ECS 235A. Computer Security. Fall 2012

ECS 235A. Computer Security

Fall 2012	CRN: 20910
Lectures:	Monday, Wednesday, and Friday, 1000-1050, 1070 Bainer.
Office hours:	Wednesday 1400-1600, 2211 Watershed.
Instructor:	Hao Chen <`hchen`AT`cs.ucdavis.edu`>
Communications:	SmartSite (for discussions)

Fall 2012

CRN: 20910

Lectures:

Monday, Wednesday, and Friday, 1000-1050, 1070 Bainer.

Office hours:

Wednesday 1400-1600, 2211 Watershed.

Instructor:

Hao Chen <hchenATcs.ucdavis.edu>

Communications:

SmartSite (for discussions)

Description

This class introduces modern topics in computer systems security, and prepares students to do research on these topics. It plans to cover the following topics:

Principles of security.

Access control: ACL, capabilities, mandatory and discretionary access control.

OS security: OS protection mechanisms, virtual machines, sandboxing.

Software security: software vulnerabilities, static and runtime analysis, Java security.

Network security: firewalls, network intrusion detection

Cryptography protocol design.

Malware: Internet worms, botnets, analysis.

Applications: e-voting, usable security.

Requirements and Grading

Reviews: Write a brief review of each paper that we will discuss in each class. List the paper's most significant contributions and weaknesses, and suggest how the paper could be improved. Your review is due by 2100 on the day before the lecture. Here are instructions on how to submit your reviews.

Project: You will do a team project.

Scribe: You will scribe for one class. Send me your scribe in text, LaTeX, or Microsoft Word format within two days of the class.

Exam: None.

Grading: project: 60%; scribe, paper reviews, and class participation: 40%

Lectures

Note: reading is subject to change.

Schedule
Week	Date	Topic	Reading	Notes
1	September 28	Introduction
2	October 01	Principles	Basic principles of information protection. Saltzer and Schroeder. (Only read Section A: Considerations Surrounding the Study of Protection)	Brandon Hee
October 03	Ross Gegan
October 05	Software vulnerabilities	Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns. Pincus and Baker. Optional (no review necessary): Smashing The Stack For Fun And Profit. Aleph One.	Bogdan Copos
3	October 08	Static analysis	EXE: Automatically Generating Inputs of Death. Cadar, Ganesh, Pawlowski, Dill, Engler.	Michael Bierma
October 10	Carlos Rojas
October 12	Runtime analysis	Dynamic Taint Analysis: Automatic Detection, Analysis, and Signature Generation of Exploit Attacks on Commodity Software. Newsome and Song.	Stewart He
4	October 15	Application of static analysis	Intrusion Detection via Static Analysis . Wagner, Dean.	Julia Matsieva
October 17	Sandbox	A secure environment for untrusted helper applications:confining the wily hacker. Goldberg, Wagner, Thomas, and Brewer.	Iuri Prilepov
October 19	Sandbox in Mobile OS	Android Permissions Demystified. Felt, Chin, Hanna, Song, and Wagner. Background: Android Security and Permissions.	Teng Wang
5	October 22	Java Security	Extensible security architectures for Java. Wallach, Balfanz, Dean, Felten.	Jiaqi Zhao
October 24	Privilege separation	The Security Architecture of the Chromium Browser, Barth, Jackson, Reis, Google Chrome Team.	Georgia Koutsandria
October 26	Preventing Privilege Escalation. Provos, Friedl, Honeyman.	Dara Hazeghi
6	October 29	Web security	Robust Defenses for Cross-Site Request Forgery. Barth, Jackson, and Mitchell. Background: (No review necessary) Cross-Site Request Forgeries: Exploitation and Prevention. Zeller and Felten.	Arun Raghuramu
October 31	Capabilities	The Confused Deputy. Hardy. Access Control (v0.1), Laurie.	Kristen Kennedy
November 02	Permission Re-Delegation: Attacks and Defenses. Felt, Wang, Moshchuk, Hanna, and Chin.	Thomas Brounstein
7	November 05	Introduction to Cryptography	Background (No review necessary): Symmetric key, Public key, Message authentication	Arthur Arlt
November 07	Alex Kennedy
November 09	Kerboros	Designing an Authentication System: a Dialogue in Four Scenes, Bryant.	Irene Spanou
8	November 12	Veterans Day
November 14	Cryptographical protocols	Prudent engineering practice for cryptographic protocols, Abadi and Needham.
November 16
9	November 19
November 21	Virtual machines	A Virtual Machine Introspection Based Architecture for Intrusion Detection . Garfinkel and Rosenblum. When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. Garfinkel and Rosenblum.
November 23	Thanksgiving
10	November 26	Guest lecture by Professor Karl Levitt	No reading
November 28	No class
November 30	Underground economy	Click Trajectories: End-to-End Analysis of the Spam Value Chain. Optional (but highly recommended): Interview with Stefan Savage: On the Spam Payment Trail.	Timothy Carver, Eric Gustafson, Ke Wang
11	December 03	Project presentation	Timothy Carver; Ross Gegan, Jia Qi Zhao; Brandon Hee; Iuri Prilepov; Arun Raghuramu
December 05	Arthur Arlt, Bogdan Alexandrescu, Ke Wang; Fernando Fuentes, Conghao Jiang, Teng Wang; Dara Hazeghi; Stewart He, Carlos Rojas; Georgia Koutsandria, Irene Spanou
December 07	Michael Bierma; Bogdan Copos, Tom Brounstein, Alex Kennedy; Eric Gustafson, Kristen Kennedy, Thomas Provan; Julia Matsieva

