CS 5950/6030: Computer Security and
Information Assurance - Spring 2006
Slides and Announcements
Department of
Computer Science
© 2006 by
Leszek T. Lilien
Class
Web Pages:
http://www.cs.wmich.edu/~llilien/teaching/spring2006/cs5950-6030/index.html
Detailed Syllabus:
http://www.cs.wmich.edu/~llilien/teaching/spring2006/cs5950-6030/syllabus.html
Class slides and announcements (this page):
http://www.cs.wmich.edu/~llilien/teaching/spring2006/cs5950-6030/slides.html
1/9/06:
Warning!
When you log into your
new WMU CS Network account for the first
time, the system should tell you:
Last login: never
If you get a message
showing a specific date of last login
(rather than “never”), this indicates that somebody might have hijacked your
account. Please report this to Mr. John
Horton (C-218, phone: 276-3106) and obtain a “clean” WMU CS Network account.
Class Slides :
Section 0: Course Introduction
0.1.
Course Overview: Syllabus / Course Information
0.2.
Survey of Students’ Background & Experience
Section 1:
Introduction to Security
1.1.
Examples – Security in Practice
1.2.
What is „Security?”
1.3.
Pillars of Security: Confidentiality, Integrity, Availability (CIA)
1.4.
Vulnerabilities, Threats, and Controls
--- Class 1 (M, 1/9) stopped on Slide 38: “D) Vulnerab./Threats at
Other Exposure Points” ---
1.5.
Attackers
1.6.
How to React to an Exploit?
1.7.
Methods of Defense
1.8.
Principles of Computer Security
Section
2/1: Introduction to Cryptology - Part 1
2A.
Terminology and Background
2A.1. Threats to Messages
2A.2. Basic
Terminology and Notation
--- Class 2 (W, 1/11) stopped on Slide 15: “Cryptanalysis (2)” ---
--- No class on M, 1/16 – MLK Day ---
Lab and Project Information – Part
1 (incl. Projects 1 and 2) (discussed in class on W, 1/18)
2A.3. Requirements
for Crypto Protocols
2A.4. Representing
Characters
2B. Basic Types of Ciphers
2B.1. Substitution
Ciphers
a.
The Ceasar Cipher
--- Class 3 (W, 1/18) stopped on Slide 30: “Caesar’s Problem” ---
b.
Other Substitution Ciphers
c. One-Time
Pads
2B.2. Transposition
Ciphers
--- Class 4 (M, 1/23) stopped on Slide 48: “Example: Step 2” ---
2B.3. Product
Ciphers
2C. Making „Good” Ciphers
2C.1. Criteria for
„Good” Ciphers
2C.2. Stream and
Block Ciphers
2C.3. Cryptanalysis
2C.4. Symmetric and
Asymm. Cryptosystems
--- Class 5 (W, 1/25) stopped on Slide 75: “Symm. and Asymm.
Cryptosystems (4)” ---
2D. The DES (Data Encryption
Standard) Algorithm
2D.1. Background and
History of DES
2D.2. Overview of
DES
2D.3. Double and Triple
DES
2D.4. Security of
DES
2E.
The Clipper Story
2F. AES (Advanced Encryption
Standard)
2F.1. The AES
Contest
2F.2. Overview of
Rijndael
2F.3. Strength of
AES
2F.4. Comparison of
DES and AES
Section
2/2: Introduction to Cryptology - Part 2
2G.
Public Key Encryption (PKE)
2G.1. Motivation for PKE
2G.2. Characteristics of PKE
--- Class 6 (M, 1/30) stopped on Slide 10: “Characteristics of PKE (2)”
---
2G.3. RSA (Rivest-Shamir-Adelman)
Encryption
2H. The Uses of Encryption
2H.1. Cryptographic Hash Functions
2H.2. Key Exchange
2H.3. Digital Signatures
a.
Problem Definition
--- Class 7 (W, 2/1) stopped on Slide 34: “Digital Signatures (2)” ---
Lab and Project Information –
Part 2 (Project 3 Topics) (discussed in class on M, 2/6)
b.
