Information for Spring 2016 C236 --- Computer Security

This page contains pointers to textbook assignments and other reading materials for CS236, Computer Security. It also contains pointers to non-required reading and other material related to the class.

Here is the syllabus for the class.

This page is organized by the weeks of the quarter in which lectures were given. The weeks are in inverse order, on the assumption you will most often be looking for the most recent week.

This class will be taught by Peter Reiher. The textbook is Computer Security: Art and Science, by Matt Bishop. Assigned readings are from this book, unless otherwise indicated. Dr. Bishop has also published a second textbook that contains selected sections of this book, with a similar title. I can't guarantee that all material assigned will actually be in this other book, and it will definitely be at different pages if it's there at all.

TA and Labs

The labs for this course will consist of 5 hands-on, practical and exploratory projects covering security-related topics, plus a small introduction to the lab software. More materials on the exercises is available here.

Week 10 (May 30 - June 5)

Lecture 19: Securing Your System

Assigned readings:

The SANS 20 Critical Security Controls. This is the front web page. Each control has its own web page attached. You should read both this front page and each of the 20 separate pages. However, if any of them have other embedded links, you need not follow and read them. This list has changed a bit since the lecture was recorded, but it's worthwhile to read the entries for all of the controls, whether they appeared in the lecutre or not.

Slides:

Lecture 19, Prolog.

PDF version.

Lecture 19, Part 1.

PDF version.

Lecture 19, Part 2.

PDF version.

Lecture 19, Part 3.

PDF version.

Lecture 18: Securing Important Internet Technologies

Assigned readings:

Observations from the DNSSEC Deployment, E. Osterweil, D. Massey, and L. Zhang, 3d IEEE Workshop on Secure Network Protocols, 2007. A good, short description of DNSSEC and interesting information about its degree of deployment.

Secure Border Gateway Protocol (Secure BGP),, Stephen Kent, Charles Lynn, Karen Seo, IEEE Journal on Selected Areas in Communication, Vol. 18, No. 4, April 2000. The original paper proposing Secure-BGP.

Slides:

Lecture 18, Part 1.

PDF version.

Lecture 18, Part 2.

PDF version.

Lecture 18, Part 3.

PDF version.

Week 9 (May 23 - May 29)

Lecture 17: Privacy

Assigned readings:

Tor: The Second-Generation Onion Router, R. Dingledine, N. Mathewson, and Paul Syverson, Usenix Security Symposium, 2004. Tor is a version of onion routing that improves the security, privacy, and performance of the original onion routing mechanisms.

Identity, Location, Disease, and More: Inferring Your Secrets from Android Public Resources, X. Zhou, S. Demetriou, D. He, M. Naveed, Z. Pan, Z. Wang, C. Gunter, and K. Nahrstedt, ACM CCS 2013. A paper describing how one any app running on an Android smartphone can acquire sensitive information on the phone's user.

Slides:

Lecture 17, Part 1.

PDF version.

Lecture 17, Part 2.

PDF version.

Lecture 17, Part 3.

PDF version.

Lecture 17, Part 4.

PDF version.

Lecture 16: Web Security

Assigned readings:

Revolver: An Automated Approach to the Detection of Evasive Web-based Malware, A. Kapravelos, Y. Shsohitaishvili, M. Cova, C. Kruegel, and G. Vigna, Usenix Security Symposium, 2013. This paper describes a step in the ongoing fight between attackers who want to inject malicious scripts into people's browsers and defenders' attempts to prevent such scripts from compromising user machines.

SQLrand: Preventing SQL Injection Attacks, Stephen Boyd and Angelos Keromytis, 2nd Applied Cryptography and Network Security (ACNS) Conference, 2004. A paper on handling SQL injection attacks on web servers.

Slides:

Lecture 16, Prolog.

PDF version.

Lecture 16, Part 1.

PDF version.

Lecture 16, Part 2.

PDF version.

Lecture 16, Part 3.

PDF version.

Lecture 16, Part 4.

PDF version.

Week 8 (May 16 - May 22)

Lecture 15: Evaluating System Security

Assigned readings:

An Introduction to Information System Risk Management, Steve Elky, 2006.

Threat Modeling: A Process to Ensure Application Security, Steven Burns, 2005.

Slides:

Lecture 15, Prolog.

PDF version.

Lecture 15, Part 1.

PDF version.

Lecture 15, Part 2.

PDF version.

Lecture 15, Part 3.

PDF version.

Lecture 15, Part 4.

PDF version.

Lecture 14: Secure Programming, Continued

Assigned readings:

Securely Programming in C, Sayed Jamil Ahmed, 2002.

Lessons Learned in Implementing and Deploying Crypto Software, Peter Gutmann, Usenix Security Symposium, 2002. Practical examples of the problems of using good crypto in real programs.

Slides:

Lecture 14, Prolog.

PDF version.

Lecture 14, Part 1.

PDF version.

Lecture 14, Part 2.

PDF version.

Lecture 14, Part 3.

