CE 40-441: Data & Network Security

Saturday/Monday 1330-1500
Room: VClass

Office Hours:      Email me for a time slot
TAs:                    Mohammad Haddadian
                            Sara Asgari

Quick Links:   Description   Acknowledgment   Policies   Announcements   Homeworks   CourseMaterial

Description:

This is an introductory course to computer security. This course is primarily based on the Computer Security course taught by Dan Boneh at Stanford University.

Prerequisites: 40-443 Computer Networks

Acknowledgment:

This course is primarily based on the Computer Security course taught by Dan Boneh at Stanford University.

Policies:

Grading policy is as follows. This is tentative.
- 40% Homeworks
- 10% Parcham (Level 1 questions)
- 20% to 10% Parcham (Level 2 questions), this would be based on dynamic grading
- 10% Select CTFs
- 30% Final
There will be no exceptions to the following rules:
- If you turn in your assignments one day late you will loose 25% of the grade, two days will cost you 50% and three days 75% of the grade. No submissions will be accepted after the third day. Penlaty may be calculted continusly and per hour of delay.
- There will be a zero tolerance policy for cheating/copying HWs. The first time you are caught, you will receive a zero for the task at hand. If you are caught for a second time, you will fail the course. Providing your assignment to someone else is considered cheating on your behalf.
- Each of you has a 3 day extension you could use over the individual assignments. The minimum you could use at each instance is a 1 day extension. So you can not extend HW1 by 12 hours and then HW2 by 60 hours. You could use the 3 days with one HW, or 1 day for each HW, or 2 days for HW1 and 1 day for HW2, or 1 day for HW1 and 2 days for HW2, or ... (I hope you get the idea!)
- The 3 day extension will be applied to HW deadlines and what ever remains could be carried over to next HW deadline and so on. The 3 day extension can not be applied to the Parcham challenges.
- There is a good probability that things go south (i.e. you get sick, network fails, your computer crashes, there is a bug in the HW, server fails, etc.) as the deadline approaches. Such issues will not result in an extension to the deadline. So keep that in mind and plan for Murphy's law in advance, don't leave things for the last minute.
- There will be a zero tolerance policy for any misuse of the course infrastructure (i.e. Judge, Tarasht, etc.), regardless of the intent
- If any of the class policies are unclear, they should be brought up and discussed in the first week of the semester at hand.

Announcements:

Homeworks:

HW 1: [PDF], Available: 1400/7/6, Deadline -> Part 1&2: 1400/7/23, 11:59PM, Part 3: 1400/8/1, 11:59PM.
HW 2: [PDF], Available: 1400/8/8, Deadline: 1400/8/27, 11:59PM.
HW 3: [PDF], Available: 1400/9/8 , Deadline: 1400/9/22 , 11:59PM.
Parcham 0 (Intro): Available [PDF] [File] Available: 1400/6/27, Deadline: 1400/7/10.
Parcham 1(Exploit) -> Available: [PDF] 1400/7/15, Deadline: 1400/7/29.
Parcham 2 (Web) -> Available: [PDF] 1400/8/14, Deadline: 1400/9/1.
Parcham 3 (Crypto) -> Available: [PDF] 1400/9/5, Deadline: 1400/9/14.
Parcham 4 (Forensics,Android or Misc.) -> Available: [PDF] 1400/9/20, Deadline: 1400/9/30.

Course Material:

This is a tentative class schedule

-6/27

Lecture 0-Pre-Intro! [PDF]

-6/29

Lecture 1- Introduction [PDF] [Video-Fall 1399]
- Reflections on Trusting Trust, Ken Thompson, Turing Award Lecture ,1984
- Measuring Pay-per-Install: The Commoditization of Malware Distribution, J. Caballero, C. Grier, C. Kreibich, V. Paxson, 2011

-7/3

Lecture 2- Control hijacking attacks: exploits [PDF] - Supplement Slides [PDF]
- Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade, Cowan, C., Wagle, F., Pu, C., Beattie, S., & Walpole, J., 2000
- Basic Integer Overflows, blexim, 2002
- Bypassing Browser Memory Protections, A. Sotirov,2008
- Exploiting CVE-2014-0282, Katy Winterborn, NCC Group, 2015

-7/10

Lecture 3- Control hijacking attacks: defenses [PDF]

-7/12

Lecture 3- Control hijacking attacks: exploits and defenses (con't)

-7/17

Lecture 4- Principle of least privilege, access control, and operating systems security [PDF]
- SetUID Demystified, Chen, Dean, and Wagner, 2002.
- Operating Systems Security, T. Jaegeri, 2008. Chapter 4, Security in Ordinary Operating Systems.

