Computer Security
Instructor: Marius Minea
Collaborators: prof. dr. Bogdan Groza, Robert Krody, Flavius Mecea
Grading: 50% lab, 50% tests
Exam grades
Course material
Last year's course
- Introduction. Access control PDF slides
J. H. Saltzer, M. D. Schroeder. "The protection of information in computer systems". Proceedings of the IEEE 63(9):1278-1308, 1975. HTML, PDF (sec. I A 3), 10-line summary
Ken Thompson Reflections on Trusting Trust
Unix access rights (W. Pollock)
- Access Control. PDF slides
M. Bishop. Race conditions, Files and Security Flaws
(introduction; passwd and binmail examples)
- Buffer overflows. (PDF summary) Secure programming in C
Purdue course, part 1, part 2
Secure and Defensive Programming. Secure Programming for Linux and Unix HOWTO (David Wheeler)
(see slides,
details in book, ch. 5.1-5.5, ch. 6)
- Network security
Purdue course part 1, part 2
see also SYN cookies, details on DNS cache poisoning)
Firewalls (slides after Stallings/Brown textbook);
Web application security: Ch. 7; Ch. 10 (p.1-35) (see also book)
- Malware (invited lecture by Marius Tivadar, Bitdefender)
Supplementary reading: remote car hacking, see also video.
- Symmetric Cryptography (Bogdan Groza)
- Public-key Cryptography (Bogdan Groza) slides (both parts)
- Cryptography fundamentals Handbook of Applied Cryptography: Foundations (ch. 1-1.4), mathematical notions (ch. 2: conditional probability, birthday paradox, entropy, complexity, number theory); reference problems (ch. 3: problem definitions and relations between them).
- Authentication protocols (U. Edinburgh course); see also HAC, ch. 10-10.4.1, incl. ZK (Fiat-Shamir)
Authentication and key distribution protocols(U. Edinburgh course), see also HAC, ch. 12-12.2 + Kerberos, Needham-Schroeder (a)symmetric, Diffie-Hellman (12.6)
- Probabilistic Contract Signing (V. Shmatikov, p. 1-11), and Fair Exchange (S. Kremer, M. Ryan; p. 1-12)
Digital Cash (Mark Ryan, U. Birmingham)
Bitcoin (J. Johenfors, U. Linköping) -- fundamental ideas
Lab sessions
Labs week 13-14
Protocols (one lab): Week 13: Tue 8-10, Wed 16-18; Week 14: Tue, Wed 8-10.
Retakes: Cryptography Week 13, Tue 10-12; other: Week 14, Tue 10-12, Wed 16-18
Lab pages (see last year's for labs 1-7)
Many labs use instructional material from Syracuse University.
Here are the virtual machines and the user manual
Lab 13: Modeling security protocols with Scyther
Resources
Other courses
Books
Marius Minea
Last modified: Wed Jan 17 15:00:00 EET 2017