CS 315 Computer Security: Fengwei Zhang

CS 315 Computer Security

Fall 2022 -- Fengwei Zhang

Instructor: Fengwei Zhang
Class Time: Monday 04:20PM - 6:10PM
Class Location: Room 306, Teaching Building I
Lab Time: Monday, 07:00PM - 08:50PM
Lab Location: Room 508, Teaching Building III

Syllabus: [PDF]
Office Address: Engineering Building, South Tower, Room 515
Homepage: http://cse.sustech.edu.cn/faculty/~zhangfw
Email: zhangfw (at) sustech (dot) edu (dot) cn

Course Description

This course aims help students to learn the principles of computer security and understand how various security attacks and countermeasures work. It provides hands-on experience in playing with security software and network systems in a live laboratory environment, with the purpose of understating real-world threats. The course will take both offensive and defense methods to help student explore security tools and attacks in practice. It will focus on attacks (e.g., buffer overflow, dirty COW, format-string, XSS, and return oriented programming), hacking fundamentals (e.g., scanning and reconnaissance), defenses (e.g., intrusion detection systems and firewalls). Students are expected to finish intensive lab assignments that use real-world malware, exploits, and defenses

Course Objectives

This course offers an in depth experience of real-world threats and defenses. Upon successful completion of this class, the student will gain experience in:

Understanding on real-world security vulnerabilities, exploits and defenses
Having hands-on labs in network and system security experiments
Learning knowledge of practical security problems and their solutions

Prerequisites

Familiar with Unix/Linux systems; or permission of the instructor.

Recommended Book

Wenliang Du, Computer Security: A Hands-on Approach, ISBN-13: 978-1548367947, ISBN-10: 154836794X

Grading Policy

The grades for the course will be based upon the tables given below

Term Project Track

Topics	Grade
Class Participation	40
Lab 1: Packet Sniffing and Wireshark	60
Lab 2: Secure Coding and Buffer Overflows	60
Lab 3: Secure Coding and Format-String Vulnerability	60
Lab 4: Scanning, Reconnaissance, and Penetration Testing	60
Lab 5: Reverse Engineering and Obfuscation	60
Lab 6: IoT Security and Wireless Exploitation	60
Lab 7: Nailgun Attack	60
Lab 8: Nailgun Defense	60
Lab 9: Dirty COW Attack	60
Lab 10: RSA Public-Key Encryption and Signature	60
Lab 11: Web Security	60
Lab 12: Return-to-libc & Return Oriented Programming	60
Term Project Proposal	60
Term Project Progress Meetings	60
Term Project Presentation	60
Term Project Report	60
Total	1000

CTF Track

Topics	Grade
Class Participation	40
Lab 1: Packet Sniffing and Wireshark	60+10
Lab 2: Secure Coding and Buffer Overflows	60+10
Lab 3: Secure Coding and Format-String Vulnerability	60+10
Lab 4: Scanning, Reconnaissance, and Penetration Testing	60+10
Lab 5: Reverse Engineering and Obfuscation	60+10
Lab 6: IoT Security and Wireless Exploitation	60+10
Lab 7: Nailgun Attack	60+10
Lab 8: Nailgun Defense	60+10
Lab 9: Dirty COW Attack	60+10
Lab 10: RSA Public-Key Encryption and Signature	60+10
Lab 11: Web Security	60+10
Lab 12: Return-to-libc & Return Oriented Programming	60+10
Attack-Defense CTF	120
Total	1000

Gradding Scale

A+	97 - 100%	C+	77 - 79%
A	93 - 96%	C	73 - 76%
A-	90 - 92%	C-	70 - 72%
B+	87 - 89%	D+	67 - 69%
B	83 - 86%	D	63 - 66%
B-	80 - 82%	D-	60 - 62%
F	0 - 59%

Academic Dishonesty

Please read and fill the Undergraduate Students Assignment Delcaration Form in Chinese and English. More details on Regulations.

Student Disabilities Services

If you have a documented disability that requires accommodations, you will need to register with the University for coordination of your academic accommodations, or let me know.

