CS279 - Advanced Topics in Security

Security issues impact practical aspects of our lives. To address the ever-changing set of security issues that affect applications, operating systems, and network infrastructures, it is necessary to understand the details of both the vulnerabilities that make security compromises possible and the countermeasures that are required to detect and block the attacks that exploit these vulnerabilities.

This course focuses on how to analyze the security of a computer system. Therefore, this course will present concepts and approaches that allow one to design secure systems, evaluate their security posture, and detect/deflect attacks against them.

The course mixes a practical, hands-on approach with a discussion of the current research in the field. Participants will learn how vulnerabilities are found and how these vulnerabilities can be exploited to compromise the security of a system. This knowledge is a fundamental prerequisite for the correct design of protection mechanisms. The course includes also live security exercises in a protected environment, where the knowledge about both attack and defense techniques is validated in the field.

Ethical issues will also be discussed.

Note: This class satisfies the requirements for both the "systems" and "applications" tracks of the CS graduate curriculum.

Prerequisites

The course requires very good programming/development skills (C, C++, Unix, and a scripting language, such as Python or Perl), a basic background in operating systems, and some basic knowledge about networks.

Instructor

Giovanni Vigna

Engineering I, Room 2117

Skype: Giovanni Vigna

Class schedule

Tuesdays and Thursday, 1pm-3pm, in Phelps 1401.

Office hours

By appointment.

Teaching Assistants

Ludovico Cavedon, cavedon@cs.ucsb.edu

Office hours: Tuesday 3-4pm in CSIL.

Contacting the instructor/TA

The instructor and the TA can be contacted by sending an email to cs279@cs.ucsb.edu.

Every student must have a CS account and must subscribe to the cs279-users mailing list. The mailing list will be used to distribute last-minute information about the class.

Information about the mailing list is available at lists.cs.ucsb.edu.

Topics

• Introduction, History, and Ethics
• A Crash Course On Cryptography
• Network Vulnerability Analysis
• Botnets
• Protocol Vulnerability Analysis
• Network Protection and Intrusion Detection
• Application Vulnerability Analysis
• Web Application Vulnerability Analysis
• Conclusions

Course material

The course does not have a textbook.

Several of the topics covered during the course will be supported by material distributed by the instructor.

Course requirements

There will be homework assignments, a midterm, and a final. In addition, students will participate in one or more live security exercises.

The final grade will be determined according to the following weight:

• Homeworks: 70%
• Midterm (October 27, during class): 10%
• Final (December 3, during class): 10%
• Live Exercise (December 4, 8am-5pm in CSIL): 10%

Homework Assignments

• Homework 1
• Homework 2
• Homework 3
• Homework 4
• Homework 5

Food 4 Security Thoughts

• October 1, 2009
• October 6, 2009
• October 8, 2009
• October 13, 2009
• October 20, 2009
• October 22, 2009
• October 27, 2009
• October 29, 2009
• November 3, 2009
• November 10, 2009
• November 12, 2009
• November 19, 2009

---

Giovanni Vigna - http://www.cs.ucsb.edu/~vigna