CS 325 Home Page
Topics in Advanced Security
Spring 2011
This course concentrates on the following advanced topics in computer and network security:
secure coding, computer forensics, malware analysis, and penetration testing.
Several other general topics in computer security will be covered in the text and discussed so as to round out
the coverage. Students will be asked to be more independent in this class than in CS 225, and will have to figure out
on their own how to make certain software, exploits, etc. to work. There will be more class presentations and other occasions
to actively participate. There will be less lecturing. Some of the projects will be of your own design.
Students will also have the opportunity to determine, in part, what activities they will do to fulfill the course requirements.
Further Course Information
- Course Syllabus
- Labs: The following labs are now available in Br. David's office. Email him to set up a time.
- Web goat lab 1: penetration testing
- Web goat lab 2: penetration testing
- Forensics lab 1: EnCase demo
- Forensics lab 2: bank case
- Windows network-based forensics lab (a follow-up to the above bank forensics lab) -- newest lab!
- Malware analysis lab 1
- Malware analysis lab 2
- Be sure you have gone over chapters 1, 2, 3, 4, 5, 9, 13, 18, 19, and 23 in the text.
- SANS Top 25 Most Dangerous Software Errors
- SANS What Works in Internet Security
- SANS Certifications
- SANS Reading Room
- Presentation materials. Remember that for each presentation you should provide the class with a well-written outline on paper
or something equivalent, such as PowerPoint slides. The following electronic documents are available:
- Kareen's The_5_steps_of_Malware_Analysis.pptx in the Malware Analysis folder on the course network drive.
- Bartko's Dynamic_Analysis.pptx in the MalwareAnalysis folder on the course network drive.
- The files used by James Kuhns and Tony in their steganography presentation are in the Steganography folder on the
course network drive.
|
Comic Relief
We studied security flaws due to integer overflow and how the integers wrap around. Here's an illustration of the wrap-around aspect.
Thanks to http://xkcd.com.
Note their license information.
Note on Flu
Because of the possibility of H1N1 and other types of flu affecting us on campus, please practice good
hand washing, etc.
If you get the flu, please notify me by phone or e-mail and stay home for 24 hours after the fever has gone.
Check with me about what you miss. You will not be penalized for missing class in this situtation.
It is better to stay away from class and not spread the flu when you are ill.
Resources and Links
Security
- Anti-Phishing Working Group
- @Stake Security News Network
- Browser Fun
List of browser bugs and hacks.
- Build Security In
Sponsored by Dept of Homeland Security, National Cyber Security Division.
- CastleCops
-
Center for Education and Research in Information Assurance and Security
- The Center for Internet Security
Of special note
are their free benchmarks for evaluating the security of most major operating systems,
including Windows 2000 and Linux.
- CERT Coordination Center
Reports on Internet security problems,
emails security alerts, etc.
- Chkrootkit
Web site provides software to look for
evidence of a rootkit.
- Computer Incident Advisory Capability
Run by the
Department of Energy.
- Computer System and Network Security
- Counter Hack. Ed Skoudis. Prentice Hall PTR (2002).
- CounterHack.net
Web site by Ed Skoudis.
See his challenges and scenarios in particular.
- Cross Site Request
Forgery
- CSO Online
Advertised as "the resource for
security executives".
- CWE/SANS TOP 25 Most Dangerous Programming Errors
(with resources on how to avoid these).
- E-Secure-DB
Global IT security database.
- eSecurity Online
Provides security tools,
advisories, etc.
- Exploiting Software: How to Break Code. Greg Hoglund and Gary McGraw.
Addison-Wesley Professional (2004).
- Firewalls and Internet Security: Repelling the Wily Hacker
- French Security Incident Response Team
(English version)
- Full Disclosure
- Fyodor's list of the top 100 security tools
- Hack in the Box Security Conference
- The Honeynet Project
See the challenges and whitepapers
in particular.
- ICSA Labs
- iDefense
- Incidents.org
Monitors Internet threats.
- Information Security Magazine
- Information Systems Security Association
- Infosyssec
Advertised as
"The Security Portal for Information System Security Professionals".
- Institute for Security Technology Studies
At Dartmouth College.
- Interactive illustrations of buffer overflow and other
security topics
An NSF-funded project at Embry-Riddle Aeronautical University.
- International Information Systems Security
Certification Consortium
- Internet Security Alliance
- Invisible Things Lab
Features the blue pill, the evil
maid attack, etc.
- IT Security Watch
Here is their summary of their mission: IT Security Watch audits the dynamic enterprise security landscape
and delivers you the latest and most valuable information security solutions. If you need answers about current
issues in email, internet, data, network or mobile security - or are looking for best practices on compliance,
security, or data retention policies - make IT Security Watch your first stop.
- K-OTik Security Survey
- Linux Security.com
- Malware FAQ
From SANS.
- Malware: Fighting Malicious Code Ed Skoudis with Lenny Zeltser. Prentice Hall PTR (2004).
- MegaSecurity.org
- Metasploit Project
- Microsoft Security & Privacy Page
- National Cyber-Forensics and Training Alliance
Note that they offer internships and are based in Pittsburgh.
- National Infrastructure Protection Center
- Nessus.org
- Open Source Vulnerability Database
- Openwall Project
Home of John the Ripper and other security software.
- Open Web Application Security Project
OWASP provides WebGoat and other resources.
- Oxid.it
Supplies the well-known Cain & Abel password-cracking
software and other tools.
- Packet Storm Security
- Professional Programming: Issues and Tools
This discusses security-related coding issues such as buffer overflows and mentions tools to help in writing more
secure code.
- Remote-exploit.org
- Rootkit.nl
Web site provides software to look for evidence
of a rootkit.
- SamSpade.org
- SANS: System Administration, Networking and Security Institute
This site has great security alerts, training courses, free online security materials,
the SANS/FBI top 20 vulnerability list, etc. Be sure to
look under the "about" link to find the reading room and other resources.
- Secunia
- Secure Coding: Principles and Practice
- Security Administrator
Focuses on Windows operating systems.
- Security Corporation
- Security Focus
- SecuritySpace.com
- SleuthKit.org
Provides tools for computer forensics.
- Snort.org
Home of the famous open source intrusion detection software.
- TruSecure Corporation
- US-CERT
The US Computer Emergency Readiness Team.
- Whitehats
Features security news, new intrusion detection
signatures, security tools, etc.
- Wietse's tools and papers
From the creator of TCP wrappers.
|
Hacker/Cracker
Be warned that some of the language and opinions expressed in these web sites may be offensive.
Internet Safety
Computer and Network Security Related
Thanks to all who helped to create this course.
|