ECS 235A. Computer Security. Fall 2008

ECS 235A. Computer Security

Fall 2008	CRN: 60746
Lectures:	Tuesday and Thursday, 9:00-10:20am, 1070 Bainer.
Office hours:	Thursday, 10:20-11:30am, 3055 Kemper.
Instructor:	Hao Chen <`hchen`AT`cs.ucdavis.edu`>
Mailing list:	`ecs235a-f08@ucdavis.edu` Web interface (for announcements from instructional staff)
Newsgroup:	ucd.class.ecs235.d Web interface (for discussions)

Announcements

Project report is due by Friday, December 12. Hand in your report in PDF format using:
handin cs235 project /path/to/your/report

Description

This class introduces modern topics in computer systems security, and prepares students to do research on these topics. It plans to cover the following topics:

Principles of security.
Access control: ACL, capabilities, mandatory and discretionary access control.
OS security: OS protection mechanisms, virtual machines, sandboxing.
Software security: software vulnerabilities, static and runtime analysis, Java security.
Network security: firewalls, network intrusion detection
Cryptography protocol design.
Malware: Internet worms, botnets, analysis.
Applications: e-voting, usable security.

Requirements and Grading

Reviews: Write a brief review of each paper that we will discuss in each class. List the paper's most significant contributions and weaknesses, and suggest how the paper could be improved. Your review is due by 5pm on the day before the lecture.
- Place your review in a plain text file named "review". Include your name and the title of each paper in the file.
- Submit the file at any CSIF Linux machine (e.g., pc1.cs.ucdavis.edu) using the command
  handin cs235 revmmdd /path/to/your/review
  where mmdd is the two-digit month and two-digit date of the lecture.
Project: You will do a team project.
Scribe: You will scribe for one class. Send me your scribe in text, LaTeX, or Microsoft Word format within two days of the class.
Homework: A few homework assignments.
Exam: None.
Grading: project: 50%; homework: 30%; scribe, paper reviews, and class participation: 20%

Lectures

Note: reading is subject to change.

Week	Date	Topic	Reading	Notes
1	Sep 25	Introduction
2	Sep 30	Principles	Basic principles of information protection. Saltzer and Schroeder. (Only read Section A: Considerations Surrounding the Study of Protection)	Michael Clifford
2	Oct 2	Software vulnerabilities	Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns. Pincus and Baker.	Ben Davis
3	Oct 7	Static analysis	(Cache) Finding Security Vulnerabilities in Java ApplicationsUsing Static Analysis. Livshits and Lam.	Anonymous
3	Oct 9	Runtime analysis	(Cache) Dynamic Taint Analysis: Automatic Detection, Analysis, and Signature Generation of Exploit Attacks on Commodity Software. Newsome and Song.	David Ko
4	Oct 14	Java Security	(Cache) Extensible security architectures for Java. Wallach, Balfanz, Dean, Felten.	Will Kallander
4	Oct 16	Java Security		Will Kallander
5	Oct 21	Sandbox	(Cache) A secure environment for untrusted helper applications:confining the wily hacker. Goldberg, Wagner, Thomas, and Brewer. (Cache) Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools, Garfinkel.	Liang Xu
5	Oct 23	Software fault isolation	(Cache) Evaluating SFI for a CISC Architecture, McCamant, Morrisett.	Thomas Tran
6	Oct 28	E-voting	Guest lecture by Matt Bishop. No reading.
6	Oct 30	Internet worm detection	(Cache) Automated Worm Fingerprinting, Singh, Estan,Varghese and Savage. (Cache) Inside the Slammer Worm. Moore, Paxson, Savage,Shannon, Staniford, and Weaver. Guest lecture by Matt Van Gundy.
7	Nov 4	Capabilities	(Cache) The Confused Deputy. Hardy. (Cache) Access Control (v0.1), Laurie.	Fangqi Sun
7	Nov 6	Kerboros	(Cache) Designing an Authentication System: a Dialogue in Four Scenes, Bryant.
8	Nov 11	Veteran's Day. No class.
8	Nov 13	Cryptographical protocols	(Cache) Prudent engineering practice for cryptographic protocols, Abadi and Needham.
9	Nov 18	Virtual machines	(Cache) A Virtual Machine Introspection Based Architecture for Intrusion Detection . Garfinkel and Rosenblum. (Cache) When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. Garfinkel and Rosenblum.
9	Nov 20	Network security	(Cache) A Look Back at Security Problems in the TCP/IP Protocol Suite, Bellovin.
10	Nov 25	Privilege separation	(Cache) Preventing Privilege Escalation. Provos, Friedl, Honeyman. (Cache) Some thoughts on security after ten years of qmail 1.0, Bernstein.	Supriya Gulati
10	Nov 27	Thanksgiving. No class.
11	Dec 2	Web security- XSS	Noncespaces: using randomization to enforce information flow tracking and thwart cross-site scripting attacks, Van Gundy and Chen.
11	Dec 4	Web security - CSRF	Cross-Site Request Forgeries: Exploitation and Prevention, Zeller, Felten. Robust Defenses for Cross-Site Request Forgery, Barth, Jackson, Mitchell.

Warning

From time to time, we may discuss vulnerabilities in widely-deployed computer systems. This is not intended as an invitation to go exploit those vulnerabilities. It is important that we be able to discuss real-world experience candidly; students are expected to behave responsibly.

The campus's policy (and my policy) on this should be clear: you may not break into machines that are not your own; you may not attempt to attack or subvert system security. Breaking into other people's systems is inappropriate, and the existence of a security hole is no excuse.

Feedback

I always welcome any feedback on what I could be doing better. You are also welcome to send me feedback anonymously.

Hao Chen <hchenATcs.ucdavis.edu>
Last modified November 30, 2008.