CS 628: Computer Systems Security

The course requires sufficient programming knowledge, system knowledge, and immense interest in understanding cyber security and cyber defense. So please decide whether you would like to consider this.

Instructor

Dr. Sandeep K. Shukla
Computer Science and Engineering  Department
IIT Kanpur
Room: RM 508
Phone:x6342
Email: sandeeps@cse.iitk.ac.in
URL: http://www.cse.iitk.ac.in/users/sandeeps/

Mode of offering

This time this course will be offered as a "flipped class room" mode. In this mode, module-wise lecture sessions will be recorded and uploaded on the mooKIT platform of Professor Prabhakar every week.

You will have to listen to the lectures before coming to class once a week where you will be doing various hands on exercises, answer quizzes, or discuss issues. The assignments will be in the form of attacking cyber-vulnerable systems given to you in a sand box and you will have to first find the vulnerabilities by attacking, then fix the systems, and then again check with the same attacks if the fixes are working. This can get intense, but it is also a lot of fun.

Any kind of plagiarism or unethical cooperation will be highly discouraged and  will be ground for deregistration from the course and possible stricter action as per guidelines. 

Timing

Thursdays 9-10:15 AM will be the weekly meeting but you will need to listen to the lectures online before coming to class. You will be tested on that.

Syllabus

 Major, Measurable Learning Objectives

Having successfully completed this course, the student will be able to:

Prerequisites and Co-requisites

Prerequisites for this course is a very strong programming background with knowledge of program run-time environment, usage of debuggers, and knowledge of shared libraries or dynamically linked libraries. Some knowledge of x86 assembly language or similar assembly language will be assumed. Some knowledge of Operating Systems especially memory management, virtual memory etc will be assumed. We will also assume that the student knows basic network protocols such as TCP/IP, DNS, routing etc. We will further assume  that the student is familiar with a client/server architecture of the world wide web -- where browser is a client to a web server. Further, prior knowledge of a scripting language such as shell scripting, perl, python and/or Ruby will be beneficial. Knowledge of Javascript, PHP or other web programming might be very useful.  Prior familiarity with preliminaries of cyber security would be helpful but not required.  

A quiz will be administered in the very first class in the beginning. The quiz will help you determine your standing with respect to above mentioned prior knowledge. 

Texts and Special Teaching Aids

There is no specific text. We will provide all material via moodle. When the class moodle website will be up, each student should immediately register him/herself for this class on moodle. Most communications, assignments, course material will be only available via moodle. So it is extremely important that all students must be on the course moodle site. 

Outline                                                                                               

 Here is a tentative outline for the course -- but this is not set in stone. Some topics may be excluded, and some other topics may be included depending on the progress of the course. 

Section 1: Software and System Security [30%]

1.       Control hijacking attacks – buffer overflow, integer overflow, bypassing browser memory protection

2.       Sandboxing and Isolation

3.       Tools and techniques for writing robust application software

4.       Security vulnerability detection tools, and techniques – program analysis (static, concolic and dynamic analysis)

5.       Privilege, access control, and Operating System Security

6.       Exploitation techniques, and Fuzzing

Section 2: Network Security & Web Security [40%]

1.       Security Issues in TCP/IP – TCP, DNS, Routing (Topics such as basic problems of security in TCP/IP,,  IPsec, BGP Security, DNS Cache poisoning etc)

2.       Network Defense tools – Firewalls, Intrusion Detection, Filtering

3.       DNSSec, NSec3, Distributed Firewalls, Intrusion Detection tools

4.       Threat Models, Denial of Service Attacks, DOS-proof network architecture

5.       Security architecture of World Wide Web, Security Architecture of Web Servers, and Web Clients

6.       Web Application Security – Cross Site Scripting Attacks, Cross Site Request Forgery, SQL Injection Attacks

7.       Content Security Policies (CSP) in web

8.       Session Management and User Authentication, Session Integrity

9.       Https, SSL/TLS

10.   Threat Modeling, Attack Surfaces, and other comprehensive approaches to network design for security

Section 3: Security in Mobile Platforms [15%]

1.       Android vs. ioS security model, threat models, information tracking, rootkits

2.       Threats in mobile applications, analyzer for mobile apps to discover security vulnerabilities

3.       Viruses, spywares, and keyloggers and malware detection

Section 4: Introduction to Hardware Security, Supply Chain Security  [5%]

1.       Threats of Hardware Trojans and Supply Chain Security

2.       Side Channel Analysis based Threats, and attacks

Section 5: Issues in Critical Infrastructure and SCADA Security [10%]

1.       Security issues in SCADA

2.       IP Convergence Cyber Physical System Security threats

3.       Threat models in SCADA and various protection approaches

4.       Machine learning and SCADA Security

Grading

Semester grades will be based on the following weights:

Attendance & In-Class Exercises

20%

(including pop quizzes)

Projects & Assignments

60%

(10% each for 6 assignments and projects)

Midterm Exam

10%

 

Final Exam

10%

 


Semester grades will be determined after all work is completed and graded.  Point ranges for letter grades will be based on a several factors, including absolute and relative performance.  Letter grades will not be based on a fixed, predetermined curve or point range.    

Unless otherwise stated on the class all graded assignments must be submitted by 11:55 pm   on the specified due date.  There will be a 10% penalty for each 24 hour delay in submitting an assignment.   

If you feel that an error is made in grading an assignment or an exam, you must present a written appeal within one week after the assignment or exam is returned to you.  Verbal appeals are not allowed and grades will not be changed after the one week period.  Your appeal should be specific.  Submit all appeals to the instructor.