Advanced Computer and Network Security

Advanced Computer and Network Security

Course Proposal: CMSC ### : Advanced Computer and Network Security April 2017 Background and Motivation This proposal is for a permanent, graduate-level course in computer and network security. Although security is an increasingly popular area of study for our PhD students, there remains no core graduate-level course on the topic. The overall goal of this course is to provide a broad foundational knowledge to prepare students to begin research in security. Dave Levin is currently teaching an iteration of this course as CMSC 818O. For more detailed information (including example attack presentations), please see the course website: https://www.cs.umd.edu/class/spring2017/cmsc818O/ Course Description This course will cover advanced topics in computer and network security, including: anonymity, privacy, memory safety, malware, denial of service attacks, trusted hardware, security design principles, and empirically measuring security "in the wild". This will be a largely paper-driven course, preparing students for research in (or around) the broad area of security. Students will gain first-hand experience launching attacks in controlled environments. The bulk of the grade will be based on a final, semester-long group project. Prerequisites Computer Science, Electrical Engineering, or Computer Engineering student or permission of the instructor. Having taken an undergraduate course in security (or cryptography or networking) is not necessary, but would help, as the class will go considerably deeper than a typical undergraduate security course. Rationale: Unfortunately, there are no consistent cybersecurity courses offered at most undergraduate institutions — it is therefore unlikely that many students would meet a prerequisite of a CMSC 414-equivalent course. Textbooks None (this is a largely paper-driven course). There is a list of sample papers at the end of this document. Rationale: At this time, there are no appropriate graduate-level textbooks on security. ​ Attack Presentations At the beginning of (almost) every class, a group of 1-2 students will present an attack they have implemented and launched that is relevant to that class's topic. For example, a class on web security might begin with a group demonstrating a website they created that launches a clickjacking attack against its visitors. The attacks will be assigned by the instructor early in the semester. Each student will present at least one attack during the semester. Rationale: This provides students with the hands-on, demystifying experience of launching attacks. Within the lecture, it makes the abstract notions of the attacks more concrete for all students in the class. Syllabus This course covers a very broad range of topics within computer security, with the goal of instilling a security mindset, and teaching some of the core principles of security that will allow ​ ​ students to pursue research in the field upon completion. The following list of tentative lecture topics may vary in terms of pace (see below for an example list of papers): ● Security background and definitions ● The ethics of security research ● Systems security (attacks and defenses) ○ Memory safety (buffer overflows, ROP) ○ Malware (viruses, worms) ○ Web-based attacks (CSS, XSRF, clickjacking) ○ Isolation and lack thereof (side channels, rowhammer) ● The human element of security ● Applications and analysis of cryptography ○ Public key infrastructures (certificates, TLS/SSL) ○ Anonymous communication ○ Empirical measurements of cryptographic abuse ● Network security ○ Attacks and defenses for TCP/IP and DNS ○ Network control (firewalls, VPNs) ○ Censorship and censorship resistance ● Economic incentives and underground economies Sample Grade Breakdown Meet your instructor 1% Class participation 9% Weekly reading responses 10% Attack presentation 10% Midterm exam 10% Final exam 20% Final project 40% Note: This is the grade breakdown from the Spring 2017 offering. In retrospect, it may have been useful to increase the percentage for weekly reading responses, or to decrease the number of required reading responses per week. Instructors of future offerings should adjust these as they see appropriate. Comparison to Other CMSC Courses Security inherently lies at the intersection of multiple domains. In particular, as this course is designed, it has the potential to overlap with courses in cryptography, networking, and programming languages. Here, we describe the extent of this overlap, and why iterations of this course can be designed to complement, not reiterate, other graduate-level courses we offer. ● Cryptography: The graduate-level course on Introduction to Cryptography (CMSC ​ 858K) comprises the construction and analysis of cryptographic mechanisms. The proposed security course focuses predominantly on the application of these ​ mechanisms: how to build systems using them, and measuring their (mis)application in practice. ● Networking: Our graduate-level networking course (CMSC 711) focuses on networking ​ writ large, including the systems-level aspects of global and local communication. This proposed course does cover some aspects of networking, but only insofar as to discuss security-centric topics such as anonymous communication, virtual private networks (VPNs), botnets, and so on. ● Programming languages: The most relevant PL course is Program Analysis and ​ Understanding (CMSC 631), which covers the broad range of automated program analysis. This proposed course touches on these topics, particularly in the context of statically and dynamically analyzing a potentially malicious executable. Again, this proposed course focuses predominantly on the application of these techniques in a security context, and their use within a broader security context. The proposed class does not preclude covering security in these (or other) classes; because the security class covers such a broad range of topics, even if there does end up being some redundancy between classes, it will constitute a small percentage of the overall material. Sample Readings Example required readings are in bold. Introduction ● The Security Mindset, Bruce Schneier ​ ● Why Information Security is Hard – An Economic Perspective, Ross Anderson ​ Ethics in Security Research ● All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks, Leyla Bilge, Thorsten Strufe, Davide Balzarotti, Engin Kirda ​ ● Encore: Lightweight Measurement of Web Censorship with Cross-Origin Requests, Sam Burnett, Nick Feamster ​ ● Conducting Cybersecurity Research Legally and Ethically, Aaron J. Burstein ​ ● Federal guidelines for research involving human subjects ● UMD's IRB process ● Menlo Report ● The Moral Character of Cryptographic Work, Phillip Rogaway ​ ● Keys Under Doormats: Mandating Security by Requiring Government Access to All Data and Communications, Harold Abelson, Ross Anderson, Steven M. Bellovin, Josh Benaloh, ​ Matt Blaze, Whitfield Diffie, John Gilmore, Matthew Green, Susan Landau, Peter G. Neumann, Ronald L. Rivest, Jeffrey I. Schiller, Bruce Schneier, Michael Specter, Daniel J. Weitzner Classic Memory Attacks & Defenses ● Smashing the Stack for Fun and Profit, Aleph One ​ ● StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks, Crispan Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve ​ Beattie, Aaron Grier, Perry Wagle, Qian Zhang, Heather Hinton ● SoK: Eternal War in Memory, Laszlo Szekeres, Mathias Payer, Tao Wei, Dawn Song ● Basic Integer Overflows, blexim ​ ● Exploiting Format String Vulnerabilities, scut ​ Modern Memory Attacks ● The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86), Hovav Shacham ​ ● A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities, ​ David Wagner, Jeffrey S. Foster, Eric A. Brewer, Alexander Aiken ● EXE: Automatically Generating Inputs of Death, Cristian Cadar, Vijay Ganesh, Peter M. ​ Pawlowski, David L. Dill, Dawson R. Engler ● On the Effectiveness of Address-Space Randomization, Hovav Shacham, Matthew Page, ​ Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, Dan Boneh ● Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns, Jonathan Pincus, ​ Brandon Baker ● AEG: Automatic Exploit Generation, Thanassis Avgerinos, Sang Kil Cha, Brent Lim Tze ​ Hao, David Brumley ● Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors, Periklis Akritidis, Manuel Costa, Miguel Castro, Steven Hand ​ ● English Shellcode, Joshua Mason, Sam Small, Fabian Monrose, Greg MacManus ​ ● Low-Level Software Security by Example, Ulfar Erlingsson, Yves Younan, Frank Piessens ​ Modern Memory Defenses ● Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software, James Newsome, Dawn Song ​ ● Control-Flow Integrity: Principles, Implementations, and Applications, Martin ​ Abadi, Mihai Budiu, Ulfar Erlingsson, Jay Ligatti ● SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes, Arvind Seshadri, Mark Luk, Ning Qu, Adrian Perrig ​ ● Nozzle: A Defense Against Heap-spraying Code Injection Attacks, Paruj Ratanaworabhan, ​ Benjamin Livshits, Benjamin Zorn ● Symbolic Execution for Software Testing: Three Decades Later, Cristian Cadar, Koushik ​ Sen ● Control Flow Integrity for COTS Binaries, Mingwei Zhang, R. Sekar ​ ● How to Make ASLR Win the Clone Wars: Runtime Re-Randomization, Kangjie Lu, Stefan ​ Nürnberger, Michael Backes, Wenke Lee Classic Web Security ● Robust

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    12 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us