ECS 235A. Computer Security. Fall 2009

ECS 235A. Computer Security

Fall 2009	CRN: 20826
Lectures:	Monday, Wednesday, and Friday, 1000-1050, 293 Kerr.
Office hours:	Wednesday 1415-1615, 2211 Watershed.
Instructor:	Hao Chen <`hchen`AT`cs.ucdavis.edu`>
Communications:	SmartSite (for discussions)

Announcements

Welcome to ECS 235A.

Description

This class introduces modern topics in computer systems security, and prepares students to do research on these topics. It plans to cover the following topics:

Principles of security.
Access control: ACL, capabilities, mandatory and discretionary access control.
OS security: OS protection mechanisms, virtual machines, sandboxing.
Software security: software vulnerabilities, static and runtime analysis, Java security.
Network security: firewalls, network intrusion detection
Cryptography protocol design.
Malware: Internet worms, botnets, analysis.
Applications: e-voting, usable security.

Requirements and Grading

Reviews: Write a brief review of each paper that we will discuss in each class. List the paper's most significant contributions and weaknesses, and suggest how the paper could be improved. Your review is due by 5pm on the day before the lecture.
- Place your review in a plain text file named "review". Include your name and the title of each paper in the file.
- Submit the file at any CSIF Linux machine (e.g., pc1.cs.ucdavis.edu) using the command
  handin cs235 revmmdd /path/to/your/review
  where mmdd is the two-digit month and two-digit date of the lecture.
Project: You will do a team project.
Scribe: You will scribe for one class. Send me your scribe in text, LaTeX, or Microsoft Word format within two days of the class.
Homework: A few homework assignments.
Exam: None.
Grading: project: 50%; homework: 30%; scribe, paper reviews, and class participation: 20%

Lectures

Note: reading is subject to change.

Week	Date	Topic	Reading	Notes
1	Sep 25	Introduction
2	Sep 28	Principles	Basic principles of information protection. Saltzer and Schroeder. (Only read Section A: Considerations Surrounding the Study of Protection)	Kannan Govindan
	Sep 30	Software vulnerabilities	Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns. Pincus and Baker. Optional (no review necessary): Smashing The Stack For Fun And Profit. Aleph One.	Julie Ard
	Oct 2	Software vulnerabilities		Zhongxian Gu
3	Oct 5	Static analysis	(Cache) Finding Security Vulnerabilities in Java ApplicationsUsing Static Analysis. Livshits and Lam.	Menglin Liu
	Oct 7	Static analysis		Foyzur Rahman
	Oct 9	Runtime analysis	(Cache) Dynamic Taint Analysis: Automatic Detection, Analysis, and Signature Generation of Exploit Attacks on Commodity Software. Newsome and Song.	Srikar Reddy Reddy
4	Oct 12	Application of static analysis	(Cache) Intrusion Detection via Static Analysis Wagner, Dean.	Sven Koehler
	Oct 14	Application of static analysis		Ajay Sundar Ramakrishnan
	Oct 16	Java Security	(Cache) Extensible security architectures for Java. Wallach, Balfanz, Dean, Felten.	Kartik Pandit
5	Oct 19	Sandbox	(Cache) A secure environment for untrusted helper applications:confining the wily hacker. Goldberg, Wagner, Thomas, and Brewer. (Cache) Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools, Garfinkel.	Anandarup Sarkar
	Oct 21	Sandbox		Matthew Lietzke
	Oct 23	Software fault isolation	(Cache) Evaluating SFI for a CISC Architecture, McCamant, Morrisett.	Julie Ard
6	Oct 26	Kerboros	(Cache) Designing an Authentication System: a Dialogue in Four Scenes, Bryant.	Clint Gibler
	Oct 28	Capabilities	(Cache) The Confused Deputy. Hardy. (Cache) Access Control (v0.1), Laurie.
	Oct 30	Cryptographical protocols	(Cache) Prudent engineering practice for cryptographic protocols, Abadi and Needham.
7	Nov 2	Cryptographical protocols
	Nov 4	Virtual machines	(Cache) A Virtual Machine Introspection Based Architecture for Intrusion Detection . Garfinkel and Rosenblum.	Sven Koehler
	Nov 6	Virtual machines	(Cache) When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. Garfinkel and Rosenblum.
8	Nov 9		Scott Decker
	Nov 11	Veteran's Day. No class.
	Nov 13	Web security - CSRF	Cross-Site Request Forgeries: Exploitation and Prevention, Zeller, Felten. Robust Defenses for Cross-Site Request Forgery, Barth, Jackson, Mitchell.
9	Nov 16	Internet worm	(Cache) Automated Worm Fingerprinting, Singh, Estan,Varghese and Savage.
	Nov 18	Privilege separation	(Cache) Preventing Privilege Escalation. Provos, Friedl, Honeyman.
	Nov 20	Web security	(Cache) The Security Architecture of the Chromium Browser, Barth, Jackson, Reis, Google Chrome Team.
10	Nov 23	Usability	(Cache) Why Phishing Works. Dhamija, Tygar, and Hearst. The psychology of security, West.
	Nov 25	Usability	Crying Wolf: An Empirical Study of SSL Warning Effectiveness, Sunshine, Egelman, Almuhimedi, Atri, and Cranor.
	Nov 27	Thanksgiving. No class.
11	Nov 30
	Dec 2
	Dec 4

Warning

From time to time, we may discuss vulnerabilities in widely-deployed computer systems. This is not intended as an invitation to go exploit those vulnerabilities. It is important that we be able to discuss real-world experience candidly; students are expected to behave responsibly.

The campus's policy (and my policy) on this should be clear: you may not break into machines that are not your own; you may not attempt to attack or subvert system security. Breaking into other people's systems is inappropriate, and the existence of a security hole is no excuse.

Feedback

I always welcome any feedback on what I could be doing better. You are also welcome to send me feedback anonymously.

Hao Chen <hchenATcs.ucdavis.edu>
Last modified November 1, 2009.