CS 675 - Threats, Exploits, and Countermeasures

Mondays - 6:15pm-8:45pm - BC 640

DRAFT SYLLABUS -JAN 2, 2012

Course Overview:

The class will cover advanced network and host security concepts and mechanisms.The class will cover the subjects in theory and provide the students with an extensive hands-on experience:
assessing vulnerabilities, writing real working exploits for existing systems in a closed and controlled environment, and developing countermeasures to these perceived and real threats, also
in the form of projects. The class will involve a fair amount of programming. Those who take the class are expected to be able to program in C/C++, have some a solid knowledge of assembly
language, and be familiar with network basics and programming, as well as modern operating systems (Windows, MacOS, Unix).

Instructor:

Prerequisites:

CS 576/577, CS579
or permission of the instructor

Textbook and Resources:

Required:

Security in Computing, 4th Edition
Charles P. Pfleeger, Shari Lawrence Pfleeger
Copyright 2007, Edition: 4th
ISBN-10: 0-13-239077-9
ISBN-13: 978-0-13-239077-4

The Shellcoder's Handbook: Discovering and Exploiting Security Holes
Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte
Wiley; 2nd edition (August 20, 2007)
ISBN-10: 047008023X
ISBN-13: 978-0470080238

Recommended books:

Hacking: The Art of Exploitation, 2nd Edition
Jon Erickson
No Starch Press; 2nd edition (January 11, 2008)
ISBN-10: 1593271441
ISBN-13: 978-1593271442

Internet Denial of Service: Attack and Defense Mechanisms
Jelena Mirkovic, Sven Dietrich, David Dittrich, and Peter Reiher
Prentice Hall, 2004

Secure Coding in C and C++
Robert C. Seacord
Addison-Wesley Professional.
Copyright 2006
Edition: 1st
ISBN-10: 0-321-33572-4
ISBN-13: 978-0-321-33572-2

Other recommended resources:

Emulab, a virtual testing environment, and its security sibling DETER.

CERT Secure Coding Standards

Grading:

Quizzes (unannounced): 30%
Homework/Class work: 20%
Midterm: 20%
Final: 30 %

Policies:

No cell phones should be used in class. They should be off or on silent.
Laptops, handhelds, or other electronic devices should not be used in class, unless explicitly required.
A make-up exam will be granted only if:

the instructor is notified BEFORE the exam
AND
there is serious illness or similarly important reason for missing that day.

No make-up quizzes.
For fairness to all students there will be no individual extra credit work.
Assignments are due before the lecture begins at 6:15pm. After 6:15pm, 25% will be deducted from your grade. For assignments late more than one (two) day(s), 50% (75%) will be deducted. No credit will be given for assignments that are more than 3 days late. Exceptions may be granted only if there is an important reason. Exceptions must be cleared with the instructor in advance. If you must miss a class at which an assignment is due, you may email your assignment to the instructor timestamped BEFORE it is due. When assignments are due via Stevens eLearn, the eLearn timestamp is authoritative.
You may collaborate on projects with your fellow students to a limited degree. I.e., you may discuss concept clarifications with other students, but the specific details of your projects must be your own work.
You must specify in writing any resources (web, books etc.) other than the textbook that you used for completing the assignments.
It is cheating to collaboratively work out a detailed solution, to copy a solution from another student or some other resource without specifying it, or to give away a solution. Plagiarism checkers such as TurnItIn may be used by the instructor.
Self-plagiarism is considered cheating.
ALL parties involved in a case of cheating get an automatic grade of zero (0) in the assignment/exam. Repeated cases get an F in the course. Any case of cheating will be reported to the honor board or the Dean of the Graduate School.

Syllabus:

Dates	Topic(s)	Reading(s)		HW
Jan 23, 2012	Introduction and review. Computer security basics. Attack and defense basics. Protocols. Setting ethical boundaries.	Pfleeger Chapters 1-2 Mirkovic et al. Chapters 1-4
Jan 30, 2012	Secure coding techniques I. Worrying about buffer overflow, stacks, and arbitrary memory writes.	Seacord Chapters 1-4 Erickson Chapter 0x200-0x300		Midterm and final project ideas due
Feb 6, 2012	Secure coding techniques II. Format abuses, race conditions, TOCTOU.	Seacord Chapters 5-7 Online chapters at http://oli.web.cmu.edu/ (see e-mail for credentials) Erickson Chapter 0x300		Midterm project proposals due
Feb 13, 2012	Vulnerability discovery. Fuzzing techniques for finding security flaws in protocols and program input. White-box vs. evolutionary fuzzing.	Paper 1 Anley Part 3
Feb 21, 2012 (Tue)	Penetration testing. Limits of network discovery.	Erickson Chapter 0x400
Feb 27, 2012	Writing exploits and shellcodes. Encapsulating the payloads.	Erickson Chapter 0x500
Mar 5, 2012	Midterm project presentations			Midterm project due. Final project proposal due.
Mar 19, 2012	More exploits. Countermeasures. Reversing exploits and protectors/packers. Rootkits for OS and execution environments.	Erickson Chapter 0x600	Guest lecture by Will Dormann on fuzzing BFF tool
Mar 26, 2012	Attacking the infrastructure: routing, DNS, etc.	Anley Part 4	FC'12 papers, as assigned
Apr 2, 2012	Countering the infrastructure threat.	Mirkovic et al. Chapters 6-7	FC'12 papers, as assigned Project updates
Apr 9, 2012	Ethical hacking: what are the limits, revisited. Malware herding: think globally.		Advanced persistent threats
Apr 16, 2012	Cryptographic attacks on hosts and infrastructure.	Erickson Chapter 0x700	Download and run Remnux and Backtrack Linux R2. Look at the Yamas MITM tool for BT	Draft presentations/papers due APT presentations due
Apr 23, 2012	Attacking small devices (e.g. phones, handhelds)			Penetration testing assignment due
Apr 30, 2012	Special topics (Papers from a recent conference)	Recent papers from a relevant conference (e.g. LEET)
May 7, 2012	Final Project presentations			Final Project due