CS 577 - Cybersecurity Lab

Thursdays - 6:15pm-8:45pm - Babbio 640

SYLLABUS -SEP 8, 2011

Course Overview:

Theoretical foundations in cryptographic algorithms, cryptographic protocols, access control models, formal methods, security policy, etc. provide the necessary background to understand the real-world implications of cryptography and network security. This laboratory course is designed to provide students with a hands-on experience based on the theoretical knowledge they have acquired by taking other securityoriented courses. This hands-on experience is of great importance for future jobs in industry. The course will accomplish its goals through a number of in-lab programming exercises. Topics covered include: basic cryptographic algorithms and protocols; authentication and authorization protocols; access control models; common network (wired and wireless) attacks; typical protection approaches including firewalls and intrusion detection systems; and operating systems and application vulnerabilities, exploits, and countermeasures.

Instructor:

Prerequisites:

CS 506 and (CS 590, CS 385, or CS 182)
Co-requisite: CS 576
or permission of the instructor

Textbook and Resources:

Computer Security - Principles and Practice, by William Stallings, Lawrie Brown
Publisher: Addison Wesley Professional, 2008

Other recommended books and resources:

"Internet Denial of Service: Attack and Defense Mechanisms," by Jelena Mirkovic, Sven Dietrich, David Dittrich, and Peter Reiher.

Emulab, a virtual testing environment, and its security sibling DETER.

Projects/Programming:

There will be group projects for this class. In general, programming sections of a project should compile and run on Emulab, DETER, or the Unix lab (CS infrastructure). For projects dealing with Windows/MacOS, other OSes, or other infrastructures, you must get the permission of the instructor in writing.

Project I: A 5 to 8-page paper summarizing your project findings plus a 15-minute presentation to the class followed by 10-15 minutes of discussion.

Project II: A 15-page paper summarizing your project findings, plus any programming appendices, and a 30-minute presentation followed by 15-30 minutes of discussion.

Grading:

Quizzes (unannounced): 20%
Labs: 20%
Midterm project/presentation: 20%
Final project/presentation: 30 %
Class participation/peer review: 10%

Policies:

No cell phones should be used in class. They should be off or on silent.
Laptops, handhelds, or other electronic devices should not be used in class, unless explicitly required for the coursework.
A make-up exam will be granted only if:

the instructor is notified BEFORE the exam
AND
there is serious illness or similarly important reason for missing that day.

No make-up quizzes.
For fairness to all students there will be no individual extra credit work.
Assignments are due before the lecture begins at 6:15pm. After 6:15pm, 25% will be deducted from your grade. For assignments late more than one (two) day(s), 50% (75%) will be deducted. No credit will be given for assignments that are more than 3 days late. Exceptions may be granted only if there is an important reason. Exceptions must be cleared with the instructor in advance. If you must miss a class at which an assignment is due, you may email your assignment to the instructor timestamped BEFORE it is due. When assignments are due via Stevens eLearn, the eLearn timestamp is authoritative.
You may collaborate on projects with your fellow students to a limited degree. I.e., you may discuss concept clarifications with other students, but the specific details of your projects must be your own work.
You must specify in writing any resources (web, books etc.) other than the textbook that you used for completing the assignments.
It is cheating to collaboratively work out a detailed solution, to copy a solution from another student or some other resource without specifying it, or to give away a solution. Plagiarism checkers such as TurnItIn may be used by the instructor.
Self-plagiarism is considered cheating.
ALL parties involved in a case of cheating get an automatic grade of zero (0) in the assignment/exam. Repeated cases get an F in the course. Any case of cheating will be reported to the honor board or the Dean of the Graduate School.
Most exercises/labs in this course are considered "red-team exercises" that could be harmful to production networks. They are for in-class use only. Do not apply these techniques outside of the experiment environment (such as DETER) without proper (and written) authorization.

Week-By-Week:

Date

Topics Covered

Reading

Assignments

September 1, 2011

Crypto labs. Ciphers, steganography, and covert communications.

Stallings Ch 1, 19, App A, B

Lab, files

September 8, 2011

Crypto labs (avalanche, hash collisions, RSA, crypto MITM).

Stallings Ch 2, 20

Lab, files, Project ideas due

September 15, 2011

Crypto attacks (dictionary attacks, space-time tradeoffs)

Stallings Ch 3

Project proposal due
Lab, files

September 22, 2011

Enhanced-security operating systems labs (SELinux, OpenBSD)

Stallings Ch 4, 10

Lab, files

September 29, 2011

Intrusion Detection Systems labs(Snort, Bro, honeyd, nessus, nmap)

Stallings Ch 6, App E

Lab, files

October 6, 2011

Firewall labs (building FWs, positioning, ruleset development)

Stallings Ch 9

Lab, files

October 13, 2011

Project I presentations

Project/presentation due

October 20, 2011

DoS labs (closed network experimentation with DoS, single, reflected, amplified, distributed)

Stallings Ch 8

[recommended: Mirkovic Ch 1-6]

Lab, files

October 27, 2011

Malware labs (closed network experimentation with attack tools)

Stallings Ch 7

Lab, files

November 3, 2011

Exploits labs (buffer overflow, SQL Injection)

Stallings Ch 5, 11

Lab, files

November 10, 2011

Stack protection and sandboxing labs (automatic and interactive hardening)

Stallings Ch 12

None

November 17, 2011

OS-specific security (Windows/Unix), Cross-site scripting, Mail security (GPG)

Stallings Ch 23, 24

Lab 1, files (due Nov 22)
Lab 2, files (due Dec 1)

November 24, 2011

Thanksgiving - no classes

December 1, 2011

Wireless labs (WEP/WPA attacks: deauthentication, key extraction)

Stallings Ch 21, 22

Lab, files (Due Dec 12)
Draft paper/presentation due

December 8, 2011

Wrap-up from poster day

802.11 standards

CS Poster Day (Dec 6, 12-2pm, Lieb 319)

December 15, 2011

Final project presentation

Final project/presentation due