ECS 153. Computer Security. Spring 2006

ECS 153. Computer Security

Spring 2006	CRN: 70717
Lecture:	Tuesday and Thursday, 4:40-6:00pm; 106 Olson.
Section:	Friday 3:10-4:00pm, 217 Art.
Instructor:	Hao Chen <`hchen`AT`cs.ucdavis.edu`> Office hours: Tuesday 10:30am-12:30pm, 3055 Kemper.
TA:	Juan Lang <`jilang`AT`ucdavis.edu`> Office hours: Friday 2:10-3:00pm, 3106 Kemper.
Mailing list:	`ecs153-s06@ucdavis.edu` Web interface (for announcements from instructional staff)
Newsgroup:	ucd.class.ecs235.d Web interface (for discussions)

Announcements

Project has been assigned.
Homework 3 has been assigned.

Homework

Buffer overflow attacks. Due 10:00pm, Friday, April 14, 2006.
Handout: buflab-handout.tar
You can check the class's progress at the grading page, which is updated minutely. If the page is stale for more than 5 minutes, please notify me.
x86 assembly language references:
- Intel opcodes
- Informal Intel vs. AT&T syntax guide
Phishing detector: Phish Fry. Due 10:00pm, Sunday, April 30.
Many thanks to Juan Lang and Francis Hsu for their invaluable contributions.
Attacking phish detector: Attacking Phish Fry. Due 10:00pm, Tuesday, May 23.
Many thanks to Juan Lang for his invaluable contributions.

Goals

This course introduces principles, mechanisms, and implementations of computer security. You will learn how hackers attack systems, how to defend against the attacks, and how to design systems to withstand the attacks.

Topics

Security principles
Security Mechanisms
- Cryptography: symmetric key, public key, PKI, key management
- Authentication: password, challenge/response, cryptographic protocols
- Access control: access control list, capabilities, theories
- Network security: security mechanisms on the Internet, firewall, intrusion detection
- Confinement: isolation, covert channels
- Security policies
Practical security challenges
- Software vulnerabilities and secure programming.
- Malware: worms, viruses, spyware.
- Security usability
Other topics as time permits and according to student interest.

Prerequisites

ECS 150

Requirements and grading

Reading: we will use materials from the following textbook as well as selected papers. You must read the assigned reading before each class.
Textbook: M. Bishop, Computer Security: Art and Science, Addison-Wesley, Boston, MA. ©2003. ISBN 0-201-44099-7
Reviews: You should write a brief review of the reading. You should list a few major contributions of the reading and, if applicable, a few major shortcomings, limitations, or flaws and how they can be improved. Your review is due by 5pm on the day before the lecture.
- Place your review in a plain text file named "review". Print your name on the first line of the file. Note: you MUST name your file review.
- Submit the file at any CSIF Linux machine using the command
  handin cs153 mmdd /path/to/your/review
  where mmdd is the two-digit month and two-digit date of the lecture. For example, to submit a review for the lecture on April 6, run the command
  handin cs153 0406 review
Homework
Exam
Project
Grading: homework: 30%; exam: 30%; project: 30%; reviews and classroom participation: 10%

Lectures

Note: reading is subject to change.

Week	Date	Topic	Reading
1	March 30	Introduction	None
2	April 4	Design principles	§13. Slides (Wagner)
2	April 6	Buffer overruns	(cache) Smashing The Stack For Fun And Profit (Aleph One) (cache) StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks Cowan et al.
3	April 11	Software security	§29.5
3	April 13	Robust programming	Robust Programming (Matt Bishop)
4	April 18	Symmetric-key cryptography	§9.1, §9.2 (except §9.2.2.1), §11.2.2
4	April 20	Public-key cryptography	§9.3, §10.4
5	April 25	Public-key cryptography	§9.4, §10.6
5	April 27	Message authentication, digital signatures
6	May 2	Authentication	§12.1-12.3
6	May 4	Key exchange; kerberos	§10.1-10.2; Designing an Authentication System: a Dialogue in Four Scenes, Bryant.
7	May 9	Protocol design	Prudent engineering practice for cryptographic protocols, Abadi and Needham. Slides (Wagner)
7	May 11	Midterm
8	May 16	Access control	§2, 4.4, 15.1-15.2
8	May 18	Confidentiality and integrity models	§5.1, 5.2.1, 6.1, 6.2
9	May 23	Confinement	§17.1-17.2, 17.3 (before 17.3.1)
9	May 25	Firewall
10	May 30	Malware
10	June 1	TBD
11	June 8	Project poster presentation	10am-noon, 1065 Kemper

Warning

From time to time, we may discuss vulnerabilities in widely-deployed computer systems. This is not intended as an invitation to go exploit those vulnerabilities. It is important that we be able to discuss real-world experience candidly; students are expected to behave responsibly.

The campus's policy (and my policy) on this should be clear: you may not break into machines that are not your own; you may not attempt to attack or subvert system security. Breaking into other people's systems is inappropriate, and the existence of a security hole is no excuse.

Feedback

I always welcome any feedback on what I could be doing better. You are also welcome to send me feedback anonymously.

Hao Chen <hchenATcs.ucdavis.edu>
Last modified April 18, 2006.