Instructor

CS426 Fall 2009: Computer Security

Instructor
Elisa Bertino

bertino@cs.purdue.edu

Office Hours 10:30 am – 12:00 pm TTH

Location LWSN 2142

Teaching Assistant

Ashish Kundu (ashishk@cs.purdue.edu)

Location LWSN 2161

Class Schedule

MWF 10:30am-11:20am HAASG066

Textbook

Security in Computing. C. P. Pfleeger and S. L. Pfleeger.

Grading Policy:

· Midterm 30%

· Final 30%

· Paper Presentation 20%

· Homeworks 20%

Class Schedule

August 24 Course Overview slides

August 26 Design Principles for Security slides

August 28 Cryptography Basics 1 slides

August 31 Cryptography Basics 2 slides

September 2 Cryptography Basics 3 slides

September 4 Entity Authentication slides Homework 1

September 7 Labor Day No Class

September 9 Public-Key Infrastructures slides

September 11 Program Security slides Homework 2

September 14 Malicious Programs slides

September 16 Malicious Programs

September 18 Browser Security slides Homework 3 Solution

Deadline for forming the groups – each group should have 3 students

September 21 Browser Security slides

September 23 Operating System Security slides

September 25 Access Control in Unix slides Project-1 paper referenced in project

IMPORTANT NOTE

Project due dates:

(original) October 9: 1:30-3:20pm

(postponed) October 15: 3:30-5:20pm

(postponed) October 22: 3:30-5:20pm

Classroom LWSN B148

September 28 DAC and MAC slides

September 30 DAC and MAC

October 2 Other Policy Models: slides

Biba; CW; Chinese Wall

October 5 Trusted Computing Base. slides

Orange Book. Common Criteria

October 7 Midterm solution

October 9 Seminar on PIR slides

October 12 Fall Break No Class

October 14 DB Security – Grant and Revoke slides

October 16 DB Security – VPD slides

October 19 DB Security – Labeled Databases slides

October 21 DB Security – Labeled Databases

October 23 DB Security – Case Study on SQL Server slides Homework 4

October 26 Seminar on Data Authentication slides

October 28 DB Security – Database Encryption slides

October 30 DB Security – SQL Injection Attacks slides Homework 5

Deadline for selecting the papers from this list

November 2 DB Security – SQL Injection Attacks

November 4 Distributed Systems Security – SSL slides

November 6 Distributed Systems Security – Kerberos slides

November 9 Today class is replaced by the seminar of Distinguished Speaker

Prof. Shafi Goldwasser. LWSN 1142 10:30am. Attendance to the talk is strongly recommended

November 11 Distributed Systems Security – Firewalls and Intrusion Detection Systems slides

November 13 Distributed Systems Security – Anonymity Techniques slides

November 16 Computer Laws and Crime slides

November 18 Paper presentation

An Inside Look at Botnets

Evaluating Email’s Feasibility for Botnet Command and Control

November 20 Paper presentation

BootJacker: Compromising Computers using Forced Restart

Your Botnet is My Botnet: Analysis of a Botnet Takeover

November 23 Paper presentation

De-Anonymizing Social Networks

Safe Passage for Passwords and Other Sensitive Data

November 25 No Class

November 27 No Class

November 30 Paper presentation

Exposing Private Information by Timing Web Applications

CLAMP: Practical Prevention of Large-Scale Data leaks

December 2 Final Exam Review

December 4 Final Exam Review