CS 315 Computer Security

Fall 2019 -- Fengwei Zhang

  • Instructor: Fengwei Zhang
  • Class Time: Monday 04:20PM - 6:10PM
  • Class Location: Room 403, Lichee Hill 6
  • Lab Time: Monday, 07:00PM - 08:50PM
  • Lab Location: Room 205, Teaching Building 2
  • Syllabus: [PDF]
  • Office Address: Innovation Park, Building 10, Room 501
  • Homepage: fengweiz.github.io
  • Email: zhangfw (at) sustech (dot) edu (dot) cn

Course Description

This course aims help students to learn the principles of computer security and understand how various security attacks and countermeasures work. It provides hands-on experience in playing with security software and network systems in a live laboratory environment, with the purpose of understating real-world threats. The course will take both offensive and defense methods to help student explore security tools and attacks in practice. It will focus on attacks (e.g., buffer overflow, dirty COW, format-string, XSS, and return oriented programming), hacking fundamentals (e.g., scanning and reconnaissance), defenses (e.g., intrusion detection systems and firewalls). Students are expected to finish intensive lab assignments that use real-world malware, exploits, and defenses

Course Objectives

This course offers an in depth experience of real-world threats and defenses. Upon successful completion of this class, the student will gain experience in:

Prerequisites

Familiar with Unix/Linux systems; or permission of the instructor.

Recommended Book

Wenliang Du, Computer Security: A Hands-on Approach, ISBN-13: 978-1548367947, ISBN-10: 154836794X

Grading Policy

The grades for the course will be based upon the tables given below

Academic Dishonesty

Please read and fill the Undergraduate Students Assignment Delcaration Form in Chinese and English.

Student Disabilities Services

If you have a documented disability that requires accommodations, you will need to register with the University for coordination of your academic accommodations, or let me know.

Class Schedule

Date Topic Reading & Notes (tentative) Slides & Labs
Week 1, 09/02 Course overview and Packet Sniffing
  • Computer network basics.
  • Kali Linux - Penetration Testing Linux Distribution. [Link]
  • Wireshark: Network protocol analyzer. [Link]
  • TCPDump and LibPCAP. [Link]
  • Packet Sniffing Basics. In Linux Journal. [Link]
[CourseOverview]
[Slides]
[Lab1]
[Lab1 VM Image]
Week 2, 09/09 Secure Coding and Buffer Overflows
  • Smashing the Stack for Fun and Profit. Aleph One. In Phrack Volume 7, Issue 49. [Link]
  • Local Stack Overflow (Basic Module). [Link]
  • Debugging Under Unix: gdb Tutorial. [Link]
  • Understanding DEP/NX [Link]
[Slides]
[Lab2]
[Lab2 VM Image]
[Term/Team Project Proposals]
Week 3, 09/16 Buffer Overflows and Defense Lab 1 Due
  • DynaGuard: Armoring Canary-based Protections against Brute-force Attacks. Theofilos Petsios, Vasileios P. Kemerlis, Michalis Polychronakis, and Angelos D. Keromytis. In ACSAC'15. [Link]
Week 4, 09/23 Scanning, Reconnaissance, and Penetration Testing Lab 2 Due
  • Instructor is out of town for attending ESORICS 2019. Guest Lecture by Zhenyu Ning.
  • Nmap: the Network Mapper - Free Security Scanner. [Link]   Nmap man page. [Link]
  • OpenVAS: Open Vulnerability Assessment System. [Link]   Setting up OpenVAS on Kali Linux. [Link]
  • NESSUS: Vulnerability Scanner. [Link]
  • ZMap: Fast Internet-Wide Scanning and its Security Applications. Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. In UsenixSecurity'13. [Link]   Souce Code. [Link]
[Nailgun Slides Ning]
[Lab3]
[Lab3/4 VM Images]
Week 5, 09/30 Term/Team Project Proposal Discussion and Penetraion Testing Term/Team Project Proposal Due on 09/29
Lab 3 Due
  • Metasploit Framework Project Page. [Link]
  • Metasploitable2 (Linux). [Link]
  • Armitage: Cyber Attack Management for Metasploit. [Link]
[Lab4]
[Lab3/4 VM Images]
Week X, 10/07 NO CLASS
  • National Holiday
  • Week 6, 10/14 Reverse Engineering and Obfuscation Lab 4 Due
    Revised Proposal Due
    • DexLego: Reassembleable Bytecode Extraction for Aiding Static Analysis. Zhenyu Ning and Fengwei Zhang In DSN'18. [Link]
    • DexHunter: Toward Extracting Hidden Code from Packed Android Applications. Yueqian Zhang, Xiapu Luo , Haoyang Yin. In ESORICS'15. [Link]
    • Android Software Development Kit (SDK) [Link]
    • smali/baksmali: an assembler/disassembler for the Dex. [Link]
    [Slides]
    [DexLego]
    [Lab5]
    [Lab5 VM Image]
    Week 7, 10/21 Internet of Things Security and Privacy Lab 5 Due
    Lab 5 Due on Tuesday, 10/22, 11:55pm
    • Zephyr: Real Time OS for IoT - A Linux Foundation Collaborative Project [Link]
    • Brillo: Google's Operating System for the Internet of Things. [Link]
    • Contiki: The Open Source OS for the Internet of Things. [Link]
    • IoT S&P slides from Prof. Steven M. Bellovin at Colubmia University. [Link]