Properties of Electronic Signatures
c.
Using PKE for Digital Signatures
d.
Using Hash Fcns for Digital Signatures
2H.4.
Certificates
a.
Introduction
--- Class 8 (M, 2/6) stopped on Slide 45: “Certificates
(4)—Introduction (3)” ---
b.
Trust Through a Common Respected Individual
c.
Certificates for Identity Authentication
d.
Trust Without a Single Hierarchy
3.1.
Secure Programs – Defining & Testing
a.
Introduction
--- Class 9 (W, 2/8) stopped on Slide 9: “Introduction (2)” ---
b.
Judging S/w Security by Fixing Faults
c.
Judging S/w Security by Testing Pgm Behavior
d.
Judging S/w Security by Pgm Security Analysis
e.
Types of Pgm Flaws
3.2.
Nonmalicious Program Errors
a.
Buffer overflows
b.
Incomplete mediation
c.
Time-of-check to time-of-use errors
d.Combinations
of nonmalicious program flaws
3.3.
Malicious Code
3.3.1.
General-Purpose Malicious Code incl. Viruses
a.
Introduction
b.
Kinds of Malicious Code
c.
How Viruses Work
d.
Virus Signatures
--- Class 10 (M, 2/13) stopped on Slide 46: “Virus Signatures (1)” ---
e.
Preventing Virus Infections
f. Seven Truths About Viruses
g.
Case Studies
h.
Virus Removal and System Recovery After Infection
3.3.2. Targeted Malicious Code
a.
Trapdoors
b.
Salami attack
c.
Covert channels
--- Class 11 (W, 2/15) stopped on Slide 73: “v. Identifying Potential
Covert Channels (1)” ---
3.4.
Controls for Security
a.
Introduction
b.
Developmental controls for security
c.
Operating System controls for security
d.
Administratrive controls for security
e.
Conclusions
Section 4: Protection in General-Purpose
Operating Systems
4.1.
Protected Objects, Methods, and Levels of Protection
a. History of protection in OSs
b. Protected objects in OSs
c. Security methods in OSs
d. Levels of protection in
--- Class 12 (M, 2/20) stopped on Slide 13: “Levels of protection in
e. Three dimensions of protection in
f. Granularity of data protection
Midterm Exam Topics (Midterm
scheduled for W, 3/8)
Links to example midterm exams (from Fall’05): version1 and version2
(for even/odd seats, respectively)
Note: For Spring’06, the topics required for
the Midterm stop at Section 4.1.f (above).
4.2. Memory and Address
Protection
a. Fence
b. Relocation
c. Base/Bounds Registers
d. Tagged Architecture
e. Segmentation
f. Paging
g. Combined Paging with
Segmentation
4.3.
Control of Access to General Objects
a. Introduction to access control for general objects
b. Directory-like mechanism for access control
c. Acces control lists
d. Access control matrices
e. Capabilities for access
control
f. Procedure-oriented access
control
g. Conclusions
4.4. File
Protection Mechanisms
--- Class 13 (W, 2/22) stopped on Slide 44: “4.4. File Protection
Mechanisms” ---
--- No classes on M, 2/27 and W, 3/1 (Spring break) ---
a. Basic forms of protection
b. Single file permissions
c. Per-object and per-user protection
4.5. User Authentication
a. Introduction
b. Use of passwords
c. Attacks on passwords
i.
