Idea Transcript
CSCI 451 Computer Security by Hui Chen, Ph.D. (/)
Overview This course focuses on communication security in computer systems and networks. It is intended to provide students with a comprehensive introduction to the field of network security. The course covers critical network security services such as authentication and access control, integrity, and confidentiality of data, routing, firewalls, virtual private networks, and web security. Where appropriate, we examine threats and vulnerabilities to specific a rchitecture and protocols. Prerequisites:CSCI 358 Introduction to Information Assurance or approval of the instructor
Syllabus Download it in a PDF file (notes/syllabus.pdf)
Textbook You may access VSU's Safari's Book-Online subscription from using VSU library's off-campus access service. Matt Bishop, Introduction to Computer Security, (http://proquest.safaribooksonline.com/book/networking/security/0321247442) Addison-Wesley Professional, October, 2004, ISBN-13: 978-0-321-24774-5.
Reference Books Matt Bishop, Computer Security: Art and Science, (http://proquest.safaribooksonline.com/book/networking/security/0201440997) Addison-Wesley Professional, October, 2004, ISBN-13:978-0-321-24744-5. This book is a version of the book with more formal and mathematical treatment of the subject than the textbook. If you wish more formal and mathematical treatment, read this book intead. Dorothy Elizabeth Robling Denning. 1982. Cryptography and Data Security (http://dl.acm.org/citation.cfm?id=539308). Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA. Bruce Schneier. 1996. Applied Cryptography (https://www.schneier.com/book-applied.html). John Wiley & Sons. Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno. 2010. Cryptography Engineering (https://www.schneier.com/book-applied.html). John Wiley & Sons.
Class Schedule and Material 08/17
Course Overview and Introduction to Computer Security (notes/lecture01_overview.pdf)
Topic: Overview of basic computer security concepts Reading: Chapter 1 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442) The matasano crypto challenges (http://cryptopals.com/) Assignment: Lab 1 (Due 08/24) (assignment/lab_01.pdf) Reading and Oral Presentation: Comparing Expert and Non-Expert Security Practices (2-student presentation in class on 08/24) (https://www.usenix.org/system/files/conference/soups2015/soups15-paper-ion.pdf)
08/19 - 08/21
Access Control Matrix (notes/lecture02_access_control_matrix.pdf)
Topic: Access Control Matrix Reading: Sections 2.1 and 2.2 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442) Sections 2.3, 2.4, and 2.5 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442) Assignment: (Homework L2-1) questions 1(a), 1(c), 1(e) and 1(g) in exercises 1.11 in the textbook (page 22) (http://proquest.safaribooksonline.com/book/networking/security/0321247442/an-overview-of-computer-security/ch01lev1sec11) and question 1(a) in exercises 2.6 in the textbook (page 35) (http://proquest.safaribooksonline.com/book/networking/security/0321247442/access-control-matrix/ch02lev1sec6)
08/24
Students' Presentation and Discussion
Reminder: Lab 1 is due Students' Presentation: Comparing Expert and Non-Expert Security Practices (https://www.usenix.org/system/files/conference/soups2015/soups15-paper-ion.pdf)
08/28
Security Policies (notes/lecture03_security_policies.pdf)
Topic: Overview of Security Policies Assignment: See lecture notes Reading: Chapter 4 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442)
08/28
Examples of Policy Models (notes/lecture04_security_policy_examples.pdf)
Topic: Policy Examples: The Bell-LaPadula Model; Biba Integrity Model; Clark-Wilson Integrity Model; Chinese-Wall Model Assignment: See lecture notes Reading: Chapter 5 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442) Chapter 6 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442) Chapter 7 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442)
08/31 - 09/04
Basic Cryptography I (notes/lecture05_basic_cryptography.pdf)
Topic: Transposition Ciphers; Substitution Ciphers; Vigenere Cipher; Simple Cryptanalysis; Reading: Sections 8.1 - 8.2.2 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442) The instructor's notes on Index of Coincidence (notes/notes_on_ic.pdf) Program: Making Vigenere Tableau in: C++ (src/vigeneretableau/vigeneretable.cpp); C (src/vigeneretableau/vigeneretable.c); Java (src/vigeneretableau/VigenereTable.java); and Matlab/Octave (src/vigeneretableau/vigeneretable.m) Attacking Caesar Cipher: attackcaesar.m (src/caesar/attackcaesar.m) Attacking Vigenere Cipher: readline.m (src/vigenere/readline.m) findcommonsubstrings.m (src/vigenere/findcommonsubstrings.m) computeic.m (src/vigenere/computeic.m) guesskey.m (src/vigenere/guesskey.m) vigenere.m (src/vigenere/vigenere.m) computeletterfreq.m (src/vigenere/computeletterfreq.m); Assignment: See lecture notes. Ciphertext for Exercise L5-5: pg.txt (assignment/vigenere/pg.txt) tc.txt (assignment/vigenere/tc.txt); (Homework L5-1) question 8 in exercise 8.7 in the textbook (page 120) (http://proquest.safaribooksonline.com/book/networking/security/0321247442/basiccryptography/ch08lev1sec7)
09/07
Labor Day Holiday. University Closed. No Class.
09/09
Basic Cryptography I (Continued)
Topic: continue the lectures from 08/31/ - 09/04
09/11
Basic Cryptography II (notes/lecture06_basic_cryptography_2.pdf)
Topic: DES; AES; RSA; Cryptographic Checksums; Reading: Sections 8.2.3 - 8.6 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442/key-management/ch08) Assignment: Exercises in lecture notes Reading and Oral Presentation: Side-Channel Attacks on AES Implementations [ It’s all a question of time – AES timing attacks on OpenSSL (https://securityblog.redhat.com/2014/07/02/its-all-a-question-of-time-aes-timing-attacks-on-openssl/) and A shared cache attack that works across cores and defies VM sandboxing---and its application to AES (http://users.wpi.edu/~teisenbarth/pdf/SharedCacheAttackSnP2015.pdf) ] (2-student presentation in class on 10/07) .
9/16 - 09/18
Key Distributions (notes/lecture07_key_distribution.pdf)
Reading: Sections 9.1 and 9.2 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442/key-management/ch09lev1sec1) Assignment: See lecture notes
09/21 - 09/25
Public Key Infrastructure (notes/lecture08_public_key_infrastructure.pdf)
Reading: Section 9.3 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442/key-management/ch09lev1sec3) Assignment: Mini-Project 1 on PKI (assignment/pki.pdf) and Mini-Project 2 on PGP (due two weeks after it has been posted. Submit your work to Blackboard (https://blackboard.vsu.edu).) Resources for Mini-Project 1 The Mini-Project 1 is based on the PKI lab (http://www.cis.syr.edu/~wedu/seed/Labs_12.04/Crypto/Crypto_PublicKey/) developed by Professor Wenliang Du at Syracus University. You may download the lab manual from this site (assignment/Crypto_PublicKey.pdf). Download a Debian Linux virtual machine prepared for this lab from either Dropbox (https://www.dropbox.com/s/2i5ocr3ex6j3en3/VM_Base_Debian_8.x_en_Sec.7z?dl=0) or OneDrive (http://1drv.ms/1OvYiSc). Both the username and password are "debian" (without the quotation marks).
09/28
Midterm Review
09/30
Midterm Exam
09/30
Recap on Midterm Exam
10/05-10/06
10/7
Fall Break. No Class.
Cipher Techniques: Common Problems (notes/lecture09_cipher_techniques_intro.pdf)
Reading: Section 10.1 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442/cipher-techniques/ch10lev1sec1) Assignment: Students' Presentation: Side-Channel Attacks on AES Implementations [ It’s all a question of time – AES timing attacks on OpenSSL (https://securityblog.redhat.com/2014/07/02/its-all-a-question-of-time-aes-timing-attacks-on-openssl/) and A shared cache attack that works across cores and defies VM sandboxing---and its application to AES (http://users.wpi.edu/~teisenbarth/pdf/SharedCacheAttackSnP2015.pdf) ]
Cipher Techniques: Stream and Block Ciphers (notes/lecture10_cipher_techniques_stream_block.pdf) 10/9
Reading: Section 10.3 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442/cipher-techniques/ch10lev1sec3) Assignment: Mini-Project 2 on PGP (assignment/pgp.pdf) and Mini-Project 2 on PGP (due two weeks after it has been posted. Submit your work to Blackboard (https://blackboard.vsu.edu).)
Cipher Techniques: Networks, Cryptography, and Example Protocols (notes/lecture11_cipher_techniques_networks_and_cyprography.pdf) 10/12
Reading: Section 10.4 of Textbook (http://proquest.safaribooksonline.com/book/networking/security/0321247442/cipher-techniques/ch10lev1sec4)
10/14
Design Principles (notes/lecture12_design_principles.pdf)
Reading: Chapter 12 of Textbook (http://proquest.safaribooksonline.com/0321247442/ch12) Assignment: (Homework L12-1) Answer questions 2, 3, 7, and 10 in Chapter 12 of the textook (page 208 - 209) (http://proquest.safaribooksonline.com/book/networking/security/0321247442/design-principles/ch12lev1sec5)
10/16 - 10/23
Representing Identity (notes/lecture13_identify.pdf)
Reading: Sections 13.1 - 13.5 of Textbook (http://proquest.safaribooksonline.com/0321247442/ch13)
10/26 -10/30
Identify and Anonymity on the Web (notes/lecture14_identify_and_anonymity.pdf)
Reading: Section 13.6 of Textbook (http://proquest.safaribooksonline.com/0321247442/ch13lev1sec6) Assignment: (Homework L14-1) Answer questions 1 in Chapter 13 of the textook (page 234). (http://proquest.safaribooksonline.com/book/networking/security/0321247442/representing-identity/ch13lev1sec9) Note: to answer this question, you may want to consult references on web cookies, e.g., Document.cookie Web API (https://developer.mozilla.org/enUS/docs/Web/API/Document/cookie), and IETF RFC 6265 (https://tools.ietf.org/html/rfc6265).
11/02 - 11/09
Controlling Access to Files (notes/lecture15_access_control.pdf)
Reading: Sections 14.1 - 14.2 of Textbook (http://proquest.safaribooksonline.com/0321247442/ch14lev1sec1) Assignment: See lecture notes
11/11 - 11/18
Ring-based Access Control (notes/lecture16_ring_based_access_control.pdf)
Reading: Section 14.4 of Textbook (http://proquest.safaribooksonline.com/0321247442/ch14lev1sec4)
11/20 - 11/23
Introduction to Assurance (notes/lecture17_assurance.pdf)
Reading: Chapter 17 of Textbook (http://proquest.safaribooksonline.com/0321247442/ch17)
11/26
Thanksgiving Holiday. University Closed. No Class.
11/30
Review for Final Exam
12/02
Class Project; Q & A; Last Day of Classes
12/03
Reading Day. Senior Project Presentation.
12/04 - 12/09
Final Examination Week
CSCI451 Final Exam: 10:30 - 12:30PM, Monday, December 7, 2015
Hui Chen ©2018 Last modified: 01/03/2018 18:55:30