IT 862 Models for Computer Security

IT 862, Models for Computer Security

[Class Schedule] [Available Projects]

Instructors: Angelos Stavrou & Duminda Wijesekera
Lecture*: Wednesday 7:20 pm - 10:00pm
Room: Robinson Hall B, room B220
Laboratory: Lab times will be determined at the first meeting
Laboratory Location: Science and Technology I, room 128
Office Hours: Wednesday 5:00 - 7:00pm and by appointment

Teaching Assistant: TBD
TA Office: Adjunct office, Science & Technology I I
TA Hours: TBD
*The first class meeting will be on Wednesday, January 23rd, 7:20pm at Robinson Hall B, B220

Course Description:

This class will be focused on current research in Security with emphasis in Network and Software
Security including:

Attacks against networks and machines
Denial-of-service (Dos) attacks and defenses
Analysis of Security protocols
Firewall technologies
Forensics and diagnostics for security
Intrusion and anomaly detection Systems (IDS)
Botnets, Malicious code analysis, anti-virus, anti-spyware
Web security and Phishing attacks and countermeasures

Class Objectives:

The students will be exposed to research methodology including reading research papers,
identifying research problems, gathering and analysing the related work, and designing both
the experimental and analytical sections of a paper. The goal is to familiarize the students
with current research topics and enable them to identify interesting problems or gain deeper
knowledge on a research area. Students will be assigned to projects in research areas of
their choice.

Bibliography:

We are going to cover Research Topics using papers and online material

Grading:

Project & Presentations: 90%
Class Participation: 10%

Class Schedule

Week & Date	Course Lectures & Readings
Week 1, Jan. 23	Introduction and Class Mechanics
Week 2, Jan. 30	Anonymity and Privacy Systems Anonymous Network Connectivity: [TOR] [Onion Routing] Tor: The Second-Generation Onion Router, Roger Dingledine, Nick Mathewson, and Paul Syverson, Proceedings of the 13th USENIX Security Symposium, August 2004. Universal Re-encryption for Mixnets, Philippe Golle, Markus Jakobsson, Ari Juels, Paul Syverson, The Cryptographers' Track at the RSA Conference, 2004. Traffic Analysis: Practical Traffic Analysis: Extending and Resisting Statistical Disclosure, Nick Mathewson and Roger Dingledine. Proceedings of Privacy Enhancing Technologies workshop (PET 2004). Low-Cost Traffic Analysis of Tor, Steven J. Murdoch and George Danezis. Proceedings of the 2005 IEEE Symposium on Security and Privacy, May 2005.
Week 3, Feb. 6	Analysis of Securuty Protocols [Introduction] [Authentication] [Concurrency] Formal Methods for Cryptographic Protocol Analysis: Emerging Issues and Trends Catherine Meadows A Hierarchy of Authentication Specifications Gavin Lowe Study Network Packet Capture, Analysis tools in the Lab [Tools] From this class onwards, we will meet in the Lab Science and Technology I, room 128
Week 4, Feb. 13	Anonymity Systems - Students' Presentations Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection, Holger Dreger et.al. Proceedings of the 15th USENIX Security Symposium, August 2006. Hamsa : Fast Signature Generation for Zero-day Polymorphic Worms with Provable Attack Resilience. Zhichun Li et.al. Proceedings of IEEE Symposium on Security and Privacy 2006 On the Infeasibility of Modeling Polymorphic Shellcode Yingbo Song, et.al. Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), November 2007, Alexandria, VA
Week 5, Feb. 20	Denial of Service Attacks & Defenses Articles: Denial of Service Attacks (CERT) Estonia and Russia: A cyber-riot, The Economist, May 10, 2007 *Papers:* 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions John Bellardo and Stefan Savage, USENIX Security Symposium, 2003 Countering DoS Attacks With Stateless Multipath Overlays Angelos Stavrou and Angelos D. Keromytis. ACM Conference on Computer and Communications Security (CCS), 2005
Week 6, Feb. 27	Host-Based Intrusion & Forensics - Visitor Presentation Securing software by enforcing data-flow integrity Miguel Castro. Manuel Costa, Tim Harris, OSDI 2006 Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software James Newsome, Dawn Song, Network and Distributed System Security Symposium (NDSS ’05) Secure program execution via dynamic information flow tracking G. Edward Suh, et.al. ASPLOS 2004
Week 7, Mar. 5	Wireless Security - Current Systems & Open Problems Intercepting Mobile Communications: The Insecurity of 802.11, Nikita Borisov, Ian Goldberg, and David Wagner. MOBICOM 2001 The Final Nail in WEPs Coffin, Andrea Bittau, Mark Handley and Joshua Lackey, IEEE Symposium on Security and Privacy, 2006
Week 8, Mar. 12 no class	Spring Break, no classes
Week 9, Mar. 19	Team Discussion on Project Setup
Week 10, Mar. 26	Team Discussion on Project Setup II
Week 11, Apr. 2	Preparation and Discussions on How to write a research paper
Week 12, Apr. 9	Team Related Work Presentations (Papers to be posted)
Week 13, Apr. 16	Wireless Security Lab (Papers to be posted)
Week 14, Apr. 23	Team Related Work Presentations II (Papers to be posted)
Week 15, Apr. 30 Final	Final Presentations I
Week 16, May 7 Final	Final Presentations II

Home - Publications - Teaching - CV - Contact

Last updated:
Please feel free to send your comments and suggestions to Angelos Stavrou.
© 2008 Angelos Stavrou, Computer Science Department, George Mason University.