COMP 5407F / CSI 5116 (Fall 2011): Authentication and Software Security

Calendar course description: Specialized topics in security including those selected from: advanced authentication techniques, user interface aspects, electronic and digital signatures, security infrastructures and protocols, software vulnerabilities affecting security, untrusted software and hosts, protecting software and digital content.
Essential Course Details Office Hours: 1:30-3:30pm Monday

Marking Scheme: (project dates are firm; please plan in advance)
25% Project 1: Software Vulnerability Tracking (click here for more details).
--- Start immediately (first day of class), due Monday Oct.17 in class.
30% Test: Monday Oct.31 (in class). Covers all material up to test date.
35% Project 2: Research Paper (click here for more details).
--- 10% in-class presentation + 25% written report due Monday Dec.5
10% Class participation. Includes preparation (readings in advance), contributions to discussion within class, attendance (including of other students' presentations).

Flu-Related Policy. In the event of a pandemic flu outbreak we may need to modify the planned course delivery and/or deadlines and/or assignments. Specific details will be provided if this becomes necessary. In the event that you become ill and have to miss class or assignments, upon becoming well, you are expected to communicate with your instructor to identify missed in-class material, assignments and/or to arrange accommodations.

Policy re: Unethical Behaviour. Any student submitting work including portions originating from someone else, without crediting the original source, is subject to a mark of minus 100% (-100%) on the entire work item. For example, if a project is worth 20%, the 20% is lost plus an additional 20% penalty, making the best possible course mark 60%. If the infraction involves copying from another student, then both students may be penalized. You may, and often should, discuss work with others, but each student must write up submitted work individually. In addition to the above, harsher penalties following from any standard university policies will be pursued where appropriate.

Academic Accommodation. If you require special arrangements to meet your academic obligations during the term, please follow the processes as detailed on the Equity Services pages for the following cases: References and Sources. Lectures will largely be drawn from recent research papers (available online where possible), and supplementary material given in class; students are thus expected to attend all classes. For those wishing to brush up on background reading, recommendations include Goodrich and Tamassia (2010), Stallings and Brown (2007) or Gollman (2006), as found in this list.

Detailed Outline. Topics studied are from the list in the official calendar course description (see top of page). The course is updated from year to year, and also changes due to student input. A preliminary plan for this year's course follows (note: these are representative only, and are subject to change). Notation for background references: "HAC ssN" denotes section N in Handbook of Applied Cryptography, which is available free online. tdb = to be determined.

  • Class 1 (Sept.12): Threat models, attack trees, thinking like attackers. Class notes. Begin Project 1 immediately (optional background: read up on the 1988 Internet Worm - see Class 15 below).

  • Class 2 (Sept.14): On-line password dictionary attacks. Securing Passwords Against Dictionary Attacks, Pinkas and Sander (ACM CCS 2002). Follow-up papers (optional): ACM TISSEC 2006, IEEE TDSC 2012.

  • Class 3 (Sept.19): Off-line dictionary attacks and verifiable text. Protecting Poorly Chosen Secrets from Guessing Attacks, Gong et al. (IEEE JSAC vol.11 no.5 June 1993). Background review: passwords (HAC ss10.2.1-10.2.2), time variant parameters (HAC ss10.3.1).

  • Class 4 (Sept.21): "Strong" Password-Protocols. Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attack, Bellovin and Merritt (IEEE S&P 1992). Optional/supplementary (attacks on EKE; alternatives SPEKE, SRP): Number Theoretic Attacks on Secure Password Schemes, S. Patel (IEEE S&P 1997); Strong Password-Only Authenticated Key Exchange, D. Jablon (ACM Computer Communcations Review, October 1996); Extended Password Key Exchange Protocols Immune to Dictionary Attack, D. Jablon (WET-ICE 1997); The Secure Remote Password Protocol, T. Wu (NDSS 1998).

  • Class 5 (Sept.26): Phishing - by web spoofing. Why Phishing Works, Dhamija et al. (CHI'06).

