ECS 235A. Computer Security. Fall 2007

ECS 235A. Computer Security

Fall 2007	CRN: 51193
Lectures:	Monday, Wednesday, and Friday, 1:10-2:00pm, 1070 Bainer.
Office hours:	Friday, 2-4pm, 3055 Kemper.
Instructor:	Hao Chen <`hchen`AT`cs.ucdavis.edu`>
Mailing list:	`ecs235a-f07@ucdavis.edu` Web interface (for announcements from instructional staff)
Newsgroup:	ucd.class.ecs235.d Web interface (for discussions)

Announcements

Poster session will be at 1-3pm, Friday, 12/7, 1003 Kemper.
Project report is due on Friday, December 14. Name your report report.pdf, and turn it in using:
handin cs235 project project.pdf

Description

This class introduces modern topics in computer systems security, and prepares students to do research on these topics. It plans to cover the following topics:

Principles of security.
Access control: ACL, capabilities, mandatory and discretionary access control.
OS security: OS protection mechanisms, virtual machines, sandboxing.
Software security: software vulnerabilities, static and runtime analysis, Java security.
Network security: firewalls, network intrusion detection
Cryptography protocol design.
Malware: Internet worms, botnets, analysis.
Applications: e-voting, usable security.

Requirements and Grading

Reviews: Write a brief review of each paper that we will discuss in each class. List the paper's most significant contributions and weaknesses, and suggest how the paper could be improved. Your review is due by 5pm on the day before the lecture.
- Place your review in a plain text file named "review". Include your name and the title of each paper in the file.
- Submit the file at any CSIF Linux machine (e.g., pc1.cs.ucdavis.edu) using the command
  handin cs235 revmmdd /path/to/your/review
  where mmdd is the two-digit month and two-digit date of the lecture.
Project: You will do a team project.
Scribe: You will scribe for one class. Send me your scribe in text, LaTeX, Open Office, or Microsoft Word format within two days of the class.
Homework: A few homework assignments.
Exam: None.
Grading: project: 50%; homework: 30%; scribe, paper reviews, and class participation: 20%

Lectures

Note: reading is subject to change.

Week	Date	Topic	Reading	Notes
1	Sep 28	Introduction
2	Oct 1	Principles	The protection of information in computer systems. Saltzer and Schroeder. (Only Section I.)	Jim Apple
	Oct 3	Buffer overflow	StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. Cowan, Pu, Maier, Hinton, Bakke, Beattie, Grier, Wagle, Zhang. Optional (no review necessary): Smashing The Stack For Fun And Profit. Aleph One.	Daniel Martinez Villegas
	Oct 5	Static analysis	Improving Security Using Extensible Lightweight Static Analysis. Evans and Larochelle.	Manish Kumar Anand
3	Oct 8	Static analysis	(Cache) Finding Security Vulnerabilities in Java ApplicationsUsing Static Analysis. Livshits and Lam.	David Whiteneck
	Oct 10	Runtime analysis	(Cache) Dynamic Taint Analysis: Automatic Detection, Analysis, and Signature Generation of Exploit Attacks on Commodity Software. Newsome and Song.	Nina Gholami
	Oct 12	Static analysis	(Cache) Intrusion Detection via Static Analysis Wagner, Dean.	Philip Fisher-Ogden
4	Oct 15	Java security	(Cache) Extensible security architectures for Java Wallach, Balfanz, Dean, Felten	Liang Cai
	Oct 17	Web security	(Cache) Protection and Communication Abstractions for WebBrowsers in MashupOS. Wang, Fan, Howell, and Jackson.	Anhad Preet Singh
	Oct 19	Sandbox	(Cache) A secure environment for untrusted helper applications:confining the wily hacker. Goldberg, Wagner, Thomas, and Brewer.	Paul Congdon
5	Oct 22	Sandbox	(Cache) Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools, Garfinkel.	Daryl Posnett
	Oct 24	Privilege separation	(Cache) Preventing Privilege Escalation. Provos, Friedl, Honeyman.	Todd Williamson
	Oct 26	Network security	(Cache) A Look Back at Security Problems in the TCP/IP Protocol Suite, Bellovin.	Kefeng Tan
6	Oct 29	Worms	(Cache) Inside the Slammer Worm. Moore, Paxson, Savage,Shannon, Staniford, and Weaver.	Kevin Langley
	Oct 31	Botnets	(Cache) A Multifaceted Approach to Understanding the Botnet Phenomenon. Rajab, Zarfoss, Monrose, Terzis.	Taeho, Kwon
	Nov 2	Worm fingerprinting	(Cache) Automated Worm Fingerprinting, Singh, Estan,Varghese and Savage.	Pulak Chowdhury
7	Nov 5	Secure OS	(Cache) An Overview of the Singularity Project. Galen C. Hunt et al.	George Chen
	Nov 7	Capabilities	(Cache) The Confused Deputy. Hardy. (Cache) Capability Myths Demolished. Miller, Yee, and Shapiro.
	Nov 9	Cryptography	(Cache) WhyCryptosystems Fail, Anderson.	Jeffery Yuen
8	Nov 12	Veterans Day. No class.
	Nov 14	Kerboros	(Cache) Designing an Authentication System: a Dialogue in Four Scenes, Bryant.
	Nov 16	Cryptographical protocols	(Cache) Prudent engineering practice for cryptographic protocols, Abadi and Needham.
9	Nov 19	Virtual machines	(Cache) Whenvirtual is better than real. Chen and Noble.
	Nov 21	Virtual machines	(Cache) When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. Garfinkel and Rosenblum.
	Nov 23	Thanksgiving. No class.
10	Nov 26	VM application	(Cache) A Virtual Machine Introspection Based Architecture for Intrusion Detection . Garfinkel and Rosenblum.
	Nov 28	E-voting	(Cache) Analysis ofan Electronic Voting System, Kohno, Stubblefield, Rubin, Wallach.	Andreas Sæbjørnsen
	Nov 30	E-voting	(Cache) Designing voting machines for verification. Sastry, Kohno, and Wagner.
11	Dec 3	Usability	(Cache) Why Phishing Works. Dhamija, Tygar, and Hearst.	Justin Becker
	Dec 5	Economics	(Cache) Why Information Security is Hard -- An Economic Perspective. Anderson.
	Dec 7	Poster session.

Warning

From time to time, we may discuss vulnerabilities in widely-deployed computer systems. This is not intended as an invitation to go exploit those vulnerabilities. It is important that we be able to discuss real-world experience candidly; students are expected to behave responsibly.

The campus's policy (and my policy) on this should be clear: you may not break into machines that are not your own; you may not attempt to attack or subvert system security. Breaking into other people's systems is inappropriate, and the existence of a security hole is no excuse.

Feedback

I always welcome any feedback on what I could be doing better. You are also welcome to send me feedback anonymously.

Hao Chen <hchenATcs.ucdavis.edu>
Last modified December 5, 2007.