Computer Security -- EDA263

Spring semester, study period 3, 2013

(Course code DIT641 for Göteborg University)

News:

[2013-04-17] The exam review will take place Friday April 26, 1145--1230, in room 5128 in the EDIT building.
[2013-03-13] The exam has been corrected and should have been reported to LADOK for both Chalmers and GU. We will announce the time for the exam review later.
[2013-03-13] A reminder -- in study period 4 we will have a project oriented course more tied to research, DAT285B. One of our research projects, CRISALIS, is mentioned in a report from Symantec to highlight the need for security for the smart grid. I hope some of you will also choose to follow this course.
[2013-03-11] Remember to bring a valid ID to the exam. Passports, Swedish driver's licences etc. are accepted but your Swedish residence permit is not a valid ID.

[2013-03-04] font style="color: black;" color="#000000">An extra session for questions and completion of previous assignments will be held on Wednesday Mars 6 13:15-17:00.
[2013-02-27] The guest lecture has been moved from Thursday Feb 28 to the following Monday. The lecture Thursday will discuss ethics, side-channel attacks etc.
[2013-02-27] Due to an upgrade of the lab 3 underlying system, some students have experienced delays doing lab 3. We apologize for the inconvenience and will change the process for next year. Let us know if you still have any problems.
[2013-01-31] The online chapter 25 is now available (before there was a broken link). It describes UNIX Security and password ageing (for lab 1). The reading instructions have been updated (for lecture 2).
[2012-12-04] New draft home page created. Content will be added during December.

[2012-10-22] The second EDA263 re-exam will be given Thursday 2013-01-17, at 14.00 – 18.00, in the V-house.
It is not possible to register for this re-exam. You can just show up there.

Course Description

Examiner: Assistant Professor Magnus Almgren, phone: 031-772 1702, email: magnus.almgren

The Computer Security course gives a broad overiew of the security area. The approach is largely technical, but the course will also address the important societal implications of security (or rather lack of security). Roughly, security deals with how to protect your system against intentional intrusions and attacks. The purpose of intrusions can be made to change or delete resourses (data, programs, hardware, etc), to get unauthorized access to confidential information or unauthorized use of the system's services. The course covers threats and vulnerabilities as well as rules, methods and mechanisms for protection. During a few lectures, a holistic security approach is taken and organizational, business-related, social, human, legal and ethical aspects are treated.

The Computer security course is the first within our Security specialization.

Last year's homepage is found here.

Recommended text book
Stallings & Brown: Computer Security,
Pearson, second edition, ISBN: 978-0-273-76449-6

Course Memo

The Course memo summarizes relevant information of the course.

Reading Instructions

Here are the reading instructions for the recommended course book (edition two): reading instructions for 2nd edition, rev. 12.

The reading instructions for the first edition are provided as is, but there are differences between the versions so we recommend that you the 2nd edition: reading instructions, 1st edition, rev. 7.

Lab Information

All information concerning the labs is found on the Lab page.

Course Material

The following course material is electronically available. Please note that the lecture slides alone do not give a full coverage of the course contents.

The lectures on Mondays are given in HA1, the lectures on Thursday and Friday are given in HC4. As per the course memo, we will only have Friday lectures for the first couple of weeks.

Lectures and slides

Lecture 1: Introduction, Threats, Vulnerabilities, Protection
(Mon 2013-01-21, 13-15 in HA1)
Course Introduction, Lab Intro, Vulnerabilities,threats, and protection mechanisms,
DL 1: Targeted Trojan Email Attacks
See also "Extra reading" = ER1 below.
Lecture 2: UNIX security, Malware I and II
(Thu 2013-01-23, 10-12 in HC4)
UNIX security, Introduction to Malware
DL 2: UNIX Security 1 (corresponds to Ch 23 in edition one of book)
DL 3: UNIX Security 2 (corresponds to Ch 23 in edition one of book)
DL 4: Salami attack

Lecture 3: Authentication, Authorization and Access Control
(Fri 2013-01-25, 1515-1700 in HC4)
Authentication and Access control, Passwords
DL2: Testing biometric methods
DL3: Bank card skimming
DL4: Password trading
DL12: Password guessing

Lecture 4: Malware I and II (cont'd)
(Mon 2013-01-28, 13-15, in HA1)
Malware II, Loveletter virus, buffer overflow intro, buffer overflow detailed

Lecture 5: Introduction to Cryptology, Signatures, PKI, CA
(Thu 2013-01-31, 10-12, in HC4)
An introduction to cryptology

Lecture 6: Malware Defences, Firewalls (and Network Security Basics),
Link and End-to-End Encryption, Operating Systems Security
(Fri 2013-02-01, 15-17, in HC4)
Malware defences, Firewalls and NW security basics
Link and End-to-End Encryption
Operating Systems security
DL7: Attacking Malicious Code

Please note: No lecture on Monday 2013-02-04.

Lecture 7: Network Attacks and Controls, Network Authentication, Kerberos, Denial-of-Service attacks
(Thu 2013-02-07, 10-12, in HC4)
Denial-of-service attacks, Network attacks+network authentication - Kerberos

Lecture 8: Intrusion Detection Systems, Intrusion Tolerance
(Fri 2013-02-08, 15-17, in HC4)
Intrusion detection systems and honeypots, Intrusion tolerance

Lecture 9: Security Policies and Models
(Mon 2013-02-11, 13-15, in HA1)
Security Policies and Models

Lecture 10: Defensive Programming and Database Security
(Thu 2013-02-14, 10-12, in HC4)
Database security, Defensive programming
Lecture 11: Security and Dependability Modeling, Risk Analysis, Key Escrow
(Mon 2013-02-18, 13-15, in HA1)
Security and Dependability modelling, Risk Analysis, Key Escrow (prel)

Lecture 12: Security Metrics, Human and Organisational Factors
(Thu 2013-02-21, 10-12, in HC4)
Security metrics, Human and Organisational Factors
DL8: A Framework for Security Metrics
DL10: Why cryptosystems fail
Lecture 13: Key Escrow Systems, Common Criteria, Spam Economics, Forensics
(Mon 2013-02-25, 13-15, in HA1)
Key Escrow, Common Criteria, Computer Forensics, Swedish Security Actors
DL11: Common Criteria - Introduction and General Model (partly)
DL13: Key Escrow systems taxonomy, DL9: The Risks of Key Recovery
DL14: Spam Economics
Lecture 14: Side-channel attacks, ethics, catchup (Kerberos, etc)
(Thu 2013-02-28, 10-12, in HC4)
Side-channel attack, data remanence, Ethics
DL15: Introduction to Side-channel attacks
DL5: Data remanence
DL16:The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research Companion
ER11
Lecture 15: guest lecture, course summary, examination
Guest lecture: Security in the Telecom business by Ulf Larson
DL16: The Athens Affair
(Mon 2013-03-04, 13-15, in HA1)

Extra Reading

Lecture 1: Here is a description of an attack and the resulting problems for a private individual. Note the difference in assumptions between Amazon and Apple regarding the privacy of the numbers of the credit card.
Lecture 3: GPU cluster guesses 350 billion passwords per second (in Swedish).
Lecture 7: DoS attack against twitter (NY Times)
Lecture 4: An article about how buffer overflows work in detail with code examples: Smashing the stack for fun and profit,
Phrack Magazine vol. 7, issue 49 Measurement theory
Lecture 5: Why cryptosystems fail
Jailbreaking your Iphone - shows how complicated attacks can be.
Lecture 8: Ptacek and Newsham: Insertion, Evasion, and Denial of Service - Eluding Network Intrusion Detection
Honey Pots and Honey Nets - Security through Deception (SANS Institute)
Lecture 10: Differential Privacy
Lecture 12: Measurement theory
About passwords, bank account and stealing
Lecture 14: The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research

Course Evaluation

Information on the process of course evaluation is found on the Course Evaluation page.
The course representatives for the course 2012/2012 are the following (all emails in chalmers domain). Please contact them with any praise / concern that you may have.
- Dina Zuko (zuko@student)
- Johan Sjöblom (sjoblomj@student)
- Andreas Åkesson (andake@student)
- Szabó Hunor (hunor@student)
- Enric Mayas (enric@student)
The introductory meeting was held Wednesday, Feb 6, 2013.
The mid-period meeting was held Tuesday, Feb 19. Some notes can be found here.

Examination dates 2013/2014

Tue 2013-03-12 pm, Wed 2013-08-28 pm and 2014-01-xx (to be announced)

Previous examinations

2013-03-12, 2013-01-17, 2012-08-29, 2012-03-08 + program for q5, 2011-08-17, 2011-01-11, 2010-10-19, 2010-08-18, 2010-01-12, 2009-10-20

The following question from the exams above is no longer applicable:
2009-10-20 - 8c

URL for this page: http://www.cse.chalmers.se/edu/course/EDA263/index.html
Latest change 2013-03-12 by Magnus Almgren