CE 40-442: Network Security

Description:

Acknowledgment:

Policies:

• Grading policy is as follows. This is tentative.
  • 10% Quiz
    
  • 40% Homeworks
    
  • 20% Midterm
    
  • 30% Final
    
  
  There will be no exceptions to the following rules:
  
  • If you turn in your assignments one day late you will loose 25% of the grade, two days will cost you 50% and three days 75% of the grade. No submissions will be accepted after the third day. Penlaty may be calculted continusly and per hour of delay.
  • There will be a zero tolerance policy for cheating/copying HWs. The first time you are caught, you will receive a zero for the task at hand. If you are caught for a second time, you will fail the course. Providing your assignment to someone else is considered cheating on your behalf.
    
  • Each of you has a 3 day extension you could use over the individual assignments. The minimum you could use at each instance is a 1 day extension. So you can not extend HW1 by 12 hours and then HW2 by 60 hours. You could use the 3 days with one HW, or 1 day for each HW, or 2 days for hW1 and 1 day for HW2, or 1 day for HW1 and 2 days for HW2, or ... (I hope you get the idea!)
  • The 3 day extension will be applied to HW0 and what ever remains would be carried over to HW1 and so on.
  • There is a good probability that things go south (i.e. you get sick, network fails, your computer crashes, there is a bug in the HW, server fails, etc.) as the deadline approaches. Such issues will not result in an extension to the deadline. So keep that in mind and plan for Murphy's law in advance, don't leave things for the last minute.
  • There will be a zero tolerance policy for any misuse of the course infrastructure (i.e. Judge, Tarasht, etc.), regardless of the intent
  • If any of the class policies are unclear, they should be brought up and discussed in the first week of the semester at hand.

Announcements:

• Quiz 1 on 1397/8/5 from lectures 0, 1, 2, 3, 4, 5, and 6.
• Midterm will be on 1396/8/28 from Lectures 0 to 10, including 10.
• Q1+Q2+Midterm+Final Grades
• Quiz 2 on 1397/9/19 from lectures 11, 12, 13, and 14.
  
  
  
  
  

Homeworks:

• HW 1: [PDF], Available: 1397/7/9, Deadline: 1397/7/26, 11:59PM.
• HW 2: [PDF], Available: 1397/8/5, Deadline: 1397/8/21, 11:59PM.
• HW 3: [PDF] Available: 1397/9/10, Deadline: 1397/9/26, 11:59PM.
  
  
  

Course Material:

-6/24

• Lecture 0-Pre-Intro! [PDF]

-6/26

• Lecture 1- Introduction [PDF]
  • Reflections on Trusting Trust, Ken Thompson, Turing Award Lecture ,1984
  • Measuring Pay-per-Install: The Commoditization of Malware Distribution, J. Caballero, C. Grier, C. Kreibich, V. Paxson, 2011

-6/31

• Lecture 2- Control hijacking attacks: exploits and defenses [PDF]
  • Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade, Cowan, C., Wagle, F., Pu, C., Beattie, S., & Walpole, J., 2000
  • Basic Integer Overflows, blexim, 2002
  • Bypassing Browser Memory Protections, A. Sotirov,2008

-7/2

• Lecture 2- Control hijacking attacks: exploits and defenses (con't)

-7/7

• Lecture 3- Principle of least privilege, access control, and operating systems security [PDF]
  • SetUID Demystified, Chen, Dean, and Wagner, 2002.
  • Operating Systems Security, T. Jaegeri, 2008. Chapter 4, Security in Ordinary Operating Systems.

-7/9

• Lecture 3- Principle of least privilege, access control, and operating systems security (con't)

-7/14

• Lecture 4- Dealing with legacy code: sandboxing and isolation [PDF]
  • Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools, T. Garfinkel, 2003
  • Efficient Software-Based Fault Isolation, Robert Wahbe, et al., 1993

-7/16

• Lecture 4- Dealing with legacy code: sandboxing and isolationi (con't)

-7/21

• Lecture 5- Tools for writing robust application code [PDF]
  • KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs, C. Cadar, D. Dunbar, D. Engler, 2008
  • Finding Security Vulnerabilities in Java Applications with Static Analysis, B. Livshits and M. Lam, 2005

