Jim Hook and Jim Binkley CS 4/591
Class meets on Monday, Wednesday, 2:00 - 3:50pm, Neuberger Hall 241 (Note room change!).
Hook Office Hours: Tuesdays and Thursdays, 4 - 5pm, or by appointment, FAB 120. Hook will not have office hours on 29 September, 27 October, 24 November, or 26 November.
Binkley Office Hours: Tuesdays, 3-5pm, or by appointment, FAB 120.
- Hook's lecture notes will be linked from this page. They will occassionally be revised.
- Binkley's lecture materials will be at: http://web.cecs.pdx.edu/~jrb/infosec/jrblectures/infosec.lectures.html.
The user/password for this web page has already been placed
in the email archive, so please join it and find the password.
- Material in the ACM portal can be accessed for free from machines on campus (this is based on the PSU IP address). It is possible to get these materails from home using the PSU VPN or the library proxy server.
Prerequisites: CS 333 (operating systems), CS 350 (algorithms).
- Midterm: 100 points
- Final: 100 points
- Term Paper: 100 points
- Assignments, Quizzes, Discussion and Class participation: 50 points
- Annotated Bibliography: 50 points
Class Mailing List
There is a class mailing list, cs591 at cecs dot pdx dot edu. The web interface is:
Please sign up on the list. Critical announcements about class will be made on this list.
Students Requiring Accommodation
If you are a student with a disability in need of academic accommodations, you should register with Disability Services for Students and notify the instructor immediately to arrange for support services.
There is a high probability of a flu epidemic on campus. If you are sick please do not come to class. If you have been sick, please do not come to class until you are recovered. University guidelines are posted here http://www.shac.pdx.edu/H1N1/H1N1syllabi.pdf.
More information can be found at http://www.shac.pdx.edu/.
Any reasonable request for accommodation of illness will be considered.
To reduce risk of infection please wash your hands frequently, get pleanty of rest and exercise, and eat real food.
Term Paper Assignment
A term paper is due at the beginning of the last lecture. A title, abstract, annotated bibliography, and outline are due the day of the midterm. Assignment details here.
Calendar (with reading assignments):
Lecture 1 (9/28): Introduction, Overview, Usability pptx pdf handouts
- Read: Anderson Chapters 1
Lecture 2 (9/30): Electronic Voting and Access Control
Lecture 3 (10/5): Access Control, Policy and Historical notes on Security pptx pdf
Lecture 4 (10/7): Bell-La Padula pptx pdf
Lecture 5 (10/12): Integrity Models; Information Warfare pptx pdf
Lecture 6 (10/14): Comments on Identity and Data Mining
- Read: Anderson Chapter 10
- NY Times article on NSA spying, Dec 2005, http://www.commondreams.org/headlines05/1216-01.htm
- USA Today article on NSA phone records, May 2006, http://www.usatoday.com/news/washington/2006-05-10-nsa_x.htm
- Corinna Cortes, Daryl Pregibon and Chris Volinsky, "Communities of Interest'', The Fourth International Symposium of Intelligent Data Analysis (IDA 2001), 2001. http://homepage.mac.com/corinnacortes/papers/portugal.ps
- Gary M. Weiss (2005). Data Mining in Telecommunications. In O. Maimon and L. Rokach (eds.), Data Mining and Knowledge Discovery Handbook: A Complete Guide for Practitioners and Researchers, Kluwer Academic Publishers, 1189-1201. http://storm.cis.fordham.edu/~gweiss/papers/kluwer04-telecom.pdf
- Read: Anderson Chapter 17 and 21
- Supplemental: Clark Wilson paper http://theory.stanford.edu/~ninghui/courses/Fall03/papers/clark_wilson.pdf
Lecture 7 (10/19) Confinement and Virtualization [Hook]
- Read: Lampson, 1973, CACM article, available from ACM portal as http://doi.acm.org/10.1145/362375.362389 and in html.
