ECE1776: Computer Security, Cryptography and Privacy

Announcements

·         Answers to assignment 2 have been posted.

·         You will have an opportunity to give a short presentation (10 minutes) of the results of your project in the last class.  Again, you are encouraged to have slides and if applicable a short demo.

General Information

Instructor: David Lie, SF2001C

Course E-mail: lie@eecg.toronto.edu

Grading: Presentation 20%, Assignments 20%, Class Participation 10%, Final Project 50%

Time: Wednesday, 10:00 AM - 12:00 PM 

Location: BA 2175

Newsgroup: ut.ecf.ece1776

Page Layout:

·         Introduction

·         Prerequisites

·         Assignments (Assignment 1) (Assignment 2)

·         Resources

·         Lesson Plan

·         Presentation Schedule

Introduction

This course covers the practical aspects of modern computer security.  We will examine the techniques by which systems are compromised, and in turn learn to build systems that are more secure against attacks.  The course will cover topics in Application Level Security, including stack smashing and format string attacks,  methods of securing code and web browser security.  It will also include an introduction into cryptographic techniques including common ciphers and mechanisms.  Finally Hardware, System and Network security will be discussed.

Prerequisites

This course is intended primarily for graduate students and those interested in pursuing research in computer system security.  4th-year undergraduates may take the course at the discretion of the instructor.  Knowledge of material covered in an operating systems course such as ECE344 or equivalent is required, as well as a comfortable level of C.

Assignments

There will be a programming assignment in which students will find programming flaws and design exploits.  Students will learn how to identify vulnerabilities and write code to exploit them.  To do this assignment, students should have access to a Linux system and about 800 megabytes of storage for data.  There will also be a written assignment that will test some theoretical aspects of security introduced in the course.

Assignment 1

This assignment will be done Individually.  To do this assignment you need access to a Linux system running on an Intel processor.  If you do not have access to such a system please send the instructor e-mail.  This assignment will be made available on September 28th and due on October 12th.  One thing you will discover is that attacks are actually very environment dependent, so you we have created a ECE1776-uml environment where you will develop and test your exploits.

README : (also included in the source code).

a1.tar.gz : Source code for the targets.

ece1776-uml.tar.gz : Environment for the attacks.

ece1776.image / ece1776.image.tar.gz : Filesystems, you only need these if you don't have access to the EECG systems. (800MB / 160MB)

Assignment 2

This will be a written assignment will be done individually.  It will be made available November 2nd and due on November 16^th, please submit a hardcopy in class that day.  The assignment is available here.  Answers are posted here.

Presentations

Every week before the lecture students will present the readings assigned for the week.  The presentations should last 10-15 minutes and focus on the following:

·         2-3 minute explanation of the problem the paper is trying to address

·         1-2 minute overview of the solution presented in the paper

·         3-4 minute detailed explanation of the solution

·         2-3 minute explanation of the evaluation methods used and results

·         2-3 minute conclusion on what you LEARNED from reading the paper, and what the important results of the paper are.

This will be followed by a brief discussion by the class on the paper.  The presenters are encouraged to use visual aids, and may discuss the papers one after another or together as they see fit.

Project 

A final project will be announced.  Students also have the option of formulating their own projects with the approval of the instructor.  You should work on the project in groups of 2-3.  Please submit a 1-2 page description by October 12th of:

·         Your project group: names, e-mails

·         Background of the project: motivation, current state of the art

·         Project description: the goal of the project, the problem it is trying to solve

Your final deliverables will be dependent on the actual project, but in general they should include:

·         Description of your project:  This document should stand on it's own, so include motivation, description of the problem, description of the solution as well as evaluation and contributions if pertinent.

·         A tentative plan, who will do what, what tasks will be performed.

·         All source code for the project

Project Suggestions

Here are some suggested projects, with some background information.  You may of course propose your own project.  For the most part, the idea is to give you a taste of research in this area, so you would be expected to try some idea that you think might improve or extend existing systems.  The due date for all projects will be the last day of class (December 2nd).

1.      Exploring tools to detect program vulnerabilities
Various tools exist that will attempt to detect vulnerabilities in programs.  We cover two approaches in Lecture 4's readings.  Two other projects I am aware of are Boon and Mops, both from Berkeley.

2.      System Analysis
Take a popular tool (such as Google Toolbar or Microsoft Desktop Search) and analyze it for vulnerabilities.  How much private information  is leaked by using such a tool?  How does this compare to running something like Kazaa?  What about spyware from sites?  Google claims a fairly benign privacy policy, just how benign is it?

3.      Firefox Vulnerability Search
Microsoft's Honey Monkey project has successfully identified many sites that exploit Internet Explorer vulnerabilities, as well as been able to discover a zero-day vulnerability.  Try the same experiment with the open source browser Firefox.

4.      Intrusion detection
Various techniques exist for Intrusion detection.  Some open source ones are Snort, Bro, Tripwire and Systrace.  Some more experimental ones are documented here, here and here.  

5.      Intrusion prevention
There are a myriad of techniques on this, ranging from Stackgaurd and Libsafe, discussed in Lectures 3&4, to more complete systems such as PaX/grsecurity, OpenWall and Program Shepherding to name a few.  A quick search on Google will turn up more companies than can fill a web page (Incidentally the last one has been turned into a company called Determina).

Project Proposals Received:

Group1: Hilton Lee & Alex Wun: Privacy in Pub/Sub Networks

Group2: Mohammed Ajmal & Aly Merchant: Improving Taintcheck Performance

Group 3: Jesse Pool & Ian Sin: WebMonkeys

Group 4: Eugene Vahlis & Li Yan: Using and Improving MOPS

Group 5: Utku Aydonat & Burcea Mihai: An Investigation of the Characteristics of Spyware Programs

Resources

The course will use the following textbook is recommended as a reference:

·         Security in Computing by Pfleeger and Pfleeger

The following textbooks are also recommended as reference:

·         Applied Cryptography, 2nd. ed by Bruce Schneier

·         Handbook of Applied Cryptography by Menezes et al.

Some useful websites:

·         Intro to Computer Security by Amit Singh

·         Phrack Good reading for hackers, by hackers

·         TESO Security Group 

·         Insecure.Org - Nmap Free Security Scanner, Tools & Hacking resources be sure to check out Bugtraq

·         CERT advisories mainly for sysadmins

·         Stanford CS155: Spring 03 From which this course derives a lot of material

·         Ron Rivest's security links

·         BSY's Security Related Net-Pointers.

·         Some Hacking Resources

·         Official AES Specification

Lesson Plan

Presentation Schedule