Computer Security
Instructors
- Prof. Dr.-Ing. Volker Roth
- Jan-Ole Malchow
Description
This course gives an introduction to computer security from a classical
perspective.
Time and Location
Lectures:
- Tuesdays, 16h - 18h, T9/005
- Thursdays, 12h - 14h, T9/005
Tutorials:
- Mondays, 12h - 14h, T9/055
- Mondays, 17h - 19h, T9/005
Grading
The grade will be computed as a weighted sum of the following:
Active participation requires successful completion of homework
assignments and projects and is graded on a pass / no pass basis. At
least 50% of the cumulative score is required to pass.
Assignments
Please look at this page for information on
tutorials and homework assignments.
Guest Lectures
Description
Users may be authentication by what they know, by what they have, or by
what they are. Mechanisms of the third type are called biometric access
control mechanisms. In this lecture, Dr. Ullmann gives an overview over
biometric identification mechanisms and how they are used for access
control.
Speaker
Our guest speaker, Dr. Markus Ullmann is Referatsleiter of the Bundesamt
für Sicherheit in der Informationstechnik (BSI).
Description
Technical information security rests on the proper application of security
mechanisms with the goal to counter threats to information assets.
However, even systems with flawless security mechanisms are vulnerable to
attacks that are directed against the human users of a system. The
tactics employed range from so-called social engineering to coercion, and
they are common tools for intelligence operations and industrial
espionage. In this series of guest lectures, we will give an overview
over these tactics and categorize them. Subsequently, we illustrate,
analyze and discuss how these tactics have been applied in a series of
real-world cases.
Speaker
Our guest speaker, the former aviator Christoph Remshagen, worked for
nearly two decades in the Military Counterintelligence Service. His
speciality was counter-espionage, a field on which he has regularly
lectured in front of national and international audiences, including
occasions as guest speaker at the School for the Protection of the
Constitution. For the past two years, he has been assigned to the Legal
Affairs Directorate of the German Federal Ministry of Defense.
Introduction
No lecture on Dienstag April 10, We start on Thursday
Lecture 1, Donnerstag April 12, Course information, motivation and basics
Read: ch. 1-3 of [1]
Lecture 2, Dienstag April 17, User authentication
Read: [2], [3]
Access Control Theory
Lecture 3, Donnerstag April 19, State transition security model
Read ch. 9 of [1]
Lecture 4, Dienstag April 24, Biometric identification and access control
Guest lecture by Dr. Markus Ullmann, BSI
Lecture 5, Donnerstag April 26, Access control matrix model
Read: ch. 4.7.1-4.7.3 of [4], [5], [6]
No lecture on Dienstag Mai 01, Feiertag
Lecture 6, Donnerstag Mai 03, Take-Grant protection model
Read: ch. 4.7.4 of [4], [7], [8]
Lecture 7, Dienstag Mai 08, Mandatory access control models
Read: [9], [10], [11], [12]
Lecture 8, Donnerstag Mai 10, Trojan Horses and Covert Channels
Read: [13], [14], [15]
Introduction to Information Flow Control
Lecture 9, Dienstag Mai 15, Lattice model of information flow
Read: ch.5.1 of [4], [16], [17]
No lecture on Donnerstag Mai 17, Feiertag
No lecture on Dienstag Mai 22, Security Conference Travel
No lecture on Donnerstag Mai 24, Security Conference Travel
Lecture 10, Dienstag Mai 29, Social Engineering I
Guest lecture by Christoph Remshagen, Bundesministerium für Verteidigung
Lecture 11, Donnerstag Mai 31, Security and Precision
Read: [18]
Lecture 12, Dienstag Juni 05, Social Engineering II
Guest lecture by Christoph Remshagen, Bundesministerium für Verteidigung
Lecture 13, Donnerstag Juni 07, Execution-based information flow control mechanisms
Read: ch.5.3 of [4]
Lecture 14, Dienstag Juni 12, Compiler-based information flow control mechanisms
Read: ch.5.4 of [4]
Lecture 15, Donnerstag Juni 14, Program verification with security requirements
Read: ch.5.5-5.6 of [4], [19]
Reference Monitors I
Lecture 16, Dienstag Juni 19, Hardware protection mechanisms, Secure Operating Systems and Trusted Paths
Hacking, Exploitation and Mitigation
Lecture 17, Donnerstag Juni 21, Buffer overflows
Read: [20], StackGuard
Lecture 18, Dienstag Juni 26, Format string vulnerabilities
Read: [21]
Lecture 19, Donnerstag Juni 28, Heap and integer overflows
Read: [22], [23], [24], [25]
Lecture 20, Dienstag Juli 03, Return oriented programming
Read: [26], [27]
Lecture 21, Donnerstag Juli 05, TOCTOU attacks
Read: [28], [29]
Reference Monitors II
Lecture 22, Dienstag Juli 10, Inline reference monitors
Wrapping Up
Lecture 23, Donnerstag Juli 12, Final exam
Literature
-
Morrie Gasser. Building a Secure Computer System. Van Nostrand Reinhold, 1988.
