marco
teaching » 2010 » network security
Menu:
Network Security
For general information about the course, please visit the School's page of the module. It contains the official information about learning outcomes, restrictions, prerequisites, and co-requisites, and assessment.
Description
Our daily lives are growing more dependent on an efficient, reliable and secure network infrastructure and network systems. Unfortunately, such systems are too often vulnerable (by design or due to implementation errors) and are frequent targets of attacks.
This course focuses on how to analyze the security of a networked system (which we broadly intend here to cover areas such as network protocols, web applications, etc.). Therefore, the course will present approaches and techniques to design secure systems, evaluate the security of existing ones, and detect attacks against them.
This course combines a practical, hands-on approach with the discussion of seminal and/or current research work in the area. It will present in detail real vulnerabilities, techniques that are used to exploit them, and mechanism to defend against such exploits.
Ethical issues will also be discussed.
Instructor
Marco Cova
Computer Science building, Room 235
Class schedule
Mondays, 3pm-4pm, LG33, Learning Centre
Wednesdays, 10am-11am, LT3, Sport & Exercise Science
Office hours
Wednesdays, 11am-1pm, and by appointment
Demonstrator
Ian Batten
Office hours: Thursdays 2pm, Room 245
February: Thursdays 1pm, Room 245
March: Thursdays 1pm, Room 222
Lectures
| Lecture | Readings | Material |
|---|---|---|
| Lecture 1: Introduction | (none) | slides, handout |
| Lecture 2: PGP + TCP/IP (IP, Ethernet, ARP) | (none) | slides, handout |
| Lecture 3: TCP/IP (Sniffing, ARP attacks) | (none) | slides, handout |
| Lecture 4: TCP/IP (libnet+libpcap, IP routing) | (none) | slides, handout, code |
| Lecture 5: TCP/IP (ICMP, UDP) | S. Bellovin, Security Problems in the TCP/IP Protocol Suite | slides, handout |
| Lecture 6: TCP/IP (TCP) | (none) | slides, handout |
| Lecture 7: more TCP | (none) | slides, handout |
| Lecture 8: DNS and TCP/IP recap | D. Dagon, M. Antonakakis, X. Luo, C. P. Lee, W. Lee, K. Day, Recursive DNS Architectures and Vulnerability Implications | slides, handout |
| Lecture 9: WebAppSec: SQL injection | J. Bau, E. Bursztein, D. Gupta, J. Mitchell, State of the Art: Automated Black-Box Web Application Vulnerability Testing | slides, handout |
| Lecture 10: WebAppSec: SQLi, XSS, CSRF | (none) | slides, handout, code |
| Lecture 11: WebAppSec: more attacks | (none) | slides, handout, screencast |
| Lecture 12: Drive-by-download attacks and phishing | C. Kanich, C. Kreibich, K. Levchenko, B. Enright, G. Voelker, V. Paxson, S. Savage, Spamalytics: An Empirical Analysis of Spam Marketing Conversion | slides, handout, screencast |
| Lecture 13: Botnets + underground economy | B. Stone-Gross, M. Cova, L. Cavallaro, B. Gilbert, M. Szydlowski, R. Kemmerer, C. Kruegel, G. Vigna, Your Botnet is My Botnet: Analysis of a Botnet Takeover | slides, handout, screencast |
| Lecture 14: Mark Ryan — Electronic Voting I (Guest lecture) | (none) | |
| Lecture 15: Mark Ryan — Electronic Voting II (Guest lecture) | (none) | |
| Lecture 16: Tom Chothia (Guest lecture) | (none) | |
| Lecture 17: Browser security | C. Jackson, A. Barth, A. Bortz, W. Shao, D. Boneh, Protecting Browsers from DNS Rebinding Attacks | slides, handout, screencast |
| Lecture 18: Worms | S. Staniford, V. Paxson, N. Weaver, How to 0wn the Internet in Your Spare Time (Optional) | slides, handout, screencast |
| Lecture 19: invited lecture: Paul Baccas, Sophos | (none) | |
| Lecture 20: intrusion detection systems | slides, handout | |
| Lecture 21: Module recap and Q/A | (none) | slides, handout, code |
| Lecture 22: Revision lecture I | (none) | slides, handout |
| Lecture 23: Revision lecture II | (none) | slides, handout |
Read the reading material (if any) before coming to class.
Note: the schedule is only indicative and may change as we progress.
Homework assignments
- Homework 1, due Wednesday, January 26, 12pm (noon)
- Homework 2, due
Wednesday, February 9, 11:59pm GMTMonday, February 14, 11:59pm GMT (extended) - Homework 3, due Monday, March 14, 11:59pm GMT
See the marks for the homework assignments graded so far.
Additional material
Here is a list of additional material that may be useful to better understand some parts of the course. Feel free to contribute any material that you found useful (just send me an email)!
- Linux Sequence Number Generation (TCP: Initial Sequence Number), contributed by Donato C.
- S. Friedl, An Illustrated Guide to the Kaminsky DNS Vulnerability (DNS: basic + Kaminsky attack)
- Coffee shop Internet access (TCP/IP basic: from boot to google in a public access network)