| Introduction | |
| Chad Salinas Reading List Spring 2008 | |
| Lecture 1: 4/ 1/08 (Mitchell) |
Course overview [ppt] Reading: Reflections on Trusting Trust, Ken Thompson Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress (Congressional Research Services report) |
| Part 1: Basics | |
| Lecture 2: 4/ 3/08 (inv) |
Secure system design, access control, and protection [ppt] Reading: The Protection of Information in Computer Systems J.H. Saltzer and M.D. Schroeder Protection, by Butler Lampson The Confused Deputy, Norm Hardy Preventing privilege escalation, Provos et al. 2003 |
| Lecture 3: 4/ 8/08 (Bon) |
Buffer overflows and other common bugs: exploits and defenses [ppt] Reading: Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade, Crispin Cowan, et al. Smashing The Stack For Fun And Profit, Aleph One Basic Integer Overflows, blexim Exploiting Format String Vulnerabilities, team teso (optional) Once upon a free(), anonymous (Optional but useful for Project 1) |
| Lecture 4: 4/10/08 (Bon) |
Malware: Computer viruses, Spyware, and key-loggers Reading: Hunting for metamorphic, Szor, P. Ferrie Computer Virus-Antivirus Coevolution. Nachenberg, Comm. ACM, 40(1), pp. 46-51, 1997 Know your Enemy: Tracking Botnets, Honeynet The Anatomy of Clickbot.A, Daswani et al. (optional) |
| Lecture 5: 4/15/08 (inv) |
Fuzzing and tools for writing robust application code [ppt] Reading: Using Programmer-Written Compiler Extensions to Catch Security Holes, Ken Ashcraft, Dawson Engler Thorough Static Analysis of Device Drivers, Ball et al. White box fuzzing, by P. Godefroid et al. How hackers look for bugs by Dave Aitel Real world fuzzing, by Charlie Miller |
| Lecture 6: 4/17/08 (Bon) |
Dealing with bad (legacy) application code: sandboxing and isolation [ppt] Reading: A note on the confinement problem, Butler Lampson Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools, T. Garfinkel Efficient Software-Based Fault Isolation, Robert Wahbe, et al. |
| Lecture 7: 4/22/08 (Mit) |
Use of cryptography in computer security [ppt] Reading: Five-minute university Why cryptosystems fail, Ross Anderson |
| Part 2: Web Security | |
| Lecture 8: 4/24/08 (Bon) |
Web security: introduction [ppt] Reading: The ghost in the browser: analysis of web-based malware, Provos et al. ForceHTTPS: Protecting High-Security Web Sites from Network Attacks, Jackson and Barth. |
| Lecture 9: 4/29/08 (Mit) |
The browser security model [ppt] Reading: browser security papers. |
| Lecture 10: 5/ 1/08 (Mit) |
Secure web site design [ppt] Reading: Cross site scripting explained, Amit Klein SQL Injection attacks, Chris Anley Cross Site Request Forgeries, Schreiber, 2004 |
| Lecture 11: 5/ 6/08 (inv) |
User authentication: Password management, phishing, user interfaces, single sign on [ppt] Reading: Protecting Browser State from Web Privacy Attacks, Jackson et al Designing and Conducting Phishing Experiments, Finn and Jakobsson, 2007 |
| Part 3: Network security | |
| Lecture 12: 5/ 8/08 (Mit) |
Security problems in network protocols: TCP, DNS, SMTP, and routing [ppt] Reading: A look back at Security Problems in the TCP/IP Protocol Suite, S. Bellovin, ACSAC 2004. Protecting Browsers from DNS Rebinding Attacks |
| Lecture 13: 5/13/08 (inv) |
Network defense tools: Firewalls, VPNs, Intrusion Detection, and filters [pdf] Reading: Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection, T. Ptacek Bro: A System for Detecting Network Intruders in Real-Time, V. Paxon Linux Firewall – the Traffic Shaper , J. Wortelboer and J. Van Oorschot |
| Lecture 14: 5/15/08 (Bon) |
Unwanted traffic: denial of service attacks and spam email [ppt] Reading: Practical network support for IP Traceback, S. Savage, et al. A DoS-Limiting Network Architecture, Yang, Wetherall, and Anderson A detailed DDoS extortion story |
| Lecture 15: 5/20/08 (Bon) |
Privacy: Anonymous routing, mix nets (Tor), and PIR [ppt] Reading: Tor: The Second-Generation Onion Router, Dingledine et al. |
| Lecture 16: 5/22/08 (Mit) |
Network worms and bot-nets: attacks and defenses [ppt] Reading: Inside the slammer worm, S. Savage Automated worm fingerprinting, S. Singh et al. Blocking new attacks without patching, H. Wang et al. Characterizing the Remote Control Behavior of Bots , E. Stinson and J.C. Mitchell |
| Part 5: Final topics | |
| Lecture 17: 5/27/08 (Bon) |
Trusted Computing Systems [ppt] Reading: Experimenting with TCG Hardware, Marchesini, et al. TCG Specification Architecture Overview A Virtual Machine-Based Platform for Trusted Computing, Garfinkel et al. |
| Lecture 18: 5/29/08 (Mit) |
Digital Rights Management [ppt] Reading: Hardware-assisted circumvention of self-hashing software tamper resistance, Oorschot et al. Wikipedia description and links |
| Lecture 19: 6/ 3/08 (inv) |
Final lecture: Zulfikar Ramzan, Symantec Corp. [pdf] Reading: |
Filed under: Uncategorized | Leave a Comment »