-
Oechslin, P. Making a Faster Cryptanalytic Time-Memory Trade-Off. In Proc. CRYPTO 2003.
-
A. Narayanan, V. Shmatikov. Fast dictionary attacks on passwords using time-space tradeoff. In Proc. CCS 2005.
-
Robling Denning, D. E. 1982, Cryptography and Data Security. Addison-Wesley Longman Publishing Co., Inc.
-
B. Lampson. Protection. Proc. 5th Princeton Conf. on Information Sciences and Systems, Princeton, 1971. Reprinted in ACM Operating Systems Rev. 8, 1 (Jan. 1974), pp 18-24.
-
Harrison, M. A., Ruzzo, W. L., and Ullman, J. D. 1976. Protection in operating systems. Commun. ACM 19, 8 (Aug. 1976), 461-471.
-
Snyder, L. 1981. Formal Models of Capability-Based Protection Systems. IEEE Trans. Comput. 30, 3 (Mar. 1981), 172-181.
-
Snyder, L. 1977. On the synthesis and analysis of protection systems. Proc. ACM Symposium on Operating Systems Principles (SOSP). pp. 141-150.
-
David E. Bell and Leonard J. LaPadula, Secure Computer System: Unified Exposition and MULTICS Interpretation, MTR-2997 Rev. 1, The MITRE Corporation, Bedford, MA 01730 (Mar. 1976); also ESD-TR-75-306, rev. 1, Electronic Systems Division, Air Force Systems Command, Hanscom Field, Bedford, MA 01731.
-
David Elliott Bell, Looking Back at the Bell-La Padula Model, Proc. ACSAC, pp.337-351, 2005
-
Biba, K., Integrity Considerations for Secure Computer Systems, ESD-TR-76-372, ESD/AFSC, Hanscom AFB, Bedford, MA (Apr. 1977) [NTIS ADA039324]
-
Brewer, D., Nash, M., The Chinese Wall security policy. IEEE Symposium on Security and Privacy, pp. 206-214, Oakland, May 1989
-
Thompson, K. 1984. Reflections on trusting trust. Commun. ACM 27, 8 (Aug. 1984), 761-763.
-
Lampson, B. W. 1973. A note on the confinement problem. Commun. ACM 16, 10 (Oct. 1973), 613-615.
-
Lipner, S. B. 1975. A Comment on the Confinement Problem. ACM Operating Systems Review 9(5):192-196
-
Denning, D. E. 1976. A lattice model of secure information flow. Commun. ACM 19, 5 (May. 1976), 236-243.
-
Jones, A. K. and Lipton, R. J. 1975. The enforcement of security policies for computation. In Proceedings of the Fifth ACM Symposium on Operating Systems Principles (Austin, Texas, United States, November 19 - 21, 1975). SOSP '75. ACM, New York, NY, 197-206.
-
J. S. Fenton. Memoryless Subsystems. Comput. J. 17(2): 143-147 (1974)
-
Myers, A. C. 1999. JFlow: practical mostly-static information flow control. Proc. Symposium on Principles of Programming Languages. 1999, 228-241.
-
Aleph One, 1996. Smashing the stack for fun and profit. Phrack Magazine No. 49, Nov. 1996.
-
Scut, 2001. Exploiting Format String Vulnerabilities.
-
Anonymous, 2001. Once upon a free().... Phrack Magazine 57, 9.
-
Blexim, 2002. Basic Integer Overflows. Phrack Magazine 11, 60.
-
Mark Dowd, 2008. Application-Specific Attacks: Leveraging the Action Script Virtual Machine. IBM Global Technology Services Whitepaper, April 2008.
-
Eric Chien, Peter Szor, 2002. Blended Attacks: Exploits, Vulnerabilities and Buffer-Overflow Techniques in Computer Viruses. Virus Bulletin Conference Sep. 2002, New Orleans, USA, 1-35.
-
Ryan Roemer, Erik Buchanan, Hovav Shacham and Stefan Savage, 2009. Return-Oriented Programming: Systems, Languages, and Applications. In review.
-
Ralf Hund, Thorsten Holz, Felix C. Freiling, 2009. Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms. Proc. USENIX Security Symposium, 2009.
-
Dan Tsafrir, Tomer Hertz, David Wagner, Dilma Da Silva, 2008. Portably Solving File TOCTTOU Races with Hardness Amplification. FAST, pp. 189-206.
-
Xiang Cai, Yuwei Gui, Rob Johnson, 2009. Exploiting Unix File-System Races via Algorithmic Complexity Attacks. IEEE S&P, Oakland, CA, pp.27-41.