Computer Security


Instructor: Marius Minea
Collaborators: dr. Bogdan Groza, Robert Krody, Flavius Mecea

Grading: 50% lab, 50% tests
Exam grades

Course material

Last year's course
  1. Introduction. Access control PDF slides
    J. H. Saltzer, M. D. Schroeder. "The protection of information in computer systems". Proceedings of the IEEE 63(9):1278-1308, 1975. HTML, PDF (sec. I A 3), 10-line summary
    Ken Thompson Reflections on Trusting Trust
    Unix access rights (W. Pollock)
  2. Access Control. PDF slides
    M. Bishop. Race conditions, Files and Security Flaws (introduction; passwd and binmail examples)
  3. Buffer overflows. (PDF summary) Secure programming in C
    Purdue course, part 1, part 2
    Secure and Defensive Programming. Secure Programming for Linux and Unix HOWTO (David Wheeler)
    (see slides, details in book, ch. 5.1-5.5, ch. 6)
  4. Network security
    Purdue course part 1, part 2
    see also SYN cookies, details on DNS cache poisoning)
    Firewalls (slides after Stallings/Brown textbook);
    Web application security: Ch. 7; Ch. 10 (p.1-35) (see also book)
  5. Malware (invited lecture by Marius Tivadar, Bitdefender)
    Supplementary reading: remote car hacking, see also video.
  6. Symmetric Cryptography (Bogdan Groza)
  7. Public-key Cryptography (Bogdan Groza) slides (both parts)
  8. Cryptography fundamentals Handbook of Applied Cryptography: Foundations (ch. 1-1.4), mathematical notions (ch. 2: conditional probability, birthday paradox, entropy, complexity, number theory); reference problems (ch. 3: problem definitions and relations between them).
  9. Authentication protocols (U. Edinburgh course); see also HAC, ch. 10-10.4.1, incl. ZK (Fiat-Shamir)
    Authentication and key distribution protocols(U. Edinburgh course), see also HAC, ch. 12-12.2 + Kerberos, Needham-Schroeder (a)symmetric, Diffie-Hellman (12.6)
  10. Probabilistic Contract Signing (V. Shmatikov, p. 1-11), and Fair Exchange (S. Kremer, M. Ryan; p. 1-12)
    Digital Cash (Mark Ryan, U. Birmingham)
    Bitcoin (J. Johenfors, U. Linköping) -- fundamental ideas

Lab sessions

Labs week 13-14
Protocols (one lab): Week 13: Tue 8-10, Wed 16-18; Week 14: Tue, Wed 8-10.
Retakes: Cryptography Week 13, Tue 10-12; other: Week 14, Tue 10-12, Wed 16-18

Lab pages (see last year's for labs 1-7)

Many labs use instructional material from Syracuse University.
Here are the virtual machines and the user manual
Lab 13: Modeling security protocols with Scyther

Resources

Other courses

Books


Marius Minea
Last modified: Wed Jan 17 15:00:00 EET 2017