CSE 409/509 Spring 2009. System Security

Lecturer: Rob Johnson
TA: Isaac Chanin
Location: Javits 101
Time: MoFr 12:50-2:10pm
Office Hours: Rob: We 10am-12:00pm, 2313D Computer Science Building
Isaac: Mo 3:20-5:20
Home page: http://www.cs.sunysb.edu/~rob/teaching/cse509-sp09



This class will cover the major concepts in computer security. We will focus primarily on securing a single host, although network security issues will be covered whenever they are relevant. The course material will be loosely organized around the central idea that new security mechanisms are developed to support finer-grained sharing.


Requirements and Grading

Subject to tweaks throughout the semester. 409 vs. 509. Students in 409 and 509 will follow the same course outline, but will be given different homeworks, exams, and projects.

Class Notes

If you would like to earn extra credit, say, to make up for missing paper reviews, you may volunteer to write up notes for a lecture. I will count one day's notes as equivalent to one paper review. Only two people can submit notes for any given day, so check with me in advance. Notes should be submitted in text, html, postscript, or PDF format. I will post the notes on the course web page.

Note: If you have a physical, psychological, medical or learning disability that may impact on your ability to carry out assigned course work, please contact the staff in the Disabled Student Services office (DSS), Room 133, Humanities, 632-6748v/TDD. DSS will review your concerns and determine with you what accommodations are necessary and appropriate. All information and documentation of disability are confidential.

Reading Assignments

Note: the reading list may change throughout the semester.
Warning: The notes below may contain errors. Use with caution.
DateTopic/Reading assignment
1/26 Security basics: goals, threat models
Notes, Hen Fung Ng.
Notes, William Anzovino.
1/30 Trust, open design, principles of secure system design
Reflections on trusting trust, Thompson
Rudimentary treatise on the construction of locks, Tomlinson
Notes, Hen Fung Ng.
2/2 Confinement, virtual machines
No reading
Notes, Sujay Godbole.
2/6 Access Control: ACMs, HRU Theorem, Bell-Lapadula
Protection, Butler Lampson.
Notes, Rucha Lale.
2/9 Access Control: Biba, Capabilities, Revocation
The Confused Deputy, Hardy.
Notes, Nikhil Joshi.
Notes, Dong-yi Wu.
Notes, Avanti Limaje.
Notes, Goutham Meruva.
Notes, Bharti Kripalani.
2/13 Access Control: Revocation
No reading
Notes, Aravinda Kidambi.
2/16 Software security: Buffer overflows
OPTIONAL: Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns, Pincus, Baker.
Notes, Arvind Ayyangar.
Notes, Bhuvan Mital.
Notes, David Lin.
2/20 Software security: format string bugs, integer overflows, SQL injection attacks, XSS attacks, etc.
Detecting Format String Vulnerabilities With Type Qualifiers, Shankar, Talwar, Foster, Wagner.
OPTIONAL: Exploiting Format String Vulnerabilities, scut / team teso.
Notes, Pranav Jadhav.
Notes, Prachi Deshmukh
2/23 Static analysis: type qualifier inference
No reading.
Notes, Andres DelaCruz.
2/27 Static analysis: MECA
Checking System Rules Using System-Specific, Programmer-Written Compiler Extensions, Engler, Chelf, Chou, Hallem.
Notes, Arun Ponniah.
Notes, Hung Tot Ngo.
Notes, Chetan Bharadwaj.
3/2 Class canceled due to snow
3/6 Static analysis: CCured
CCured: Type-Safe Retrofitting of Legacy Code, George Necula, Scott McPeak, Westley Weimer
Notes, Ajay Venkateshan.
Notes, Rimmi Devgan.
Notes, Guarav Naigaonkar.
Notes, Hung Tot Ngo.
Notes, Kaushik Chatterjee.
3/9 Secure software design
Privtrans: Automatically Partitioning Programs for Privilege Separation, Brumley, Song.
Notes, Hung Tot Ngo.
Notes, Nick Hernandez.
3/13 Buffer overflows: the systems solution
On the Effectiveness of Address-Space Randomization, Shacham, Page, Pfaff, Goh, Modadugu, Boneh
OPTIONAL: StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks, Cowan, Pu, Maier, Walpole, Bakke, Beattie, Grier, Wagle, Zhang
OPTIONAL: PointGuard: Protecting Pointers from Buffer Overflow Vulnerabilities, Cowan, Beattie, Johansen, Wagle
Notes, Tapsie Giridher.
Notes, Nick Hernandez.
3/16 Midterm
3/20 System call interposition
Ostia: A Delegating Architecture for Secure System Call Interposition, Garfinkel, Pfaff, Rosenblum
Notes, Nikhil Joshi.
Notes, Niranjan Hasabnis.
Notes, Arun Ponniah.
Notes, Ganesh Sangle.
Notes, Srujan Gulla.
Notes, Tejas Vora.
3/23 Intrusion detection
Intrusion Detection via Static Analysis, Wagner, Dean.
Notes, Nick Hernandez.
Notes, William Anzovino.
Notes, Aneeta Bhattacharyya.
Notes, Tejas Vora.
3/27 Sandboxing, Ostia (continued)
Notes, David Lin.
3/30 Inline reference monitors
Efficient Software-Based Fault Isolation, Wahbe, Lucco, Anderson, Graham
Notes, Nick Hernandez.
Notes, David Lin.
4/3 Proof-carrying code
Proof-Carrying Code, Necula
Notes, Nick Hernandez.
4/6 Spring Break
4/10 Spring Break
4/13 Trusted computing
Terra: A Virtual Machine-Based Platform for Trusted Computing, Garfinkel, Pfaff, Chow, Rosenblum, Boneh.
Notes, Pranav Jadhav.
Notes, David Lin.
4/17 DOS
Using Client Puzzles to Protect TLS, Dean, Stubblefield.
Notes, David Lin.
4/20 Side channel attacks
TIMING: Remote Timing Attacks are Practical, Brumley, Boneh
OPTIONAL: TEMPEST: Optical Time-Domain Eavesdropping Risks of CRT Displays, Kuhn
OPTIONAL: SOUND: Keyboard Acuoustic Emanations, Asonov, Agrawal.
Notes, David Lin.
4/24 Human factors in security
The Emperor's New Security Indicators: An evaluation of website authentication and the effect of role playing on usability studies, Schechter, Dhamija, Ozment, Fischer.
Notes, Gaurav Naigaonkar.
Notes, Nick Hernandez.
Notes, Srujan Gulla.
Notes, David Lin.
4/27 Guest speaker: Art Dahnert
The Dark side of Engineering and how to defend against it
No reading
5/1 CASE STUDY: Analysis of an Electronic Voting System, Kohno, Stubblefield, Rubin, Wallach.
Notes, David Lin.
Notes, Goutham Meruva.
5/4 CASE STUDY: A Security Analysis of a Cryptographically-Enabled RFID Device, Bono, Green, Stubblefield, Juels, Rubin, Szydlo.
Notes, Nick Hernandez.
Notes, Arunkumar Senthilnathan.
Notes, Raveesh Ahuja.
Notes, David Lin.
Notes, Kudva Jayaram.
5/8 CASE STUDY: Lessons from the Sony CD DRM Episode, Halderman, Felten.
Notes, Nick Hernandez.
Notes, Sireesh Bolla.
Notes, Tapsie Giridher.
Notes, Abhiraj Butala.
Notes, David Lin.
Notes, Abishek Sharma.
Notes, Arunkumar Senthilnathan.
Final Exam