Schedule

Week

Date

Topic

Reading

Notes

September 28

Introduction

October 01

Principles

Basic principles of information protection. Saltzer and Schroeder.
(Only read Section A: Considerations Surrounding the Study of Protection)

Brandon Hee

October 03

Ross Gegan

October 05

Software vulnerabilities

Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns. Pincus and Baker.
Optional (no review necessary): Smashing The Stack For Fun And Profit. Aleph One.

Bogdan Copos

October 08

Static analysis

EXE: Automatically Generating Inputs of Death. Cadar, Ganesh, Pawlowski, Dill, Engler.

Michael Bierma

October 10

Carlos Rojas

October 12

Runtime analysis

Dynamic Taint Analysis: Automatic Detection, Analysis, and Signature Generation of Exploit Attacks on Commodity Software. Newsome and Song.

Stewart He

October 15

Application of static analysis

Intrusion Detection via Static Analysis . Wagner, Dean.

Julia Matsieva

October 17

Sandbox

A secure environment for untrusted helper applications:confining the wily hacker. Goldberg, Wagner, Thomas, and Brewer.

Iuri Prilepov

October 19

Sandbox in Mobile OS

Android Permissions Demystified. Felt, Chin, Hanna, Song, and Wagner.
Background: Android Security and Permissions.

Teng Wang

October 22

Java Security

Extensible security architectures for Java. Wallach, Balfanz, Dean, Felten.

Jiaqi Zhao

October 24

Privilege separation

The Security Architecture of the Chromium Browser, Barth, Jackson, Reis, Google Chrome Team.

Georgia Koutsandria

October 26

Preventing Privilege Escalation. Provos, Friedl, Honeyman.

Dara Hazeghi

October 29

Web security

Robust Defenses for Cross-Site Request Forgery. Barth, Jackson, and Mitchell.
Background: (No review necessary) Cross-Site Request Forgeries: Exploitation and Prevention. Zeller and Felten.

Arun Raghuramu

October 31

Capabilities

The Confused Deputy. Hardy.
Access Control (v0.1), Laurie.

Kristen Kennedy

November 02

Permission Re-Delegation: Attacks and Defenses. Felt, Wang, Moshchuk, Hanna, and Chin.

Thomas Brounstein

November 05

Introduction to Cryptography

Background (No review necessary): Symmetric key, Public key, Message authentication

Arthur Arlt

November 07

Alex Kennedy

November 09

Kerboros

Designing an Authentication System: a Dialogue in Four Scenes, Bryant.

Irene Spanou

November 12

Veterans Day

November 14

Cryptographical protocols

Prudent engineering practice for cryptographic protocols, Abadi and Needham.

November 16

November 19

November 21

Virtual machines

A Virtual Machine Introspection Based Architecture for Intrusion Detection . Garfinkel and Rosenblum.
When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. Garfinkel and Rosenblum.

November 23

Thanksgiving

November 26

Guest lecture by Professor Karl Levitt

No reading

November 28

No class

November 30

Underground economy

Click Trajectories: End-to-End Analysis of the Spam Value Chain.
Optional (but highly recommended): Interview with Stefan Savage: On the Spam Payment Trail.

Timothy Carver, Eric Gustafson, Ke Wang

December 03

Project presentation

Timothy Carver; Ross Gegan, Jia Qi Zhao; Brandon Hee; Iuri Prilepov; Arun Raghuramu

December 05

Arthur Arlt, Bogdan Alexandrescu, Ke Wang; Fernando Fuentes, Conghao Jiang, Teng Wang; Dara Hazeghi; Stewart He, Carlos Rojas; Georgia Koutsandria, Irene Spanou

December 07

Michael Bierma; Bogdan Copos, Tom Brounstein, Alex Kennedy; Eric Gustafson, Kristen Kennedy, Thomas Provan; Julia Matsieva

Warning

From time to time, we may discuss vulnerabilities in widely-deployed computer systems. This is not intended as an invitation to go exploit those vulnerabilities. It is important that we be able to discuss real-world experience candidly; students are expected to behave responsibly.

The campus's policy (and my policy) on this should be clear: you may not break into machines that are not your own; you may not attempt to attack or subvert system security. Breaking into other people's systems is inappropriate, and the existence of a security hole is no excuse.

Feedback

I always welcome any feedback on what I could be doing better. You are also welcome to send me feedback anonymously.

Hao Chen <hchenATcs.ucdavis.edu>
Last modified September 29, 2012.