Date |
Lectures Topics |
Notes |
|
Assignment |
||
Mon 1/3 |
Class
overview, motivation and overview of
computer security |
[ppt] |
Stallings, Chapter 1 |
Project 1 out. |
||
Wed 1/5 |
Cryptography: symmetric encryption (DES/AES algorithms) |
[ppt] |
Stallings, Chapter 2.1-2.3,
3.2-3.3 KPS, Chapter 3.1-3.3 |
|
||
Mon 1/10 |
Cryptography: asymmetric
encryption (RSA) |
[ppt] |
KPS, Chapter 6.1-6.3 Stallings, Chapter 9 |
Homework 1 out. |
||
Wed 1/12 |
Cryptography: one-way
hashing and message digests (MD5, SHA-1) |
[ppt] |
KPS, Chapter 5.1-5.2, 5.5-5.6 Stallings 11.4-11.5,
12.1-12.2 |
Project 1 in |
||
Mon 1/17 |
User Authentication |
[ppt] |
KPS, Chapter 9.6-9.7,
10.1-10.3, 10.8, 10.10, Stallings |
|
||
Wed 1/19 |
Guest lecture by Tamara Teslovich distributed system
authentication |
[ppt] |
Stallings |
Homework 1 in. Project 2 out. |
||
Mon 1/24 |
Internet vulnerability: malcode
overview, viruses, worms |
[ppt] |
Stallings A Taxonomy
of Computer Worms, N. Weaver, V. Paxson, S. Staniford, and R.
Cunningham, the First ACM Workshop on Rapid Malcode (WORM), 2003. |
|
||
Wed 1/26 |
Internet vulnerability:
denial of service (DoS) Securing the Internet:
intrusion detection systems |
[ppt] |
KPS 23.6 1.
Detecting SYN
Flooding Attacks, H. Wang, D. Zhang, and K. G. Shin, in Proc.
of IEEE INFOCOM, 2002 2. Change-Point Monitoring for Detection of DoS Attacks, H. Wang, D. Zhang, and K. G. Shin, in IEEE Transactions on Dependable and Secure Computing, Vol. 1, No. 4, December 2004. |
Homework 2 out. |
||
Mon 1/31 |
Securing the Internet:
intrusion detection systems (cont’d), Snort IDS. |
[ppt] |
Stallings http://www.snort.org/docs/ |
|
||
Wed 2/2 |
Review for Midterm |
|
|
Homework 2 in. |
||
Mon 2/7 |
Midterm |
|||||
Wed 2/9 |
Midterm grading review /
Project 2 discussion |
|
|
|||
Mon 2/14 |
Securing the Internet:
firewalls, VPN |
[ppt] |
1. Handout from 2. Stallings 20.1 |
|
||
Wed 2/16 |
Software security:
principles Case study: sendmail vs.
qmail |
[ppt] |
Qmail
handbook, Ch. 1, Introduction
to Qmail |
Project 2 in. Project 3 out. |
||
Mon 2/21 |
Software security:
buffer/heap overflow |
[ppt] |
Smashing The Stack For Fun
And Profit, Aleph One. |
|
||
Wed 2/23 |
Compiler prime on run-time
program environment. Defense for buffer
overflow |
Buffer
Overflows: Attacks and Defenses for the Vulnerability of the Decade,
Crispin Cowan, et al. |
|
|||
Mon 2/ 28 |
OS security: overview,
access control, setuid, etc. |
[ppt] |
Handout: 1. Advanced
Programming in the Unix Environment, Richard. Stevens, Addison-Wesley,
1992. Ch 8.10 Changing User IDs and
Group IDs 2.
Security in Computing,
Charles Pfleeger, Shari |
Homework 3 out |
||
Wed 3/2 |
IP Security |
[ppt] |
KPS Stallings |
|
||
Mon 3/7 |
Wireless and cellular
network security |
[ppt] |
|
|
||
Wed 3/9 |
Review for final |
|
|
Homework 3 in. Project 3 in. |
||
Notes: