CSC 4992 Cyber Security Practice: Fengwei Zhang

CSC 4992 Cyber Security Practice

Winter 2018 -- Fengwei Zhang

Instructor: Fengwei Zhang
Class Location: Science and Engineering Library (SCLB) 050B
Class Time: Tuesday, Thursday 10:00AM - 11:15AM
Syllabus: [PDF]

Office Hours: Friday, 01:00PM - 02:30PM
Office Address: Maccabees Building, Room 14109.3
Homepage: http://fengwei.me
Email: fengwei (at) wayne (dot) edu

Course Description

This course provides hands-on experience in playing with security software and network systems in a live laboratory environment, with the purpose of understating real-world threats. The course will take both offensive and defense methods to help student explore security tools and attacks in practice. It will focus on attacks (e.g., buffer overflow, heap spray, kernel rootkits, and denial of service), hacking fundamentals (e.g., scanning and reconnaissance), defenses (e.g., intrusion detection systems and firewalls). Students are expected to finish intensive lab assignments that use real-world malware, exploits, and defenses.

Course Objectives

This course offers an in depth experience of real-world threats and defenses. Upon successful completion of this class, the student will gain experience in:

Understanding on real-world security vulnerabilities, exploits and defenses
Having hands-on labs in network and system security experiments
Learning knowledge of practical security problems and their solutions

Prerequisites

CSC 2110 and CSC 2111; or permission of the instructor.

Grading Policy

The grades for the course will be based upon the tables given below

Topics	Grade
Class Participation	100
Lab 1: Packet Sniffing and Wireshark	80
Lab 2: Buffer Overflows and Defenses	80
Lab 3: Scanning and Reconnaissance	80
Lab 4: Metasploit Framework	80
Lab 5: Reverse Engineering and Obfuscation	80
Lab 6: OS Security for the Internet of Things	80
Lab 7: Wireless Exploitation & Defenses	80
Lab 8: Firewalls & Intrusion Detection Systems (IDS)	80
Team Project	260
Total	1000

A	90 - 100%	C	70 - 73%
A-	87 - 89%	C-	67 - 69%
B+	84 - 86%	D+	64 - 66%
B	80 - 83%	D	60 - 63%
B-	77 - 79%	D-	57 - 59%
C+	74 - 76%	F	0 - 56%

Academic Dishonesty

Please read and adhere to the University's Academic Integrity Page and WSU Student Code of Conduct.

Student Disabilities Services

If you have a documented disability that requires accommodations, you will need to register with Student Disability Services for coordination of your academic accommodations. The Student Disability Services (SDS) office is located in the Adamany Undergraduate Library. The SDS telephone number is 313-577-1851 or 313-202-4216 (Videophone use only).

