CIS 331, Spring 2016
Introduction to Networks & Security


Instructor:
  Nadia Heninger (604 Levine)
  Office Hours Tuesdays 1:00-2:00pm 604 Levine

TAs:
Shaanan Cohney Thu.  2:00-3:00pm Moore 102 Conference Room
Luke Valenta Wed. 3:00-4:00pm Moore 102 Conference Room
Terry Sun Mon. 5:00-6:00pm Moore 102 Conference Room
Richard Roberts Tue.  7:00-8:00pm Moore 102 Conference Room
Josh Fried Wed. 4:30-5:30pm Moore 102 Conference Room
Moore 102 is to the left of Moore 100. The door will be propped open. The conference room is on the back right.

Lectures:
  Tuesday/Thursday 10:30am-12:00pm Berger auditorium

Tutorial Sessions:
  Wednesday 5:00-6:00pm Moore 102 conference room

Piazza

Canvas


Announcements

If you tried to register for the course and did not get a place, you can add yourself to the waitlist here.

Course Overview

This course introduces principles and practices of computer and network security.

Prerequisites: CIS 160, CIS 240.

Grading will be based on homework (25%), projects (40%), a final (30%), and class participation (5%).


Lecture and Tutorial Schedule

Topic Assignments Resources
1/14 Introduction
Threat modeling, thinking like an attacker
Homework 1 available Wikipedia: Teufelsberg
Computer Fraud and Abuse Act
Wikipedia: Aaron Swartz
Wikipedia: Weev
1/19 Symmetric encryption
Pseudorandom functions, pseudorandom generators, stream ciphers, block ciphers
Communication Theory of Secrecy Systems by Shannon
Wikipedia: Vigenère cipher
1/21 Message integrity
Block cipher modes of operation, message authentication codes
Homework 1 due at 10pm
Homework 2 available
1/26 Hash functions
Hash functions, birthday attacks, length extension attacks
1/27 Tutorial session: Python
Brief demo of Python syntax with examples.
Resources: LearnPython.org, Learn Python the Hard Way
1/28 Public-key cryptography
Diffie-Hellman key exchange, RSA encryption
Homework 2 due at 10pm
Project 1 available
Wikipedia: Modular Arithmetic
Modular arithmetic lecture notes from Berkeley CS 70
Basic number theory lecture notes from Boaz Barak New Directions in Cryptography by Whitfield Diffie and Martin E. Hellman
2/2 Digital Signatures
RSA signatures, PKCS padding, Bleichenbacher signature forgery attack
Guest lecture: Luke Valenta
2/4 Social Engineering
Guest lecture: Shaanan Cohney
2/9 Passwords and authentication
Authentication factors, usability, password hygiene, challenge-response authentication, biometrics
2/11 Web overview, attacks and defenses
Web threat model, HTTP, HTML, Javascript, same-origin policy, session management, cookies
Project 1 due at 10pm
Homework 3 available
Web technology for developers
Browser Security Handbook: Basic concepts behind web browsers
2/16 Web attacks and defenses
SQL injection, CSRF, XSS and defenses
Project 2 available
SQL Injection cheat sheet
Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet
XSS Filter Evasion Cheat Sheet
2/18 HTTPS and crypto in practice
HTTPS, RSA and DH key exchange, certificates, CAs, public-key infrastructure, trust model; PGP, the crypto wars, key management, web of trust, usability, OTR
Homework 3 due at 10pm
The First Few Milliseconds of an HTTPS Connection
Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 by Alma Whitten and Doug Tygar
Bernstein v. United States
Off-the-Record Communication, or, Why Not To Use PGP by Nikita Borisov, Ian Goldberg, and Eric Brewer
2/23 Networking overview
OSI architecture, Ethernet, IP, ICMP, ARP, DHCP
Guest lecture: Behnaz Arzani
The Design Philosophy of the DARPA Internet Protocols by Clark
Brief History of the Internet
Wikipedia: OSI Model
Wikipedia: Ethernet
Wikipedia: Internet Protocol
Wikipedia: Address Resolution Protocol
Wikipedia: Dynamic Host Configuration Protocol
Computer Networks: A Systems Approach by Peterson and Davie
2/25 Networking overview
Routing basics, UDP, TCP, congestion control, DNS
Guest lecture: Behnaz Arzani
Wikipedia: Autonomous System
Wikipedia: OSPF routing
Wikipedia: Border Gateway Protocol
Wikipedia: User Datagram Protocol
Wikipedia: Transmission Control Protocol
Wikipedia: Domain Name System
3/1 Network threat modeling
HTTPS, export controls, DROWN
The export of cryptography in the 20th century and the 21st by Diffie and Landau
DROWN Attack
Attack of the week: DROWN by Green
3/3 Network attacks
eavesdropping, jamming, TCP injection
Project 2 due at 10pm
