CSci530: Syllabus and Reading List -- Fall 2016

Computer Science 530 - Syllabus and Reading List -- Fall 2016

Except as noted Lectures are held Friday morning from 9:00AM to 11:45AM OHE 132.

This is our expected Syllabus and reading list. Most topics will take several lectures to cover. In addition to the primary discussion for each lecture, 5-10 minutes of each lecture will be set aside for discussion of current events in the computer security arena. Specific coverage within each leacture will be updated from year to year to keep the course material up to date with current practice. In particular, there will be additional material added this semester on DNS Security, IP Sec and IP V6 Security, the Trusted Network Interpretation (TNI or Redbook) for high assurance systems. By mid-september we will also have a specail online recorded lecture covering background networking material that should have been covered in your undergradutate program, but which will be available for those without that background.

Dates may change depending on progress throug the semester. Reading assignments are designated as such. Links from system names in the syllabus are for general information only.

Readings are on topics related to the lecture, but lectures are not from the book. Students are expected to have completed the assigned readings prior to lecture so that they have backround appropriate for class discussion.

p

Date Topic/Readings Slides Lab Info

Lecture 1
August 26
2016
The Security Problem

A working definition of security
Evaluating security
Systems security vs network security vs data security
Societal aspects of security, ethical and legal foundations

Readings:

Bishop, Chapter 1, An Overview of Computer Security

PPT
print Lab Introduction.

Lecture 2
September 2
2016
Cryptography - An Overview

Secret key cryptography
Public key cryptography
Hashes and message digests
Steganography

Readings:

Bishop, Chapter 9, Basic Cryprography
Bishop, Chapter 11 (only through section through 11.2), Cipher Techniques
Garfinkel (Is Encryption Doomed)

PPT@Slide 31
PDF@Slide 31 Cryptography

Lecture 3
September 9
2016
Key management

Diffie-Hellman Key Exchange
Ties to Authentication Protocols
Public-key Key Exchange (PGP, X.500, S/MIME)
Peer-to-peer
Group key management

Readings:

Bishop, Chapter 10, Key Management
Needham and Schroeder (you may need to use the VPN for access)
Rafaeli and Hutchison (you may need to use the VPN for access)

PPT Authentication

Lecture 4,5
September 16,23
2016
Authentication and Identity Management

Password-based authentication
Unix vs Windows
Kerberos
X.500
Hardware authentication
Biometrics
(plus more material to be added)

Readings

Bishop, Chapter 12, Authentication
Lamport
Neuman, Ts'o (Kerberos)
Neuman and Stubblebine (Timestamps vs. Nonces)
Kormann and Rubin (Risks of Passport)

PPT Authorization(9/16)
Application Security(9/27)

Lecture 6
September 30, 2016
Authorization and Policy

Policy
ACLs
GAA-API

Readings:

Barkley: Comparing Simple Role Based Access Control Models and Access Control Lists)
Ryutov,Neuman,Kim,Zhou: Integrated Access Control and Intrusion Detection for Web Servers
Readings: Bishop, Chapter 2, Access Control Matrix
Readings: Bishop, Chapter 4, Security Policies
Readings: Bishop, Chapter 5, Confidentiality Policies

PPT@slide 166
print@slide 166 Packet Sniffing

Mid-term
October 7
2016
Mid-Term Exam (9:00 AM - 10:40 AM)
Followed by Lecture start of lecture on untrusted computing .

Lecture 8
October 14
2016

Viruses
Worms
Spyware
Denial of service attacks
Transmission vectors, e.g. spam

Readings

Moore, Paxon, Savage, Shannon, Stanford & Weaver: Inside the Slammer Worm
Thompson, Ken: Reflections on Trusting Trust - ACM Turing Award Lecture 1984
Readings: Bishop, Chapter 22, Malicious Logic

PPT
print .