Class Schedule

Date	Topic	Reading & Notes (tentative)	Slides & Labs
Week 1, 01/09	Course overview	VMware software and Microsoft products through Dreamspark at WSU. [Link] Kali Linux - Penetration Testing Linux Distribution. [Link]	[Slides]
Week 1, 01/11	Lab 1: Packet Sniffing and Wireshark	Wireshark: Network protocol analyzer. [Link] TCPDump and LibPCAP. [Link] Packet Sniffing Basics. In Linux Journal. [Link]	[Slides] [Lab1] [VM Image]
Week 2, 01/16	Lab 1: Packet Sniffing and Wireshark
Week 2, 01/18	Lab 2: Buffer Overflows and Defenses	Smashing the Stack for Fun and Profit. Aleph One. In Phrack Volume 7, Issue 49. [Link] Local Stack Overflow (Basic Module). [Link] Debugging Under Unix: gdb Tutorial. [Link] Understanding DEP/NX [Link] DynaGuard: Armoring Canary-based Protections against Brute-force Attacks. Theofilos Petsios, Vasileios P. Kemerlis, Michalis Polychronakis, and Angelos D. Keromytis. In ACSAC'15. [Link]	[Slides] [Lab2] [VM Image]
Week 3, 01/23	Lab 2: Buffer Overflows and Defenses	Lab 1 Due
Week 3, 01/25	Lab 2: Buffer Overflows and Defenses
Week 4, 01/30	Lab 2: Buffer Overflows and Defenses
Week 4, 02/01	Lab 3: Scanning and Reconnaissance	Nmap: the Network Mapper - Free Security Scanner. [Link] Nmap man page. [Link] OpenVAS: Open Vulnerability Assessment System. [Link] Setting up OpenVAS on Kali Linux. [Link] NESSUS: Vulnerability Scanner. [Link] ZMap: Fast Internet-Wide Scanning and its Security Applications. Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. In UsenixSecurity'13. [Link] Souce Code. [Link]	[Lab3] [VM Images]
Week 5, 02/06	Lab 3: Scanning and Reconnaissance	Lab 2 Due Lab 3 (cont'd) and Team Projects Discussion.	[Team Project Proposals]
Week 5, 02/08	Lab 4: Metasploit Framework	Lab 2 Due Metasploit Framework Project Page. [Link] Metasploitable2 (Linux). [Link] Armitage: Cyber Attack Management for Metasploit. [Link]	[Lab4] [VM Images]
Week 6, 02/13	Lab 4: Metasploit Framework	Lab 3 Due
Week 6, 02/15	Lab 4: Metasploit Framework
Week 7, 02/20	Lab 4: Metasploit Framework	Team Project Proposals Due
Week 7, 02/22	Team Project Discussion	Team 1: Justin Sokana, Ian Wixson, Patrick Veltri, Aaron Zhang, Paul Weliczko, and Kristina Stevoff Team 2: Nikhil Sakpal, Vrutik Patel, Prateek Kashyap Team 3: Adam Coury, Chase Nagey, Moosab Ahsan, and Patrick Sesi, Trevor White Team 4: James Demery, Jeff Urcheck, Evan Melvin Gold Team: Louis Moreno, Jerry Andritsis, Jordan Owiesny, Hassan Eid, and Jack Mcginnis
Week 8, 02/27	Team Project Discussion
Week 8, 03/01	Lab 5: Reverse Engineering and Obfuscation	Lab 4 Due Revised Proposals Due AppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware. Wenbo Yang , Yuanyuan Zhang, Juanru Li, Junliang Shu, Bodong Li, Wenjun Hu, and Dawu Gu. In RAID'15. [Link] DexHunter: Toward Extracting Hidden Code from Packed Android Applications. Yueqian Zhang, Xiapu Luo , Haoyang Yin. In ESORICS'15. [Link] Android Software Development Kit (SDK) [Link] smali/baksmali: an assembler/disassembler for the Dex. [Link]	[Lab5] [VM Image]
Week 9, 03/06	Lab 5: Reverse Engineering and Obfuscation
Week 9, 03/08	Lab 5: Reverse Engineering and Obfuscation		[Team Projects]
Week 10, 03/13	No class	Holiday -- Spring Break
Week 10, 03/15	No class	Holiday -- Spring Break
Week 11, 03/20	Lab 6: OS Security for the Internet of Things	Lab 5 Due on Friday, March 30, 2018, 11:59 PM. Zephyr: Real Time OS for IoT - A Linux Foundation Collaborative Project [Link] Brillo: Google's Operating System for the Internet of Things. [Link] Contiki: The Open Source OS for the Internet of Things. [Link]	[Lab6] [VM Image]
Week 11, 03/22	Lab 6: OS Security for the Internet of Things
Week 12, 03/27	Lab 7: Wireless Exploitation & Defenses
Week 12, 03/29	Lab 7: Wireless Exploitation & Defenses	Lab 6 Due How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng. [Link] Security of the WEP Algorithm. [Link]	[Lab7] [VM Image]
Week 13, 04/03	Lab 7: Wireless Exploitation & Defenses	Team Projects Discussion and Lab 7.
Week 13, 04/05	Lab 8: Firewalls & Intrusion Detection Systems (IDS)	Lab 7 Due The Snort Project. Users Manual. [Link] The Linux Firewall iptables [Link] [Link]	[Slides] [Lab8] [VM Image]
Week 14, 04/10	Lab 8: Firewalls & Intrusion Detection Systems (IDS)
Week 14, 04/12	Lab 8: Firewalls & Intrusion Detection Systems (IDS)
Week 15, 04/17	Final Project Presentations	Lab 8 Due 09:59 AM. Lab 2 Resubmissions Due 09:59 AM. Class moved to Thursday
Week 15, 04/19	Final Project Presentations	Team Project Final Reports Due