Computer Security -- EDA263
Spring semester, study period 3, 2014
(Course code DIT641 for Göteborg University)
News:
- [2014-10-01] The new home page for 2014/2015 can be found here.
- [2014-10-01] The course will participate in the Syssec 10k challenge to increase awareness.
- [2014-03-31] The exam review is scheduled for 2014-05-22, 11:30-13:00 in room EDIT 6128 Grouproom.
- [2014-03-31] The exam has been corrected and should have been reported to LADOK for both Chalmers and GU. We will announce the time for the exam review later after I have checked availability of TA:s.
- [2014-03-13] If you liked the security course, we also recommend DAT300 with seminar style presenations and projects.
- [2014-03-05] Reading instructions are updated and all slides / material posted under the corresponding lectures below. Note that some of the extra reading for the Microsoft lecture is now posted correctly under "extra reading".
- [2014-02-14] Note that there are no more lectures Friday afternoons, unless specifically posted here. Thus, no lecture this afternoon.
- [2014-02-13]
There are a number of slides connected to the Microsoft talk next
Thursday, posted below under the lecture time. One is a forensic
deduction exercise -- you arrive at a crime scene and you find only
three files. What will you do?
- [2014-02-13]The January reexamination has been corrected and reported. Please email me to book a time for exam review.
- [2014-02-05] Here is a flier for the Microsoft talk -- please feel free to share it to your friends.
- [2014-01-31] Please verify that your email account is setup properly for Lab 2 by following the Lab 2 email setup instructions.
- [2014-01-24] For the interested students, a few more details about the password stealing part of the loveletter worm can be cound here.
- [2014-01-23]
We are still missing a course representative from GU. Please email
Magnus Almgren if you plan to attend the course and would like to be
course representative.
- [2014-01-23]
The guest lecture from Microsoft will be given by Jorge Carrillo
Thursday, February 20. During the first hour (10--11), he will speak
about Digitial Forensics. The second hour will be devoted to a Q&A
session. Please check his homepage and pose questions we can forward to him.
- The reexamination will take place Saturday 2014-01-18, in the morning. Remember to bring a valid ID to the exam. Passports, Swedish driver's licences etc. are accepted but your Swedish residence permit is not a valid ID.
- [2014-01-03] The reexamination will take place Saturday 2014-01-18, in the morning. Remember to bring a valid ID to the exam. Passports, Swedish driver's licences etc. are accepted but your Swedish residence permit is not a valid ID.
- [2014-01-03] The site for 2014 is up but under constructions. Last year's homepage is found here.
Course Description
Examiner: Assistant Professor Magnus Almgren, phone: 031-772 1702, email: magnus.almgren
The Computer Security course gives a broad overiew of the security
area. The approach is largely technical, but the course will also
address the important societal implications of security (or rather lack
of security). Roughly, security deals with how to protect your system
against intentional intrusions and attacks. The purpose of intrusions
can be made to change or delete resourses (data, programs, hardware,
etc), to get unauthorized access to confidential information or
unauthorized use of the system's services. The course covers threats
and vulnerabilities as well as rules, methods and mechanisms for
protection. During a few lectures, a holistic security approach is
taken and organizational, business-related, social, human, legal and
ethical aspects are treated.
The Computer security course is the first within our Security specialization.
Recommended text book
Stallings & Brown: Computer Security,
Pearson, second edition, ISBN: 978-0-273-76449-6
Course Memo
The Course memo summarizes relevant information of the course.
Reading Instructions
Here are the reading instructions for the recommended course book (edition
two): reading instructions for 2nd edition, rev. 140305-A.
The reading instructions for the first edition were provided last year
and can be found on last year's homepage. However, these are not
updated and there are differences between the versions so we recommend
that you use the 2nd edition book (and always check the latest version
of the reading instructions for the 2nd edition for changes).
Lab Information
All information concerning the labs is found on the Lab page.
Course Material
The following course material is electronically available. Please note
that the lecture slides alone do not give a full coverage of the course
contents.
All lectures are given in HC4. As per the course memo, we will only have Friday lectures for the first couple of weeks.
Lectures and slides
- Lecture 1: Introduction, Threats, Vulnerabilities, Protection
(Mon 2014-01-20, 13-15)
Course Introduction, Lab Intro, Vulnerabilities, threats, and protection mechanisms.
DL 1: Targeted Trojan Email Attacks
See also "Extra reading" = ER1 below.
