ECS 235. Computer Security. Fall 2005

ECS 235. Computer Security

Fall 2005	CRN: 52735
Lectures:	Tuesday and Thursday, 9-10:20am; 1062 Bainer.
Instructor:	Hao Chen <`hchen`AT`cs.ucdavis.edu`> Office hours: Tuesday 11am-noon; Thursday 10:30-11:30am.
Mailing list:	`ecs235-f05@ucdavis.edu` Web interface (for announcements from instructional staff)
Newsgroup:	ucd.class.ecs235.d Web interface (for discussions)

Announcements

The reading for the class on Dec 6 has been posted.

Homework

Buffer overflow attacks. Due 10:00pm, Wednesday, Oct 12, 2005.
Handout: buflab-handout.tar
You can check the class's progress at the grading page, which is updated minutely. If the page is stale for more than 5 minutes, please notify me.
x86 assembly language references:
- Intel opcodes A-M N-Z
- Informal Intel vs. AT&T syntax guide

Goals

Introduces modern topics in computer systems security. Prepares students to do research in computer security.

Requirements and Grading

Reviews: Write a brief review of each paper that we will discuss in each class. List the paper's most significant contributions and weaknesses, and suggest how the paper could be improved. Your review is due by noon on the day before the lecture.
- Place your review in a plain text file named "review". Include your name and the title of each paper in the file.
- Submit the file at any CSIF Linux machine using the command
  handin cs235 revmmdd /path/to/your/review
  where mmdd is the two-digit month and two-digit date of the lecture.
Project: You will do a team (2-3 people) research project. You are welcome to choose any topic on computer security -- I will interpret the topic broadly. I encourage you to tie your project with your current research if possible. You will present your project in a poster session, and submit a report in the form of a conference paper. Be ambitious! Strive for publications from your project.
Homework: A few homework assignments.
There is NO exam.
Grading: project: 50%; homework: 30%; paper reviews and class participation: 20%

Lectures

Note: reading is subject to change.

Week	Date	Topic	Reading and notes
1	Sep 29	Introduction
2	Oct 4	Principles	The protection of information in computer systems. Saltzer and Schroeder. (Only Section I.) Slides (courtesy Prof. David Wagner)
2	Oct 6	Buffer overflow	(cache) StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks Cowan, Pu, Maier, Hinton, Bakke, Beattie, Grier, Wagle, Zhang. Optional: (cache) Smashing The Stack For Fun And Profit Aleph One.
3	Oct 11	Access Control; Trust	Protection, Lampson. Reflections on trusting trust, Thompson.
3	Oct 13	Capabilities; Confinement	The Confused Deputy, Hardy. A note on the confinement problem, Lampson. Optional: Capability Myths Demolished, Miller, Yee, and Shapiro.
4	Oct 18	Sandboxing	A secure environment for untrusted helper applications: confining the wily hacker, Goldberg, Wagner, Thomas, and Brewer. Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools, Garfinkel.
4	Oct 20	Cryptography	Why Cryptosystems Fail, Anderson.
5	Oct 25	Kerberos	Designing an Authentication System: a Dialogue in Four Scenes, Bryant.
5	Oct 27	Protocol design	Prudent engineering practice for cryptographic protocols, Abadi and Needham. Optional: slides ps, pdf.
6	Nov 1	E-voting	Analysis of an Electronic Voting System, Kohno, Stubblefield, Rubin, Wallach. Cryptographic Voting Protocols: A Systems Perspective, Karlof, Sastry, Wagner.
6	Nov 3	Network security	Security Problems in the TCP/IP Protocol Suite, Bellovin.
7	Nov 8	Worms	How to 0wn the Internet in Your Spare Time, S. Staniford, V. Paxson and N. Weaver Very Fast Containment of Scanning Worms, N. Weaver, S. Staniford and V. Paxson.
7	Nov 10	Worm fingerprinting; DOS	Automated Worm Fingerprinting, Singh, Estan, Varghese and Savage. Inferring Internet Denial of Service Activity, Moore, Voelker, and Savage.
8	Nov 15	Virtual machines	Terra: A Virtual Machine-Based Platform for Trusted Computing, Garfinkel, Pfaff, Chow, Rosenblum, and Boneh. Backtracking Intrusions, King and Chen.
8	Nov 17	Software security	Shifting the odds: Writing (more) secure software. Bellovin. Improving Security Using Extensible Lightweight Static Analysis Evans, Larochelle.
9	Nov 22	Language-based security; PCC	Language-based security, Kozen. Safe Kernel Extensions Without Run-Time Checking Necula and Lee.
9	Nov 24	Thanksgiving. No class.
10	Nov 29	Java Security	Extensible security architectures for Java Wallach, Balfanz, Dean, Felten Optional: Java security: from HotJava to Netscape Dean, Felten, Wallach.
10	Dec 1	Intrusion detection	Intrusion Detection via Static Analysis Wagner, Dean.
11	Dec 6	Usability; Wrap up	Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 Whitten and Tygar.
11	Dec 8	Poster session. No lecture.

Warning

From time to time, we may discuss vulnerabilities in widely-deployed computer systems. This is not intended as an invitation to go exploit those vulnerabilities. It is important that we be able to discuss real-world experience candidly; students are expected to behave responsibly.

The campus's policy (and my policy) on this should be clear: you may not break into machines that are not your own; you may not attempt to attack or subvert system security. Breaking into other people's systems is inappropriate, and the existence of a security hole is no excuse.

Feedback

I always welcome any feedback on what I could be doing better. You are also welcome to send me feedback anonymously.

Hao Chen <hchenATcs.ucdavis.edu>
Last modified December 1, 2005.