This page is organized by the weeks of the quarter in which lectures were given. The weeks are in inverse order, on the assumption you will most often be looking for the most recent week.
This class will be taught by Peter Reiher. The textbook is Computer Security: Art and Science, by Matt Bishop. Assigned readings are from this book, unless otherwise indicated. Dr. Bishop has also published a second textbook that contains selected sections of this book, with a similar title. I can't guarantee that all material assigned will actually be in this other book, and it will definitely be at different pages if it's there at all.
The TA for the course is Peter Peterson -- pahp@cs.ucla.edu. The labs for this course will consist of 5 hands-on, practical and exploratory projects covering security-related topics, plus a small introduction to the lab software. Office hour and discussion section information, the lab manual and all necessary materials for the labs are located here.
Observations from the DNSSEC Deployment, E. Osterweil, D. Massey, and L. Zhang, 3d IEEE Workshop on Secure Network Protocols, 2007. A good, short description of DNSSEC and interesting information about its degree of deployment.
Secure Border Gateway Protocol (Secure BGP),, Stephen Kent, Charles Lynn, Karen Seo, IEEE Journal on Selected Areas in Communication, Vol. 18, No. 4, April 2000. The original paper proposing Secure-BGP.
Tor: The Second-Generation Onion Router, R. Dingledine, N. Mathewson, and Paul Syverson, Usenix Security Symposium, 2004. Tor is an improved version of onion routing that improves the security, privacy, and performance of the original onion routing mechanisms.
SQLrand: Preventing SQL Injection Attacks, Stephen Boyd and Angelos Keromytis, 2nd Applied Cryptography and Network Security (ACNS) Conference, 2004. A paper on handling SQL injection attacks on web servers.
Slides:
Papers:
Lessons Learned in Implementing and Deploying Crypto Software, Peter Gutmann, Usenix Security Symposium, 2002. Practical examples of the problems of using good crypto in real programs.
A Framework for a Collaborative DDoS Defense,, George Oikonomou, Peter Reiher, Max Robinson, and Jelena Mirkovic, ACSAC 2006. The basic DefCOM paper.
SOS: An Architecture for Mitigating DDoS Attacks, Angelos Keromytis, Vishal. Misra, and Dan Rubenstein, IEEE JSAC, vol. 22, no. 1, January 2004.
SAVE: Source Address Validity Enforcement, Jun Li, Jelena Mirkovic, Mengqiu Wang, Peter Reiher, and Lixia Zhang, Infocom 2002. This paper describes a protocol that allows routers to determine the proper incoming interfaces for different addresses, in full deployment.
Slides:
Textbook: Chapter 22 (pages 613-641)
Papers:
Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event, Abhishek Kumar, Vern Paxson, and Nicholas Weaver,Internet Measurement Conference, November 2005. A whole lot cooler than its title might lead you to believe.
How to 0wn the Internet in Your Spare Time, Stuart Staniford, Vern Paxson, Nicholas Weaver, 11th Usenix Security Symposium, August 2002. A classic analysis of how fast worms can move in the Internet.
Web links:
The Internet Worm Program: An Analysis A technical report by Eugene Spafford, 1988.
Slides:
Lecture 14. This powerpoint file covers both 14A and 14B.
Lecture 15. This powerpoint file covers both 15A and 15B.
Textbook: Chapter 25 (pages 723-767)
Web links:
Efficient Intrusion Detection Using Automaton Inlining, Rajeev Gopalakrishna. Eugene H. Spafford. Jan Vitek, IEEE Symposium on Security and Privacy, May 2005.
SANS' frequently asked question page on intrusion detection contains and links to a lot of useful information, without trying to sell you on a particular product.
Slides:
Lecture 12, Part 1. This powerpoint file covers both 12A and 12B.
Lecture 12, Part 2. This powerpoint file only covers 12C.
Textbook: Chapter 10, sections 10.1-10.2 (pages 245-251)
Textbook: Chapter 26 (pages 773-799)
Web links:
RFC 2267: Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing, P. Ferguson and D. Senie, January 1998. One of two RFCs that define ingress filtering. The other one defines it in the opposite manner.
