This page is organized by the weeks of the quarter in which lectures were given and papers assigned. The weeks are in inverse order, on the assumption you will most often be looking for the most recent week.
This class will be taught by Peter Reiher The textbook is Computer Security: Art and Science, by Matt Bishop. Assigned readings are from this book, unless otherwise inidcated.
I will be lecturing on these subjects during the class. Since I'm choosing them as we go along, the research papers I am assigning are not listed here, but are listed below with the lecture slides. `
Textbook: Chapter 23 (Malicious Logic chapter)
Papers:
How to Own the Internet in Your Spare Time, Stuart Staniford, Vern Paxson, Nicholas Weaver, 11th Usenix Security Symposium, August 2002.
Web links:
A Snapshot of Global Internet Worm Activity A technical report by Dug Song, Rob Malan, and Robert Stone, Nov. 13, 2001.
The Internet Worm Program: An Analysis A technical report by Eugene Spafford, 1988.
Textbook: Chapter 25 (pages 723-767)
Textbook: Chapter 26 (pages 773-799)
Textbook: Chapter 11 (pages 275-307)
Web Links:
RFC 2401: Security Architectture for the Internet Protocol.
RFC 2402: IP Authentication Header.
RFC 2406: IP Encapsulating Security Payload (ESP) .
Web links:
Exploiting Windows NT 4 Buffer Overruns, A Case Study RASMAN.EXE.
Wright et. al., Linux Security Modules: General Security for the Linux Kernel,, 11th Usenix Security Symposium, San Francisco, CA, August 2002.
No class on Monday due to Presidents Day holiday.
Textbook: Chapter 12 (pages 309-335).
Web links:
A short essay on the limits of using biometrics by Bruce Schneier. This essay is embedded in a longer newsletter. You need only read the section titled "Biometrics in Airports".
Tsutomu Matsumoto, Hiroyuki Matsumoto, Koji Yamada, Satoshi Hoshino, "Impact of Artificial "Gummy" Fingers on Fingerprint Systems.", Proceddings of SPIE Vol. 4677, January 2002.
MIDTERM ON WEDNESDAY!!!!
The test will be open book, open notes. It will consist of essay questions requiring you to apply knowledge from the lectures or the reading materials. I have provided you copies of last year's final exam and the midterm from two years ago , along with a diagram from that midterm.. The final covers material we haven't talked about yet, but it should give you a good idea of the kinds of questions I tend to ask.
Textbook: Chapter 10, sections 10.3-10.9 (pages 252-272).
Textbook: Chapter 10, sections 10.1-10.2 (pages 245-252).
An essay on the value of using known and proven cryptography by Bruce Schneier. It's part of a longer message. You are only required to read this essay.
Web links: A description of the Rijndael (AES) cipher.
Textbook: Introduction to Part 4 and Chapter 9 (pages 215-241).
January 12, 2004
Textbook: Chapter 1 (pages 1-25)
Web links:
Improving the Security of Networked Systems, Julia Allen, Christopher Alberts, Sandi Behrens, Barbara Laswell, and William Wilson.
Why Computers Are Insecure, Bruce Schneier. (The link leads to an entire web page on various security subjects. Read it all, if you want. You are only required to read this essay, however, which is around a page and a half.)
Methods of Hacking: Social Engineering, Rick Nelson.
Social Engineering Fundamentals, Part I: Hacker Tactics Sarah Granger.