CS 5950/6030: Network Security - Fall 2005
Department of Computer Science
Instructor: Dr. Leszek (LEH-shek) Lilien
CEAS
B-249, phone: 276-3116
Email: llilien@cs.wmich.edu – please use for urgent matters only
Notes:
1) Only e-mail coming from a WMU account (ending with
“wmich.edu” will be read).
2) Files submitted as attachments will not be read unless
they are scanned with up-to-date anti-viral software, and the message including
them contains the following statement:
I have
scanned the enclosed file(s) with <name of software, its version>, which
was last updated on <date>.
Office
Hours: MW 4:30 PM -5:30 PM F 1:30 PM – 2:30 PM
Classes: CEAS C0141, M W F 3:00 PM – 3:50 PM
Class
Web Pages:
Announcements
(last updated on Oct. 21)
Class Slides :
All class slides and notes authored by
Leszek T. Lilien (not indicated as authored by others) are
© 2005-2006 by Leszek T. Lilien.
Requests to use original slides for non-profit purposes will be
gladly granted upon a written request (email requests included).
1) 8/31/05,
W – Syllabus
Section 1. Introduction
to Security: Examples-Security in
Practice; What is “Security”?; Pillars of Security: C-I-A…
2) 9/2/05,
F …cont-Pillars of Security: C-I-A; Vulnerabilities, Threats, and Controls…
3) 9/7/05,
W …cont-Vulnerabilities, Threats, and Controls; Attackers; How to React to
an Exploit?; Methods of Defense…
4) 9/9/05,
F – …cont-Methods of Defense; Principles of Computer Security
Section 2.
Introduction to Cryptology: Threats
to Messages; Basic Terminology and Notation; Requirements for Crypto Protocols;
5) 9/12/05,
M Basic Terminology and Notation; Representing Characters; Basic Types of
Ciphers (Substitution ciphers: Caesar, other)…
6) 9/14/05,
W …cont-Basic Types of Ciphers (cont-Substitution ciphers: other, one-time
pads; Transposition ciphers; Product ciphers); Making Good Ciphers (Criteria)…
7) 9/16/05, F …cont-Making Good Ciphers (Stream and block
ciphers, Cryptanalysis, Symmetric and asymmetric cryptosystems)…
8) 9/19/05,
M …cont-Making Good Ciphers (cont-Symmetric and asymmetric cryptosystems);
The DES Algorithm; The Clipper Story; The AES Algorithm…
9) 9/21/05, W …
cont-The AES Algorithm; Public Key Encryption (incl. RSA); The Uses of
Encryption (Crypto hash functions)…
10) 9/23/05, F …cont- The Uses of Encryption (cont-Crypto
hash functions, Key exchange, Digital signatures, Certificates)…
11) 9/26/05, M …cont- The Uses of Encryption (cont-Certificates)…
12) 9/28/05, W
…cont- The Uses of Encryption
(cont-Certificates)
Section 3. Program Security: Secure
Programs – Defining and Testing; Nonmalicious Program Errors (Buffer
overflows)…
13) 9/30/05, F …cont-Nonmalicious Program Errors
(cont-Buffer overflows, Incomplete mediation, Time-to-check to time-to-use
errors, Combinations of nonmalicious program flaws); Malicious Code (General
purpose malicious code incl. viruses [intro, kinds of malicious code, how
viruses work])…
14) 10/3/05, M …cont-Malicious Code (cont-General purpose
malicious code incl. viruses [cont-how viruses work, virus signatures,
preventing virus infections, seven truths about viruses, case studies, virus
removal and system recovery after infection], Targeted malicious code
[trapdoors]) …
15) 10/5/05, W …cont-Malicious Code (cont-Targeted malicious
code [salami attack, covert channels])
16) 10/7/05, F Controls for Security (Introduction,
Developmental controls for security)
17) 10/10/05, M – Project Information 1
(PDF) --
18) 10/12/05, W cont-Controls for Security (cont-Developmental
controls for security, OS controls for security, Administrative controls for
security, Conclusions)
Section 4.
Protection in General-Purpose
19)
10/14/05, F …cont-f. Granularity of data
protection /// 4.2. Memory and Address Protection – a. Fence; b. Relocation; c.
Base/Bounds Registers; d. Tagged Architecture; e.Segmentation; f. Paging; g.
Combined Paging with Segmentation
– Project
Information 2 (PDF) –
20)
10/17/05, M /// 4.3. Control of Access to General
Objects – a. Introduction to access control for general objects; b.
Directory-like mechanism for access control; c. Access control lists; d. Access
control matrices; e. Capabilities for access control; e. Procedure-oriented
access control /// 4.4. File Protection Mechanisms – a. Basic forms of
protection; b. Single file permissions; c. Per-object and per-user protection
21)
10/19/05, W /// 4.5. User Authentication – a.
Introduction; b. Use of passwords; c. Attacks on passwords (Try all
possible, Try many probable, Try likely passwords, Search system
list of pwds—PART 1; …
*** NOTE: Midterm scheduled for F, 10/28 ***
22)
10/21/05, F cont.-…, Search system list of pwds—PART
2, Find pwds by exploiting indiscreet
users); d. Passwords selection criteria; e. One-time passwords
(challenge-response systems); f. The authentication process; g. Authentication
other than passwords; h. Conclusions
–
Midterm Topics (PDF) –
23)
10/24/05, M [SKIPPING FOR NOW: 5. Designing Trusted
Section 7.
Security in Networks: 7.1. Network
Concepts – a. Introduction; b. The network; c. Media; d. Protocols—PART 1 (ISO
OSI)
*** NOTE: Section 4.5 (User Authentication) will not be
covered by the Midterm ***
24)
10/26/05, W cont.-d.
Protocols—PART 2 (TCP/IP, UDP, network addressing schemes for LAN and WAN); e.
Types of networks; f. Topologies; g. Distributed systems; h. APIs; i.
Advantages of computing networks
25)
10/28/05, F —
Midterm: Midterm v1. Master (PDF); Midterm
v.2 Master (PDF)
26)
10/31/05, M ///
7.2. Threats in Networks – a. Introduction; b. Network vulnerabilities; c. Who
attacks networks?; d. Threat precursors; e. Threats in transit: eavesdropping
and wiretapping;
27)
11/2/05, W f.
Protocol flaws; g. Types of attacks (Impersonation; Spoofing; Message
confidentiality threats; Message integrity threats; Web site attacks; …
28)
11/4/05, F cont.- Denial of service; Distributed denial
of service; Threats to active or mobile code—PART 1; ...
29)
11/7/05, M cont.-Threats to active or mobile code—PART
2; Scripted and complex attacks); h. Summary of network vulnerabilities
/// 7.3. Networks Security Controls – a. Introduction; b. Security threat
analysis; c. Impact of network architecture/design and implementation on
security—PART 1; ...
30)
11/9/05, W cont.- c. Impact of network
architecture/design and implementation on security—PART 2; d. Encryption (Link
encryption vs. end-to-end {e2e} encryption; Virtual private network {VPN}; PKI
and certificates—PART 1, ...
31)
11/11/05, F cont.- PKI and certificates—PART 2; SSH
protocol; SSL protocol {a.k.a. TLS protocol}; IPsec protocol suite—PART 1; ...
32)
11/14/05, M cont.- IPsec protocol suite—PART 2; Signed
code; Encrypted e-mail); e. Message content integrity controls; f. Strong
authentication (One-time passwords; Challenge-response systems; Digital
distributed authentication; Kerberos)
–
Project Information 3: Presentation
and Report Guidelines (PDF) –
33)
11/16/05, W cont.- g. Access controls (ACLs on routers;
Firewalls); h. Intrusion Detection Systems: alarms and alerts; i. Honeypots; j.
Traffic flow security; k. Review of network security controls
*** REQUEST *** I am
looking for a Project group (preferably,
one of the groups with presentations
scheduled for W, 11/30/05, i.e., P2, P3, P4, P6, and P7) that would volunteer to present their
project on M, 11/28/05. (This would give us a bit of a slack time
in a very tight schedule on 11/30.)
–
ADDENDUM TO Project Information
3: Presentation and Report Guidelines
–
34)
11/18/05, F ///
7.4. Network Security Tools –– 7.4.1. Firewalls – a. Introduction; b. What is a
firewall; c. Firewall design; d. Types of firewalls (Packet filters {simple packet
filters, stateful packet filters}; Application proxies {incl. guides}; Personal firewalls); e. Comparison of firewall types;
f. Example firewall configurations; g. What firewalls can—and can’t—block)
Spring
2006 — CS 5950/6030: Computer Security and
Information Assurance
If your friends are interested in taking a
course on Computer Security, please
direct them to the web page for CS
5950/6030—Computer Security and
Information Assurance course that I will teach in Spring 2006.
The link is: http://www.cs.wmich.edu/~llilien/teaching/spring2006/cs5950-6030/index.html.
Please note the course will be so similar to this course that nobody who took this course is allowed to
register for my Spring 2006 course.
I hope to teach a graduate-level course on
selected Computer Security and Privacy
topics in Fall 2006.
35)
11/21/05, F ––
7.4.2. Intrusion Detection Systems – a. Introduction; b. Types of IDSs (Signature-based
IDSs; Anomaly-based IDSs; Other IDSs); c. Goals for IDSs; d. IDS strengths and
limitations –– 7.4.3. Secure E-Mail – a. Introduction; b. Security for e-mail;
c. Design of PEM (Privacy-enhanced Electronic Mail); e. Example secure e-mail systems
(PGP; S/MIME)
36)
11/28/05, M ––
Section 8.
Legal, Privacy, and Ethical Issues in Computer Security: 8.1. Basic Legal Issues – a. Protecting Programs and Data; b. Information
and the Law; c. Ownership Rights of Employees and Employers; d. Software
Failures /// 8.2. Computer Crime /// 8.3. Privacy
/// 8.4. Ethics – a. Introduction to Ethics; b. Case Studies of Ethics; c.
Codes of Professional Ethics
In-class
project presentation.
37)
11/30/05, W ––
In-class
project presentations.
38)
12/2/05, F ––
In-class
project presentations.