    [Slides from SMB]
    [Lab6]
    [Lab6 VM Image]
    Week 8, 10/28 Wireless Exploitation and Defenses Lab 6 Due
    • How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng. [Link]
    • Security of the WEP Algorithm. [Link]
    [Slides]
    [Slides from SMB]
    [Lab7]
    [Attack Notes]
    [Video]
    [Lab7 VM Image]
    Week 9, 11/04 Firewalls and Intrusion Detection Systems (IDS) Lab 7 Due
    • The Snort Project. Users Manual. [Link]
    • The Linux Firewall iptables [Link] [Link]
    [Slides]
    [Lab8]
    [Lab8 VM Image]
    Week 10, 11/11 Dirty COW Attack Lab 8 Due
    • This lab has been tested on our pre-built SEEDUbuntu12.04 VM. [Link]
    • SEED Labs Prject by Dr. Wenliang (Kevin) Du at Syracuse University. [Link]
    • Chapter 8 of the recommended book -- Wenliang Du, Computer Security: A Hands-on Approach.
    [Slides]
    [Lab9]
    [Lab9 VM Image]
    Week 11, 11/18 Secure Coding and Format-String Vulnerability Lab 9 Due
    • Chapter 6 of the recommended book -- Wenliang Du, Computer Security: A Hands-on Approach.
    [Slides]
    [Lab10]
    [Lab10 VM Image]
    Week 12, 11/25 Web Security Lab 10 Due
    • Chapter 9, 10 of the recommended book -- Wenliang Du, Computer Security: A Hands-on Approach.
    [Slides]
    [Lab11]
    [Lab11 VM Image]
    Week 13, 12/02 Return-to-libc and Return Oriented Programming Lab 11 Due
    • The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). Hovav Shacham. In CCS'07. [Link]
    • Chapter 5 of the recommended book -- Wenliang Du, Computer Security: A Hands-on Approach.
    [Slides]
    [Lab12]
    [Lab12 VM Image]
    Week 14, 12/9 Return-to-libc and Return Oriented Programming (Continue)
    Week 15, 12/16 Course Lab Review and Term/Team Project Presentations Lab 12 Due
    Week 16, 12/23 Term/Team Project Presentations Final Project Report Due

    Acknowledgement: This course includes material from Dr. Wenliang (Kevin) Du at Syracuse University, Dr. Steven M. Bellovin at Colubmia University, Dr. Angelos Stavrou and Dr. Kun Sun at George Mason University.