CSE 409/509 Fall 2010. System Security

Lecturer: Rob Johnson
TA: Rishab Nithyanand [rnithyanand AT cs DOT stonybrook DOT edu]
Time: MoFr 12:50-2:10pm
Office Hours: Rob: Mo 2:30-3:30, Tu 4:00-5:00, 2313D Computer Science Building
Rishab: We 2:00-4:00, 1207 Computer Science Building, Desk 12
Home page: http://www.cs.sunysb.edu/~rob/teaching/cse509-fa10



This class will cover the major concepts in computer security. We will focus primarily on securing a single host, although network security issues will be covered whenever they are relevant. The course material will be loosely organized around the central idea that new security mechanisms are developed to support finer-grained sharing.


Requirements and Grading

Subject to tweaks throughout the semester.

409 vs. 509. Students in 409 and 509 will follow the same course outline, but will be given different homeworks, exams, and projects.

Note: All review readings in bold have been graded. If you have not received a grade, but did turn in a review - send an email to "rnithyanand" at "cs" dot "stonybrook" dot "edu"

Class Notes

If you would like to earn extra credit, say, to make up for missing paper reviews, you may volunteer to write up notes for a lecture. I will count one day's notes as equivalent to one paper review. Notes should be submitted in PDF format. I will post the notes on the course web page.


There is no course textbook. You may review notes taken by students in previous years by visiting the course webpages linked from my home page. The following books may also serve as useful references:

Reading Assignments

Note: the reading list may change throughout the semester.
Warning: The notes below may contain errors. Use with caution.
Topic/Reading assignment

Security basics: goals, threat models

SELECTED NOTES: Anirudh Aithal, Ankur Jain, Christopher Deneen, Julian Gonzalez, Ravneet Singh , Junghun Lee


Trust, open design, principles of secure system design
Reflections on trusting trust, Thompson
Rudimentary treatise on the construction of locks, Tomlinson

SELECTED NOTES: Bo He, Brendan Smith, Julian Gonzalez, Koundinya Muppalla, Ritin Suthagaran, Ujjwal Wadhawan, Vania Castelino

9/6 No class: Labor Day
9/10 No class: Rosh Hashanah
9/13 Isolation: basic HW/OS background, processes, virtual machines, message passing
RECOMMENDED (NO REVIEW): Protection , Butler Lampson.

SELECTED NOTES: Abraham Adam, Ritin Suthagaran, Ujjwal Wadhawan

Note: Class will end early so students can catch the shuttle from the SAC circle to CEWIT to attend Ed Felten's Distinguished Lecture Series talk, "Electronic Voting: Danger and Opportunity".
Software security: Buffer overflows and Format String Bugs
Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns, Pincus, Baker.

OPTIONAL (NO REVIEW): Exploiting Format String Vulnerabilities, scut / team teso.

SELECTED NOTES: Abraham Adam, Arun Shyam, Han Mengqi, Ujjwal Wadhawan

9/20 Software security: integer overflows, command injection, SQL injection attacks, XSS attacks, CSRF attacks, race conditions, etc.
Just skim this survey (and write a review): CWE/SANS TOP 25 Most Dangerous Software Errors

SELECTED NOTES: Abraham Adam, Han Mengqi, Prasad Narasimhan
9/24 Software security: static defenses
Detecting Format String Vulnerabilities With Type Qualifiers , Shankar, Talwar, Foster, Wagner.
Checking System Rules Using System-Specific, Programmer-Written Compiler Extensions, Engler, Chelf, Chou, Hallem.

SELECTED NOTES: Abraham Adam, Ankush Gulati, Ravneet Singh, Rami Al-Rfou, Naresh Singh
9/27 No reading -- catch up day

SELECTED NOTES: Aniket Divecha, Ankush Gulati, Arun Shyam, Hyunji Kim, Julie Ling
10/1 Software security: static/dynamic defenses
Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors, Akritidis, Costa, Castro, Hand.
Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks, Xu, Bhatkar, Sekar.

SELECTED NOTES: Abraham Adam, Navatha Tatineni, Ravneet Singh
10/4 Software security: dynamic defenses
On the Effectiveness of Address-Space Randomization, Shacham, Page, Pfaff, Goh, Modadugu, Boneh
OPTIONAL (NO REVIEW): StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks, Cowan, Pu, Maier, Walpole, Bakke, Beattie, Grier, Wagle, Zhang.

