Network Systems Security

CPSC 526 - Network Systems Security

Attacks on networked systems, tools and techniques for detection and protection against attacks including firewalls and intrusion detection and protection systems, authentication and identification in distributed systems, cryptographic protocols for IP networks, security protocols for emerging networks and technologies, privacy enhancing communication. Legal and ethical issues will be introduced.

The lectures for this course run concurrently with CPSC626. Graduate students in CPSC626 are expected to attend lectures, but are evaluated in a completely different way from students registered in CPSC526.

Course Policies

For the complete list of course policies, grading scheme, and tentative list of topics, please refer to the official course outline: http://www.cpsc.ucalgary.ca/custom/undergrad/outlines2015/f15/cpsc526and626_fall2015.pdf

Textbook

Network Security: Private Communication in a Public World, 2nd Edition by Charlie Kaufman, Radia Perlman, and Mike Speciner

A few supplemental textbooks (not required at all, just further reading or background for those interested)

• Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Schneier
• The Handbook of Applied Cryptography by Menezes, van Oorschot and Vanstone
• Unix Network Programing by W. Richard Stevens et al. http://books.google.ca/books/about/UNIX_Network_Programming.html?id=ptSC4LpwGA0C&redir_esc=y
• Interconnections: Bridges, Routers, Switches, and Internetworking Protocols, 2nd Edition http://www.informit.com/store/interconnections-bridges-routers-switches-and-internetworking-9780201634488

Grades

• Assignments: 1000 points total (100%)
• Two Homework assignments (300 points each) = 600 points
  • HW1 (assigned 11 Sept; due 1 Oct; graded 10 Oct)
  • HW2 (assigned 10 Nov; due 25 Nov; graded 5 Dec)
• Two labs (250 points)
  • EDURange Recon I + questionnaire (100pts)
  • VPN Lab + SSH Key (150 pts)
• 150 "roving" points
  • QoD (10 pts)
  • PGP Key Party (40 pts)
  • Essay (100 pts)
    • Surreptitiously Weakening Cryptographic Systems http://eprint.iacr.org/2015/097.pdf
    • A Research Agenda Acknowledging the Persistence of Passwords http://research.microsoft.com/apps/pubs/?id=154077
    • Lessons Learned in Implementing and Deploying Crypto Software http://www.usenix.org/events/sec02/full_papers/gutmann/gutmann.pdf
    • Some thoughts on security after ten years of qmail 1.0 http://cr.yp.to/qmail/qmailsec-20071101.pdf
    • Legal Issues Surrounding Monitoring During Network Research (Invited Paper) http://conferences.sigcomm.org/imc/2007/papers/imc152.pdf
    • Why Offensive Security Needs Engineering Textbooks: Or, How to Avoid a Replay of "Crypto Wars" in Security Research https://www.usenix.org/system/files/login/articles/02_bratus.pdf
    • Lawful Hacking: Using Existing Vulnerabilities for Wiretapping on the Internet http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2312107
    • Curbing the Market for Cyber Weapons http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2364658
    • If You're Typing The Letters A-E-S Into Your Code, You're Doing It Wrong http://pages.cpsc.ucalgary.ca/~locasto/teaching/2015/CPSC526/Winter/articles/Matasano.html

CPSC 626

• Project: 1000 points total (100%)
• http://pages.cpsc.ucalgary.ca/~locasto/teaching/2015/CPSC526/Fall/626/grad-projectF15.txt

Communication

We will not use D2L. Instead, we will use Piazza for class communication.

This term we will be using Piazza for class discussion. The system is highly catered to getting you help fast and efficiently from classmates, the TA, and myself. Rather than emailing questions to the teaching staff, I encourage you to post your questions on Piazza. If you have any problems or feedback for the developers, email team@piazza.com.

Find our class page at: https://piazza.com/ucalgary.ca/fall2015/cpsc526/home

Lecture Schedule

Please see the University Academic Calendar for important add/drop dates, holidays, etc.

Courses/Computer_Science/CPSC_526.F2015/Lecture Notes

This section contains the class session notes.

Tutorial Schedule

Here is the (tentative) schedule of tutorial topics.

Courses/Computer Science/CPSC 526.F2015/Tutorial_Schedule

Question of the Day (QoD)

We'll keep track of the "Questions of the day" in this file:

https://pages.cpsc.ucalgary.ca/~locasto/teaching/2015/CPSC526/Fall/qF15-anon.txt

Misc Links and Security "In the News"

