Course Syllabus

Spring 2021


Lecture 1: Tue 3/30/21 (DB)	Course overview [pdf, pptx] Readings: Reflections on Trusting Trust, Ken Thompson
Part 1: Basics

Lecture 2: Thu 4/ 1/21 (DB)	Control hijacking attacks: exploits [pdf, pptx] Readings: Hacking blind, A. Bittau et al. Basic Integer Overflows, blexim Use after free exploit example, K. Winterborn Bypassing Browser Memory Protections, A. Sotirov, M. Dowd

Lecture 3: Tue 4/ 6/21 (DB)	Control hijacking attacks: defenses [pdf, pptx] Readings: Return oriented programming, H. Shacham et al. Control flow integrity, M. Abadi et al. ARM Memory Tagging Extension and How It Improves C/C++ Memory Safety, K. Serebryany

Lecture 4: Thu 4/ 8/21 (ZD)	Principle of least privilege, access control, and operating systems security [pdf, key] Readings: SetUID Demystified, Chen, Dean, and Wagner, 2002. Operating Systems Security, T. Jaeger, 2008. Chapter 4, Security in Ordinary Operating Systems.

Lecture 5: Tue 4/13/21 (DB)	Isolation and sandboxing [pdf, pptx] Readings: Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools, T. Garfinkel Efficient Software-Based Fault Isolation, Robert Wahbe, et al.

Lecture 6: Thu 4/15/21 (inv)	Testing for vulnerabilities using fuzzing, static, and dynamic analysis: Brandon Azad [pdf] Readings: How hackers look for bugs, by Dave Aitel An example: Exploiting Broadcom’s Wi-Fi Stack, by Gal Beniamini, Google project zero. Real world fuzzing, by Charlie Miller Effective Bug Discovery, vf. Ashcraft and Engler: Using Programmer-Written Compiler Extensions to Catch Security Holes. pdf, Sections 1-2. Bau, Wang, Bursztein, Mutchler and Mitchell: Vulnerability Factors in New Web Applications. pdf
Part 2: Web Security

Lecture 7: Tue 4/20/21 (ZD)	Basic web security model [pdf, key] Readings: Securing Browser Frame Communication. Adam Barth, Collin Jackson, and John C. Mitchell Analyzing and Defending Against Web-based Malware. J. Chang et al. Exposing private information by timing web applications. A. Bortz, D. Boneh, and P. Nandy Web workers Content Security Policies Sandboxed iFrames cors

Lecture 8: Thu 4/22/21 (ZD)	Web application security [pdf, key] Readings: Cross site scripting explained, Amit Klein SQL Injection attacks, Chris Anley Robust Defenses for Cross-Site Request Forgery. Adam Barth, Collin Jackson, and John C. Mitchell

Lecture 9: Tue 4/27/21 (DB)	Brief overview of cryptography [pdf, pptx] Readings: The BREACH attack: encryption and compression don't mix, by Gluck, Harris, and Prado

Lecture 10: Thu 4/29/21 (DB)	Web session management [pdf, pptx] Readings: Secure Session Management With Cookies for Web Applications. Chris Palmer Origin Cookies: Session Integrity for Web Applications. by Bortz et al.

Lecture 11: Tue 5/ 4/21 (DB)	HTTPS: goals and pitfalls [pdf, pptx] Readings: ForceHTTPS: protecting high-security web sites from network attacks, by A. Barth and C. Jackson The case for short-lived certificates. by Topalovic et al.
Part 3: Network security

Lecture 12: Thu 5/ 6/21 (ZD)	Internet Protocol Security [pdf, key] Readings: A look back at Security Problems in the TCP/IP Protocol Suite, S. Bellovin, ACSAC 2004. BGP Security in Partial Deployment, Lychev, Goldberg, Schapira, 2013. DNS cache poisoning, Steve Friedl

Lecture 13: Tue 5/11/21 (ZD)	Internet Protocol Security Contd. and DDoS [pdf, key] Readings: A Security Evaluation of DNSSEC with NSEC3, J. Bau and J.C. Mitchell Distributed Firewalls, S. Bellovin Bro: A System for Detecting Network Intruders in Real-Time, V. Paxon

Lecture 14: Thu 5/13/21 (ZD)	DoS Attacks and Network Defenses [pdf, key] Readings: DDoS amplification attack statistics, 2017 The real cause of large DDoS - IP Spoofing, Marek Majkowski, 2018. Practical network support for IP Traceback, S. Savage, et al. A DoS-Limiting Network Architecture, Yang, Wetherall, and Anderson
Part 4: Security of mobile platforms

Lecture 15: Tue 5/18/21 (ZD)	Android and iOS: mobile platform security architecture [pdf, key] Readings: TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, Enck et al. iOS Security, iOS 10. How to fake a fingerprint and break into a phone.

Lecture 16: Thu 5/20/21 (inv)	Topics in Android security: Ashwini Oruganti (Google) [pdf] Readings: The Android Platform Security Model, 2019. A Large-Scale Study of Mobile Web App Security P. Mutchler, A. Doupe, J. Mitchell, C. Kruegel, and G. Vigna.
Part 5: Odds and ends

Lecture 17: Tue 5/25/21 (DB)	Processor and microarchitecture security: Intel SGX and the Spectre attack [pdf, pptx] Readings: Shielding Applications from an Untrusted Cloud with Haven Spectre Attacks: Exploiting Speculative Execution Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX

Lecture 18: Thu 5/27/21 (ZD)	Privacy, Anonymity, and Censorship [pdf, key] Readings: Tor: the second-generation onion router

Lecture 19: Tue 6/ 1/21 (ZD,DB)	Recent Breaches + Security AMA with Dan and Zakir

Lecture 20: Thu 6/ 3/21 (inv)	Final invited lecture: Diana Smetters (Google) [pdf]

CS155 Computer and Network Security

Course Syllabus

Spring 2021