  • Class 6 (Sept.28): Phishing - broader context and countermeasures. Notes from class, plus (re: client-end tools and toolbars) Client-Side Defense Against Web-Based Identity Theft, Chou et al. (NDSS'04). Additional reading (optional): The Phishing Guide, Gunter Ollmann (white paper, 2007); Phishing and Countermeasures, Jakobsson and Myers (eds.), Wiley 2007.

  • Class 7 (Oct.3): Pharming and DNS-based exploits (motivating DNSSEC). Class notes plus: The Pharming Guide, Gunter Ollmann (white paper, July 2005).

  • Class 8 (Oct.5): Graphical Passwords. Graphical Passwords: Learning from the First Twelve Years, Biddle et al. (2011; to appear, ACM Computing Surveys).

  • Oct.10: No class (Thanksgiving Holiday).

  • Class 9 (Oct.12): Entropy, Estimating Password Strength, and Evaluating Alternative Password Schemes. Class notes plus: User Study, Analysis, and Usable Security of Passwords based on Digital Objects, Biddle et al. (IEEE TIFS, Sept.2011). TwoStep: An Authentication Method Combining Text and Graphical Passwords,van Oorschot et al. (MCETECH 2009).

  • Class 10 (Oct.17): Browser trust model, web certificates and SSL. Note: Project 1 is due in class today. The Inconvenient Truth about Web Certificates (Vratonjic et al., WEIS 2011). Background reading: public key infrastructure and certificates (HAC, pp.559-560), certificate trust models (572-576), key life cycle (pp.576-581) and implementation issues, RSA signatures (pp.433-434). Advanced (optional): SSL Observatory Project (EFF); and All Sail, No Anchor II: Acceptable High-End PKI, Blakley and Blakley, Int. J. Information Security (2004) 2(2):66-77.

  • Class 11 (Oct.19): Host site authentication and man-in-the-middle attacks. Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing, Wendlandt et al. (USENIX Annual 2008). Advanced (optional): Convergence project and video (BlackHat 2011, Marlinspike).

  • Class 12 (Oct.24): Secure Software Update Mechanisms. Class notes plus pp.1-5 of: Survivable Key Compromise in Software Update Systems, Samuel et al. (ACM CCS 2010).

  • Class 13 (Oct.26): Android Self-Secured Software Update. Self-signed Executables: Restricting Replacement of Program Binaries by Malware, Wurster et al. (USENIX HotSec'07); and Sections 1, 2, and 5.1 (pp.1-4 and 11) in extended version Reducing Unauthorized Modification of Digital Objects (IEEE Trans. Soft. Eng., to appear, 2011).

  • Class 14 (Oct.31): Test (in class).

  • Class 15 (Nov.2): The Internet worm of 1988. Crisis and Aftermath: The Internet Worm (Spafford, C.ACM 1989 32(6):678-687; pdf available online). Optional/supplementary: With Microscope and Tweezers: The Worm from MIT's Perspective (Rochlis and Eichin, C.ACM 1989 32(6):689-698).

  • Class 16 (Nov.7): Advanced computer worms: Stuxnet. W32.Stuxnet Dossier (v1.4, Feb.2011, Symantec report by N. Falliere, Liam O Murchu, E. Chien). Optional/supplementary: How to 0wn the Internet in Your Spare Time, Staniford et al. (USENIX Security 2002); The Spread of the Sapphire/Slammer Worm (Feb.2003), Moore et al.; Reflections on Witty, N. Weaver (;login: 29(3), June 2004); Blaster; Self-stopping Worms, Ma et al. (ACM WORM 2005).

  • Class 17 (Nov.9): Smartphone security: models, application markets, software installation. Secure Software Installation on Smartphones (D. Barrera, IEEE S&P Magazine May-June 2011). Advanced reading (optional): Defending Users Against Smartphone Apps: Techniques and Future Directions (W. Enck, ICISS 2011).

