This is an introductory course on computer security. I will teach this course in 4 modules. Each module consists of 5-6 lectures. The modules are described here.
Staff:
Instructor | Vijay Ganesh |
Office Hours: By appointment (DC 2530) |
TAs |
Sanu ES (ses@uwaterloo) David Cheng (x22cheng@uwaterloo) |
Office Hours: Wednesday 11 AM-12:30 PM (DC 2630) Office Hours: Wednesdays 2-3 PM (DC 2634) |
Date |
Lectures Slides |
Assigned Reading (Books chapters, papers) |
Tue May 6 |
Lecture:
Course logistics. Introduction to computer security, basic concepts such as
confidentiality, integrity, availability, policy and
mechanism, trust and assumptions. Material sourced from Matt Bishop's
book Introduction to Computer Security, and lecture slides by Professor
Bill Young of UT, Austin. |
|
Lecture (Slides 1-25) (With
permission and courtesy of Professor Dan Boneh of Stanford
University): Control hijack attacks. Buffer overflow vulnerabilities
and stack smashing attacks,
integer overflow vulnerabilities, string format vulnerabilities.
Attacks that combine different kinds of vulnerabilities. |
|
|
Lecture
(Slides 26 - 58) (With permission and courtesy of Professor Dan Boneh
of Stanford University): Techniques to prevent, detect and recover from
control hijack attacks. Typesafe languages. Address space layout
randomization (ASLR). Stack canaries. Safe libraries (LibSafe).
Heap-spraying attacks. Techniques to protect against heap-spray
attacks. Project guidlines |
|
|
Lecture:
Testing, analysis and verification for security. Automated testing
techniques, program analysis for security, fuzzing, whitebox fuzzing,
model-checking and advanced verification techniques. |
|
|
Lecture:
Basics of cryptography. One-time pad. Stream and block ciphers. MACs. Public-key cryptography. Uses of cryptography. |
|
|
Lecture: Side-channel analysis and attacks. Timing, power, cache,... |
||
Lecture: Motivation
for public-key cryptography, Basic number theory, Diffie-Hellman key
exchange protocol, RSA public-key encryption scheme, digital signatures |
||
Lecture:
Cryptographic hash functions. Properties such as collision resistance
(weak and strong), inversion resistance. How hash functions work. |
||
Midterm Solutions |
||
Lecture: Hash Functions and Message Authentication Codes (MACs). Hash Functions and Salts. |
||
Lecture 12: (also available in pptx format): Browser security. How browsers work. Same-origin Policy. JavaScript and XSS attacks. |
||
Lecture 13 (pptx format): CSRF (Cross-Site Request Forgery) attacks |
||
Review of material covered so far in preparation for the mid-term |
||
Mid-term |
||
No class |
||
Lecture 14: Click-jacking attacks (Excellent Talk by David Lin-shung Huang of CMU) ; Discussion of solutions to mid-term exam questions |
||
Lecture 15: Security in control systems by Professor Shreyas Sundaram. Detailed analysis of the Stuxnet virus. |
||
Lecture 16 (pptx format): Network security. Basics of TCP/IP and BGP. TCP Spoofing. BGP attacks. DNS cache poisoning attacks. |
||
Lecture 17 (pptx format): The problem with formal verification (undecidable) and model-checking (PSPACE-complete). Principles
of secure design: Isolation, compartmentalization, principle of least
privilege, principle of safe defaults, access control (ACLs,
capabilities and role-based). |
||
Lecture 18 (Overview of computer security concepts. Distributed Denial of Service attacks) |
||
Lecture 19 (pptx format): Lecture by Dr. Glenn Wurster from Blackberry. Security in the real world. |
Professor Dan Boneh (Stanford), Professor Matt Bishop (UC, Davis), Professor David Brumley (CMU), Professor Kevin Du (Syracuse), Professor Koushik Sen (Berkeley) , Professor William D. Young (UT, Austin), Professor Konstantin (Kosta) Beznosov (University of British Columbia), Professor Cristian Cadar (Imperial College, London)