Class Schedule

Date	Topic	Reading & Notes (tentative)	Slides & Labs
Week 1, 09/05	Course overview and Packet Sniffing	Computer network basics. Kali Linux - Penetration Testing Linux Distribution. [Link] Wireshark: Network protocol analyzer. [Link] TCPDump and LibPCAP. [Link] Packet Sniffing Basics. In Linux Journal. [Link]	[CourseOverview] [Term Project Slides] [Slides] [Lab1] [Lab1 VM Image] [Lab 1 CTF]
Week 2, 09/12	NO CLASS	Mid-Autumn Festival
Week 3, 09/19	Secure Coding and Buffer Overflows	Lab 1 Due Smashing the Stack for Fun and Profit. Aleph One. In Phrack Volume 7, Issue 49. [Link] Local Stack Overflow (Basic Module). [Link] Debugging Under Unix: gdb Tutorial. [Link] Understanding DEP/NX [Link] DynaGuard: Armoring Canary-based Protections against Brute-force Attacks. Theofilos Petsios, Vasileios P. Kemerlis, Michalis Polychronakis, and Angelos D. Keromytis. In ACSAC'15. [Link]	[Slides] [Lab2] [Lab2 VM Image] [Lab 2 CTF]
Week 4, 09/26	Secure Coding and Format-String Vulnerability	Lab 2 Due Chapter 6 of the recommended book -- Wenliang Du, Computer Security: A Hands-on Approach.	[Slides] [Lab3] [Lab3 VM Image] [Lab 3 CTF]
Week X, 10/03	NO CLASS	National Holiday
Week 5, 10/10	Term/Team Project Proposal Discussion	Term/Team Project Proposal Due Lab 3 Due
Week 6, 10/17	Scanning, Reconnaissance, and Penetration Testing	Nmap: the Network Mapper - Free Security Scanner. [Link] Nmap man page. [Link] OpenVAS: Open Vulnerability Assessment System. [Link] Setting up OpenVAS on Kali Linux. [Link] NESSUS: Vulnerability Scanner. [Link] ZMap: Fast Internet-Wide Scanning and its Security Applications. Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. In UsenixSecurity'13. [Link] Souce Code. [Link] Metasploit Framework Project Page. [Link] Metasploitable2 (Linux). [Link] Armitage: Cyber Attack Management for Metasploit. [Link]	[Slides] [Lab4 ] [Lab4 VM Images] [Old Lab4 Part1] [Old Lab4 Part2] [Kali VM Image] [Metasploitable2 VM Image]
Week 7, 10/24	Reverse Engineering and Obfuscation	Lab 4 Due DexLego: Reassembleable Bytecode Extraction for Aiding Static Analysis. Zhenyu Ning and Fengwei Zhang In DSN'18. [Link] DexHunter: Toward Extracting Hidden Code from Packed Android Applications. Yueqian Zhang, Xiapu Luo , Haoyang Yin. In ESORICS'15. [Link] Android Software Development Kit (SDK) [Link] smali/baksmali: an assembler/disassembler for the Dex. [Link]	[Slides] [DexLego] [Lab5] [Lab5 VM Image]
Week 8, 10/31	IoT Security and Wireless Exploitation	Lab 5 Due Zephyr: Real Time OS for IoT - A Linux Foundation Collaborative Project [Link] Brillo: Google's Operating System for the Internet of Things. [Link] Contiki: The Open Source OS for the Internet of Things. [Link] IoT S&P slides from Prof. Steven M. Bellovin at Colubmia University. [Link] How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng. [Link] Security of the WEP Algorithm. [Link]	[IoT Slides from SMB] [Wireless Slides] [Wireless Slides from SMB] [Lab6 Part1] [Lab6 Part2] [Wireless Attack Notes] [Lab6 VM Image]
Week 9, 11/07	Nailgun Attack	Lab 6 Due Nailgun Attack Paper [Link] Communication of CCF [Link] Nailgun project webistie [Link] PoC source code [Link] Demo Video 1 [Link] Demo Vidoe 2 [Link] CVE Number: 2018-18068 [Link]	[Slides] [Lab7] [Lab7&8 VM Image]
Week 10, 11/14	Nailgun Defense	Lab 7 Due Nailgun Defense Paper [Link]	[Slides] [Lab8] [Lab7&8 VM Image]
Week 11, 11/21	Dirty COW Attack	Deadline Free Week Lab 8 Due on Monday, November 21, 12:00 PM This lab has been tested on our pre-built SEEDUbuntu12.04 VM. [Link] SEED Labs Prject by Dr. Wenliang (Kevin) Du at Syracuse University. [Link] Chapter 8 of the recommended book -- Wenliang Du, Computer Security: A Hands-on Approach.	[Slides] [Lab9] [Lab9 VM Image]
Week 12, 11/28	RSA Public-Key Encryption and Signature	Lab 9 Due Chapter 18 of the recommended book -- Wenliang Du, Computer Security: A Hands-on Approach.	[Slides] [Lab10] [Lab10 VM Image]
Week 13, 12/05	Web Security	Lab 10 Due Chapter 9, 10 of the recommended book -- Wenliang Du, Computer Security: A Hands-on Approach.	[Slides] [Lab11] [Lab11 VM Image]
Week 14, 12/12	Return-to-libc and Return Oriented Programming	Lab 11 Due The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). Hovav Shacham. In CCS'07. [Link] Chapter 5 of the recommended book -- Wenliang Du, Computer Security: A Hands-on Approach.	[Slides] [Lab12] [Lab12 VM Image]
Week 15, 12/19	Attack-Defense CTF; Term Project Discussion	Lab 12 Due
Week 16, 12/26	CTF Grade Discussion; Term/Team Project Presentations	Final Project Report Due Invited Lunch/Dinner if your final score is 96% or more	[Slides]

Acknowledgement: This course includes material from Dr. Wenliang (Kevin) Du at Syracuse University, Dr. Steven M. Bellovin at Colubmia University, Dr. Angelos Stavrou and Dr. Kun Sun at George Mason University.