CS 675 - Threats, Exploits, and Countermeasures

Mondays - 6:15pm-8:45pm - BC 640

DRAFT SYLLABUS -JAN 27, 2011

Course Overview:

The class will cover advanced network and host security concepts and mechanisms.The class will cover the subjects in theory and provide the students with an extensive hands-on experience:
assessing vulnerabilities, writing real working exploits for existing systems in a closed and controlled environment, and developing countermeasures to these perceived and real threats, also
in the form of projects. The class will involve a fair amount of programming. Those who take the class are expected to be able to program in C/C++, have some a solid knowledge of assembly
language, and be familiar with network basics and programming, as well as modern operating systems (Windows, MacOS, Unix).

Instructor:

Prerequisites:

CS 576/577, CS579
or permission of the instructor

Textbook and Resources:

Required:

Security in Computing, 4th Edition
Charles P. Pfleeger, Shari Lawrence Pfleeger
Copyright 2007, Edition: 4th
ISBN-10: 0-13-239077-9
ISBN-13: 978-0-13-239077-4

The Shellcoder's Handbook: Discovering and Exploiting Security Holes
Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte
Wiley; 2nd edition (August 20, 2007)
ISBN-10: 047008023X
ISBN-13: 978-0470080238

Recommended books:

Hacking: The Art of Exploitation, 2nd Edition
Jon Erickson
No Starch Press; 2nd edition (January 11, 2008)
ISBN-10: 1593271441
ISBN-13: 978-1593271442

Internet Denial of Service: Attack and Defense Mechanisms
Jelena Mirkovic, Sven Dietrich, David Dittrich, and Peter Reiher
Prentice Hall, 2004

Secure Coding in C and C++
Robert C. Seacord
Addison-Wesley Professional.
Copyright 2006
Edition: 1st
ISBN-10: 0-321-33572-4
ISBN-13: 978-0-321-33572-2

Other recommended resources:

Emulab, a virtual testing environment, and its security sibling DETER.

CERT Secure Coding Standards

Grading:

Quizzes (unannounced): 30%
Homework/Class work: 20%
Midterm: 20%
Final: 30 %

Policies:

No cell phones should be used in class. They should be off or on silent.
Laptops, handhelds, or other electronic devices should not be used in class, unless explicitly required.
A make-up exam will be granted only if:

the instructor is notified BEFORE the exam
AND
there is serious illness or similarly important reason for missing that day.

No make-up quizzes.
For fairness to all students there will be no individual extra credit work.
Assignments are due before the lecture begins at 6:15pm. After 6:15pm, 25% will be deducted from your grade. For assignments late more than one (two) day(s), 50% (75%) will be deducted. No credit will be given for assignments that are more than 3 days late. Exceptions may be granted only if there is an important reason. Exceptions must be cleared with the instructor in advance. If you must miss a class at which an assignment is due, you may email your assignment to the instructor timestamped BEFORE it is due. When assignments are due via Stevens eLearn, the eLearn timestamp is authoritative.
You may collaborate on projects with your fellow students to a limited degree. I.e., you may discuss concept clarifications with other students, but the specific details of your projects must be your own work.
You must specify in writing any resources (web, books etc.) other than the textbook that you used for completing the assignments.
It is cheating to collaboratively work out a detailed solution, to copy a solution from another student or some other resource without specifying it, or to give away a solution. Plagiarism checkers such as TurnItIn may be used by the instructor.
Self-plagiarism is considered cheating.
ALL parties involved in a case of cheating get an automatic grade of zero (0) in the assignment/exam. Repeated cases get an F in the course. Any case of cheating will be reported to the honor board or the Dean of the Graduate School.

Syllabus:

Dates	Topic(s)	Reading(s)		HW
Jan 24, 2011	Introduction and review. Computer security basics. Attack and defense basics. Protocols. Setting ethical boundaries.	Pfleeger Chapters 1-2 Mirkovic et al. Chapters 1-4
Jan 31, 2011	Secure coding techniques I. Worrying about buffer overflow, stacks, and arbitrary memory writes.	Seacord Chapters 1-4 Erickson Chapter 0x200-0x300	Please attend the CS seminar talk at 4pm, George "GeoHot" Hotz, Babbio 122	Midterm and final project ideas due
Feb 7, 2011	Secure coding techniques II. Format abuses, race conditions, TOCTOU.	Seacord Chapters 5-7 Online chapters at http://oli.web.cmu.edu/ (see e-mail for credentials) Erickson Chapter 0x300	Guest lecture by Robert Seacord (plus seminar talk 2-3pm, Babbio 220)	Midterm project proposals due
Feb 14, 2011	Vulnerability discovery. Fuzzing techniques for finding security flaws in protocols and program input. White-box vs. evolutionary fuzzing.	Paper 1 Anley Part 3
Feb 22, 2011 (Tue)	Penetration testing. Limits of network discovery.	Erickson Chapter 0x400	Guest lecture by Will Dormann on fuzzing BFF tool
Feb 28, 2011	Writing exploits and shellcodes. Encapsulating the payloads.	Erickson Chapter 0x500
Mar 7, 2011	Midterm project presentations			Midterm project due. Final project proposal due.
Mar 14, 2011	More exploits. Countermeasures. Reversing exploits and protectors/packers. Rootkits for OS and execution environments.	Erickson Chapter 0x600
Mar 21, 2011	Attacking the infrastructure: routing, DNS, etc.	Anley Part 4
Mar 28, 2011	Countering the infrastructure threat.	Mirkovic et al. Chapters 6-7
Apr 4, 2011	Ethical hacking: what are the limits, revisited. Malware herding: think globally.
Apr 11, 2011	Cryptographic attacks on hosts and infrastructure.	Erickson Chapter 0x700		Draft presentations/papers due
Apr 18, 2011	Attacking small devices (e.g. phones, handhelds) Special topics (Papers from a recent conference)	Recent papers from a relevant conference (e.g. LEET, BlackHat)
Apr 25, 2011	Final Project presentations			Final Project due

Save the Tree Octopus.
;-)