Van Oorschot: Courses: COMP 5407 Classes

Class outline and references (COMP 5407)

Last updated: Nov. 11, 2003 10:00pm

Notation:
"BSS" denotes Building Secure Software (Viega and McGraw, 2002).
"HAC ssN" denotes section N in Handbook of Applied Cryptography (Menezes, Van Oorschot, Vanstone, 1996).

Class 1: Getting Started. Preliminaries (course outline, expectations; course web site; enrolment information, pre-requisites). Course overview; relationship between software vulnerabilities, malicious software, and authentication failures. Discussion of Project 1 - begin immediately (for extra background see BSS and/or read Spafford's paper under class 11 below). Began discussion of paper for Class 2.
Class 2: On-line Password Dictionary Attacks. Preventing on-line dictionary attacks using cookies and tests distinguishing humans from machines. Pinkas and Sander, "Securing Passwords Against Dictionary Attacks'' (ACM CCS-9: Computer and Communications Security, Nov.2002); for context, also visit the CAPTCHA Project site.
Class 3: Off-line Password Dictionary Attacks. Preventing off-line dictionary attacks using "encrypted key exchange". Bellovin and Merritt, "Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attack'' (IEEE Security and Privacy, May 1992). Also review reading - passwords: HAC ss10.2.1-10.2.2; time variant parameters: HAC ss10.3.1.
Class 4: Graphical Passwords. Replacing text passwords by user-drawn figures on graphical input devices. Jermyn et al., The Design and Analysis of Graphical Passwords (1999 USENIX Security).
Classes 5-7: Buffer Overflows. For Class 5 read: BSS, Ch.7 (Buffer Overflows). For Class 6, read: Wilander and Kamkar, A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention, NDSS'03. For Class 7, read to start of section 4 in: scut, Exploiting Format String Vulnerabilities (Sept.2001). Optional further reading - among many other papers on buffer overflows and related memory problems are: (a) Simon, A Comparative Analysis of Methods of Defense against Buffer Overflow Attacks (Jan. 2001). (b) Cowan et al., Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade (Jan. 2000). (c) Rogers, rlogin(1): The Untold Story (tech report CMU/SEI-98-TR-017, Nov.1998, Carnegie Mellon Software Eng. Inst.).
Class 8: Authentication and Router Update Protocols . How routing tables are created and updated in common routing protocols; vulnerabilities due to lack of authentication; and potential solutions. Reference: Security Problems in Internet Routing Protocols (slides).
Classes 9-10: Computer Viruses and Trojan Horses. For class 9 read: Nachenberg, Computer Virus-Antivirus Coevolution (Comm. ACM, Jan. 1997); pdf available online. Readings for class 10: McIlroy, Virology 101 (Computing Systems, Spring 1989); and Thompson, Reflections on Trusting Trust (Comm. ACM, Aug.1984).
Classes 11-12: Computer Worms. Reading for class 11 (a look at 15 years ago): Spafford, "Crisis and Aftermath (The Internet Worm)", Comm. of the ACM, vol.32 no.6 (1989), pp.678-687. PDF available online. Readings for class 12 (advanced threats): Staniford et al., How to 0wn the Internet in Your Spare Time (2002 Usenix Security); and Moore et al., The Spread of the Sapphire/Slammer Worm (Feb.2003).
Class 13: Trusting Software and Input Validation. Read: BSS, Ch.12 (Trust Management and Input Validation).
Class 14: Authentication and Usability. Usability aspects related to password-based authentication, and challenge questions for password recovery. PDF Slides (M. Just, Oct.2003)
Class 15: Malicious software - additional details. (No assigned reading.)
Class 16: Software Protection through Diversity (introduction). S. Forrest et al., Building Diverse Computer Systems (1997 Workshop on Hot Topics in Operating Systems).
Class 17: Class Test.
Class 18-19: Digital Signatures - Practical Issues. Public key infrastructure for digital signatures: RSA signatures (background) - HAC pp.433-434; public-key certificates - HAC pp.559-560; certificate and key life cycle - HAC pp.576-581. A Comparison of Digital and Handwritten Signatures (D. Fillingham, 1997 course paper).
Class 20: Client-Side Security (BSS Chapter 15). Topics include: copy protection, license files, software obfuscation and tamper resistance.
Class 21: Software Protection - Program Evolution and Diversity. Operating System Protection Through Program Evolution (F. Cohen, Computers and Security, Oct.1993).
Class 22-24: Software Protection - Obfuscation, Tamper Resistance, Watermarking. Watermarking, Tamper-Proofing and Obfuscation - Tools for Software Protection (IEEE Trans. S.E., June 2002).
Computer Worms and Viruses - some interesting links for recent media articles: Viruses and Worms: What Can We Do About Them?, (10 Sept. 2003, Testimony to U.S. House Committee by Director of CERT). Internet Worms: Worst is Yet to Come? (www.NewsFactor.com, 16 Sept 2003). Microsoft's New Security Roadmap (www.NewsFactor.com, 15 Sept 2003).