Mark Klein Declaration in Heptig v. ATT/NSA
APCO P25 digital two-way radio system by Blaze, Clark, Goodspeed, Metzger, Wasserman, Xu
Security problems in the TCP/IP protocol suite by Bellovin
3/8 Spring Break
3/10 Spring Break
3/15 Network attacks and defenses
denial of service, SYN flooding, SYN cookies,CAPTCHA, client puzzles
3/17 Network attacks and defenses
DNS hijacking, ARP spoofing, BGP routing issues
Project 3 available
3/22 Network defenses
DNSSEC, IPsec, S-BGP, firewalls, packet filtering, application proxies, tunneling, VPNs, intrusion detection
3/24 Network defenses
Application proxies, tunneling, IPsec, VPNs
3/29 Anonymity
Anonymous remailers, Tor, Tor hidden services, data deanonymization
Homework 4 available
Tor: The Second-Generation Onion Router by Roger Dingledine, Nick Mathewson, and Paul Syverson
Robust De-anonymization of Large Sparse Datasets by Arvind Narayanan and Vitaly Shmatikov
3/31 Control hijacking
Normal control flow, buffer overflow, integer overflows, format string vulnerabilities, DEP, ASLR
Project 3 due at 10pm
Smashing the stack for fun and profit by Aleph One
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade by Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole
Low-level Software Security by Example by Ulfar Erlingsson, Yves Younan, and Frank Piessen
Return-Oriented Programming: Systems, Languages, and Applications by Ryan Roemer, Erik Buchanan, Hovav Shacham, and Stefan Savage
4/5 Control hijacking, defenses, and malware
Stack canaries, heap spraying, malware
Project 4 available
4/7 Access control and OS security
ACLs, capabilities, unix file privileges
Homework 4 due at 10pm
Operating System Security by Trent Jaeger
4/12 OS security
Confinement, isolation, sandboxing, virtual machines
4/14 The underground economy
Spam, phishing, botnets, measurement studies
Measuring the cost of cybercrime by Ross Anderson et al.
Spamalytics: An empirical analysis of spam marketing conversion by Chris Kanich et al.
PharmaLeaks: Understanding the business of online pharmaceutical affiliate programs by Damon McCoy et al.
4/19 Advanced threats
Government-sponsored malware, spearphishing, advanced persistent threats
Project 4 due at 10pm
Homework 5 available
W32.Stuxnet Dossier Symantec Report
APT1: Exposing one of China's cyber espionage units Mandiant Technical Report
Counter-cryptanalysis by Marc Stevens
4/21 Ethics, law, and policy
Privacy and the Limits of Law by Ruth Gavison
Cyber-security Research Ethics Dialog & Strategy Workshop (CREDS 2013)
Going Bright: Wiretapping without Weakening Communications Infrastructure by Steve Bellovin, Matt Blaze, Sandy Clark, and Susan Landau
4/26 Special requests: Side-channel attacks and bitcoin
Guest lecture: Daniel Genkin
Homework 5 due at 10pm
ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels by Genkin Pachmanov Pipman Tromer and Yarom
ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs by Genkin Pachmanov Pipman and Tromer
Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation by Genkin Pachmanov Pipman and Tromer
RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis by Genkin, Shamir, and Tromer
Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks On PCs by Genkin, Pipman, and Tromer
Lest We Remember: Cold Boot Attacks on Encryption Keys by J. Alex Halderman, Seth Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph Calandrino, Ariel Feldman, Jacob Appelbaum, and Edward Felten
Bitcoin: A Peer-to-Peer Electronic Cash System by Satoshi Nakamoto
5/3 Review session 3pm Town 337
5/4 Final Exam 12pm-2pm Towne 100

Assignments

There will be five homework assignments to be done individually and four projects to be done in teams of two.

Homework

Projects

Late Work: You will have a budget of five late days (24-hour periods) over the course of the semester that you can use to turn assignments in late without penalty and without needing to ask for an extension. You may use a maximum of two late days per assignment. Late pair projects will be charged to both partners. Once your late days are used up, extensions will only be granted in extraordinary circumstances.


Additional Resources

No textbook is required, but if you would like additional resources the following may be useful:

Course materials have been adapted from J. Alex Halderman and are available under a Creative Commons License.