This page is organized by the weeks of the quarter in which lectures were given and papers assigned. The weeks are in inverse order, on the assumption you will most often be looking for the most recent week.
This class will be taught by Peter Reiher The textbook is Computer Security: Art and Science, by Matt Bishop. Assigned readings are from this book, unless otherwise indicated. Dr. Bishop has also published a second textbook that contains selected sections of this book, with a similar title. I can't guarantee that all material assigned will actually be in this other book, and it will definitely be at different pages if it's there at all.
I will be lecturing on these subjects during the class. Since I'm choosing them as we go along, the research papers I am assigning are not listed here, but are listed below with the lecture slides.
Wednesday, March 15
Textbook: Chapter 22 (Pages 613-642)
Papers:
Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event, Abhishek Kumar, Vern Paxson, and Nicholas Weaver,Internet Measurement Conference, November 2005. A whole lot cooler than its title might lead you to believe.
How to 0wn the Internet in Your Spare Time, Stuart Staniford, Vern Paxson, Nicholas Weaver, 11th Usenix Security Symposium, August 2002.
Web links:
The Internet Worm Program: An Analysis A technical report by Eugene Spafford, 1988.
Monday, March 13
There are no new slides or readings for today, since I will be catching up on the intrusion detection lecture I was supposed to give last Wednesday.
Wednesday, March 8
Textbook: Chapter 25 (pages 723-767)
Web links:
Efficient Intrusion Detection Using Automaton Inlining, Rajeev Gopalakrishna. Eugene H. Spafford. Jan Vitek, IEEE Symposium on Security and Privacy, May 2005.
SANS' frequently asked question page on intrusion detection contains and links to a lot of useful information, without trying to sell you on a particular product. You are not required to read this for class, but might want to look it over, if you're interested in intrusion detection.
Monday, March 6
Textbook: Chapter 26 (pages 773-799)
Web links:
A brief news story about an auditor who was caught eavesdropping, underlying the point of auditors needing to be trustworthy.
Know Your Enemy: Tracking Botnets, The Honeynet Project and Research Alliance, 2005.
Kevin Eustice, V. Ramakrishna, Shane Markstrum, Peter Reiher, and Gerald Popek, WiFi Nomads and Their Unprotected Devices: The Case for QED-Quarantine, Examination, and Decontamination, New Security Paradigms Workshop, August 2003.
Wednesday, March 1
Textbook: Chapter 11.3-11.7, pages 283-307.
Web links:
RFC 2267: Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing, P. Ferguson and D. Senie, January 1998. One of two RFCs that define ingress filtering. The other one defines it in the opposite manner.
SYN Cookies, D. J. Bernstein. A good explanation of the details of SYN cookies to handle TCP SYN floods.
The Naptha DoS Vulnerability,BindView Inc, 2000. A more sophisticated SYN flood that cannot be handled by SYN cookies.
Monday, February 27
Textbook: Chapter 18, pages 477-494.
Web links:
Exploiting Windows NT 4 Buffer Overruns, A Case Study: RASMAN.EXE, David Lichfield.
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade", Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole, DISCEX 2000.
Wednesday, February 22
Web links:
M. Corner and Brian Noble, Zero-Interaction Authentication,", Mobicom 2002. An interesting use of a cryptographic file system for mobile computing.
Wednesday, February 15
Textbook: Chapter 12 (pages 309-335).
Web links:
A short essay on the limits of using biometrics by Bruce Schneier. This essay is embedded in a longer newsletter. You need only read the section titled "Biometrics in Airports".
Tsutomu Matsumoto, Hiroyuki Matsumoto, Koji Yamada, Satoshi Hoshino, "Impact of Artificial "Gummy" Fingers on Fingerprint Systems.", Proceedings of SPIE Vol. 4677, January 2002. A reality check on the promise of a particular biometric.
Monday, February 13
Textbook: Chapter 10, sections 10.3-10.9 (pages 252-272).
Here's the information I referred to in class on the new NIST standards for how one should go about safely removing data from storage devices. This is for your information only, and you will not be tested on this material.
Wednesday, February 8
MIDTERM!
This test is open book, open notes. Here's the midterm from last year. The general style of this year's midterm will be similar.
Monday, February 6
Web links:
An essay on the value of using known and proven cryptography by Bruce Schneier. It's part of a longer message. You are only required to read this essay.
Textbook: Chapter 20, sections 20.1-20.2 (pages 545-551).
Wednesday, February 1
Textbook: Chapter 10, sections 10.1-10.2 (pages 245-252).
Web links:
Monday, January 30
Textbook: Chapter 9, sections 9.2.2.2-9.7 (pages 227-241).
Web links:
The US National Institute of Standards Comments on recent attacks on SHA-1.
Bruce Schneier's informal analysis of the meaning of the attack on SHA-1.
Wednesday, January 25
Textbook: Chapter 11, section 11.1-11.2 (pages 275-283).
Monday, January 23
Textbook: Introduction to Section IV and Chapter 9, sections 9.1-9.2.2.1 (pages 215-227)
Wednesday, January 18
Wednesday, January 11
Monday, January 9
January 9, 2006
Textbook: Chapter 1 (pages 1-25)
Web links:
Improving the Security of Networked Systems, Julia Allen, Christopher Alberts, Sandi Behrens, Barbara Laswell, and William Wilson.
Why Computers Are Insecure, Bruce Schneier. (The link leads to an entire web page on various security subjects. Read it all, if you want. You are only required to read this essay, however, which is around a page and a half.)
Social Engineering Fundamentals, Part I: Hacker Tactics Sarah Granger.