  • Classes 18-21 (Nov.14-23): student presentations. (Suggested references: papers from major 2009-2011 conferences as listed here.)
    Nov.14: Daniel McCarney (password managers), M. Vefa Bicakci (h/w auth. tokens)
    Nov.16: Abdelrahman M. Abdou (geolocation), Scott Durno (botnet C&C)
    Nov.21: Mohamad Alsharnouby (cross-site scripting), Ann Fry (QR-codes & security)
    Nov.23: Marsha Bissessarsingh (mouse dynamics), Tarush Saul (smartphone privacy leaks)

  • Class 22 (Nov.28): Security & third-party software: stakeholder and economic influences. Inglorious Installers: Security in the Application Marketplace, J. Anderson, J. Bonneau, F. Stajano (WEIS 2010).

  • Class 23 (Nov.30): Rootkits. Class notes. Countering Unauthorized Code Execution on Commodity Kernels: A Survey of Common Interfaces Allowing Kernel Code Modification, Jaeger et al. (Computers & Security, 2011). Additional background. Rootkits: Subverting the Windows Kernel (Hoglund and Butler, Addison-Wesley, 2005). Designing BSD Rootkits: An Introduction to Kernel Hacking (Kong, No Starch Press, 2007).

  • Class 24 (Dec.5): Top-ten security vulnerability lists, and classifying vulnerabilities. Selected material. 2011 CWE/SANS Top 25 Most Dangerous Software Errors (web site and document). OWASP Top 10 Project (web application security). 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them (Howard, LeBlanc, Viega; McGraw Hill, 2010). CWE - Common Weakness Enumeration (formal list of software weakness types). A Taxonomy of Computer Program Security Flaws (Landwehr et al., ACM Computing Surveys, 1994). A Taxonomy of UNIX System and Network Vulnerabilities (Bishop, UC Davis tech report CSE-95-10, 1995).

    Additional topics (from previous years, or for future years):
    1. Memory management exploits (buffer overflows, etc.). Modern Exploitation and Memory Protection Bypasses, Alex Sotirov, invited talk/slides (USENIX Security 2009). Nozzle: A Defense Against Heap-spraying Code Injection Attacks, Ratanaworabhan et al. (USENIX Security 2009). A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention, Wilander and Kamkar (NDSS'03).

    2. Malware: background and overview. Classifying malware (worms, viruses, Trojan horses). McIlroy, Virology 101 (Computing Systems, Spring 1989); and Thompson, Reflections on Trusting Trust (Comm. ACM, Aug.1984). Computer Virus-Antivirus Coevolution, Nachenberg (Comm. ACM, Jan. 1997; pdf available online).

    3. Drive-by downloads and web security. All Your iFRAMEs Point to Us, Provos et al. (USENIX Security 2008). The Ghost in the Browser: Analysis of Web-based Malware (Provos et al., HotBots'07). Cybercrime 2.0: When the Cloud Turns Dark (Provos et al., C.ACM 52(4):42-47, 2009).

    4. Browsers and their evolution. The multi-principal OS construction of the Gazelle web browser, Wang et al. (USENIX Security 2009). Browser security handbook, Michal Zalewski (2008, 2009 online resource). Browser extension security (USENIX Security 2010 papers: Bandhakavi et al.; Djeric et al.).

    5. Browsers, same-origin policy and cross-site scripting. SOMA: Mutual Approval for Included Content in Web Pages, Oda et al. (ACM CCS 2008). Background: Cross-site Scripting Worms and Viruses, Grossman (white paper, April 2006; disregard the marketing on pp.20-21).

    6. Restricting system configuration privileges. System Configuration as a Privilege, Wurster et al. (USENIX HotSec'09; full paper is CCS 2010).

    7. Trusted computing. Bootstrapping trust in commodity computers (Parno et al., IEEE Oakland 2010). See papers cited in: System Security, Platform Security and Usability (extended abstract, van Oorschot, ACM STC'10).

    8. More password research. The Security of Modern Password Expiration: An Algorithmic Framework and Empirical Analysis (Zhang et al., ACM CCS 2010); Testing Metrics for Password Creation Policies by Attacking Large Sets of Revealed Passwords (Weir et al., ACM CCS 2010); The Password Thicket: Technical and Market Failures in Human Authentication on the Web (Bonneau and Preibusch, WEIS 2010).

    Last updated: December 15, 2011. Send comments to: paulv (insert @ here)