PDF version.

Lecture 14, Part 4.

PDF version.

Week 7 (May 9 - May 15)

Lecture 13: Secure Programming

Assigned readings:

CERT's Top 10 Secure Coding Practices.

Apple's recommendations on avoiding buffer overflows.

Slides:

Lecture 13, Prolog.

PDF version.

Lecture 13, Part 1.

PDF version.

Lecture 13, Part 2.

PDF version.

Lecture 13, Part 3.

PDF version.

Lecture 13, Part 4.

PDF version.

Lecture 12: Malware

Assigned readings:

Textbook: Chapter 22 (pages 613-641)

Textbook: Chapter 19, sections 19.1-19.2.3.3 (pages 497-523)

Papers:

How to 0wn the Internet in Your Spare Time, Stuart Staniford, Vern Paxson, Nicholas Weaver, 11th Usenix Security Symposium, August 2002. A classic analysis of how fast worms can move in the Internet.

Measuring Pay-per-Install: The Commoditization of Malware Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson, Usenix Security Symposium, 2011. As malware has become a serious (though criminal) business, researchers have started to investigate the economics of this business. This paper is an interesting example of such an investigation.

Web Links:

Coreflood is a botnet taken down by the FBI, using controversial techniques. This article is not highly technical, but gives a good description of precisely what the FBI did, and outlines the legal arguments for why it was acceptable.

Here is an article on Stuxnet that combines a good description of what the worm actually does with discussion of its origins and purpose, specifically avoiding jumping to conclusions. The article is from 2010, so some information in it is outdated, but it gives a pretty good, moderately technical description of the worm in a reasonably brief form. You only need to read the article, not the comments by others that follow it.

If you want to get a deeper explanation of Stuxnet, Symantec has produced a long, detailed report on the Stuxnet malware. THIS REPORT IS OPTIONAL, AND NO MATERIAL FROM IT WILL APPEAR ON THE FINAL EXAM. The link is only provided so those with a deeper interest in this malware can obtain the best available technical information on it.

Slides:

Lecture 12, Prolog.

PDF version.

Lecture 12, Part 1.

PDF version.

Lecture 12, Part 2.

PDF version.

Lecture 12, Part 3.

PDF version.

Week 6 (May 2 - May 8)

Lecture 10: Network Security, Continued

Assigned readings:

Textbook: Chapter 10, sections 10.1-10.2 (pages 245-251)

Textbook: Chapter 11, sections 11.3-11.6 (pages 283-306)

Web links:

RFC 2267: Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing, P. Ferguson and D. Senie, January 1998. One of two RFCs that define ingress filtering. The other one defines it in the opposite manner.

SYN Cookies, D. J. Bernstein. A good explanation of the details of SYN cookies to handle TCP SYN floods.

The Crossfire Attack, Min Suk Kang, Soo Bum Lee, and Virgil Gligor, IEEE Symposium on Security and Privacy, 2013. A recent paper on using DDoS techniques to isolate entire parts of the Internet.

Slides:

Lecture 10, Part 1.

PDF version.

Lecture 10, Part 2.

PDF version.

Lecture 10, Part 3.

PDF version.

Lecture 10, Part 4.

PDF version.

Lecture 11: Intrusion Detection Systems

Assigned readings:

Textbook: Chapter 25 (pages 723-767)

Web links:

SANS' frequently asked question page on intrusion detection contains and links to a lot of useful information, without trying to sell you on a particular product.

Lecture 11, Part 1.

PDF version.

Lecture 11, Part 2.

PDF version.

Lecture 11, Part 3.

PDF version.

Lecture 11, Part 4.

PDF version.

Week 5 (April 24 - May 1)

Because of the midterm, which will be on Saturday, April 30 from 1-3 PM, only one lecture is assigned this week.

The midterm examination is open book, open notes. You will be allowed to use laptop or pad computers to take the test, but you are not allowed to consult the Internet or ask others via electronic means for help on the test. The test will consist of three essay questions on issues covered in lectures and readings. Everything discussed in the first nine lectures and all assigned readings (except those explicitly identified as not being tested) are possible materials for the test. Things discussed ONLY in the exercises will not be on the test. Here is a sample midterm that is similar in style to the one you will be given.

This isn't exactly an answer sheet (for reasons explaned in it), but should give you some guidance about what I would have been looking for if this were your real midterm.

The midterm will be held at UCLA in 9436 Boelter Hall, unless you have made previous arrangements for your exam to be proctored at another location.

Assigned readings:

Textbook: Chapter 26 (pages 773-799)

Web links:

RFC 2267: Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing, P. Ferguson and D. Senie, January 1998. One of two RFCs that define ingress filtering. The other one defines it in the opposite manner.

SYN Cookies, D. J. Bernstein. A good explanation of the details of SYN cookies to handle TCP SYN floods.

Slides:

Lecture 9, Prolog.

PDF version.

Lecture 9, Part 1.

PDF version.

Lecture 9, Part 2.

PDF version.

Lecture 9, Part 3.

