CATALOG DESCRIPTION: The past decade has seen an explosion in the concern for the security of information. This course introduces students to the basic principles and practices of computer and information security. Focus will be on the software, operating system and network security techniques with detailed analysis of real-world examples. Topics include cryptography, authentication, software and operating system security (e.g., buffer overflow), Internet vulnerability (DoS attacks, viruses/worms, etc.), intrusion detection systems, firewalls, VPN, Web and wireless security. Students with good performance in the class will be awarded researchship in the academic year and/or the summer. This course can help satisfy the project course requirement for undergraduates and satisfy the breadth requirement in computer systems for system Ph.D. students.

  • This course satisfies the project requirement

REQUIRED TEXTBOOKS :

Network Security - Private Communication in a Public World , by Charlie Kaufman, Radia Perlman and Mike Speciner, 2nd Edition, Prentice Hall, 2002

Cryptography and Network Security , by William Stallings, 3 rd Edition, Prentice Hall, 2003

REFERENCE TEXTBOOKS:

Writing Secure Code , Michael Howard and David LeBlanc, Microsoft Press, 2002.

Security in Computing , Charles Pfleeger, Shari Lawrence Pfleeger, 3rd Edition, Prentice Hall, 2002.

Firewalls and Internet Security: Repelling the Wily Hacker , 2 nd edition, by William R. Cheswick , Steven M. Bellovin , and Aviel D. Rubin , Addison Wesley, 2003

Lecture Notes on Cryptography , by S. Goldwasser and M. Bellare, available online at http://www-cse.ucsd.edu/users/mihir/papers/gb.html

COURSE COORDINATOR: Yan Chen

COURSE GOALS:

  • Understand the fundamental principles and underlying technologies of information security and assurance;
  • Illustrate the security principles with the state-of-the-art security technologies and products through case studies.

PREREQUISITES:

  • Required: EECS 213 or any equivalent computer systems introductory courses or instructor approval.
  • Highly recommended: EECS 340 or equivalent networking introductory course

DETAILED COURSE TOPICS:

  1. Motivation and overview of computer security
    1. Security definition, policy, mechanisms, services and models
  2. Introduction to cryptography, symmetric/asymmetric encryption
    1. Secret key case study: DES/AES algorithms
    2. Public key case study: RSA
    3. One-way hash function and message digests: MD5, SHA2
  3. Software security
    1. Buffer overflow, heap overflow and string format bugs
    2. Detection techniques: static program analysis vs. run-time detection
  4. Operating system security techniques
    1. Dealing with bad (legacy) codes: sandboxing
    2. Multi-level security, file system security
  5. Authentication, access control, public key infrastructure (PKI, briefly)
    1. Case study: Kerberos
  6. Internet vulnerability
    1. Denial-of-service attacks
    2. viruses, worms, Trojan horses
  7. Securing the Internet
    1. Intrusion detection systems (IDSs): host- vs. network- based, signature vs. statistical detection
    2. Case study: Snort and Bro
    3. Firewalls, VPN and IPsec
  8. Web and wireless network security
    1. Case study: SSL/TLS

PROJECTS:

  • Using cryptographic software (like PGP) for secure data transfer and authentication
  • Exploit of buffer overflow bugs and format string bugs which count for most notorious viruses/worms;
  • Using and configuring a signature-based intrusion detection system (like snort), and implementing a tiny statistics-based IDS system to detect denial-of-service attacks and port scans with real router traffic (code templates and algorithms will be provided).

GRADES:

  • Participation 10%
  • Homework 10%
  • Projects 40%
  • Mid-term Exam 20%
  • Final Exam 20%

COURSE OBJECTIVES: When a student completes this course, s/he should be able to:

  • Understand the basic principles for information and communication security, and be able to apply these principles to evaluate and criticize information system security properties
  • Be able to use some important and popular security tools, like encryption, digital signatures, firewalls, intrusion detection systems (IDS)
  • Be able to identify the vulnerability of the Internet systems and recognize the mechanisms of the attacks, and apply them to design and evaluate counter-measure tools