-7/23

• Lecture 6- Fuzzing [PDF]
  • How hackers look for bugs, Dave Aitel
  • Real world fuzzing, Charlie Miller, 2007
  • Effective Bug Discoveryy, vf, 2006

-7/28

• Lecture 7- Basic web security model [PDF]
  • Securing Browser Frame Communication, Adam Barth, Collin Jackson, and John C. Mitchell, 2008
  • The Security Architecture of the Chromium Browser, Adam Barth, Collin Jackson, Charles Reis, and the Google Chrome Team, 2008
  • Exposing private information by timing web applicationsi, A. Bortz, D. Boneh, and P. Nandy, 2007

-7/30

• Lecture 8- Web application security [PDF]
  • Cross site scripting explained, Amit Klein, 2002
  • SQL Injection attacks, Chris Anley, 2002
  • Robust Defenses for Cross-Site Request Forgery, Adam Barth, Collin Jackson, and John C. Mitchell, 2008

-8/5

• Lecture 8- Web application security (continued)

-8/7

• Lecture 9- Session management and user authentication [PDF]
  • Secure Session Management With Cookies for Web Applications, Chris Palmer, 2008
  • Origin Cookies: Session Integrity for Web Applications, Bortz et al., 2011

-8/12

• Lecture 10- Overview of cryptography [PDF]
  • The BREACH attack: encryption and compression don't mix, Gluck, Harris, and Prado
  • The case for prefetching and prevalidating TLS server certificates, E. Stark, L.S. Huang, et al., 2012

-8/14

• Lecture 11- HTTPS: goals and pitfalls [PDF]
  • ForceHTTPS: protecting high-security web sites from network attacks, A. Barth and C. Jackson, 2008
  • The case for short-lived certificates, Topalovic et al., 2012

-8/19

• Lecture 12- Content Security Policies (CSP), Web workers, and extensions [PDF]
  • Web workers
  • Content Security Policies
  • Sandboxed iFrames
  • cors

-9/21

• Lecture 13- Security issues in Internet protocols: TCP, DNS, and routing [PDF]
  • A look back at Security Problems in the TCP/IP Protocol Suite, 2004
  • BGP Security in Partial Deployment, Lychev, Goldberg, Schapira, 2013
  • DNS cache poisoning, Steve Friedl, 2008

-8/26

• Midterm Review

-8/28

• Midterm

-9/3

• Lecture 14- Network defense tools: Firewalls, VPNs, Intrusion Detection, and filters [PDF]
  • A Security Evaluation of DNSSEC with NSEC3, J. Bau and J.C. Mitchell, 2010
  • How DNSSEC Works, cloudflare
  • Distributed Firewalls, S. Bellovin, 1999
  • Bro: A System for Detecting Network Intruders in Real-Time, V. Paxon, 1998

-9/5

• Lecture 14- Network defense tools: Firewalls, VPNs, Intrusion Detection, and filters (continued)

-9/10

• Lecture 15- Unwanted traffic: denial of service attacks [PDF]
  • Details of a recent large-scale DDoS event , , 2013
  • Practical network support for IP Traceback, S. Savage, et al., 2000
  • A DoS-Limiting Network Architecture, Yang, Wetherall, and Anderson, 2005

-9/12

• Lecture 16- Trusted Computing and SGX [PDF]
  • Introduction to the TPM, Allan Tomlinson, Smart Cards, Tokens, Security and Applications, 2008
  • Shielding Applications from an Untrusted Cloud with Haven, Andrew Baumann, Marcus Peinado, and Galen Hunt, OSDI 2014

-9/17

• Lecture 17- Mobile platform security models: Android and iOS [PDF]
  • Understanding Android Security, Enck, Ongtang, and McDaniel, 2009 (Security Enforcement section)
  • TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, Enck et al., 2014

-9/19

• Lecture 18- Mobile threats and malware [PDF]
  • FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps, Arzt et al., 2014
  • A Large-Scale Study of Mobile Web App Security, P. Mutchler, A. Doupe, J. Mitchell, C. Kruegel, and G. Vigna., 2015
  • Target Fragmentation in Android Apps, Mutchler, P., Safaei, Y., Doupé, A. and Mitchell, J., 2016

-9/24

• Lecture 19- TBD

-9/26

• Lecture 20- TBD