CS 491/591: Computer Security and Privacy, Spring 2009

The syllabus is here, and the addendum to it is here.

Test 4 "key" is here.

Roya's slides are here.

Test 4 is here:

Jong's slides are here.

Sandy's slides are here.

Test 3 key is here.

Lab 4 is here and the lab 4 files are here.

Lab 3 is here.

Homework 2 *.pdf is here and the *.odt is here.

The ethics agreement is here.

Test 2 key is here.

Test 2 is here:

The Test 1 key is here.

The dates of the tests will be:

Friday, 27 February
Wednesday, 25 March
Friday, 17 April
Wednesday, 6 May

Shasta rules and lab 2 are here. Files you'll need are here and here.

Lab 1 and a half is here.

Here are the files you need for lab 1:

Lab 0 is here.

Here are the updated files for lab 1:

lab1.pdf (Hasn't changed, plaintext links to the same file.)
lab1.pdf.ciphertextv2 (New ciphertext, same key, new EP and S-boxes.)
secret.ciphertextv2 (New ciphertext, same key, new EP and S-boxes.)
sdes16v2.cc (Same algorithm, new EP and S-boxes).

Here are links to join the mailing lists for the class:

http://mail.cs.unm.edu/cgi-bin/mailman/listinfo/secpriv
http://mail.cs.unm.edu/cgi-bin/mailman/listinfo/secpriv-chat

Instructions for accessing video on demand: videoondemand.pdf

Homework 1

Instructor: Jedidiah R. Crandall
Prerequisites: No official prerequisites. Even if you're not a CS major we can make arrangements. E-mail me for a draft syllabus.
Required Texts: Computer Security: Art and Science by Matt Bishop, http://preview.tinyurl.com/6rvefm (this is the graduate version with the brown cover, do not buy the green undergrad version with a different title.).

Rough plan for material to be covered:

3 days on intro to the course and ethics.
2 days on history of crypto, symmetric key cryptography, and linear and differential cryptanalysis.
End of January.
2 days on assymetric crypto, including RSA, identity-based encryption, Shor's algorithm, and quantum crypto.
1 day on hashing, MAC, authentication, dictionary attacks, salting, password file shadowing
1 day on policy, confidentiality, integrity, availability, hybrid policies, access control matrices, take-grant models, RBAC, and MAC
2 days on typical UNIX system security/authentication mechanisms (virtual memory, filesystems, signals, SELinux, etc.)
1 day on concurrency vulnerabilities and early vulnerability analysis papers (Saltzer and Schroeder, Ware, and Anderson, etc.)
1 day on memory corruption exploits, escaping chroot jails
1 day on rootkits and kernel exploits
1 day on the Windows Access Control Model
1 day of review for Test 1
Test 1
End of February
3 days of going through various network protocols and their security issues (ARP, DNS, BGP, TCP/IP, UDP, IPSec, ICMP, DHCP, FTP/Telnet vs. SSH, and SMTP and IMAP)
1 day of talking about packet filtering, IDS, and IPS systems, including RST injection
1 day of learning all about nmap
1 day on insertion, evasion, and DoS attacks
2 days of review
Test 2
Almost the end of March
3 days on information flow (basic information theory, Dennings lattice model, noninterference, the unwinding theorem, the confinement problem, dynamic and static information flow tracking, covert channel analysis, timing channels, inference channels)
2 days on anomaly detection and biologically-inspried approaches to computer and network security
1 day on web security (SQL injections attacks, cross-site scripting, etc.)
1 day on the security of Mac vs. PC vs. Linux
1 day of review
Test 3 on 17 April
3 days on Internet censorship and privacy issues, including privacy-preserving networks such as Tor, censorship technologies, and Internet measurement issues such as routing, tunneling, and protocol dynamics
3 days on malicious code, including worms, viruses, botnets, polymorphism, metamorphism, appearance vs. behavior-based analysis, and macro viruses and recombination
1 Day of review for Test 4
Test 4 on 6 May
1 day to review for the final

The following are examples of the hands-on simulated attacks students will carry out, and the requisite knowledge that will be gained with each:

Linear and/or differential cryptanalysis (probability theory, issues in symmetric cryptosystem design)
Filesystem race conditions (concurrency bugs, filesystems)
Using nmap (sockets, network protocols, firewall configuration)
ARP poisoning (Ethernet)
DNS spoofing and poisoning (DNS)
Insertion and evasion (TCP/IP, intrusion detection)
Virus obfuscation (malware detection, string matching algorithms)
Memory corruption and/or web app exploits (secure programming in C or other languages)
Using fuzzing tools to discover vulnerabilities (debugging)
Whatever you are interested in, e-mail me if you have ideas

Grades as of 10 February: here.

Grades as of 14 February: here.

Grades as of 1 March: here.

Grades as of 2 March: here.

Grades as of 28 March: here.

Grades as of 30 April: here.

Grades as of 9 May: here.

Final grades: here.