CIS 751/551, Fall 2013
Computer and Information Security
This course aims at providing a comprehensive understanding of computer and information security.
The course materials cover common attack techniques, application of cryptography in security, authentication and authorization,
network security, enterprise network defense, web security, and economics of security.
Not only mechanisms for enhancing security will be taught, a great deal of the course is also to discuss when and where things can
go wrong and how design flaws in a system can be exploited to compromise security. Students will have the opportunity to work on
course projects that cover both the defense and offense aspects in cyber space. The goal of the course is to provide a solid
theoretical foundation for computer and information security, and hands-on experience in applying the theory to practice.
Interesting research topics can also be derived from course projects.
- Aug 27.
Lecture 1: Introduction
- Aug 29.
Lecture 2: Buffer-overflow exploit
The source code getscore.c .
The sample score file score.txt .
- Sept 3.
Lecture 3: Buffer-overflow exploit (continued)
- Sept 5.
Lecture 3: Mitigation of buffer-overflow exploits.
Reading assignment 1:
Reading assignment 2:
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks.
Reading assignment 3:
The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86).
Defeating compiler-level buffer overflow protection.
Bypassing stackguard and stackshield.
Getting around non-executable stack (and fix).
The advanced return-into-lib(c) exploits: PaX case study.
Install-time vaccination of windows executables to defend against stack smashing attacks.
Non-control-data attacks are realistic threats.
x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique.
Programming Assignment 1: Remote buffer overflow attack.
Reading assignment presentations by Tania Bandyopadhyay,
Norina Branigan, and Chris Delpire.
Lecture 4: Heap buffer-overflow attacks.
The sample program
Lecture 5: Software vulnerability summary.
Lecture 6: Basic cryptography
Programming Assignment 2: Windows buffer overflow attack.
Windows Buffer Overflow Demo (Part 1).
Windows Buffer Overflow Demo (Part 2).
Lecture 7: Basic cryptography (continued).
Lecture 8: Authentication basics.
Lecture 9: Example practical authentication protocols.
Lecture 10: Man-in-the-middle attack.
Programming Assignment 3: Heap overflow attack.
Reading Assignment 4:
Chapter 3: Protocols
Security Engineering, by Ross Anderson.
Reading Assignment 5:
All Your iFRAMEs Point to Us.
Reading Assignment 6:
AEG: Automatic Exploit Generation.
Reading Assignment 7:
TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection.
Lecture 11: Kerberos.
Reading Assignment 8:
Kerberos: An Authentication Service for Computer Networks
The Evolution of the Kerberos Authentication System.
Limitations of the Kerberos authentication system.
Lecture 12: Kerberos (continued).
Reading Assignment 9:
Peter Gutmann's article
on X.509 and his slides.
Comodo, Diginotar Attacks Expose Crumbling Foundation of CA System.
Programming Assignment 4:
Public-key challenge response exercise.
X.509 Public-key infrastructure.
Mac's Brief Research on Extended Verification Certificate
Reading assignment presentations by Matej,
Chase, and Sai.
Programming Assignment 5: Logic-based Authentication and Authorization.
Report Topics Due: Tuesday Nov 12.
Some past report topics.
Final Report Due: Friday Dec 13.
The Binder Security Language.
Reading Assignment 10:
Binder, a Logic-Based Security Language.
Binder code for the library example.
Introduction to Network Security.
Digging Up Dirt in the DNS Hierarchy. Ron Aitchison, Linux Journal, Jan 2008.
ARP Poisoning Attack.
IP Spoofing Attack
Programming Assignment 6 (20+5 pts):
A repository manager with logic-based authorization.
Due: Dec 5.
The client code.
Client's private key file.
Sample client credential1.
Sample server policy1.
Sample client credential2.
Sample server policy2.
Reading Assignment 14:
DANE: Taking TLS Authentication to the Next Level Using DNSSEC.
It's the End of the Cache as We Know It.
Dan Kaminsky, Black Hat USA 2008.
DNS Poisoning: Developments, Attacks and Research Directions,
USENIX Security 2008.
(The slides and audio of the presentation can be found on Thursday's panel "Setting DNS's Hair on Fire".)
Some interesting DNSSEC deployment issues.
Trusted Platform Module (TPM).
Nov 21. Video
Reading Assignment 11 (Andre Gregoire):
The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software.
