USC Computer Science 530 (CSci 530): Security Systems - Fall 2007
Lecture Friday - 9:00 to 11:45 AM, OHE 122
Clifford Neuman
Announcements
- Final Exam, Monday 17 December, in SGM 123.
Course Summary
This class will provide students an overview of systems security, its
workings, and its role in protecting data and computing resources. The
course begins with a discussion of the fundamental problem and tools
in protecting a computing system, and proceeds through the various
security services that apply to these systems. By the end of the
course, at the highest level, students will be able to:
- Discuss the technical, business, societal, and ethical aspects of probems in
computer security.
- Describe and assess a broad range of security systems deployed or
suggested for solving those problems.
- Understand the fundamental mathematics and engineering underlying security systems.
- Judge the suitability of security systems for particular applications.
- Know how to develop new security systems and features.
Pre-Requisites
- The student should have already taken CS 402 or passed the
department's operating system diagnostic exam.
Textbook
- Bishop, Computer Security: Art and Science, Addison-Wesley
Professional, 1st Edition. ISBN 0201440997
(required - it is available from
the USC Book Store, or online from many sources.)
Schedule
- First Lecture - Friday August 31st, 2007 9:00 AM - 11:45 AM.
- Mid-term exam - Friday October 12 - 9:00AM-10:40 AM,
with short lecture following 10:55-11:45
- Final Exam - Monday December 17, 2007 - 11:00 AM to 1:00 PM
Instructors and Assistants
Clifford Neuman
- Office: Information Sciences Institute - 310-448-8736
- Office hours: 12:50 - 1:50 PM on Fridays - SAL-212 - 213-821-4221
or by appointment
- Email: csci530 at usc.edu (to Instructor and TAs)
- Email: csci530f07 at clifford.neuman.name (to just instructor)
Arun Viswanathan (lead Teaching Assistant)
- Office: SAL 235 - Phone 213-740-4776
- Office hours: 1:30 - 2:30 PM on Mondays and Wednesday
or by appointment
- Email: csci530 at usc.edu (to Instructor and TAs)
- Email: aviswana at isi.edu (to just the TA)
Dhruv Thukral (Teaching Assistant)
- Office: SAL 103 - Phone (213) 821-1240 (TA office)
- Office hours: 1:30 - 2:30 PM on Tuesdays and 12:00 - 1:00 PM Thursday
or by appointment
- Email: csci530 at usc.edu (to Instructor and TAs)
- Email: thukral at usc.edu (to just the TA)
David Morgan (Lab Instructor)
- Email: csci530l at usc.edu (to lab instructor and lab assistants)
- Email: davidmor at usc.edu (to just the the lab instructor)
Assignments
Course Grade Components
The course grade will be based on 3 short homework assignments (15
percent total), several hands on laboratory experiments (high pass,
low pass, pass, fail), a midterm exam (25 percent), a written paper or
project (30 percent), and a final exam (30 percent). The final exam
is cumulative, meaining it will cover all of course material, although
there will be an emphasis on the second half of the course (after the
midterm). The labs are required (you must complete 8 of 10) but does
not directly figure into your grade. Cumulative lab scores of high
pass or low pass can provide extra credit, or negatively impact up to
15% of your grade. Up to a 10% bonus will be applied for significant
class participation determined based on constructive participation in
lecture or in the online discussion boards.
The paper assignment will ask for an 8-12 page paper discussing in
detail the implementation and implications of either an existing
security system, or one proposed by the student. Other paper topics or
projects may be approved by the instructor. The paper or project must
constitute work completed for CSci530, although topics may be chosen
so that the paper or project forms the basis of future work by the
student. Papers or projects are to be the individual work of the
student. The tentative due date for the paper will be the last
lecture for the class. Paper proposals will be due some time in the
first half of October.
As they are graded and returned, letter grades will be assigned for
each component of the course grade. The final course grade will be
calculated twice, once as a weighted average of the individual
component grades, and then with an extra 10% weight calculated as an
"A+" for class participation. You actual course grade will fall
somewhere between these two numbers, depending on your actual
participation in class, lab, and in the online discussion forums. It
will be to your advantage to make useful contribute to discussion in
the online forum, as that is the record of class participation that is
most readily reviewed by me at the end of the semester.
Academic Integrity
As an instructor I take academic integrity seriously. Cases of
academic misconduct will result in the assignment of a failing grade
for the class and referal of the matter to the student conduct office.
In each of the past several years I have turned in multiple students
for cheating and assigned failing grades. Information on what
constitutes academic dishonesty can be found on the CSci530 academic integrity page, and by
following links to university resources found on that page.
Other readings
Other readings will be assigned with links to online version provided
from the syllabus on this page. Where the online papers are available
through the ACM or IEEE digital libraries, you may retrieve them using
USC's subscription if you connect from a USC internet address. When
accessing these papers from home, you may need to use USC's VPN to
obtain a USC Internet address that allows retrieval of the documents.
For more information on VPN access visit the USC ITS VPN page.
Course content
- Discussion boards and webcasts of lectures avalable by logging in
to DEN
- Links to supplementary readins in the Syllabus below.
- Links to lecture sides will be posted by the night before lecture and
linked from the Syllabus.
Lab Instruction on Fridays - 3:30 - 4:20 PM
Time for hands on lab activities to be selected
by students in coordination with lab instructor.
Class Topics
The following is a syllabus for the course. Most
topics will take several lectures to cover. In addition to the
primary discussion for each lecture, 15 minutes of each lecture will
be set aside for discussion of current events in the computer security
arena.
Readings are on topics related to the lecture, but lectures are not
from the book. Students are expected to have have completed the
assigned readings prior to lecture so that they have backround
appropriate for class discussion.
Lectures
- The Security Problem (August 31, 2007)
- A working definition of security
- Evaluating security
- Systems security vs network security vs data security
- Societal aspects of security, ethical and legal foundations
- Readings: Bishop, Chapter 1, An Overview of Computer Security
- Lecture: 1 (August 31)
- Lab: Lab lecture only - logistics and introduction - no lab
assignment for following week.
- Cryptography - An Overview (September 7, 2007)
- Secret key cryptography
- Public key cryptography
- Hashes and message digests
- Steganography
- Readings: Bishop, Chapter 9, Basic Cryprography. and Chapter 11
(only through section through 11.2), Cipher Techniques
- Readings: Garfinkel (Is Encryption Doomed)
- Lecture: 2 (September 7)
- Key management (September 14, 2007)
- Authentication and Identity Management (September 21st, September 28th)
- Authorization and Policy (October 5)
- Untrusted Computing - e.g. Malicious Code
- Viruses
- Worms
- Spyware
- Denial of service attacks
- Transmission vectors, e.g. spam
- Readings: Bishop, Chapter 22, Malicious Logic
- Readings: Papers: (Moore, Paxon, Savage, Shannon, Stanford &
Weaver: Inside
the Slammer Worm)
- Lectures: (October 12 following Mid-term exam)
- Lecture: 8 (October 19)
- Countermeasures
- Firewalls
- Virus checkers
- Patch and configuration management
- Readings: Bishop, Chapters 26 and 27, Network and System Security
- Lectures: 9 (October 26)
- Intrusion detection and response
- Commercial Itrusion Detection Systems
- Research Itrusion Detection Systems
- Response systems
- Readings: Bishop, Chapter 25, Intrusion Detection
- Lectures: TBS
- Lectures: 10 (November 2)
- Readings: Papers
- Taimur Aslam, Ivan Krsul, and Eugene H. Spafford, A Taxonomy of
Security Faults, Proceedings of the National Computer Security
Conference, Coast TR 96-05, 1996.
- C. Ko, G. Fink, K. Levitt, Automated
Detection of Vulnerabilities in Privileged Programs by Execution
Monitoring, Proc. of the 10th Annual Computer Security
Applications Conference, December 1994, pp 134-144.
- Debra Anderson, Thane Frivold, and Alfonso Valdes, Next Generation Intrusion Detection
Expert System (NIDES) a Summary, SRI Computer Science Laboratory
Technical Report SRI-CSL-95-07, May 1995.
- The Human Element
- Social Engineering
- Complexity of proper security deployment
- Configuration issues
- Passwords
- Lectures: 11 (November 9)
- Readings: Papers
- Trusted Computing(November 16)
- More Trusted Computing and Selected Topics (November 30)
- Selected Topics and Review (December 7)
Exams from Prior years
The following are copies of the exams from prior years which
may be used to help prepare for this years mid-term and final.