CS 161 Syllabus

(Fall 2008)

Aug 27
Course overview ( slides )
Reflections on Trusting Trust, Ken Thompson (Optional)
Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress (Congressional Research Services report) (Optional)
Sep 1
No Lecture
Part 1: Introduction to Cryptography
Sep 3
Secret key encryption ( Slides , Notes 1 and 2)
G 11.1, 11.5.1, 11.5.2
PP 4.1, 4.4 (Optional), A 5.1, 5.3.3 (Optional)
Sep 8
Public key encryption (slides, notes)
G 11.2, 11.5.3, 11.5.4
PP 2.7 (Optional), A 5.3.4, 5.7.1 (Optional)
Sep 10
Hash functions, MACs, Digital signatures (slides)
G 11.3, 11.4
PP 2.8 (Optional), A 5.5.6, 5.6, 5.7 (Optional)
Sep 15
Authentication and key exchange protocols ( slides )
G 12.1-12.4, 13.4
Sep 17
password authentication, random number generator ( slides , notes )

Sep 22
Secret sharing and ZKP ( slides , notes )

Sep 24
ZKP and Case study: how real-world crypto systems break ( slides , notes )
Security Analysis of a Cryptographically-Enabled RFID Device (Optional)
Intercepting Mobile Communications: The Insecurity of 802.11 (Optional)

Part 2: Software Security
Sep 29
Buffer overflows and other common bugs ( slides )
Smashing The Stack For Fun And Profit, Aleph One
Basic Integer Overflows, blexim
Exploiting Format String Vulnerabilities, team teso (Optional)
Oct 1
Runtime Defenses against Memory Safety Vulnerabilities ( slides )
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade, Crispin Cowan, et al.
Oct 6
Tools for finding bugs ( slides )
White box fuzzing, by P. Godefroid et al. (Optional)
How hackers look for bugs by Dave Aitel (Optional)
Real world fuzzing, by Charlie Miller (Optional)
Oct 8
Program verification and other vulnerabilities ( slides , notes 1, notes 2 )
Finding User/Kernel Pointer Bugs With Type Inference (Section 2, Optional)
Oct 13
Case Study: Breaking Vista's exploitation mitigation mechanisms (Alexander Sotirov) ( slides )
Bypassing browser memory protections in Windows Vista (Optional)
Oct 15
Midterm Review (I) ( slides )
Oct 20
Midterm Review (II) ( slides )

Oct 22

Part 3: OS Security
Oct 27 Principles in OS Security; Mechanisms for confining bad code (I): privilege separation ( slides )

Preventing privilege escalation, Provos et al. 2003
Privtrans: Automatic Privilege Separation, Brumley and Song 2004 (Optional)
The Protection of Information in Computer Systems J.H. Saltzer and M.D. Schroeder (Optional)
Oct 29 Mechanisms for confining bad code (II): isolation and sandboxing ( slides )
A note on the confinement problem, Butler Lampson
Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools, T. Garfinkel (Optional)
Nov 3
Mechanisms for confining bad code (III): SFI and Virtualization ( slides )

Efficient Software-Based Fault Isolation, Robert Wahbe, et al.
Nov 5
Trusted Computing ( slides )

Experimenting with TCG Hardware, Marchesini, et al.
TCG Specification Architecture Overview
A Virtual Machine-Based Platform for Trusted Computing, Garfinkel et al.
Part 4: Web Security
Nov 10
Secure web site design (SQL injection, XSS, etc.) ( slides )

Cross site scripting explained, Amit Klein
SQL Injection attacks, Chris Anley
Robust Defenses for Cross-Site Request Forgery (Optional)
Nov 12
Browser Security ( slides )
Secure Frame Communications in Browsers
Why Phishing Works
Part 5: Network security
Nov 17
Security problems in network protocols: TCP/IP, DDoS Attacks ( slides )
A look back at Security Problems in the TCP/IP Protocol Suite, S. Bellovin, ACSAC 2004.
Inferring Internet Denial-of-Service Activity (Optional)
A detailed DDoS extortion story
Nov 19 Network worms and bot-nets: attacks and defenses ( slides )
Inside the slammer worm, S. Savage
Characterizing the Remote Control Behavior of Bots , E. Stinson and J.C. Mitchell (Optional)
Nov 24
DNS, BGP Security (Nick Weaver) ( slides )

Nov 26
Network defense tools: Firewalls and Intrusion Detection ( slides )
Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection, T. Ptacek
Bro: A System for Detecting Network Intruders in Real-Time, V. Paxon (Optional)
Linux Firewall - the Traffic Shaper , J. Wortelboer and J. Van Oorschot (Optional)
Dec 1
Privacy and Anonymity ( slides )
Dec 3 Final review ( slides )
Dec 8 How Real-world Systems Fail (iSecPartners)
Dec 10 In-class Exam