Lecture 9
October 21
2016
Countermeasures

Firewalls
Virus checkers
Patch and configuration management

Readings
Bishop, Chapters 26 and 27, Network and System Security

PPT@Slide 34
print Intrusion Detection

Lecture 10
October 28
2016
(will extend into lecture 11)
Intrusion detection and response

Commercial Itrusion Detection Systems
Research Itrusion Detection Systems
Response systems

Readings

Bishop, Chapter 25, Intrusion Detection
Taimur Aslam, Ivan Krsul, and Eugene H. Spafford, A Taxonomy of Security Faults, Proceedings of the National Computer Security Conference, Coast TR 96-05, 1996.
C. Ko, G. Fink, K. Levitt, Automated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring, Proc. of the 10th Annual Computer Security Applications Conference, December 1994, pp 134-144.
Debra Anderson, Thane Frivold, and Alfonso Valdes, Next Generation Intrusion Detection Expert System (NIDES) a Summary, SRI Computer Science Laboratory Technical Report SRI-CSL-95-07, May 1995.
S Singh, C Estan, G Varghese, S Savage, The EarlyBird System for Real-time Detection of Unknown Worms , ACM Workshop on Hot Topics in Networks, 2003.

.
. Arp Spoofing

Lecture 11
November 4th
2016

The Human Element

Social Engineering

Phishing
Character sets

Complexity of proper security deployment

Configuration issues
Passwords

Readings

Phinding Phish: Evaluating Anti-Phishing Tools, Zhang, Egelman, Cranor and Hong, 2007 Internet Society Symposium on Network and Distributed Systems Security.

PPT
print Tunnels/VPNs

Lecture 12
November 11
2016

Trusted Computing

The Public Perception of Trusted Computing
The Hardware Basis for Trusted Computing
The Software and OS Basis for Trusted Computing
Virtualization
Negotiating Trust and Obligation
Case Studies

Readings

Glance at the web site for the Trusted Computing Group
Vivek Haldar, Deepak Chandra and Michael Franz, Semantic Remote Attestation -- A Virtual Machine directed approach to Trusted Computing In proceedigs of the 3rd Virtual Machine Research and Technology Symposium.
Arun Viswanathan and B.C. Neuman, A Survey of Isolation Techniques - DRAFT

PPT
print Forensics

Lecture 13
November 18th
2016

Privacy
Read or listen to this Podcast on NPR, to understand why privac is important.
Your Digital Trail: Data Fuels Political and Legal Agendas - By Daniel Zwerdling, October 3, 2013. All things considered.

PPT
print none

TG
November 27
2014

Thanksgiving Recess, No Lecture
N/A None

Lecture 14
December 2nd
2016

Cyber-Physical Systems

Requirements for Security
Need for performance isolation

Security for Cloud Computing

Readings

Threat Propagation in Cyber Physical Systems - Neuman, Tan 2011.
Security risks in Cloud Computing from InfoWorld July 2, 2008.

