CSE543/Fall 2007 - Course Calendar

Below is the calendar for this semester course. This is the preliminary schedule, which may need to be altered as the semester progresses. It is the responsibility of the students to frequently check this web-page for schedule, readings, and assignment changes. As the professor, I will attempt to announce any change to the class, but this web page should be viewed as authoritative. If you have any questions, please contact the course TA or instructor (contact information is available at the course homepage).

Date Topic Assignments Due Readings (read before class) Slides
8/28/07 Introduction lecture 1
8/30/07 Introduction

Reflections on Trusting Trust. Ken Thompson, Turing Award Lecture, 1983.

Efficient Reading of Papers in Science and Technology. Michael J. Hanson, University of Washington, 1989.

Armando's Paper Writing and Presentations Page. Armando Fox, Stanford University.

lecture 2
9/4/07 Crypto Principles

First Review Due

Network Security: Private Communication in a Public World, Chapter 2.

Using Encryption for Authentication in Large Networks of Computers. R. Needham and M. Schroeder, Communications of the ACM, 21(12):993-999, 1978.

lecture 3

9/6/07 Secret Key Crypto

Network Security: Private Communication in a Public World, Chapters 3 and 5.

Why Cryptosystems Fail. Ross Anderson.

lecture 4

9/11/07 Public Key Crypto

Project Assignments

Network Security: Private Communication in a Public World, Chapter 6.

A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. R. Rivest, A. Shamir, and L. Adleman, Communications of the ACM, 21(2):120-126, 1978.

lecture 5

9/13/07 Authentication

Crypto Protocol Note

Network Security: Private Communication in a Public World, Chapter 9.

Kerberos: An Authentication Service for Computer Networks. B. Clifford Neuman and Theodore Ts'o, IEEE Communications, 32(9):33-38. September 1994.

lecture 6

9/18/07 Authentication Systems

Optional Project: DH/RSA

Limitations of the Kerberos Authentication System. S. Bellovin and M. Merritt, in Proceedings of the Winter USENIX Conference, pp. 253-267, 1991.

lecture 7

9/20/07 Public Key Authentication

Latex resources

Latex main file (example.tex)

Latex abstract file (abstract.tex)

Latex introduction file (intro.tex)

Latex file for example figures (implementation.tex)

Latex bibliography (example.bib)

Network Security: Private Communication in a Public World, Chapters 15.

Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure. C. Ellison and B. Schneier Computer Security Journal, v 16, n 1, 2000, pp. 1-7.

lecture 8

9/25/07 Vulnerabilities and Malware

Crypto and Authentication Mini-Exam -- In Class

Network Security: Private Communication in a Public World, Chapters 1.13-1.13.6.

lecture 9

9/27/07 Host Security Principles

The Protection of Information in Computer Systems. J. Saltzer and M. Schroeder, Proceedings of the IEEE 63(9) (1975) pp. 1278-1308. Part I.

lecture 10

10/2/07 Ordinary Operating Systems

A Secure Environment for Untrusted Helper Applications: Confining the Wily Hacker. Ian Goldberg, David Wagner, Randi Thomas, and Eric A. Brewer. Proceedings of the 7th USENIX Security Symposium, July 1996.

lecture 11

10/4/07 Secure Operating Systems

Mini-Exam Answers

Thirty Years Later: Lessons from the Multics Security Evaluation. P. Karger and R. Schell, Invited paper, 2002 Annual Computer Security Applications Conference, 2002.

lecture 12

10/9/07 Capability Systems

Project Milestone: Background and Related Work

Operating System Structures to Support Security and Reliable Software. T. Linden. National Bureau of Standards Technical Note 19. 1976. Sections 1-7.

lecture 13

10/11/07 System Integrity

A Comparison of Commercial and Military Computer Security Policies. D. Clark and D. Wilson, in Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp. 184-194, May 1987.

lecture 14

10/16/07 No class (NSRC Industry Day)
10/18/07 Linux Security

PAM (Pluggable Authentication Modules).

