CSP 544: System and Network Security

Staff

Instructors:
Kyle C. Hale
  Office Hours: T 3:30PM-5PM @ SB 229C (first half of semester)
  E-mail: khale [at] cs [dot] iit [dot] edu
Kevin Jin
  Office Hours: T/TR 3:05PM-4:05PM @ SB 208C (second half of semester)
  E-mail: dong [dot] jin [at] iit [dot] edu

TA:
Gong Chen
  Office Hours: T 1:30PM-3:30PM @ SB 019
  E-mail: gchen31 [at] hawk [dot] iit [dot] edu

Course Info

Course number: CSP 544

Semester: Spring 2020

Lecture Time: Tues/Thurs 11:25AM - 12:40PM

Lecture Location: Stuart 239

Overview

We increasingly live in a digitally-connected world. More of our personal systems, national infrastructures, automobiles, and smart devices are becoming internet-connected, so the importance of secure systems is more critical than ever. Unfortunately, tracking the trend for internet-connected systems is an increasing prevalence of malicious actors and criminals intent on breaking, subverting, and otherwise sabotaging important systems. Billions of dollars are lost and thousands of lives are affected by such cybercrime, and there is a dearth of trained talent to offset these trends. We must endeavor to train ethical hackers with strong cyber-security techniques, who understand the toolkits and trades employed by cybercriminals, and imbue them with an ethos of using their knowledge for good. This course will be a programming-based, learn-by-doing-oriented course focused on applying foundational principles in security to real systems and networks . You will implement several real attacks and take advantage of several recreated vulnerable systems in order to understand the modern landscape of network and systems security. Other than implementing our own attacks, we will also be looking at various case studies of attacks and defense strategies, including known exploit proofs-of-concept, published papers, and documents from security agencies and cyber-security research firms.

Communication

We will be primarily using Piazza as a course communication mechanism. If you have an issue or question that is not strictly private (especially one you think would benefit everyone were it answered), please use Piazza as your first resource. The instructor and your fellow classmates will be there to help. Note that you can also post anonymously if you so choose.

Lecture/Lab Schedule

Week Date Item Topic Lab TODO items/notes/readings
1 Tues 1/14 Lec 1 Introduction to Software Security; Course Logistics SEED Lab setup
1 Thurs 1/16 Lec 2 Software Security II SetUID and Environment Variables
Slides for SetUID, Slides for Env. Vars
2 Tues 1/21 Lec 3 Software Security III Stack Smashing for Fun and for Profit
slides
2 Thurs 1/23 Lec 4 Software Security IV
3 Tues 1/28 Lec 5 Software Security V ROP ROP ROP
slides
3 Thurs 1/30 Lec 6 Software Security VI printf for fun and for profit
slides
4 Tues 2/4 Lec 7 Software Security VII
4 Thurs 2/6 Lec 8 System Security I Spectre and Meltdown
slides
5 Tues 2/11 Lec 9 System Security II
5 Thurs 2/13 Lec 10 System Security III ELF Poisoning is Metal
slides
6 Tues 2/18 Lec 11 System Security IV
6 Thurs 2/20 Lec 12 System Security V Backdoor to the Kernel
7 Tues 2/25 Lec 13 System Security VI
7 Thurs 2/27 Lec 14 System Security VII Firmware Exploitation
  • Your daily phrack: BIOS
8 Tues 3/3 Lec 15 System Security VIII
8 Thurs 3/5 Lec 16 Crypto I RSA
9 Tues 3/10 Lec 17 Crypto II Password Cracking
9 Thurs 3/12 Lec 18 Web Security I
10 Tues 3/17 Spring Break
10 Thurs 3/19 Spring Break
11 Tues 3/24 Lec 19 Web Security II
11 Thurs 3/26 Lec 20 Web Security III
12 Tues 3/31 Lec 21 Web Security IV
12 Thurs 4/2 Lec 22 Network Security I
13 Tues 4/7 Lec 23 Network Security II
13 Thurs 4/9 Lec 24 Network Security III
14 Tues 4/14 Lec 25 Network Security IV
14 Thurs 4/16 Lec 26 Network Security V
15 Tues 4/21 Lec 27 Network Security VI
15 Thurs 4/23 Lec 28 Network Security VII
16 Tues 4/28 Lec 29 Network Security VIII
16 Thurs 4/30 Final Exam

Exam Schedule

Week Date Item Length Covers File Date Note
16 4/30 Final Exam Full class time all lectures, all labs

Labs

Lab Topic Due Date Handout Notes
1 Environment Variables and SetUID Tuesday, 1/21 before class Lab 1 link
2 Buffer Overflows Tuesday, 1/28 before class Lab 2 link
3 Return-oriented Programming Tuesday, 2/4 @ 11:59 PM Lab 3 link
4 Format String Vulnerabilities Thursday, 2/6 @ 11:59 PM Lab 4 link
5 Exploiting Speculative Execution Tuesday, 2/11 @ 11:59 PM Lab 5 link
6 Code Injection and Binary Exploitation Thursday, 2/20 @ 11:59 PM Lab 6 link
7 Kernel Backdoors and Rootkits
8 Low-level Exploits
9 RSA
10 Password Cracking
11 Cross-site Scripting
12 SQL Injection
13 Packet Sniffing and Spoofing
14 TCP Attacks
15 Firewall Attacks
16 VPN

Books

There are no required textbooks for this course. However, there are several recommended texts, the first of which will be very helpful in completing the labs:

Computer & Internet Security: A Hands-on Approach Systems and Processes (2nd Edition), by Wenliang Du.
Security Engineering (3rd Edition), by Ross Anderson, Wiley.
Hands-On Ethical Hacking and Network Defense (3rd Edition), by Michael T. Simpson and Nicholas Antill, Cengage Learning.
The Hacker Playbook 2: Practical Guide to Penetration Testing , by Peter Kim, CreateSpace Independent Publishing.
Hacking: The Art of Exploitation (2nd Edition), by Jon Erickson, No Starch Press.
RTFM: The Red Team Field Manual, by Ben Clark, CreateSpace Independent Publishing.

Development Environment

We will primarily be using virtual machine images to set up vulernable environments for you to exploit. Thus, in order to do the labs, you'll need to set up a hypervisor/VMM on your machine to complete the labs. You should be able to use VirtualBox, VMware, or libvirt. We'll be using the SEED Labs for most of the class, but we will augment them with our own. You can see here to get set up for the labs.

Tools

Other Useful Links and Resources

This is a list of other resources that you might find useful for this class and for doing work in the security area in general. Feel free to peruse them at your own convenience.

CTFs

Links