Selected Topics and Review

. None

Final Exam
Monday
December 12,
2016
Final Exam (11:00 AM - 1:00 PM)
N/A None

Date	Topic/Readings	Slides	Lab Info
Lecture 1 August 26 2016	The Security Problem A working definition of security Evaluating security Systems security vs network security vs data security Societal aspects of security, ethical and legal foundations Readings: Bishop, Chapter 1, An Overview of Computer Security	PPT print	Lab Introduction.
Lecture 2 September 2 2016	Cryptography - An Overview Secret key cryptography Public key cryptography Hashes and message digests Steganography Readings: Bishop, Chapter 9, Basic Cryprography Bishop, Chapter 11 (only through section through 11.2), Cipher Techniques Garfinkel (Is Encryption Doomed)	PPT@Slide 31 PDF@Slide 31	Cryptography
Lecture 3 September 9 2016	Key management Diffie-Hellman Key Exchange Ties to Authentication Protocols Public-key Key Exchange (PGP, X.500, S/MIME) Peer-to-peer Group key management Readings: Bishop, Chapter 10, Key Management Needham and Schroeder (you may need to use the VPN for access) Rafaeli and Hutchison (you may need to use the VPN for access)	PPT	Authentication
Lecture 4,5 September 16,23 2016	Authentication and Identity Management Password-based authentication Unix vs Windows Kerberos X.500 Hardware authentication Biometrics (plus more material to be added) Readings Bishop, Chapter 12, Authentication Lamport Neuman, Ts'o (Kerberos) Neuman and Stubblebine (Timestamps vs. Nonces) Kormann and Rubin (Risks of Passport)	PPT	Authorization(9/16) Application Security(9/27)
Lecture 6 September 30, 2016	Authorization and Policy Policy ACLs GAA-API Readings: Barkley: Comparing Simple Role Based Access Control Models and Access Control Lists) Ryutov,Neuman,Kim,Zhou: Integrated Access Control and Intrusion Detection for Web Servers Readings: Bishop, Chapter 2, Access Control Matrix Readings: Bishop, Chapter 4, Security Policies Readings: Bishop, Chapter 5, Confidentiality Policies	PPT@slide 166 print@slide 166	Packet Sniffing
Mid-term October 7 2016	Mid-Term Exam (9:00 AM - 10:40 AM)	Followed by Lecture start of lecture on untrusted computing	.
Lecture 8 October 14 2016	Viruses Worms Spyware Denial of service attacks Transmission vectors, e.g. spam Readings Moore, Paxon, Savage, Shannon, Stanford & Weaver: Inside the Slammer Worm Thompson, Ken: Reflections on Trusting Trust - ACM Turing Award Lecture 1984 Readings: Bishop, Chapter 22, Malicious Logic	PPT print	.
Lecture 9 October 21 2016	Countermeasures Firewalls Virus checkers Patch and configuration management Readings Bishop, Chapters 26 and 27, Network and System Security	PPT@Slide 34 print	Intrusion Detection
Lecture 10 October 28 2016 (will extend into lecture 11)	Intrusion detection and response Commercial Itrusion Detection Systems Research Itrusion Detection Systems Response systems Readings Bishop, Chapter 25, Intrusion Detection Taimur Aslam, Ivan Krsul, and Eugene H. Spafford, A Taxonomy of Security Faults, Proceedings of the National Computer Security Conference, Coast TR 96-05, 1996. C. Ko, G. Fink, K. Levitt, Automated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring, Proc. of the 10th Annual Computer Security Applications Conference, December 1994, pp 134-144. Debra Anderson, Thane Frivold, and Alfonso Valdes, Next Generation Intrusion Detection Expert System (NIDES) a Summary, SRI Computer Science Laboratory Technical Report SRI-CSL-95-07, May 1995. S Singh, C Estan, G Varghese, S Savage, The EarlyBird System for Real-time Detection of Unknown Worms , ACM Workshop on Hot Topics in Networks, 2003.	. .	Arp Spoofing
Lecture 11 November 4th 2016	The Human Element Social Engineering Phishing Character sets Complexity of proper security deployment Configuration issues Passwords Readings Phinding Phish: Evaluating Anti-Phishing Tools, Zhang, Egelman, Cranor and Hong, 2007 Internet Society Symposium on Network and Distributed Systems Security.	PPT print	Tunnels/VPNs
Lecture 12 November 11 2016	Trusted Computing The Public Perception of Trusted Computing The Hardware Basis for Trusted Computing The Software and OS Basis for Trusted Computing Virtualization Negotiating Trust and Obligation Case Studies Readings Glance at the web site for the Trusted Computing Group Vivek Haldar, Deepak Chandra and Michael Franz, Semantic Remote Attestation -- A Virtual Machine directed approach to Trusted Computing In proceedigs of the 3rd Virtual Machine Research and Technology Symposium. Arun Viswanathan and B.C. Neuman, A Survey of Isolation Techniques - DRAFT	PPT print	Forensics
Lecture 13 November 18th 2016	Privacy Read or listen to this Podcast on NPR, to understand why privac is important. Your Digital Trail: Data Fuels Political and Legal Agendas - By Daniel Zwerdling, October 3, 2013. All things considered.	PPT print	none
TG November 27 2014	Thanksgiving Recess, No Lecture	N/A	None
Lecture 14 December 2nd 2016	Cyber-Physical Systems Requirements for Security Need for performance isolation Security for Cloud Computing Readings Threat Propagation in Cyber Physical Systems - Neuman, Tan 2011. Security risks in Cloud Computing from InfoWorld July 2, 2008. Selected Topics and Review	.	None
Final Exam Monday December 12, 2016	Final Exam (11:00 AM - 1:00 PM)	N/A	None