EE579 - Computer System and Network Security


Description:

The primary objectives of this course are:

EE579 Course Outline
Suggestions for Term Paper Topics


Lectures:

Mondays: 1000 - 1200 hrs  in SB4112
Tuesdays: 1100 - 1200 hrs in SB4112
Friday: 1300 - 1400 hrs in SB4112 (with CSL Research Group) (Occasional - Optional)

Thursdays: 1000 - 1200  hrs in SB4112 (5011)  (Laboratory period is soft and you are not required to attend)

Seminar Schedule

Date

Topic

Ref

Presenter

Sep 10
Unix Permissions
Useful Paper's binder - Section 5 (Arnold)
Knight
Sep 11
Unix Permissions - Part 2
Useful Paper's binder - Section 5 (Arnold) Knight
Sep 17
Password Attacks
  • Skoudis, Ed., Counter Hack Reloaded : A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition), Prentice Hall, 2005
  • Richard E. Smith, The Strong Password Dilemma, Computer Security Journal, 2002, http://www.smat.us/sanity/pwdilemma.html
Knight
Sep 18
Password Attacks - Part 2

Knight
Sep 24 Buffer over flow
Smashing The Stack For Fun And Profit
Knight
Sep 24 Heap Overflow Smashing The Heap For Fun And Profit Knight
Sep 25 IP Spoofing, Mitnik's Attack IP Spoofing, Mitnik Paquet
Oct 1
Firewalls Skoudis, Ed., Counter Hack Reloaded : A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition), Prentice Hall, 2005 Pelletier
Oct 1
Intrusion Detection Systems Northcutt McMullen
Oct 2
Access Control Access Control.ppt Knight
Oct 8
Roll-based Access Control Role-based Access Control.ppt

Oct 9
Certification Standards
Certification Standards.ppt
Knight
Oct 9
Common Criteria McMullen
Oct 15
Wireless security
Wong
Oct 15
IPSec, VPN
Pelletier
Oct 16
SSL, HTTPS
Wong
Oct 22
PKI Entrust Whitepaper: Trusted Public-Key Infrastructures McMullen
Oct 22
Backdoors, Covert Shells
  • Skoudis, Ed., Counter Hack Reloaded
  • Smith, J.C., Covert Shells, Retrieved March 4, 2006 from http://www.giac.org/certified_professionals/practicals/GSEC/0186.php, 2000.
Awosanya
Oct 23
Root kits

Paquet
Oct 29
Viruses, Worms and polymorphic code Polymorphic Shellcode Engine Using Spectrum Analysis Pelletier
Oct 29
Web based Attack, Phishing
  • Skoudis, Ed., Counter Hack Reloaded
  • http://www.antiphishing.org/phishing_archive.html
Wong
Oct 5
Attack Scenarios Buckshot Yankee, Stuxnet, et al Paquet
Nov 13
DNS Spoofing
  • Skoudis, Ed., Counter Hack Reloaded
  • DNS Spoofing Techniques By Spacefox, spacefox@securesphere.net
    Secure Sphere Crew - January 23rd, 2002
  • DNS Poisoning - Dan Kaminsky
Awosanya
Nov 13
Network Security Zones in the GoC ITSG-22/ITSG-38 Awosanya









Architecture for security

Knight





PMI Scalability Issues in PMI Deligation


DDoS, IRC controlled Trojans DDos Attacks Against grc.com, Tim Malo's Thesis


Storm Worm
Storm Worm Stuff

Scanning and fingerprinting Fyodor, Remote OS detection via TCP/IP Stack Fingerprinting, Phrack Magazine Volume 8, Issue 54 Dec 1998, article 09 of 12.

Packet Fragmentation Attacks/Fragrouter
Eluding Network Intrusion Detection,
Fragrouter


Intelligence tools, nslookup, traceroute, sam spade (reconnaissance)
Sam Spade
Bidiblah
















Labs:

Lab 1   
Extra 1,  Extra 2
Lab 2
Lab 3
Lab 4




 Links: