CSE 127, Winter 2021
Intro to Computer Security


Instructor:
  Nadia Heninger (nadiah at cs dot ucsd dot edu)
  Office hours: Tuesday 3:30pm until there are no more questions on Zoom

TAs:
  Patrick Liu Office Hours: Wednesday 3pm
  Keegan Ryan Office Hours: Friday 1pm
  George Sullivan Office Hours: Thursday 11am
  Kevin Yu Office Hours: Monday 6pm

Lectures:
  Tuesday/Thursday 2:00pm-3:20pm, via Zoom (meeting information posted on Canvas; lectures will be recorded and posted to Canvas afterward)

Discussion:
  Wednesday 2:00pm-2:50pm, via Zoom

Class Resources:
  Lecture information and gradebook on Canvas
  Q&A on Piazza
  Assignment submission on Gradescope

Grading:
  60%: Homework assignments
  25%: Exam
  10%: Scribe notes
  5%: Participation


Course Overview

This course focuses on computer security, covering a wide range of topics on both the defensive and offensive side of this field. Among these will be systems security and exploitation (e.g., buffer overflows and return-oriented programming), sandboxing and isolation, side channels, network security, cryptography, privacy and anonymity, and legal and ethical issues. The goal of the course is to provide an appreciation of how to think adversarially with respect to computer systems as well as an appreciation of how to reason about attacks and defenses.

To complete the projects in this course, you will need to be able to write code in C and (some) C++, and have some understanding of x86 assembly, JavaScript, PHP and SQL. We will not teach these in lecture; you are expected to learn them on your own or ask for help in section or office hours. If you don't know C, K&R's The C Programming Language is a go to, but the Hacking book is probably enough and covers x86 assembly and many of the topics in this class.


Tentative Schedule

Topic References Assignments
1/5 Introduction and threat modeling

Lecture slides
This World of Ours by James Mickens
Usenix Security '18 Keynote by James Mickens

Optional further reading:
The Security Mindset by Bruce Schneier
The Security Mindset and "Harmless Failures" by Ed Felten
How to think like a security professional by Yoshi Kohno
1/6 Discussion: Assignment 1 Discussion 1 slides Assignment 1 available
1/7 Buffer overflow attacks

Lecture slides
Smashing the stack for fun and profit by Aleph One

Optional further reading:
0x200-0x270, 0x300-0x320 from Hacking
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade by Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole
1/12 Buffer overflow defenses

Lecture slides
ASLR
NOEXEC
1/13 Discussion: Assignment 2 Discussion 2 Slides Assignment 1 due
Assignment 2 available
1/14 Memory safety

Lecture slides
Low-level Software Security by Example by Ulfar Erlingsson, Yves Younan, and Frank Piessen
Understanding glibc malloc

Optional further reading:
Return-Oriented Programming: Systems, Languages, and Applications by Ryan Roemer, Erik Buchanan, Hovav Shacham, and Stefan Savage
Hacking Blind by Andrea Bittau, Adam Belay, Ali Mashtizadeh, David Mazieres, Dan Boneh
Control-Flow Integrity by Martin Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti
1/19 Sandboxing and isolation

Lecture slides
The Road to Less Trusted Code: Lowering the Barrier to In-process Sandboxing by Tal Garfinkel, Shravan Narayan, Craig Disselkoen, Hovav Shacham, and Deian Stefan

Optional further reading:
Operating System Security by Trent Jaeger
Android System and kernel security
iOS Security Guide
1/20 Discussion: Assignment 3
Discussion 3 Slides
sploit4 Supplemental Slides
1/21 Side channels

Lecture slides
Assignment 3 available
1/23 Assignment 2 due
1/26 Malware

Lecture slides
Optional further reading:
Hacking Team and the Targeting of Dissent by Morgan Marquis-Boire
Users Really Do Plug in USB Drives They Find by Tischer et al.
W32.Stuxnet Dossier by Falliere et al.
Reflections on Trusting Trust by Ken Thompson
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
Measuring the cost of cybercrime by Ross Anderson et al.
Spamalytics: An empirical analysis of spam marketing conversion by Chris Kanich et al.
PharmaLeaks: Understanding the business of online pharmaceutical affiliate programs by Damon McCoy et al.
1/27 Discussion: Security Industry
1/28 Web intro

Lecture slides
CSRF, XSS, SQLi notes
SQL Injection

Optional further reading:
Web technology for developers
Browser Security Handbook: Basic concepts behind web browsers
1/29 Assignment 3 due
2/2 Web attacks and defenses

Lecture slides
Robust defenses for cross-site request forgery by Adam Barth, Collin Jackson, and John C. Mitchell
2/3 Discussion: Assignment 4
Discussion Slides
Assignment 4 available
2/4 Network intro

Lecture slides
Optional further reading:
Wikipedia: Autonomous System
Wikipedia: OSPF routing
Wikipedia: Border Gateway Protocol
Wikipedia: User Datagram Protocol
Wikipedia: Transmission Control Protocol
Wikipedia: Domain Name System
2/9 Network attacks

Lecture slides
Security problems in the TCP/IP protocol suite by Steven Bellovin
A Look Back at "Security Problems in the TCP/IP Protocol Suite" by Steven Bellovin
SAD DNS Explained by Marek Vavrusa and Nick Sullivan
Optional further reading:
2/10 Discussion: Assignment 5
Discussion Slides
Assignment 5 available
2/11 Network defenses

Lecture slides
NAT Slipstreaming by Samy Kamkar
2/12 Assignment 4 due
2/16 Symmetric cryptography

Lecture slides
Ch. 5 of Security Engineering by Ross Anderson

Optional further reading:
Communication Theory of Secrecy Systems by Shannon
2/17 Discussion: Assignment 5 Continued
Discussion Slides
2/18 Public-key cryptography

Lecture slides
Ch. 5 of Security Engineering by Ross Anderson

Optional further reading:
Modular arithmetic lecture notes from Berkeley CS 70
Basic number theory lecture notes from Boaz Barak
New Directions in Cryptography by Whitfield Diffie and Martin E. Hellman
2/19 Assignment 5 due
2/23 TLS and secure channels

Lecture slides
The Illustrated TLS 1.2 Connection
The Illustrated TLS 1.3 Connection
2/24 Discussion: Assignment 6
Discussion Slides
Assignment 6 available
2/25 Authentication and passwords

Lecture slides
3/2 Privacy and anonymity

Lecture slides
Ch. 25 of Security Engineering by Ross Anderson

Optional further reading:
Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 by Alma Whitten and Doug Tygar
Tor: The Second-Generation Onion Router by Roger Dingledine, Nick Mathewson, and Paul Syverson
Bernstein v. United States
Off-the-Record Communication, or, Why Not To Use PGP by Nikita Borisov, Ian Goldberg, and Eric Brewer
Forward Secrecy for Asynchronous Messages by Moxie Marlinspike
Robust De-anonymization of Large Sparse Datasets by Arvind Narayanan and Vitaly Shmatikov
3/4 Advanced threats

Lecture slides
Optional further reading:
W32.Stuxnet Dossier Symantec Report
3/5 Assignment 6 due
3/9 Ethics, law, and policy

Lecture slides
Optional further reading:
Privacy and the Limits of Law by Ruth Gavison
Cyber-security Research Ethics Dialog & Strategy Workshop (CREDS 2013)
Going Bright: Wiretapping without Weakening Communications Infrastructure by Steve Bellovin, Matt Blaze, Sandy Clark, and Susan Landau
3/10 Final Review
Final Review Slides
3/11 Vulnerability disclosure, personal hygiene, and cryptocurrencies

Lecture slides
Security without identification: Transaction systems to make Big Brother obsolete by Chaum 1985
Risks of Cryptocurrencies by Nicholas Weaver
3/18 Final Exam Will be available between 6pm PDT March 17 and 6pm PDT March 18, and you may take the exam in any 3-hour window that you choose. The final exam is required.

Assignments

We will have six programming assignments. These assignments are meant to both reinforce your knowledge of the concepts covered in lecture and get you to think about security in more depth, beyond what is covered lecture.

You are expected to work on the assignments by yourself. You may discuss the assignments with students from the course in general but not any specific solution. There are no late days, but you will receive an additional 10% if you turn in your assignment by the early date.

If you consult anything (books, academic papers, internet resources, people) when working on the assignments, note this in your submission. We encourage outside learning but expect you to not seek out specific details about a solution—anything submitted should be considered your own work. Similarly, you are expected to not publish or otherwise share your solutions at any point (even after the class is over). If you are unsure about what is allowed, please ask the course staff.

By taking this course, you implicitly agree to abide by the UCSD policies on Integrity of Scholarship and Student Conduct. See the Academic Integrity Support for Remote Learning. University rules on integrity of scholarship and code of conduct are taken seriously and will be enforced.

Scribe Notes

You will also be tasked with writing a set of lecture notes for one lecture during the quarter, in collaboration with 6 or 7 of your fellow students. Think of this as a short summary of the lecture, written in complete prose sentences, that should be understandable to a student who missed that class. There is no perfect textbook for this course, so we will share these scribe notes with your fellow students to help as a study aide.

Your scribe notes should be written in LaTeX. The first draft of your notes will be due two weeks from the lecture date. There is no extra credit for early turn-in, since we expect a few rounds of editing. You should submit both a PDF version of the notes as well as the source files to Gradescope. We will give feedback and continue iterating on edits until your notes are in good shape, and then we will post them to Canvas.

The draft that you turn in should be reasonably polished. This means that everyone in your group should make copy-editing, clarification, and organizational passes on everyone else's writing so that your notes read as a coherent whole. If you include images or diagrams that are in the lecture notes that were pulled from another source originally, you should add a citation to that source using bibtex, and your notes will have a bibliography section at the end. You may also need to refer to some of the readings or other materials to clarify, fix, or fill out additional details about what was covered in lecture; if you do this you should also cite your sources.

As motivational examples, David Wagner from Berkeley has written some beautiful lecture notes for some of the topics covered by this class that are longer than you need to write. Here is an example. A more typical example might be these scribe notes produced long ago for a random class when your professor was still a student.


Additional Resources

No textbook is required, but if you would like additional resources the following may be useful:

The course structure and many of the ideas and slides are influenced or directly from other courses taught at Berkeley (David Wagner and Raluca Popa), Michigan (J. Alex Halderman), Oberlin (Stephen Checkoway), Stanford (Dan Boneh, John Mitchell, and Zakir Durumeric), UT Austin (Hovav Shacham), UCSD (Stefan Savage, Deian Stefan) and UIUC (Michael Bailey and Kirill Levchenko).

Course materials adapted from Michael Bailey and J. Alex Halderman are available under a Creative Commons License.