Try all
possible pwds (exhaustive, brute force attack)
ii. Try many probable pwds
iii. Try likely pwds
iv. Search system list of pwds
--- Class 14 (M, 3/6) stopped on Slide 79: “Search system list of pwds
(9)” ---
v. Exploiting indiscreet users (social engg)
d. Password selection
criteria
e. One-time passwords (challenge-response systems)
Midterm AND very short lecture
--- Class 15 (W, 3/8) stopped on Slide 98: “OPTIONAL – One-time
passwords (12)” ---
Links to our midterm exam “master” copies: master-version1 and master-version2 .
f. The authentication
process
g. Authentication other than
passwords
h. Conclusions
4.6. Summary
--- Class 16 (M, 3/13) stopped on Slide 103: “h. Conclusions” ---
Section 7/1: Security in Networks - Part 1
7.1. Network Concepts
a)
Introduction
b)
The network
c)
Media
d) Protocols (incl. OSI and TP/ICP)
e) Types of networks
f)
Topologies
g) Distributed systems
h) APIs
i)
Advantages of
computing networks
7.2. Threats in Networks
a)
Introduction
b)
Network vulnerabilities
c)
Who attacks networks?
d)
Threat precursors
d-1) Port scan
d-2) Social engineering
d-3) Reconnaissance
d-4) OS and application fingerprinting
d-5) Using bulletin boards and chats
d-6) Getting available documentation
e) Threats in transit: eavesdropping and wiretapping
--- Class 17—Ms. Zille Huma Kamal (W, 3/15) stopped on Slide 59:
“Threats in transit: eavesdropping and wiretapping (5)” ---
--- No class on M, 3/20
f)
Protocol flaws
g)
Types of attacks
g-1) Impersonation
g-2) Spoofing
g-3) Message
confidentiality threats
g-4) Message integrity
threats
g-5) Web site attacks
--- Class 18 (W, 3/22) stopped on Slide 81: “Web site attacks (5)” ---
g-6) Denial of service
g-7) Distributed denial of service
g-8) Threats to active or mobile code
--- Class 19 (M, 3/27) stopped on Slide 108: “Threats to active or
mobile code (14)” ---
g-9) Scripted and complex attacks
h) Summary of
network vulnerabilities
Section 7/2: Security in Networks - Part 2
7.3. Network Security Controls
a)
Introduction
b) Security threat analysis
c) Impact of network architecture/design and
implementation on security
1)
Segmentation
2)
Redundancy
--- Class 20 (W, 3/29) stopped on Slide 14: “Impact of network
architecture/design & implement. on security (4)” ---
3)
Single points of
failure
4) Other means
d) Encryption
1) Link encryption vs. end-to-end (e2e) encryption
2)
Virtual private network (VPN)
3) PKI and certificates
4) SSH protocol
5)
SSL protocol (a.k.a. TLS protocol)
6) IPsec protocol suite
7) Signed code
8)
Encrypted e-mail
e)
Message content integrity controls
1)
Error correcting codes
2)
Cryptographic checksum
f)
Strong authentication
1)
One-time passwords
2)
Challenge-response systems
3)
Digital distributed authentication
4) Kerberos authentication
system
--- Class 21 (M, 4/3) stopped on Slide 59: “Kerberos authentication
system (3)” ---
g) Access controls
1)
ACLs on routers
2)
Firewalls
h) Intrusion detection systems: alarms and alerts
i)
Honeypots
j)
Traffic flow security
k) Review of network
security controls
7.4. Network Security Tools
7.4.1.
Firewalls
a)
Introduction
b)
What is a firewall
c)
Firewall design
d) Types of firewalls
--- Class 22 (W, 4/5) stopped on Slide 86: “--[OPT.]-- Types of
firewalls (3)” ---
i. Packet filters
(i-1) Simple packet
filters
(i-2) Stateful
packet filters
ii. Application proxies
(ii-1)
Guards (“top model” subcategory)
iii.
Personal
firewalls
e)
Comparison of firewall types
f)
Example firewall configurations
g) What firewalls can—and can’t—block
7.4.2.
Intrusion Detection Systems (IDSs)
a)
Introduction
b)
Types of IDSs
i.
Signature-based IDSs
ii.
Anomaly-based IDSs
iii.
Other IDSs
c)
Goals for IDSs
d)
IDS strengths and limitations
7.4.3.
Secure E-Mail
a)
Introduction
b)
Introduction
c)
Security for e-mail
d) Design of PEM (Privacy-enhanced Electronic Mail)
e)
Example secure e-mail systems
i.
PGP
ii.