• http://www.foxnews.com/politics/2015/09/24/audit-finds-slipshod-cyber-security-at-healthcaregov/?intcmp=hplnws
• Hacking Cars
  • http://www.foxnews.com/leisure/2015/08/10/how-automakers-are-trying-to-stop-hackers-from-taking-over-your-car/?intcmp=hpffo&intcmp=obnetwork
  • http://blogs.wsj.com/digits/2013/11/11/chart-a-car-has-more-lines-of-code-than-vista/
  • http://www.technologyreview.com/view/508231/many-cars-have-a-hundred-million-lines-of-code/
• http://www.foxbusiness.com/technology/2015/10/16/report-russian-hackers-breached-dow-jones-for-trading-tips/?intcmp=fnhpfbc
• http://www.symantec.com/connect/blogs/there-internet-things-vigilante-out-there - Linux.Wifatch compromises routers and other Internet of Things devices and appears to try and improve infected devices’ security.
• https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/ PDF
• http://www.getcybersafe.gc.ca/index-eng.aspx
• http://www.wired.com/2015/03/clintons-email-server-vulnerable/
• http://www.foxnews.com/tech/2014/11/07/business-payroll-systems-increasingly-vulnerable-to-hackers/?intcmp=ob_homepage_tech&intcmp=obnetwork
• http://arstechnica.com/security/2015/03/google-warns-of-unauthorized-tls-certificates-trusted-by-almost-all-oses/
• re: "Threat Intelligence" http://www.fierceitsecurity.com/story/threat-intelligence-problem/2014-10-13
• http://www.zdnet.com/article/facebook-offering-up-to-300k-in-awards-for-internet-defense-contest/
• http://www.wired.com/2014/11/michael-daniel-no-zero-day-stockpile/
• https://www.linkedin.com/pulse/security-researchers-anatomy-ryan-smith
• http://www.macdevcenter.com/pub/a/mac/2005/03/15/firewall.html
• http://www.ibiblio.org/macsupport/ipfw/
• http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/24062-146.html
• network telescope: http://www.caida.org/projects/network_telescope/
• https://github.com/silviocesare/Fuzzer

• http://www.foxnews.com/politics/2015/04/07/report-russia-behind-2014-cyber-hack-on-executive-office-computer-system-got/
• http://www.foxbusiness.com/technology/2014/11/24/as-computer-hackers-show-cars-can-be-commandeered-feds-and-automakers-aim-to/
• http://arstechnica.com/information-technology/2015/03/atts-plan-to-watch-your-web-browsing-and-what-you-can-do-about-it/
• http://www.cbc.ca/news/multimedia/from-hacking-to-attacking-a-look-at-canada-s-cyberwarfare-tools-1.3003447
• http://www.foxnews.com/tech/2014/12/30/steam-chat-spreading-dangerous-malware/?intcmp=ob_article_footer_text&intcmp=obinsite
• www.foxbusiness.com/industries/2014/12/18/digital-currencies-fueling-crime-on-dark-side-internet/
• www.foxnews.com/tech/2014/12/11/ford-ditches-microsoft-for-its-in-car-software/?intcmp=ob_article_footer_text&intcmp=obnetwork
• http://www.foxbusiness.com/technology/2014/11/20/rights-groups-release-tool-that-checks-computers-for-government-spy-software/?intcmp=ob_article_footer_text&intcmp=obinsite
• www.foxnews.com/entertainment/2014/12/15/sony-warns-some-media-outlets-to-stop-reporting-on-hacked-information/
• http://www.foxnews.com/leisure/2014/12/11/coffee-loving-hackers-decode-keurigs-secure-new-machines/?intcmp=ob_article_footer_text&intcmp=obnetwork
• www.foxbusiness.com/technology/2014/12/03/hackers-using-fake-order-confirmation-emails-to-hijack-computers/?intcmp=ob_article_footer_text&intcmp=obinsite
• www.foxbusiness.com/technology/2014/12/03/amid-debate-cyber-experts-cite-similarities-between-sony-attack-and-2013-hacks/?intcmp=ob_article_footer_text&intcmp=obinsite
• http://www.foxnews.com/politics/2014/11/25/amid-hacking-attack-state-department-info-security-still-in-shambles/?intcmp=latestnews
• www.foxnews.com/politics/2014/11/20/nsa-director-china-can-damage-us-power-grid/
• www.foxnews.com/tech/2014/10/28/samsung-knox-for-android-unsafe-to-use-researcher-says/
• http://www.foxnews.com/world/2015/03/17/south-korea-points-finger-at-north-korea-in-nuclear-operator-cyberattack/?intcmp=latestnews
• https://www.apple.com/support/security/pgp/
• http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html#traditional
• http://magazine.redhat.com/2007/08/21/a-step-by-step-guide-to-building-a-new-selinux-policy-module/
• https://wiki.debian.org/SELinux/Setup
• http://arstechnica.com/security/2011/03/how-the-comodo-certificate-fraud-calls-ca-trust-into-question/
• http://www.foxnews.com/tech/2015/04/15/gao-reports-warns-hackers-could-bring-down-plane-using-passenger-wi-fi/

• openvpn:
  • http://openvpn.net/index.php/open-source/documentation/howto.html#pki
  • http://openvpn.net/index.php/open-source/documentation/miscellaneous/78-static-key-mini-howto.html
  • https://github.com/OpenVPN/easy-rsa/blob/master/doc/EasyRSA-Readme.md
• Java crypto
  • http://www.webapper.com/blog/index.php/2007/02/09/troubleshooting-javaxnetsslsslhandshakeexception/
  • http://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#Cipher

• Fedora various
  • http://docs.fedoraproject.org/en-US/Fedora/21/html/Installation_Guide/sect-preparing-boot-media.html
  • signing keys: https://getfedora.org/en/keys/
  • defensive coding: https://docs.fedoraproject.org/en-US/Fedora_Security_Team/1/html/Defensive_Coding/index.html
  • https://getfedora.org/verify

• Kerberos
  • http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx
  • https://technet.microsoft.com/en-us/library/security/ms14-068.aspx
  • https://community.rapid7.com/community/metasploit/blog/2014/12/25/12-days-of-haxmas-ms14-068-now-in-metasploit