Programming Assignment 1: Remote buffer overflow attack.
Due: Sept 15.
Lecture 5: Heap buffer-overflow attacks on Linux.
Lecture 6: Heap buffer-overflow attacks on Linux (continued).
The sample program and exploit source code:
nweb demo and presentation by Scott Bell. Slides.
Lecture 7: Windows exploit basics. Slides.
Windows Buffer Overflow Demo.
Presentation by Paul Cain.
Programming Assignment 2: Heap overflow attack. Due: Sept 22
Programming Assignment 3: Widows buffer overflow attack. Due: Sept 29
Lecture 8: Windows exploit wrap up. Slides Video.
Reading Assignment 3:
All Your iFRAMEs Point to Us.
Presentation: Matthew Cholick, Oct 4.
Reading Assignment 4:
AEG: Automatic Exploit Generation.
Presentation: Ben Crawford, Oct 4.
Reading Assignment 5:
TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection.
Presentation: Daniel Czerniewski, Oct 4.
Lecture 9: Software vulnerability summary. Slides Video
Lecture 10: Basic cryptography. Slides Video
Lecture 11: Authentication basics. Slides Video
Presentation by Matthew Cholick (Slides),
Ben Crawford (Slides),
and Daniel Czerniewski (Slides).
Lecture 12: Authentication protocols. Slides Video
Reading Assignment 6:
Chapter 2: Protocols
Security Engineering (first edition), by Ross Anderson.
Presentation: Christian Duranleau, Oct 13.
Lecture 13: Authentication protocols (continued). Video
Some past report topics.
Report Topics Due: Tuesday Oct 25.
Presentation by Christian (Slides)
and man in the middle attack (Slides)
Oct 25: Kerberos
Reading Assignment 7:
Kerberos: An Authentication Service for Computer Networks
The Evolution of the Kerberos Authentication System.
Limitations of the Kerberos authentication system.
Lecture slides and videos while Simon is away Oct 29-Nov 9:
Reading Assignment 8 (due Nov 10):
Peter Gutmann's article
on X.509 and his slides.
Presentation: Landon Fowles
X.509 PKI continued.
Reading Assignment 9 (due Nov 10):
Binder, a Logic-Based Security Language
Presentation: Jakub Jedryszek
Programming Assignment 4: Logic-based Authentication and Authorization.
Due: Nov 17.
Logic-based authorization. Video.
Nov 8, 2011.
Programming Assignment 5 (20+5 pts):
A repository manager with logic-based authorization.
Due: Dec 8.
The client code.
Client's private key file.
Sample client credential1.
Sample server policy1.
Sample client credential2.
Sample server policy2.
Nov 10, 2011. Presentations by Landon (Slides) and
Nov 15, 2011. Introduction to Network Security.
Final report due Dec 9.
It's the End of the Cache as We Know It.
Dan Kaminsky, Black Hat USA 2008.
DNS Poisoning: Developments, Attacks
and Research Directions,
USENIX Security 2008.
(The slides and audio of the presentation can be found on Thursday's panel "Setting DNS's Hair on Fire".)
ARP Poisoning Attack.
IP Spoofing Attack
Nov 17, 2011. DNSSEC.
Reading Assignment 10 (due Nov 29):
Mobile Security Catching Up? - Revealing the nuts and bolts of the security of mobile devices
Presentation: Anthony Lang
Reading Assignment 11 (due Nov 29):
"You Might Also Like:" Privacy Risks of Collaborative Filtering
Presentation: Keith McVey
Reading Assignment 12 (due Nov 29):
Click Trajectories: End-to-End Analysis of the Spam Value Chain
Presentation: Vidit Ochani
Reading Assignment 13 (due Dec 1):
Design and Evaluation of a Real-Time URL Spam Filtering Service
Presentation: Marcin Owoc
Reading Assignment 14 (due Dec 1):
Why (Special Agent) Johnny (Still) Can't Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System
Presentation: Kyle Riemer
Reading Assignment 15 (due Dec 1):
Forensic Triage for Mobile Phones with DEC0DE
Presentation: Robert Sheng
Reading Assignment 16 (due Dec 6):
SHELLOS: Enabling Fast Detection and Forensic Analysis of Code Injection Attacks
Presentation: Weston Steimel
Reading Assignment 17 (due Dec 6):
Measuring Pay-per-Install: The Commoditization of Malware Distribution
Presentation: Qais Tasali
Reading Assignment 18 (due Dec 6):
Dirty Jobs: The Role of Freelance Labor in Web Service Abuse
Presentation: David Vanicek
Reading Assignment 19 (due Dec 8):
Bubble Trouble: Off-Line De-Anonymization of Bubble Forms
Presentation: Joshua Weese
Reading Assignment 20 (due Dec 8):
Telex: Anticensorship in the Network Infrastructure
Presentation: Yang Xue
Reading Assignment 21 (due Dec 8):
Comprehensive Experimental Analyses of Automotive Attack Surfaces
Presentation: Huang Zhu
Instructor and course meeting times
Instructor: Xinming (Simon) Ou, N316B
TA: Sathya Chandran Sundaramurthy (sathya at KSU dot EDU>, N127
TTh 3:55-5:10, at Nichols 19
Office hour: Simon: Tuesday 8:30-10:30, Sathya: Friday 2-4
Distance-learning students: lecture videos will be posted the day after the lecture.
Basic understanding of computer systems, including operating systems, networks, compilers, etc.
This is a course that primarily targets graduate students and junior/senior-level undergraduate students in
computer science and computer engineering.
There will be on average one assignment per week, which could be a written homework,
a programming project, or a reading assignment.
At the end of the semester,
you must also turn in a final report that focuses on a specific problem in computer and information security. The
topics for the report will be seeked out by the students and approved by the instructor.
There will be a midterm and final exam. The break down
of the final score of the course is:
Exams and quizzes: 20%
Final report: 30%
Class participation: 10%
Kansas State University has an Honor System based on personal integrity, which is presumed to be sufficient assurance that, in academic matters, one's work is performed honestly and without unauthorized assistance. Undergraduate and graduate students, by registration, acknowledge the jurisdiction of the Honor System. The policies and procedures of the Honor System apply to all full and part-time students enrolled in undergraduate and graduate courses on-campus, off-campus, and via distance learning. The honor system website can be reached via the following URL:
http://www.ksu.edu/honor. A component vital to the Honor System is the inclusion of the Honor Pledge which applies to all assignments, examinations, or other course work undertaken by students. The Honor Pledge is implied, whether or not it is stated: "On my honor, as a student, I have neither given nor received unauthorized aid on this academic work." A grade of XF can result from a breach of academic honesty. The F indicates failure in the course; the X indicates the reason is an Honor Pledge violation.
Expectation of Classroom Conduct
All student activities in the University, including this course, are governed by the Student Judicial Conduct Code as outlined in the Student Governing Association By Laws, Article VI, Section 3, number 2. Students who engage in behavior that disrupts the learning environment may be asked to leave the class.
Accommodations for Students with Disabilities
Any student with a disability who needs a classroom accommodation, access to technology or other academic assistance in this course should contact Disability Support Services (firstname.lastname@example.org) and/or the instructor. DSS serves students with a wide range of disabilities including, but not limited to, physical disabilities, sensory impairments, learning disabilities, attention deficit disorder, depression, and anxiety.
Some materials in the course are adapted from the BlackHat Exploit Laboratory.
We are grateful to Saumil Shah and SK Chong who kindly permit us
to use those materials in this course.
Questions can be emailed to xou (put some stuff here) ksu (a little dot) edu.