CS 395/495 Introduction to Computer Security

Instructor

Yan Chen, Assistant Professor
Room 330, 1890 Maple Ave., 491-4946. ychen@cs.northwestern.edu
Office Hours: Wed 3:30-5:30 pm or by appointment, Rm 330, 1890 Maple Ave.

Teaching Assistant

Zhichun Li

zli109@cs.northwestern.edu
Office Hours: Mon. 3:30-4:30pm, Fri. 10:30-11:30, Rm 321, Maple Ave.

Location and Time

         Lectures: Monday and Wednesday 2-3:20pm, Room 381, 1890 Maple.

Course Description

The past decade has seen an explosion in the concern for the security of information. This course introduces students to the basic principles and practices of computer and information security. Focus will be on the software, operating system and network security techniques with detailed analysis of real-world examples. Topics include cryptography, authentication, software and operating system security (e.g., buffer overflow), Internet vulnerability (DoS attacks, viruses/worms, etc.), intrusion detection systems, firewalls, VPN, Web and wireless security.

 

Supported by a Murphy Society Grant and a prestigious Microsoft Trustworthy Computing Grant, students with good performance in the class will be awarded researchship in the academic year and/or the summer. This course can help satisfy the project course requirement for undergraduates and satisfy the breadth requirement in computer systems for system Ph.D. students. This course will become a standard CS course: CS 350.

Course Prerequisites

  • Required: CS 343 or any equivalent operating systems introductory courses or instructor approval
  • Highly recommended: CS 340 or equivalent networking introductory course

Course Materials

Grading

  • Participation 10%
  • Homework 10%
  • Projects 40%
  • Mid-term Exam 20%
  • Final Exam 20%

Course Goal

1.      Understand the fundamental principles and underlying technologies of information security and assurance;

2.      Illustrate the security principles with the state-of-the-art security technologies and products through case studies.

Course Objective

  • Understand the basic principles for information and communication security, and be able to apply these principles to evaluate and criticize information system security properties
  • Be able to use some important and popular security tools, like encryption, digital signatures, firewalls, intrusion detection systems (IDS)
  • Be able to identify the vulnerability of the Internet systems and recognize the mechanisms of the attacks, and apply them to design and evaluate counter-measure tools

Course Topics (tentative)

  1. Motivation and overview of computer security
    1. Security definition, policy, mechanisms, services and models
  2. Introduction to cryptography, symmetric/asymmetric encryption
    1. Secret key case study: DES/AES algorithms
    2. Public key case study: RSA
    3. One-way hash function and message digests: MD5, SHA2
  3. Software security
    1. Buffer overflow, heap overflow and string format bugs
    2. Detection techniques: static program analysis vs. run-time detection
  4. Operating system security techniques
    1. Dealing with bad (legacy) codes: sandboxing
    2. Multi-level security, file system security
  5. Authentication, access control, public key infrastructure (PKI, briefly)
    1. Case study: Kerberos
  6. Internet vulnerability
    1. Denial-of-service attacks
    2. viruses, worms, Trojan horses
  7. Securing the Internet
    1. Intrusion detection systems (IDSs): host- vs. network- based, signature vs. statistical detection
    2. Case study: Snort and Bro
    3. Firewalls, VPN and IPsec
  8. Web and wireless network security
    1. Case study: SSL/TLS

Projects

1)      Using cryptographic software (like PGP) for secure data transfer and authentication

2)      Exploit of buffer overflow bugs and format string bugs which count for most notorious viruses/worms;

3)      Using and configuring a signature-based intrusion detection system (like snort), and implementing a tiny statistics-based IDS system to detect denial-of-service attacks and port scans with real router traffic (code templates and algorithms will be provided).

Communication

  • Course web site: http://www.cs.northwestern.edu/~ychen/classes/cs395/. Check it out regularly for schedule changes, clarifications and corrections to assignments, and other course-related announcements.
  • Email list and newsgroup (cs.compsec) will be available for announcement, and posting questions and answers.

Policies

  • Late policy:
    Unless otherwise indicated, homeworks and projects are due 11:59pm on their due date. If you hand in an assignment late, we will take off 10% for each day (or portion thereof) it is late.
  • Cheating:
    It's OK to ask someone about the concepts, algorithms, or approaches needed to do the project assignments, I encourage you to do so; both giving and taking advice will help you to learn. However, what you turn in must be your own, or for projects, your group's own work; copying other people's code, solution sets, or from any other sources is strictly prohibited. We will punish transgressors severely.