Reading Assignment 12 (Hongmin Li):
No Attack Necessary: The Surprising Dynamics of SSL Trust Relationships.
Reading Assignment 13 (Hariharan Thiagarajan):
Uncovering Assumptions Underlying Secure Authentication and Authorization.
Dec 3. Video
Reading Assignment 14 (Fengguo Wei):
Unauthorized Origin Crossing on Mobile Platforms: Threats and Mitigation.
Reading Assignment 16 (Brian Sweeney):
Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis.
Dec 5. Video
Reading Assignment 15 (Christopher Iszory):
An Empirical Study of Cryptographic Misuse in Android Applications.
Reading Assignment 17 (Zainab Ruhwanya):
MinimaLT: Minimal-latency Networking Through Better Security.
Reading Assignment 18 (Zachary Patten):
The Impact of Vendor Customizations on Android Security.
Reading Assignment 19 (Keith Moyer):
Flexible and Fine-grained Mandatory
Access Control on Android for Diverse Security
and Privacy Policies.
Dec 10. Video
Reading Assignment 20 (Joseph Heier):
BIOS Chronomancy: Fixing the Core Root of Trust for Measurement.
Reading Assignment 21 (Tyler Hutchison):
Rethinking SSL Development in an Appified World.
Reading Assignment 22 (Wenbo Wang):
An Evaluation of the Google Chrome Extension Security Architecture.
Dec 12. Video
Reading Assignment 24 (Matthieu Thibaudeau):
AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection.
Reading Assignment 25 (Joshua Wurtz):
Identity, Location, Disease and More: Inferring Your Secrets from Android Public Resources.
Instructor and course meeting times
Instructor: Xinming (Simon) Ou (xou at KSU dot EDU), N316B
TA: Xiaolong (Daniel) Wang (danielwang at KSU dot EDU), N324H
TTh 3:55-5:10, at Nichols 19
Office hour: Simon: Fri 9-10, Daniel: Wed 9-11
Distance-learning students: lecture videos will be posted the day after the lecture.
Basic understanding of computer systems, including operating systems, networks, compilers, etc.
This is a course that primarily targets graduate students and junior/senior-level undergraduate students in
computer science and computer engineering.
There will be on average one assignment per week, which could be a written homework,
a programming project, or a reading assignment.
At the end of the semester,
you must also turn in a final report that focuses on a specific problem in computer and information security. The
topics for the report will be seeked out by the students and approved by the instructor.
There will be a midterm and final exam. The break down
of the final score of the course is:
Final exam: 30%
Final report: 20%
Class participation: 10%
Kansas State University has an Honor System based on personal integrity, which is presumed to be sufficient assurance that, in academic matters, one's work is performed honestly and without unauthorized assistance. Undergraduate and graduate students, by registration, acknowledge the jurisdiction of the Honor System. The policies and procedures of the Honor System apply to all full and part-time students enrolled in undergraduate and graduate courses on-campus, off-campus, and via distance learning. The honor system website can be reached via the following URL:
http://www.ksu.edu/honor. A component vital to the Honor System is the inclusion of the Honor Pledge which applies to all assignments, examinations, or other course work undertaken by students. The Honor Pledge is implied, whether or not it is stated: "On my honor, as a student, I have neither given nor received unauthorized aid on this academic work." A grade of XF can result from a breach of academic honesty. The F indicates failure in the course; the X indicates the reason is an Honor Pledge violation.
Expectation of Classroom Conduct
All student activities in the University, including this course, are governed by the Student Judicial Conduct Code as outlined in the Student Governing Association By Laws, Article VI, Section 3, number 2. Students who engage in behavior that disrupts the learning environment may be asked to leave the class.
Accommodations for Students with Disabilities
Any student with a disability who needs a classroom accommodation, access to technology or other academic assistance in this course should contact Disability Support Services (firstname.lastname@example.org) and/or the instructor. DSS serves students with a wide range of disabilities including, but not limited to, physical disabilities, sensory impairments, learning disabilities, attention deficit disorder, depression, and anxiety.
Some materials in the course are adapted from the BlackHat Exploit Laboratory.
We are grateful to Saumil Shah and SK Chong who kindly permit us
to use those materials in this course.
Questions can be emailed to xou (put some stuff here) ksu (a little dot) edu.