SELECTED NOTES: Akshay Muramatti, Christopher Deneen, Navatha Tatineni
10/8 Software security: host-based intrustion detection systems
Efficient Context-Sensitive Intrusion Detection Giffin, Jha, Miller.

SELECTED NOTES: Abraham Adam, Christopher Deneen
10/11 No reading -- catch up day

SELECTED NOTES: Abraham Adam, Akshay Muramatti, Ritin Suthagaran
10/15 No reading -- catch up day

SELECTED NOTES: Ankush Gulati, Christopher Deneen, Vijet Mahabaleshwar
10/18 Untrusted software: sandboxing
Ostia: A Delegating Architecture for Secure System Call Interposition, Garfinkel, Pfaff, Rosenblum.

SELECTED NOTES: Ambuj Thacker, Subramanian Arumugam
10/22 No reading -- catch up day

SELECTED NOTES: Abraham Adam, Amitha Cheluvagopal, Junghun Lee, Navatha Tatineni
10/25 Midterm
Solutions to the Midterm Problems
The mid-term will cover material from all classes until (and including) the Oct 18th lecture.
10/29 Untrusted software: Inline reference monitors
NativeClient: A Sandbox for Portable, Untrusted x86 Native Code, Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar.

SELECTED NOTES: Ambuj Thacker, Amitha Cheluvagopal, Hyunji Kim, Navatha Tatineni, Nikhil Patwardhan
11/1 No reading -- catch up day

SELECTED NOTES: Jing Jin, Julian Gonzalez, Michael Corley, Shu Liu
11/5 Untrusted software: proof-carrying code
Proof-Carrying Code, Necula.

SELECTED NOTES: Anusha Pachunuri, Jing Jin, Junghun Lee, Varun Loiwal
11/8 Class canceled
11/12 No reading -- catch up day

SELECTED NOTES: Ambuj Thacker, Carlos Orrego, Shu Liu, Thomas Bohonan
11/15 No reading -- catch up day

SELECTED NOTES: Abraham Adam, Nicolo Davis, Vijit Kharbanda
11/19 Untrusted platforms
Terra: A Virtual Machine-Based Platform for Trusted Computing, Garfinkel, Pfaff, Chow, Rosenblum, Boneh.

SELECTED NOTES: Ambuj Thacker, Junghun Lee, Subramanian Arumugam, Vijit Kharbanda
11/22 Untrusted platforms
Boostrapping Trust in Commodity Computers , Parno, McCune, Perrig.

SELECTED NOTES: Abraham Adam, Jing Jin, Ganesh Rajagopalan
11/24 Access Control: Capabilities
Access Control (v0.1) , Laurie.

SELECTED NOTES: Abraham Adam, Aseem Rastogi, Hyunji Kim, Jing Jin
11/29 Human factors in security
The Emperor's New Security Indicators: An evaluation of website authentication and the effect of role playing on usability studies, Schechter, Dhamija, Ozment, Fischer.

SELECTED NOTES: Jing Jin, Nicolo John Davis
12/3 CASE STUDY: Analysis of an Electronic Voting System, Kohno, Stubblefield, Rubin, Wallach.

SELECTED NOTES: Abraham Adam, Anirudh Aithal, Apoorva Deshpande, Mrunmayi Dhume, Prasad Narasimhan
12/6 CASE STUDY: Lessons from the Sony CD DRM Episode, Halderman, Felten.

SELECTED NOTES: Jing Jin, Junghun Lee, Shu Liu, V. David Sardarian, Vijit Kharbanda
12/10 TBD
Final Exam

Note: If you have a physical, psychological, medical or learning disability that may impact on your ability to carry out assigned course work, please contact the staff in the Disabled Student Services office (DSS), Room 133, Humanities, 632-6748v/TDD. DSS will review your concerns and determine with you what accommodations are necessary and appropriate. All information and documentation of disability are confidential.

Note: Each student must pursue his or her academic goals honestly and be personally accountable for all submitted work. Representing another person's work as your own is always wrong. Any suspected instance of academic dishonesty will be reported to the Academic Judiciary. For more comprehensive information on academic integrity, including categories of academic dishonesty, please refer to the academic judiciary website at http://www.stonybrook.edu/uaa/academicjudiciary/.