S/MIME
--- Class 23 (M, 4/10) stopped at the end of Section 7 ---
*** UPDATED *** Section 6: Database Security
6.1.
Introduction - a database (DB) refresher
–
6.2.
Security Requirements
a) Physical database integrity requirements
b) Logical database integrity requirements
c) Element integrity requirements
d) Auditability requirements
e) Access control requirements
f) User authentication requirements
g) Availability requirements
6.3.
Reliability and Integrity
6.4.
Sensitive Data
6.5.
Inference (Inference Problems)
Direct attacks / Indirect attacks
Inferences in statistical DBs (incl. small/large query
set attacks, tracker attacks, query overlap attacks, insertion/deletion
attacks)
Inferences in general-purpose DBs (incl. inferences
via queries based on sensitive data, inferences via DB constraints, inferences
via updates)
6.6.
Multilevel Databases
(incl.
Polyinstantiation)
6.7.
Proposals for Multilevel Security
--- Class 24 (W, 4/12) stopped at the end of Section 6 ---
*** UPDATED *** Section 9: Legal, Privacy, and Ethical
Issues in Computer Security
9.1.
Basic Legal Issues
a) Protecting Programs and Data
b) Information and the Law
c) Ownership Rights of Employees and Employers
d) Software Failures (and Customers)
9.2. Computer Crime
9.3. Privacy
9.4. Ethics
a) Introduction to Ethics
b) Case Studies of Ethics
c) Codes of Professional Ethics
Project presentations (see Lab and Project Information – Part 3
above for more details)
Part 1) M, 4/17/06: Presentations
by Groups P1, P3, P5, P8
--- Class 25 (M, 4/17) stopped at the end of Section 9, and after
project presentation by group P8 ---
Final Exam Topics (Final Exam
scheduled for 7:15 PM on Monday, 3/24)
Links to example final exams (from Fall’05): version1 and version2
(for even/odd seats, respectively)
Note: For
Spring’06, the topics required for the Final Exam start at Section 4.2 (Memory and Address Protection).
Fall 2006 — CS 6910: Advanced Computer and
Information Security
I will teach this advanced course for graduate students only. I
invite you and your friends (I hope you can tell them!) to take it.
Day and time: Tuesdays and Thursdays, 6:00 - 7:15 PM
The prerequisite will
be CS 5950/6030: Network Security or CS 5950/6030: Computer Security
and Information Assurance.
The course will be
research-oriented, with both
“more theoretical” and “more practical” research projects in the areas of
computer privacy and security. Topics will be proposed by me, or proposed by
students and accepted by me.
I will introduce
selected
areas of advanced research in computer privacy and security, the ones which
are of most interesting to me. Examples include:
·
Privacy-preserving
data dissemination
·
Trust
in open computing environments, incl. using trust for authorization.
·
Privacy
and security in pervasive systems, including opportunistic networks and other ad hoc networks, as well as
embedded networks and sensor networks.
·
Authentication
and privacy, with emphasis on authentication in healthcare systems
·
Project Authentic: Authentication Attacks
and Controls.
·
Analysis
of computer privacy and security paradigms and development of new ones
·
Modeling
computer fraud and investigating types of fraudulent user behaviors
·
Vulnerability
analysis and threat assessment/avoidance in computer systems, esp. in database
systems
Requirements for students
include:
·
Read and present in class the research papers selected
by me, or selected by students and accepted by me. Research areas represented
by the papers will be (mostly) from the “selected areas” listed above.
·
Work on own research projects, either individual or group
ones. Projects will mostly belong to the “selected areas” listed above. They
will be developed under my close supervision, including regular weekly
meetings.
·
Present the project in class (hopefully at least one
presentation, lasting at least 30 min. + 5 min Q&A period).
· Write a research paper summarizing the project work. The goal is to produce papers of the quality sufficient for submission to research conferences.
We will probably have no exams, or only take-home
exams.
Part 2) W, 4/19/05: Presentations
by Groups P4, P6,
P7, P9, P12