CS 395/495 Introduction to Computer
Security
Instructor
Yan Chen, Assistant Professor
Room 330, 1890 Maple Ave.,
491-4946. ychen@cs.northwestern.edu
Office Hours: Wed 3:30-5:30 pm or by appointment, Rm 330, 1890 Maple Ave.
Teaching Assistant
Zhichun Li
zli109@cs.northwestern.edu
Office Hours: Mon. 3:30-4:30pm, Fri. 10:30-11:30, Rm 321, Maple Ave.
Location and Time
·
Lectures: Monday and Wednesday 2-3:20pm, Room
381, 1890 Maple.
Course Description
The
past decade has seen an explosion in the concern for the security of
information. This course introduces students to the basic principles and
practices of computer and information security.
Focus will be on the software, operating system and network security
techniques with detailed analysis of real-world examples. Topics include
cryptography, authentication, software and operating system security (e.g.,
buffer overflow), Internet vulnerability (DoS attacks, viruses/worms, etc.),
intrusion detection systems, firewalls, VPN, Web and wireless security.
Supported
by a Murphy Society Grant and a prestigious Microsoft Trustworthy Computing
Grant, students with good performance in the class will be awarded researchship
in the academic year and/or the summer.
This course can help satisfy the project course requirement for
undergraduates and satisfy the breadth requirement in computer systems for
system Ph.D. students. This course will become a standard CS course: CS 350.
Course Prerequisites
- Required: CS 343 or any
equivalent operating systems introductory courses or instructor approval
- Highly recommended: CS 340 or
equivalent networking introductory course
Course Materials
- Required books:
- Recommended books and
references
- Writing Secure Code, Michael Howard and David
LeBlanc, Microsoft Press, 2002.
- Security in Computing,
Charles Pfleeger, Shari Lawrence
Pfleeger, 3rd Edition, Prentice Hall, 2002.
- Firewalls and Internet Security:
Repelling the Wily Hacker, 2nd edition, by William R. Cheswick,
Steven M. Bellovin, and Aviel D. Rubin, Addison Wesley, 2003
- Lecture Notes on
Cryptography, by S. Goldwasser and M. Bellare, available online at http://www-cse.ucsd.edu/users/mihir/papers/gb.html
- Also, lecture slides
and reference documents will be available online.
Grading
- Participation 10%
- Homework 10%
- Projects 40%
- Mid-term Exam 20%
- Final Exam 20%
Course Goal
1. Understand
the fundamental principles and underlying technologies of information security
and assurance;
2. Illustrate
the security principles with the state-of-the-art security technologies and
products through case studies.
Course Objective
- Understand the basic principles
for information and communication security, and be able to apply these
principles to evaluate and criticize information system security
properties
- Be able to use some important
and popular security tools, like encryption, digital signatures, firewalls,
intrusion detection systems (IDS)
- Be able to identify the
vulnerability of the Internet systems and recognize the mechanisms of the
attacks, and apply them to design and evaluate counter-measure tools
Course Topics (tentative)
- Motivation
and overview of computer security
- Security
definition, policy, mechanisms, services and models
- Introduction
to cryptography, symmetric/asymmetric encryption
- Secret
key case study: DES/AES algorithms
- Public
key case study: RSA
- One-way
hash function and message digests: MD5, SHA2
- Software
security
- Buffer
overflow, heap overflow and string format bugs
- Detection
techniques: static program analysis vs. run-time detection
- Operating
system security techniques
- Dealing
with bad (legacy) codes: sandboxing
- Multi-level
security, file system security
- Authentication,
access control, public key infrastructure (PKI, briefly)
- Case
study: Kerberos
- Internet
vulnerability
- Denial-of-service
attacks
- viruses,
worms, Trojan horses
- Securing
the Internet
- Intrusion
detection systems (IDSs): host- vs. network- based, signature vs.
statistical detection
- Case
study: Snort and Bro
- Firewalls,
VPN and IPsec
- Web
and wireless network security
- Case
study: SSL/TLS
Projects
1)
Using cryptographic software (like PGP) for secure
data transfer and authentication
2)
Exploit of buffer overflow bugs and format string
bugs which count for most notorious viruses/worms;
3)
Using and configuring a signature-based intrusion
detection system (like snort), and implementing a tiny statistics-based IDS
system to detect denial-of-service attacks and port scans with real router
traffic (code templates and algorithms will be provided).
Communication
- Course web site:
http://www.cs.northwestern.edu/~ychen/classes/cs395/. Check it out regularly
for schedule changes, clarifications and corrections to assignments, and
other course-related announcements.
- Email list and newsgroup
(cs.compsec) will be available for announcement, and posting questions and
answers.
Policies
- Late policy:
Unless otherwise indicated, homeworks and projects are due 11:59pm on
their due date. If you hand in an assignment late, we will take off 10%
for each day (or portion thereof) it is late.
- Cheating:
It's OK to ask someone about the concepts, algorithms, or approaches
needed to do the project assignments, I encourage you to do so; both
giving and taking advice will help you to learn. However, what you turn in
must be your own, or for projects, your group's own work; copying other
people's code, solution sets, or from any other sources is strictly
prohibited. We will punish transgressors severely.