PDF version.

Lecture 9, Part 4.

PDF version.

Week 4 (April 17 - April 23)

Assigned readings:

Textbook: Chapter 12 (pages 309-335)

Web links:

A discussion of technical details related to FBI request for Apple to unlock an iPhone. Subsequent to this article being written, the FBI obtained assistance from an unnamed third party in unlocking this iPhone, using an unspecified method.

An article arguing that much security advice given to users, including advice on passwords, is ignored for good reasons.

A short essay on the limits of using biometrics by Bruce Schneier. This essay is embedded in a longer newsletter. You need only read the section titled "Biometrics in Airports".

I. Dubrawsky, Cryptographic Filesystems, Part One: Design and Implementation,. A short web article describing basic approaches to cryptographic file systems and outlining the designs of a few well known examples.

J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, Edward W. Felten, Lest We Remember: Cold Boot Attacks on Encryption Keys, Usenix Security Symposium, 2008. One of those papers that suddenly undermines a security assumption we'd all relied on. In this case, the assumption that RAM loses its data when power is turned off. It's particularly relevant to things like software full disk encryption, one of the technologies discussed in lecture 8.

Slides:

Lecture 7: Authentication

Lecture 7, Prolog.

PDF version.

Lecture 7, Part 1.

PDF version.

Lecture 7, Part 2.

PDF version.

Lecture 7, Part 3.

PDF version.

Lecture 8: Operating System Security

Lecture 8, Prolog.

PDF version.

Lecture 8, Part 1.

PDF version.

Lecture 8, Part 2.

PDF version.

Lecture 8, Part 3.

PDF version.

Week 3 (April 10 - April 16)

Assigned readings:

Textbook: Chapter 9, sections 9.2.2.2-9.7 (pages 227-241)

Textbook: Chapter 10, sections 10.3-10.9 (pages 252-272)

Web links:

Overview of Differential Power Analysis, Paul Kocher, Joshua Jaffe, and Benjamin Jun. A short overview of one type of side-band technique that can be used to break cryptography on a smart card.

Bruce Schneier's informal analysis of the meaning of the attack on SHA-1. You only need to read the article itself, not the lengthy sets of comments and responses that follow it. If you'd like to develop a deeper understanding of the issues involved in secure hashes related to collisions, the topic is discussed at length in these comments, but you aren't required to read them.

Papers:

Why (special agent) Johnny (still) Can't Encrypt, Sandy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, Kevin Xu, and Matt Blaze, Usenix Security Symposium, 2011. An analysis of the effects of a flawed implementation of cryptography and poor user interfaces on the practical utility of a communications device.

Lecture 5: Cryptographic Keys

Lecture 5, Part 1.

Lecture 5, Part 2.

Lecture 5, Part 3.

Lecture 6: Security Protocols

Lecture 6, Prolog.

Lecture 6, Part 1.

Lecture 6, Part 2.

Lecture 6, Part 3.

Week 2 (April 3 - April 9)

I have not posted the PDF versions of the slides this week. If anyone needs them in that format, let me know.

Assigned readings:

This week's reading assignment is a bit longer than we will typically have.

Textbook: Chapter 2 (pages 31-44) and Chapter 15 (pages 381-396).

Textbook: Chapter 4 (pages 95-120), Sections 5.1-5.2.2 (pages 123-132), Sections 6.1-6.2 (pages 151-155), Sections 7.1-7.2 (pages 169-180).

Textbook: Introduction to Section IV and Chapter 9, sections 9.1-9.2.2.2 (pages 215-227), Chapter 11, sections 11.1-11.2 (pages 275-283).

Lecture 3: Cryptography.

Lecture 3, Prolog.

Lecture 3, Part 1.

Lecture 3, Part 2.

Lecture 3, Part 3.

Lecture 4: More on Cryptography.

Lecture 4, Prolog.

Lecture 4, Part 1.

Lecture 4, Part 2.

Lecture 4, Part 3.

Week 1 (March 28 - April 3)

Assigned readings:

Textbook: Chapter 1 (pages 1-25)

Web links:

Improving the Security of Networked Systems, Julia Allen, Christopher Alberts, Sandi Behrens, Barbara Laswell, and William Wilson.

Why Computers Are Insecure, Bruce Schneier. (The link leads to an entire web page on various security subjects. Read it all, if you want, but the assignment is only this essay, which is around a page and a half.)

Social Engineering Fundamentals, Part I: Hacker Tactics Sarah Granger.

Slides:

Lecture 1: Introduction.

Lecture 1, Part 1.

PDF version.

Lecture 1, Part 2.

PDF version.

Lecture 1, Part 3.

PDF version.

Lecture 2: Security Design Principles, Policies, and Tools.

Lecture 2, Prolog. While the stories in this prolog are no longer recent, the attitudes that made them possible are still common.

PDF version.

Lecture 2, Part 1.

PDF version.

Lecture 2, Part 2.

PDF version.

Lecture 2, Part 3.

PDF version.