EECS 350 Introduction to Computer Security

Instructor

Yan Chen, Assistant Professor
L459, Tech Institute, 491-4946. ychen AT northwestern.edu
Office Hours: 5 - 6pm Tuesday or by appointment, L459, Tech Institute.

Teaching Assistant

Yao Zhao

yzhao@cs.northwestern.edu
Office Hours: 4-6pm Wednesday, Rm 2-207, Ford Center.

Location and Time

·        Lectures: Tuesday and Thursday 3:30 - 4:50pm, L158, Tech Inst.

Course Description

The past decade has seen an explosion in the concern for the security of information. This course introduces students to the basic principles and practices of computer and information security.  Focus will be on the software, operating system and network security techniques with detailed analysis of real-world examples. Topics include cryptography, authentication, software and operating system security (e.g., buffer overflow), Internet vulnerability (DoS attacks, viruses/worms, etc.), intrusion detection systems, firewalls, VPN, Web and wireless security.  This course can help satisfy the project course requirement for undergraduates and satisfy the breadth requirement in computer systems for system Ph.D. students.

Course Prerequisites

• Required: EECS 213 or (ECE 205 and 231) or any equivalent operating systems introductory courses or instructor approval
• Highly recommended: EECS 340 or equivalent networking introductory course

Course Materials

• Required books:
• Network Security - Private Communication in a Public World, by Charlie Kaufman, Radia Perlman and Mike Speciner, 2nd Edition, Prentice Hall, 2002
• Cryptography and Network Security, by William Stallings, 4^th Edition, Prentice Hall, 2006
• Recommended books and references
• Writing Secure Code, Michael Howard and David LeBlanc, Microsoft Press, 2002.
• Security in Computing, Charles Pfleeger, Shari Lawrence Pfleeger, 3rd Edition, Prentice Hall, 2002.
• Firewalls and Internet Security: Repelling the Wily Hacker, 2^nd edition, by William R. Cheswick, Steven M. Bellovin, and Aviel D. Rubin, Addison Wesley, 2003
• Lecture Notes on Cryptography, by S. Goldwasser and M. Bellare, available online at http://www-cse.ucsd.edu/users/mihir/papers/gb.html
• Also, lecture slides and reference documents will be available online.

Grading

• Participation 10%
• Homework 10%
• Projects 40%
• Mid-term Exam 20%
• Final Exam 20%

Course Goal

1.      Understand the fundamental principles and underlying technologies of information security and assurance;

2.      Illustrate the security principles with the state-of-the-art security technologies and products through case studies.

Course Objective

• Understand the basic principles for information and communication security, and be able to apply these principles to evaluate and criticize information system security properties
• Be able to use some important and popular security tools, like encryption, digital signatures, firewalls, intrusion detection systems (IDS)
• Be able to identify the vulnerability of the Internet systems and recognize the mechanisms of the attacks, and apply them to design and evaluate counter-measure tools

Course Topics (tentative)

1. Motivation and overview of computer security
1. Security definition, policy, mechanisms, services and models
2. Introduction to cryptography, symmetric/asymmetric encryption
1. Secret key case study: DES/AES algorithms
2. Public key case study: RSA
3. One-way hash function and message digests: MD5, SHA2
3. Software security
1. Buffer overflow, heap overflow and string format bugs
2. Detection techniques: static program analysis vs. run-time detection
4. Operating system security techniques
1. Dealing with bad (legacy) codes: sandboxing
2. Multi-level security, file system security
5. Authentication, access control, public key infrastructure (PKI, briefly)
1. Case study: Kerberos
6. Internet vulnerability
1. Denial-of-service attacks
2. viruses, worms, Trojan horses
7. Securing the Internet
1. Intrusion detection systems (IDSs): host- vs. network- based, signature vs. statistical detection
2. Case study: Snort and Bro
3. Firewalls, VPN and IPsec
8. Web and wireless network security
1. Case study: SSL/TLS

Projects

1)      Using cryptographic software (like PGP) for secure data transfer and authentication

2)      Using and configuring a signature-based intrusion detection system (like snort), and implementing a tiny statistics-based IDS system to detect denial-of-service attacks and port scans with real router traffic (code templates and algorithms will be provided);

3)      Exploit of buffer overflow bugs and format string bugs which count for most notorious viruses/worms.

Communication

• Course web site: http://www.cs.northwestern.edu/~ychen/classes/cs350-w07/. Check it out regularly for schedule changes, clarifications and corrections to assignments, and other course-related announcements.
• Email list and newsgroup (cs.compsec) is available for announcement, and posting questions and answers.

Policies

• Late policy:
  Unless otherwise indicated, homeworks and projects are due 11:59pm on their due date. If you hand in an assignment late, we will take off 10% for each day (or portion thereof) it is late.
• Cheating:
  It's OK to ask someone about the concepts, algorithms, or approaches needed to do the project assignments, I encourage you to do so; both giving and taking advice will help you to learn. However, what you turn in must be your own, or for projects, your group's own work; copying other people's code, solution sets, or from any other sources is strictly prohibited. We will punish transgressors severely.