-7/19

Lecture 5- Isolation and Sandboxing [PDF]
- Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools, T. Garfinkel, 2003
- Efficient Software-Based Fault Isolation, Robert Wahbe, et al., 1993

-7/24

Lecture 6- Testing for vulnerabilities using fuzzing, static, and dynamic analysis [PDF]
- How hackers look for bugs, Dave Aitel
- An example: Exploiting Broadcom’s Wi-Fi Stack, by Gal Beniamini, Google project zero.
- Real world fuzzing, Charlie Miller, 2007
- Effective Bug Discoveryy, vf, 2006
- Using Programmer-Written Compiler Extensions to Catch Security Holes (Sections 1-2), Ashcraft and Engler
- Vulnerability Factors in New Web Applications, Bau, Wang, Bursztein, Mutchler and Mitchell

-7/26

Lecture 6- Testing for vulnerabilities (con't)

-8/1

Lecture 7- Basic web security model [PDF]
- Securing Browser Frame Communication, Adam Barth, Collin Jackson, and John C. Mitchell, 2008
- The Security Architecture of the Chromium Browser, Adam Barth, Collin Jackson, Charles Reis, and the Google Chrome Team, 2008
- Analyzing and Defending Against Web-based Malware, J. Chang et al.
- Exposing private information by timing web applicationsi, A. Bortz, D. Boneh, and P. Nandy, 2007
- Web workers
- Content Security Policies
- Sandboxed iFrames
- cors

-8/3

Lecture 8- Web application security [PDF]
- Cross site scripting explained, Amit Klein, 2002
- SQL Injection attacks, Chris Anley, 2002
- Robust Defenses for Cross-Site Request Forgery, Adam Barth, Collin Jackson, and John C. Mitchell, 2008

-8/8

Lecture 8- Web application security (continued)

-9/1

Lecture 12- Internet protocol Security (Continued)

-9/6

Lecture 13- Internet Protocol Security Contd. and DDoS [PDF]
- A Security Evaluation of DNSSEC with NSEC3, J. Bau and J.C. Mitchell, 2010
- How DNSSEC Works, cloudflare
- Distributed Firewalls, S. Bellovin, 1999
- Bro: A System for Detecting Network Intruders in Real-Time, V. Paxon, 1998

-9/13

Lecture 14- Unwanted traffic: denial of service attacks [PDF]
- DDoS amplification attack statistics, 2017
- The real cause of large DDoS - IP Spoofing, Marek Majkowski, 2018.
- Details of a recent large-scale DDoS event , 2013
- Practical network support for IP Traceback, S. Savage, et al., 2000
- A DoS-Limiting Network Architecture, Yang, Wetherall, and Anderson, 2005

-9/15

Lecture 14- Unwanted traffic: denial of service attacks (continued)

-9/20

Lecture 15- Android and iOS: mobile platform security architecture [PDF]
- Understanding Android Security, Enck, Ongtang, and McDaniel, 2009 (Security Enforcement section)
- TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, Enck et al., 2014
- iOS Security, iOS 10
- How to fake a fingerprint and break into a phone

-9/22

Lecture 16- Android Security: Taming the complex ecosystem [PDF]
- Understanding Android Security, Enck, Ongtang, and McDaniel, 2009 (Security Enforcement section)
- The Android Platform Security Model, 2019
- A Large-Scale Study of Mobile Web App Security, P. Mutchler, A. Doupe, J. Mitchell, C. Kruegel, and G. Vigna., 2015

-9/27

Lecture 16- Android Security: Taming the complex ecosystem (continued)

-9/29

Lecture 17- Trusted Computing and SGX [PDF]
- Introduction to the TPM, Allan Tomlinson, Smart Cards, Tokens, Security and Applications, 2008
- Shielding Applications from an Untrusted Cloud with Haven, Andrew Baumann, Marcus Peinado, and Galen Hunt, OSDI 2014