This page is organized by the weeks of the quarter in which lectures were given. The weeks are in inverse order, on the assumption you will most often be looking for the most recent week.
This class will be taught by Peter Reiher. The textbook is Computer Security: Art and Science, by Matt Bishop. Assigned readings are from this book, unless otherwise indicated. Dr. Bishop has also published a second textbook that contains selected sections of this book, with a similar title. I can't guarantee that all material assigned will actually be in this other book, and it will definitely be at different pages if it's there at all.
I will be lecturing on these subjects during the class.
The TA for the course is David Jurgens -- jurgens@cs.ucla.edu. The labs for this course will consist of 5 hands-on, practical and exploratory projects covering security-related topics, plus a small introduction to the lab software. Office hour and discussion section information, the lab manual and all necessary materials for the labs are located here.
Textbook: Chapter 21 (pages 571 -608)
Textbook: Chapter 19 (pages 497-542)
No readings assigned for Tuesday.
Textbook: Chapter 22 (pages 613-641)
Textbook: Chapter 25 (pages 723-767)
Web link (not required reading):
SANS' frequently asked question page on intrusion detection contains and links to a lot of useful information, without trying to sell you on a particular product.
Our TA, David Jurgens, will hand back the graded midterms at the Friday discussion secton this week.
No new assigned readings for today.
The home page for the Honeynet project. You are not required to read or investigate this page, but if you find the concept of honeypots and honeynets particularly interesting, this is a good place to learn more.
Textbook: Chapter 26 (pages 773-799)
Textbook: Chapter 26 (pages 773-799)
Web links:
SYN Cookies, D. J. Bernstein. A good explanation of the details of SYN cookies to handle TCP SYN floods.
Midterm today.
No readings assigned for Tuesday.
NOTE: THE MIDTERM WAS ORIGINALLY SCHEDULED FOR TODAY. AS DISCUSSED IN CLASS, IT WILL BE ON TUESDAY, MAY 5, INSTEAD.
I went over the Neuman-Stubblebine protocol on slides in class, even though these weren't on the original version of lecture 10 that I posted. I will not have questions on the Neuman-Stubblebine protocol on the midterm, but I have posted an updated version of lecture 10 that includes the five slides on this protocol.
Textbook: Chapter 10, sections 10.1-10.2 (pages 245-252).
Textbook: Chapter 17, sections 17.1-17.3 and 17.3.3 (pages 439-448 and pages 467-470). You don't need to read sections 17.3.1 or 17.3.2, which give a more formal and detailed approach to covert channels than required for this class.
No new readings are assigned for this class.
Textbook: Chapter 12 (pages 309-335)
Web links:
A discussion on choosing secure passwords.
A short essay on the limits of using biometrics by Bruce Schneier. This essay is embedded in a longer newsletter. You need only read the section titled "Biometrics in Airports".
I. Dubrawsky, Cryptographic Filesystems, Part One: Design and Implementation,. A short web article describing basic approaches to cryptographic file systems and outlining the designs of a few well known examples.
Textbook: Chapter 10, sections 10.1, 10.3, 10.4, and 10.5 (pages 245-246, 252-266)
Textbook: Chapter 9, sections 9.2.2.2-9.7 (pages 227-241)
Textbook: Introduction to Section IV and Chapter 9, sections 9.1-9.2.2.1 (pages 215-227).
We fell behind a little on last week's reading. This first set of assignments relates to security policies.
Textbook: Chapter 4, Sections 4.1-4.6 (pages 95-114), Sections 5.1-5.2.2 (pages 123-132), Sections 6.1-6.2 (pages 151-155), Sections 7.1 (pages 169-177)
This set relates to access control, the topic for Tuesday's class.
Textbook: Chapter 2 (pages 31-44) and Chapter 15 (pages 381-396).
Textbook: Chapter 1 (pages 1-25)
Discretionary reading:
Web links:
Improving the Security of Networked Systems, Julia Allen, Christopher Alberts, Sandi Behrens, Barbara Laswell, and William Wilson.
Why Computers Are Insecure, Bruce Schneier. (The link leads to an entire web page on various security subjects. Read it all, if you want, but the assignment is only this essay, which is around a page and a half.)
Social Engineering Fundamentals, Part I: Hacker Tactics Sarah Granger.