CMPSCI 177: Computer Security and Privacy

Class Syllabus

Course Google Group

Overhead Transparencies

• Introduction (pdf)
• Cryptography (pdf)
• Malware (pdf)
• Security Principles (pdf)
• Formal Security Models (pdf)
• Authentication (pdf)
• Torpig Botnet Takeover (pdf)
• Internet Security (pdf)
• Lattice Security Model (pdf)
• Noninterference Security Model (pdf)
• Buffer Overflows (pdf)
• Introduction to Intrusion Detection (pdf)
• Online Banking (pdf)

Reading Assignments

• Bishop Chapter 1
• "Software Engineering Encyclopedia Article" by Kemmerer (pdf)
• Bishop Chapter 8
• "Malware - Background and Motivation" by Christopher Kruegel (pdf)
• Bishop Chapter 12
• Bishop Chapters 4 and 5
• Bishop Chapter 6
• Bishop Chapter 11
• "Your Botnet is My Botnet: Analysis of a Botnet Takeover by Stone-Gross, et. al.
• Bishop Chapter 23
• Bishop Chapter 15 and 27
• "Security Policies and Security Models" by J.A. Goguen and J. Meseguer (pdf)
• Smashing The Stack For Fun And Profit by Aleph One
• Bishop Chapters 21 and 22
• "A Comprehensive Approach to Intrusion Detection Alert Correlation" by Valeur, Vigna, Kruegel and Kemmerer - THIS IS OPITIONAL READING (pdf)
• "Security Testing of the Online Banking Service of a Large International Bank" by dos Santos, Vigna, and Kemmerer (pdf)

Homework Assignments

• Homework 1 -- Security Terms and Obtaining Security Information (pdf)
• Homework 2 -- Vulnerability Information (pdf)
• Homework 3 -- Crypto Analysis (pdf),
• -- ascii for cryptograms
• Homework 4 -- Malware DES, and Public Key (pdf)
• Homework 5 Security Policies (pdf)
• Homework 6 -- Password Cracking (pdf)
• Homework 7 -- Lattice Model and Noninterference Model (pdf)
• Homework 8 (Optional) Auditing and Intrusion Detection (pdf)

Homework Solutions

Handouts

• Personal Questionnaire (pdf)
• DES 16 round example - courtesy of Prof. Konheim (pdf)
• Final Topics (pdf)

---

Last modified: December 2, 2009 by Dick Kemmerer
mailto: kemm AT cs.ucsb.edu