- Lecture 2: UNIX security, Malware
(Thu 2014-01-23, 10-12)
UNIX security, Introduction to Malware
DL 2: Salami attack
- Lecture 3: Malware II (cont'd)
(Fri 2014-01-24, 15-17)
Malware II, Loveletter virus, buffer overflow intro, buffer overflow detailed
- Lecture 4: Authentication, Authorization and Access Control
(Mon 2014-01-27, 13-15)
Digital Watermarking, Authentication and Access control, Passwords, smartphone malware
DL 3: Password trading, DL 4: Password guessing, DL 5: Smartphone malware, DL 6: Testing biometric methods, DL 7: Bank card skimming
- Lecture 5: Introduction to Cryptology, Signatures, PKI, CA
(Thu 2014-01-30, 10-12)
An introduction to cryptology
- Lecture 6: Malware Defences, Firewalls (and Network Security Basics), Link and End-to-End Encryption, Operating Systems Security
(Fri 2014-01-31, 15-17)
Link and End-to-End encryption, Firewalls and NW Security Basics, Operating System Security, Malicious Code Defences, DL 8: Attacking Malicious Code
- Lecture 7: Network Attacks and Controls, Network Authentication, Kerberos, Denial-of-Service attacks
(Mon 2014-02-03, 13-15)
Denial-of-service attacks, Network attacks + network authentication -- Kerberos, Certificates and Trust
- Lecture 8: Intrusion Detection Systems, Intrusion Tolerance
(Thu 2014-02-06, 10-12)
Intrusion detection systems and honeypots, Intrusion tolerance, Kerberos vulnerability example
- Lecture 9: security and dependability modelling, risk analysis
(Fri 2014-02-07, 15-17)
Security
and Dependability modelling, Risk
Analysis
- Lecture 10: security metrics, human and organisational factors
(Mon 2014-02-10, 13-15)
Security Metrics, Human and Organisational Aspects
DL9: Identifying Suitable Attributes for Security and Dependability Metrication
DL10: Why cryptosystems fail
- Lecture 11: Security Policies and Models
(Thu 2014-02-13, 10-12)
Security Policies and Models
- Friday, 2014-02-14: NO LECTURE
- Lecture 12: Database security and Defensive programming
(Mon 2014-02-17, 13-15)
Database security, Defensive programming
- Lecture 13: Cyber-Forensics: Is It Possible? Guest lecture by Jorge Carrillo from Microsoft
(Thu 2014-02-20, 10-12)
forensic slides, DL18: NIST Forensic publication (executive summary + chapter 1,2,3)
- Lecture 14: Common Criteria, guest lecture by Magnus Ahlbin and Emilie Barse + key escrow, Swedish security actors and spam economics
(Mon 2014-02-24, 13-15)
Common criteria, Key escrow, Swedish security actors
DL11: Common Criteria - Introduction and General Model (partly)
DL12: Key Escrow systems taxonomy, DL13: The Risks of Key Recovery
DL14: Spam Economics
- Lecture 15: Side-channel attacks, ethics, course summary, examination
(Thu 2014-02-27, 10-12)
Side-channel attack, data remanence, Ethics
DL15: Introduction to Side-channel attacks
DL16: Data remanence
DL17:The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research Companion (overviewish)
ER11
Extra Reading
- Lecture 1: Here is a description of an attack and the resulting problems for a
private individual. Note the difference in assumptions between Amazon
and Apple regarding the privacy of the numbers of the credit card.
- Lecture 3: An article about how buffer overflows work in detail with code examples: Smashing the stack for fun and profit, Phrack Magazine vol. 7, issue 49
Jailbreaking your Iphone - shows how complicated attacks can be. Note the discussion about Address Space Layout Randomization, ASLR.
- Lecture 4: GPU cluster guesses 350 billion passwords per second (in Swedish).
- Lecture 5: Why cryptosystems fail
- Lecture 7: DoS attack against twitter (NY Times)
- Lecture 8: Ptacek and Newsham: Insertion, Evasion, and Denial of Service - Eluding Network Intrusion Detection
Honey Pots and Honey Nets - Security through Deception (SANS Institute)
- Lecture 10: Measurement theory
- Lecture 11: A security model for military message systems: Retrospective, Carl E. Landwehr, Constance L. Heitmeyer, John D. McLean (accessible from Chalmers network)
- Lecture 10: Differential Privacy
- Lecture 13: (1) Warm up forensic deductions with (2) the file out2.xlsx and (3) the file contacts.xlsx
Trends of 2020 (what are your throughts?) Historical reading: Computer network abuse act
- Lecture 15: The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research
Course Evaluation
- Information on the process of course evaluation is found on the Course Evaluation page.
- The
course representatives for the course 2013/2014 are the following
(still missing a GU representative): (all emails in the chalmers
domain, student.chalmers.se)
Please contact them with any praise / concern that you may have.
- HENRIK ERNSTSSON, henern@..., MPALG
- DANIEL FALLSTRAND, danfal@..., MPCSN
- JESPER LUNDQVIST, ljesper@..., MPALG
- KATRIN RIEMER, katrinr@, Erasmus
- MARTIN WILBERS, wilbers@, Erasmus
- potential GU representative?
- Introductory meeting took place Thursday, February 23, 2014
- The mid-period meeting will be held Thursday, Feb 13. A summary will be posted here.
Examination dates 2014/2015
Sat 2014-01-18 am, Sat 2014-03-15 am, 2014-08-27 pm
Previous examinations
2014-03-15, 2014-01-18,
2013-08-28, 2013-03-12, 2013-01-17, 2012-08-29, 2012-03-08 + program for q5 2011-08-17, 2011-01-11, 2010-10-19, 2010-08-18, 2010-01-12, 2009-10-20
The following question from the exams above is no longer applicable:
2009-10-20 - 8c
URL for this page: http://www.cse.chalmers.se/edu/course/EDA263/index.html
Latest change 2014-02-17 by Magnus Almgren