CS 457/557 EE410/510 Computer and Network Security:Schedule

Warning: This schedule is tentative will change as the semester progresses!

Date	Topic	Resources / Reading	Notes/Assignments
	Week 1
Fri 1/8	Welcome and Overview		Reading Assigned: The internet worm program: an analysis Due 1/15
	Week 2
Mon 1/11	Security Process
Weds 1/13	Front Door vs Back Door Attacks; Netstat; Why Malware is so successful: Homogeneity and Extensibility
Fri 1/15	Discuss Internet Worm Reading	Wikipedia: Robert T. Morris The Cornell Commission: On Morris and the Worm RFC 1135	Quiz on reading
	Week 3
Mon 1/18	Finish security process and discussion of Internet worm Start buffer overflows lab: bufferOverflow.c , bufferOverflowMap.c , shell.c	ASCII table GDB manual Hex Editors
Weds 1/20	Buffer Overflows slides and lab continued
Fri 1/22	Characterizing Malware, Malware Tracking, CERT, US-CERT	CERT US-CERT US-CERT's Technical Cyber Security Alerts Common Vulnerabilities and Exposures (CVE) National Vulnerability Database Symantec Security Response (Business) Malware Naming Conventions Common Malware Enumeration US-CERT Malware Naming Plan Faces Obstacles CME failed Symantec Security Response Virus Definitions McAfee Virus Info Kapersky Lab Trend Micro
	Week 4
Mon 1/25	Timeline of Attacks, Current Trends, How Big is the Problem Damage Estimates Average People Scenarios	Timeline of Notable Computer Viruses and Worms CERT Historical Stats Class Input (2006): World-wide Damage Estimates GoCSI.com Attackers' Black Market Direct costs decline Cybercrime Stories
Weds 1/27	Denial of Service, Distributed denial of service, Botnets	Arbor Networks Infrastructure Security Report CERT Coordination Center: Denial of Service Attacks Dave Dittrich's Collection of DDOS links DDoS Mitigation Techniques Inferring Internet Denial-of-Service Activity	Buffer Overflow Assignment is due
Fri 1/29	MOVIE: Track-down/Take-down	Wikipedia: Kevin Mitnick Mitnick Consulting	Start reading Hackers by Steven Levy (Part 1)
	Week 5
Mon 2/1	Passwords, Biometrics , Identity	Security Engineering Ch 3 and 13
Weds 2/3	Access Control (Limit Access) Encryption (Access without understanding)	Bishop Ch 2 Security Engineering ch 4	Quiz on material before passwords
Fri 2/5	Finish Access Control, Start Security Policies: Bell-LaPadula, Biba	Bishop ch 5-7 Security Engineering ch 7-8
	Week 6
Mon 2/8	Security Policies: Healthcare data, Privacy of personal data vs Aggregated information	Bishop ch 5-7 Security Engineering ch 7-8
Wed 2/10	Portrptr, nmap Detecting and Analyzing Malware; Intro to Virus Definitions, Evolution of Virus Scanners	Wikipedia: Anti-virus Wikipedia: Anti-virus software
Fri 2/12	FEBRUARY BREAK
	Week 7
Mon 2/15	Discuss Part 1 Levy's Hackers
Weds 2/17	Rootkits, Intrusion Detection Systems, Zero Day Attacks		Start reading Scalability, Fidelity and Containment in the Potemkin Virtual Honeyfarm and Backtracing Intrusions
Fri 2/19	Logging Honeypots, Honeynets	Class Input:Syslog Class Input: Global Log Aggregation The Ins and Outs of System Logging Using Syslog	Exercise 6.3 due: Blaster worm trace Discussion and investigation questions optional
	Week 8
Mon 2/22	Potemkin; Marty Roesch visiting	Verizon Data Breach Report	Simple quiz on Potemkin; Please bring paper to class
Weds 2/24	Backtracing Intrusions		Please bring paper to class
Fri 2/26	MOVIE: Freedom Downtime	Freedom Downtime Easter Eggs
	Week 9
Mon 3/1	Security conferences, Technical project ideas	Security conferences/venues (CCS, SP, Usenix Security, etc.) Some less academic venues: BlackHat, Defcon	Simple quiz on Backtracking Intrusions
Weds 3/3	Analysis of a Backdoor program (ps, netstat, telnet, strings)
Fri 3/5	Recovery/Response: Forensics, Data and system recovery
	Week 10
Mon 3/8	Assurance, Penetration Testing	Wikipedia: Common Criteria , TCSEC OS Common Criteria Evaluations: Solaris , Windows 2000	Quiz on Passwords, Access Control and Security Policies, Logging, Intrusion Detection (No specifics on papers)
Weds 3/10	Cryptography Basics		Exercise 6.1 in Internet Protocols In Action due Discussion and Investigation Questions optional
Fri 3/12	Key Management		Initial technical project proposal (hardcopy)
	Week 11 SPRING BREAK
	Week 12
Mon 3/22	Prevention: Close off access - close ports, Firewalls,NATs, DMZ		Catchup day - any makeup work due (~2 page Potemkin, Really good map from buffer overflow hw)
Weds 3/24	Analysis of a Phishing Web Site Kit	Wikipedia: Phishing
Fri 3/26	Digital Rights Management	USACM's DRM Principles Unintended Consequences of DMCA Ed Felten's Freedom To Tinker Site
	Week 13
Mon 3/29	Digital Rights Management continued		Quiz on recovery, forensics, assurance/testing, cryptography basics
Weds 3/31	LAB: Disassembling , crackme1.zip		Exercise 6.2 due
Fri 4/2	Privacy, Anonymity, Remailers, Proxies/Crowds, Digital Cash	Bishop ch 13 Security Engineering ch 20 TOR Freenet Freenet Philosophy
	Week 14
Mon 4/5	Reflections on Trusting Trust	Quine page on Self-Reproducing Code	Read Reflections on Trusting Trust for today
Weds 4/7	Privacy and Anonymity continued
Fri 4/9
	Week 15
Mon 4/12	Digital Lifelines Testing No More Privacy: All About You
Weds 4/14	Rest of No More Privacy: All About You		Quiz on DRM and Privacy
Fri 4/16	Review and The Future? New Internet Protocols? Better Defenses Against Zero-Day Attacks, Better Distribution Systems, Better Recovery Tools		~5 page reaction to /personal conclusions on Hackers, Freedown Downtime, Takedown
	Week 16
Mon 4/19	Technical Presentations
Weds 4/21	Technical Presentations
Fri 4/23	Technical Presentations
	Week 17 FINALS WEEK
FINAL SLOT TBA	Bring technical project materials - writeup in hardcopy, all materials ( slides, source code, results, trace, etc.) sent in email

Computer and Network Security:Schedule

CS 457/557 EE 410/510

Spring 2010

MFW 1-2, Science Center 334