System Security

Click here for the SystemSecuritySyllabus

[edit]

Class Lecture Slids

Class lecture slides are here.

[edit]

EXAMS

EXAM 1 will be Tuesday, March 4, in class.

The final exam and submission details are available on the Final Exam page.

[edit]

Boring Details

Textbook: There is not a textbook required for this class. However, there are many references that I will cite. As the term progresses, these references will be listed below in the Class Links section.

Class Time: 8:00 on Tuesdays and Thursdays

Location: 333 ITTC

For the first week, we'll mainly be discussing history of Security

[edit]

Class Links

DoD Trusted Computer System Evaluation Criteria (PDF)

Description of the Rainbow Series of books (Some links are broken)

Common Criteria Evaluation and Validation Scheme (PDF), or CCS for short (nothing like abbreviating abbreviations) supersedes some portions of the Orange book.

Description of the Chinese Wall model of security.

A description of Role Base Access Control as implemented in Solaris 8.

A description of DLL injections, createRemoteThread(), and API hooking.

Following the three S's of a network attack, please read the 5 P's related to the progression stages of an attack.

Streaming lecture reference for EncFS installation, Encrypting File System, and dm-crypt

[edit]

Homework Assignments

Write up a one-page document that describes "ATM Jackpotting." Due Thursday, 1-17-2008.

Read the blurb at http://www.gammassl.co.uk/topics/chinesewall.html. The following is due Thursday, 1-31-2008 (in class):
- describe the Chinese Wall model
- contrast the Chinese Wall model with the Bell-LaPadula model (additional references are certainly allowed here).
- describe how the Chinese wall model is used (or more appropriate) for the Corporate and/or Legal environment.

Research the following attacks. Write up a description of the attack along with relevant details of the attack. Include in your writeup any information relating to specific operating systems that the attack is aimed at, any specific applications that the attack targets, and so forth. Due Tuesday, February 19 (in class).
- Teardrop (both versions 1 and 2)
- Boink denial of service attack
- evilPing
- Ping of Death (and various well-known variations)
- WinNuke
- Land Attack

Please cite all your references, and any relevant CVE entries.

Generate a tcpdump command that specifically captures a spanning tree protocol packet that has the "topology change" bit set (bit 0) in its flags. To get started, note that tcpdump recognizes "stp" as a packet filtering option (e.g, "tcpdump stp" will capture all spanning tree packets). The rest of the task is to map the packet, find the byte with the bits, and pull out packets that have the 0 bit set. Google well, class!

Answer the following question from class:

Question #12

For the "group keying" assignment, please use:

g=2 p=2^61-1=2305843009213693951

p is known as a Mersenne prime. Mersenne primes are of the form 2^n-1, where n is also prime. Currently, there are around 45 known Mersenne primes, and geeks like me, but possibly with a better social life, are working hard to compute the next Mersenne prime and receive all of the commensurate glory and fame that comes with the discovery.

Your task is, as a class, compute a common session key WITHOUT DISCLOSING PRIVATE INFOMATION(*) to any of your classmates using the Diffie Hellman key exchanged, adapted to the situation where you're not dealing with just Alice and Bob, but a group of N>2 participants.

Due Thursday, beginning of class. Turn in your session key, your public key, and (gasp!) your private key.

In the spirit of getting along, please share your public keys with the class through the class mailing list no later than 5:00 p.m. on Wednesday. If someone does not share their key by 5:00 p.m. on Wednesday, you may exclude them from the session key generation.

(*) Yes, the session key itself is private information, and should not be disclosed to anyone in the class.

[edit]