This page is organized by the weeks of the quarter in which lectures were given and papers assigned. The weeks are in inverse order, on the assumption you will most often be looking for the most recent week.
This class will be taught by Peter Reiher. The textbook is Computer Security: Art and Science, by Matt Bishop. Assigned readings are from this book, unless otherwise indicated. Dr. Bishop has also published a second textbook that contains selected sections of this book, with a similar title. I can't guarantee that all material assigned will actually be in this other book, and it will definitely be at different pages if it's there at all.
I will be lecturing on these subjects during the class. Since I'm choosing them as we go along, the research papers I am assigning are not listed here, but are listed below with the lecture slides.
Wednesday, March 14
Textbook: Chapter 22 (Pages 613-642)
Papers:
Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event, Abhishek Kumar, Vern Paxson, and Nicholas Weaver,Internet Measurement Conference, November 2005. A whole lot cooler than its title might lead you to believe.
How to 0wn the Internet in Your Spare Time, Stuart Staniford, Vern Paxson, Nicholas Weaver, 11th Usenix Security Symposium, August 2002. A classic analysis of how fast worms can move in the Internet.
Web links:
The Internet Worm Program: An Analysis A technical report by Eugene Spafford, 1988.
Monday, March 12
Textbook: Chapter 25 (pages 723-767)
Web links:
Efficient Intrusion Detection Using Automaton Inlining, Rajeev Gopalakrishna. Eugene H. Spafford. Jan Vitek, IEEE Symposium on Security and Privacy, May 2005.
SANS' frequently asked question page on intrusion detection contains and links to a lot of useful information, without trying to sell you on a particular product. You are not required to read this for class, but might want to look it over, if you're interested in intrusion detection.
Wednesday, March 7
Textbook: Chapter 26 (pages 773-799)
Web links:
Know Your Enemy: Tracking Botnets, The Honeynet Project and Research Alliance, 2005.
Kevin Eustice, V. Ramakrishna, Shane Markstrum, Peter Reiher, and Gerald Popek, WiFi Nomads and Their Unprotected Devices: The Case for QED-Quarantine, Examination, and Decontamination, New Security Paradigms Workshop, August 2003.
Monday, March 5
Textbook: Chapter 11.3-11.7, pages 283-307.
Web links:
RFC 2267: Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing, P. Ferguson and D. Senie, January 1998. One of two RFCs that define ingress filtering. The other one defines it in the opposite manner.
SYN Cookies, D. J. Bernstein. A good explanation of the details of SYN cookies to handle TCP SYN floods.
The Naptha DoS Vulnerability,BindView Inc, 2000. A more sophisticated SYN flood that cannot be handled by SYN cookies.
Wednesday, February 28
Textbook: Chapter 18, pages 477-494.
Web links:
Exploiting Windows NT 4 Buffer Overruns, A Case Study: RASMAN.EXE, David Lichfield.
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade, Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole, DISCEX 2000.
Trusted Computing: Promise and Risk,Seth Schoen, Electronic Frontier Foundation.
Monday, February 26
Web links:
I. Dubrawsky, Cryptographic Filesystems, Part One: Design and Implementation,. A short web article describing basic approaches to cryptographic file systems and outlining the designs of a few well known examples.
M. Corner and Brian Noble, Zero-Interaction Authentication,, Mobicom 2002. An interesting use of a cryptographic file system for mobile computing.
A short, informal performance comparison of some full-disk encryption products available today.
Wednesday, February 21
Textbook: Chapter 12 (pages 309-335).
Web links:
A discussion on choosing secure passwords.
A short essay on the limits of using biometrics by Bruce Schneier. This essay is embedded in a longer newsletter. You need only read the section titled "Biometrics in Airports".
Tsutomu Matsumoto, Hiroyuki Matsumoto, Koji Yamada, Satoshi Hoshino, "Impact of Artificial "Gummy" Fingers on Fingerprint Systems.", Proceedings of SPIE Vol. 4677, January 2002. A reality check on the promise of a particular biometric.
Textbook: Chapter 10, sections 10.3-10.9 (pages 252-272).
Monday, February 19
No class. President's Day holiday.
Wednesday, February 14
Remember, I will hand out a take-home midterm at the end of class Wednesday, after the lecture. Here is a sample midterm that I gave last year. It covered the same material as this year's midterm, so it's a reasonable indication of the kinds of questions you'll see on the real midterm. Full instructions will be provided on the rules for taking the midterm. It will be open book.
Textbook: Chapter 10, sections 10.3-10.9 (pages 252-272).
Web links:
An essay on the value of using known and proven cryptography by Bruce Schneier. It's part of a longer message. You are only required to read this essay.
Monday, February 12
Textbook: Chapter 10, sections 10.1-10.2 (pages 245-252).
Wednesday, February 7
Textbook: Chapter 9, sections 9.2.2.2-9.7 (pages 227-241).
Web links:
The US National Institute of Standards Comments on 2005 attacks on SHA-1.
Bruce Schneier's informal analysis of the meaning of the attack on SHA-1. You only need to read the article itself, not the lengthy sets of comments and responses that follow it. If you'd like to develop a deeper understanding of the issues involved in secure hashes related to collisions, the topic is discussed at length in these comments, but you aren't required to read them.
Monday, February 5
Textbook: Chapter 11, section 11.1-11.2 (pages 275-283).
Web link:
Steganography, Neil F. Johnson, 1996.
Project proposals are due on February 2. Email submission is fine.
We will not be able to hold a makeup class on Friday, February 2, as the room is being used by another class for part of the period. I will investigate other options to make up this class.
Wednesday, January 31
Textbook: Introduction to Section IV and Chapter 9, sections 9.1-9.2.2.1 (pages 215-227)
Web link:
Overview of Differential Power Analysis, Paul Kocher, Joshua Jaffe, and Benjamin Jun. A short overview of one type of side-band technique that can be used to break cryptography on a smart card.
Monday, January 29
No class. Dr. Reiher will be out of town. No office hours either, obviously.
Wednesday, January 24
Textbook: Chapter 2 (pages 31-44) and Chapter 15 (pages 381-396). Matt Bishop uses a somewhat different organization for the book than I do in the class, but you shouldn't have a problem with the material in chapter 15.
Monday, January 22
I'm finally done with jury duty, so we'll proceed with classes. At the beginning of this class, we will discuss how to make up for lost sessions.
No new ones, just those assigned for Wednesday, January 10.
Wednesday, January 17
I'm still on jury duty on the 17th. I will know by the end of the day whether my service will last even longer or be finished on the 17th, so check the web page after tomorrow. It's at least possible that I will be assigned to a very long trial, which would necessitate cancelling the class this quarter.
Monday, January 15
Holiday.
Wednesday, January 10
I have been called to jury duty for this day, so class is cancelled for Wednesday. Monday is a holiday, so I will see you a week from Wednesday, January 17. I will repost the slides for lecture 2 later. The reading assignment below should be completed prior to the class on the 17th.
Monday, January 8
Textbook: Chapter 1 (pages 1-25)
Web links:
Improving the Security of Networked Systems, Julia Allen, Christopher Alberts, Sandi Behrens, Barbara Laswell, and William Wilson.
Why Computers Are Insecure, Bruce Schneier. (The link leads to an entire web page on various security subjects. Read it all, if you want. You are only required to read this essay, however, which is around a page and a half.)
Social Engineering Fundamentals, Part I: Hacker Tactics Sarah Granger.