Wikipedia: Security-Enhanced Linux
and

Confining the Apache Web Server with Security-Enhanced Linux, M. Gosselin and J. Schommer, MITRE Corp. 2002.
and

AppArmor Administration' Guide, Sections 1-3. and 5, Novell, Inc.

lecture 15

Tresys/SELinux

10/23/07 Trusted Computing

Design and Implementation of a TCG-based Integrity Measurement Architecture. Reiner Sailer, Xiaolan Zhang, Trent Jaeger, Leendert van Doorn. In Proceedings of the 14th USENIX Security Symposium, August 2004.

lecture 16

10/25/07 Language-Based Security

Homework Due: HW Answers

A Decentralized Model for Information Flow Control. A. Myers and B. Liskov. Proceedings of the 16th ACM Symposium on Operating Systems Principles (SOSP) , October 1997, pages 129-142.

lecture 17

10/30/07 Systems Security Summary

Project Milestone: Experimental Proposal (due 11/5 at 5:00pm)

Understanding Data Lifetime via Whole System Simulation. J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, and M. Rosenblum. Proceedings of the 13th USENIX Security Symposium, August 2003.

lecture 18

11/1/07 Midterm - 11:15-12:30, in class
*** Mid-term answer key ***
11/6/07 Network Security

The Dawn of the Stupid Network. D. Isenberg, ACM Networker, 2(1), pp. 24-31, 1998.

Security Problems in the TCP/IP Protocol Suite. Steven M. Bellovin, in Computer Communications Review 2:19, pp. 32-48, April 1989.

lecture 19

11/8/07 Network Security

A quantitative study of firewall configuration errors. A. Wool, IEEE Computer, 37(6):62-67, 2005.

Linux iptables HOWTO Rusty Russell.

lecture 20

11/13/07 Network Security: IP Security

Network Security: Private Communication in a Public World, Chapters 17, 18.

lecture 21
11/15/07 Network Security: Attacks

A taxonomy of DDoS attack and DDoS defense mechanisms. Jelena Mirkovic and Peter Reiher, ACM SIGCOMM Computer Communication Review archive, pages 39-54, 34 (2), April, 2005.

How to 0wn the Internet in Your Spare Time. S.Staniford and V. Paxson and N. Weaver, in Proceedings of the 11th USENIX Security Symposium, pages 149-167, San Francisco, CA, August 2002.

lecture 22
11/20/07 No class (Thanksgiving holiday)
11/22/07 No class (Thanksgiving holiday)
11/27/07 Web Security

Homework (Due 12/6 beginning of class): Network Security Homework

Network Security: Private Communication in a Public World, Chapter 19.

Risks of the Passport Single Signon Protocol. D. Kormann and A. Rubin, Computer Networks, (July, 2000).

lecture 23

11/29/07 Intrusion Detection

Project Milestone: Status Slides (due 11/30 at 5:00pm)

A Sense of Self for UNIX Processes . S. Forrest, S. A. Hofmeyr, A. Somayaji, T. A. Longstaff, In Proceedings of the IEEE Symposium on Security and Privacy, 1996.

The Base-Rate Fallacy and Its Implications for the Difficulty of Intrusion Detection. S. Axelsson, In Proceedings of the ACM Conference on Computer and Communication Security. November, 1999.

lecture 24

12/4/07 No class (Presentations)
12/5/07 Project presentations (6:15pm-8:00pm -- 333 IST)
12/6/07 Virtual Machine Security

Homework Due: Homework Answers

A Retrospective on the VAX VMM Security Kernel. P. Karger. M. Zurko, D. Bonin, A. Mason, IEEE Transactions on Software Engineering, 17(11), pp. 1147-1165, November 1991. Sections 1-4.

lecture 25

12/11/07 Mobile Phone Security

Exploiting Open Functionality in SMS-Capable Cellular Networks. W. Enck, P. Traynor, P. McDaniel, T. LaPorta, In Proceedings of the ACM Conference on Computer and Communication Security. November 2005.

lecture 26

12/13/07 Wrapup

lecture 27

12/18/07 Final - Tu Dec 18, 102 CHEM, 8:00am-9:50am
12/20/07 Project Writeup Due 5PM EST, Th Dec 20 (No exceptions)

CSE 543 - Fall 2007

Last modified: Wed Aug 15 17:59:01 EST 2007