- Read: Lipner, 1975, A Comment on the Confinement Problem. http://doi.acm.org/10.1145/800213.806537
- Read: Intel May 2005 IEEE Computer article on virtualization: http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1430631
- Optional: Kocher, CRYPTO ‘96: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. http://www.cryptography.com/timingattack/paper.html
- Optional: R. Wahbe, S. Lucco, T. Anderson, and S. Graham, Efficient Software-based Fault Isolation, http://www.cs.cornell.edu/home/jgm/cs711sp02/sfi.ps.gz
- Optional: Christopher Small, MiSFIT: A Tool for Constructing Safe Extensible C++ Systems, http://www.dogfish.org/chris/papers/misfit/misfit-ieee.ps
- Optional: Samuel T. King et al., SubVirt: Implementing malware with virtual machines. http://www.eecs.umich.edu/virtual/papers/king06.pdf
Lecture 8 (10/21): Access control and Information flow.
Note: there are a few extra }'s and one slide is repeated. (F07
- Andrei Sabelfeld and Andrew C. Myers, Language-based Information-Flow Security, http://www.cs.cornell.edu/andru/papers/jsac/sm-jsac03.pdf. Pay particular attention to Section III (Basics of Language-based information flow). Figures 2 and 3 were presented in lecture.
- A file illustrating some issues discussed in class in flowcaml.
- Denning and Denning, 1977, available from ACM portal.
- Vincent Simonet, Flow Caml in a Nutshell.
- Flow Caml home page (I got the windows executable to work, but was not successful building the source distribution).
- A file derived from the flowcaml tutorial presented in class.
Lecture 9 (10/26) Assurance and Evaluation [Hook] pptx pdf
- Read: Anderson Chapter 23
Lecture 10 (10/28): Midterm exam. In class. Closed book. Blue book exam.
Hand in annotated bibliography for term paper.
Past study questions and exams are provided below.
- Sprint 2009 midterm
- Fall 2008 midterm
- Fall 2007 midterm (Crypto question is out of scope for Sp 2008)
- Winter 2007 midterm
- Winter 2007 I also gave the final
- Fall 2006 exam pdf. (For Spring 2007 questions 1 and 2 are out of scope.)
- Fall 2006 exam presentation ppt pdf.
- Some new Study Questions for Fall 2006. Some of these questions still need to be refined. (Question 4 is out of scope for Spring 2007)
- Spring 2006 Study Questions for midterm (question 3 is out of scope for Spring 2007).
- Spring 2006 midterm and grading notes pdf pdf handouts. For Spring 2007 questions 5, 9 and 10 are out of scope.
- Fall 2005 midterm and grading notes ppt pdf handouts. For Spring 2007 question 7 is out of scope.
Lecture 11 (11/2) Cryptography [Binkley]
- Read: Anderson Chapter 3 and 5
Lecture 12 (11/4) Cryptography [Binkley]
Lecture 13 (11/9): Cryptography, Part 2 [Binkley], if time permits onto next lecture
University is closed for Veteran's Day on November 11.
Lecture 14 (11/16): Authentication, Design Principles, Tempest radiation [Binkley]
Lecture 15 (11/18) – continue previous if not done yet [Binkley]
Lecture 16 (11/23): Malicious Logic [Binkley]
- Read: Anderson Chapter 21
- You are invited to google on “zlob/dnschanger” which we will talk about a bit
Lecture 17 (11/25): Botnets [Binkley]
Lecture 18 (11/30): Intrusion Detection [Binkley]
- Read: "An Algorithm for Anomaly-based Botnet Detection," Binkley Singh, USENIX SRUTI, July 2006. note: findable at http://www.cs.pdx.edu/~jrb
- Read: "Traffic Analysis of UDP-based flows in Ourmon," Jim Binkley and Divya Parekh, findable at http://www.cs.pdx.edu/~jrb
Lectures 19 (12/2) Network Security [Binkley]
- Read RA Chapter 21 again!!! or finish it.
- NB: Term paper due at start of lecture on 6/4
Final Exam: Wednesday, 12/9, 12:30 -- 14:20. closed book, no blue book needed. See http://www.pdx.edu/registration/final-exams-schedule#Fall%202009
Additional web resources:
Davis Security Lab Seminal Papers
National Information Assurance Training and Education Center