SYN Cookies, D. J. Bernstein. A good explanation of the details of SYN cookies to handle TCP SYN floods.
Slides:
Here is a sample midterm. This midterm is similar in style, but totally different in content, to the one you will take later this week.
The midterm is open-book, open-notes, so come prepared with any material you might need. It is a two hour test. Peter Peterson, our TA, will proctor the test and be there to answer any questions.
Textbook: Chapter 18, pages 477-494.
Textbook: Chapter 21, pages 571-607.
Web links:
Trusted Computing: Promise and Risk,Seth Schoen, Electronic Frontier Foundation.
I. Dubrawsky, Cryptographic Filesystems, Part One: Design and Implementation,. A short web article describing basic approaches to cryptographic file systems and outlining the designs of a few well known examples.
M. Corner and Brian Noble, Zero-Interaction Authentication,, Mobicom 2002. An interesting use of a cryptographic file system for mobile computing.
A short, informal performance comparison of some full-disk encryption products available about a year ago. While slightly outdated, this can give you some idea of the price/performance of the technology. I'm not going to test you on it, but this Seagate web page is worth looking at to get an idea of the commercially available hardware for full disk encryption.
Slides:
Some of this stuff should have been assigned last week. Better late than never, but sorry for the delay.
Textbook: Chapter 9, sections 9.2.2.2-9.7 (pages 227-241)
Textbook: Chapter 11, sections 11.1-11.2 (pages 275-283)
Textbook: Chapter 10, sections 10.3-10.9 (pages 252-272)
Textbook: Chapter 12 (pages 309-335)
Web links:
Bruce Schneier's informal analysis of the meaning of the attack on SHA-1. You only need to read the article itself, not the lengthy sets of comments and responses that follow it. If you'd like to develop a deeper understanding of the issues involved in secure hashes related to collisions, the topic is discussed at length in these comments, but you aren't required to read them.
Bruce Schneier's informal analysis of the meaning of the attack on SHA-1. You only need to read the article itself, not the lengthy sets of comments and responses that follow it. If you'd like to develop a deeper understanding of the issues involved in secure hashes related to collisions, the topic is discussed at length in these comments, but you aren't required to read them.
A discussion on choosing secure passwords.
A short essay on the limits of using biometrics by Bruce Schneier. This essay is embedded in a longer newsletter. You need only read the section titled "Biometrics in Airports".
Tsutomu Matsumoto, Hiroyuki Matsumoto, Koji Yamada, Satoshi Hoshino, "Impact of Artificial "Gummy" Fingers on Fingerprint Systems.", Proceedings of SPIE Vol. 4677, January 2002. A reality check on the promise of a particular biometric.
The following link is not required reading and will not be tested, but is interested and recommended for any of you who find the idea of key escrow of interest.
Slides:
Textbook: Introduction to Section IV and Chapter 9, sections 9.1-9.2.2.1 (pages 215-227)
Web link:
Overview of Differential Power Analysis, Paul Kocher, Joshua Jaffe, and Benjamin Jun. A short overview of one type of side-band technique that can be used to break cryptography on a smart card.
Slides:
Textbook: Chapter 4 (pages 95-120), Sections 5.1-5.2.2 (pages 123-132), Sections 6.1-6.2 (pages 151-155), Sections 7.1 (pages 169-177) (We'll get back to chapters 2 and 3 later.)
Textbook: Chapter 2 (pages 31-44) and Chapter 15 (pages 381-396).
Slides:
Textbook: Chapter 1 (pages 1-25)
Web links:
Improving the Security of Networked Systems, Julia Allen, Christopher Alberts, Sandi Behrens, Barbara Laswell, and William Wilson.
Why Computers Are Insecure, Bruce Schneier. (The link leads to an entire web page on various security subjects. Read it all, if you want, but the assignment is only this essay, which is around a page and a half.)
Social Engineering Fundamentals, Part I: Hacker Tactics Sarah Granger.
Slides: