3/10/07ACM SIGCSE'071 SEED: A Suite of Instructional Laboratories for Computer SEcurity EDucation Wenliang (Kevin) Du Zhouxuan Teng & Ronghua Wang Department.

Slides:

Advertisements

Similar presentations

Module X Session Hijacking

Advertisements

A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.

System Security Scanning and Discovery Chapter 14.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Practical Training of Information Security Masahito Gotaishi, R & D Initiative, Chuo Universty.

Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.

© 2004, D. J. Foreman 1 CS350 Operating Systems. © 2004, D. J. Foreman 2 Administrivia  Assignments ■ Homework on most chapters ■ Approximately 8 lab.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.

Computer Security and Penetration Testing

Browser Exploitation Framework (BeEF) Lab

Secure Coding Faculty Workshop, April 14-15, Orlando, FL 1 SEED: A Suite of Instructional Laboratories for Computer SEcurity EDucation Wenliang (Kevin)

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Computer Science Department 1 An Open Source Laboratory for Operating Systems Projects * Mark Claypool, David Finkel, Craig Wills Computer Science Department.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Objectives  Understand the purpose of the superuser account  Outline the key features of the Linux desktops  Navigate through the menus  Getting help.

1 An Application-Oriented Approach for Computer Security Education Xiao Qin Department of Computer Science and Software Engineering Auburn University

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

CS252: Systems Programming Ninghui Li Final Exam Review.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Lixin Tao, Li-Chiou Chen & Chienting Lin Pace University

Computer Security and Penetration Testing

April 14, 2008 Secure Coding Faculty Workshop Web Application Security: Exercise Development Approaches James Walden

© 2010 VMware Inc. All rights reserved Patch Management Module 13.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.

 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.

Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.

Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.

Information Security and Computer Systems: An Integrated Approach Mark A. Holliday and Bill Kreahling, Dept of Mathematics and Computer Science Western.

CMSC 414 Computer (and Network) Security Lecture 14 Jonathan Katz.

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

Module 14: Configuring Server Security Compliance

1 Operating System Security Research David Lie Department of Electrical and Computer Engineering University of Toronto.

CSCD 434 Network Security Spring 2014 Lecture 1 Course Overview.

Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.

CS 390 Unix Programming Summer Unix Programming - CS 3902 Course Details Online Information Please check.

© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

1 Vulnerability Assessment of Grid Software James A. Kupsch Computer Sciences Department University of Wisconsin Condor Week 2007 May 2, 2007.

COMPUTER SECURITY MIDTERM REVIEW CS161 University of California BerkeleyApril 4, 2012.

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

Course Overview Ted Baker  Andy Wang COP 5641 / CIS 4930.

Hands-On Microsoft Windows Server Implementing Microsoft Internet Information Services Microsoft Internet Information Services (IIS) –Software included.

Some possible final exam questions. DISCLAIMER models only These questions are models only. Some of these questions may or may not appear in the final.

I-Hack’08 International Hacking Competition “Details”

CIS 450 – Network Security Chapter 14 – Specific Exploits for UNIX.

G53SEC 1 Reference Monitors Enforcement of Access Control.

Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.

 Virtual machine systems: simulators for multiple copies of a machine on itself.  Virtual machine (VM): the simulated machine.  Virtual machine monitor.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Denial of Service Sharmistha Roy Adversarial challenges in Web Based Services.

Network Programming and Network Security Lane Thames Graduate Research Assistant.

1 Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise your system.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

 Course Overview Distributed Systems IT332. Course Description  The course introduces the main principles underlying distributed systems: processes,

Operating Systems Security

Network Infrastructure Microsoft Windows 2003 Network Infrastructure MCSE Study Guide for Exam

Wireless and Mobile Security

Introduction Why are virtual machines interesting?

Web Browsing *TAKE NOTES*. Millions of people browse the Web every day for research, shopping, job duties and entertainment. Installing a web browser.

Mark Shtern.  Our life depends on computer systems  Traffic control  Banking  Medical equipment  Internet  Social networks  Growing number of.

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

Aaron Corso COSC Spring What is LAMP?  A ‘solution stack’, or package of an OS and software consisting of:  Linux  Apache  MySQL  PHP.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

A Low Cost, Portable Platform for Information Assurance and Security Education Dan C. Lo, Kai Qian Department of Computer Science and Software Engineering.

Patch Management Module 13.

Manuel Brugnoli, Elisa Heymann UAB

What is an Operating System?

Operating System Security

Presentation transcript:

3/10/07ACM SIGCSE'071 SEED: A Suite of Instructional Laboratories for Computer SEcurity EDucation Wenliang (Kevin) Du Zhouxuan Teng & Ronghua Wang Department of Electrical Engineering & Computer Science Syracuse University

3/10/07ACM SIGCSE'072 Objectives Improve experiential learning in computer security education Undergraduate & Graduate Develop effective labs (or course projects) for security courses Evaluate the effectiveness of these labs

3/10/07ACM SIGCSE'073 About SEED Project Funded by the NSF CCLI Program Phase I ($75K) was funded in 2002 Phase II ($450K) was funded in 2007 Four years of experience and development Four universities involved Web page for all the developed labs

3/10/07ACM SIGCSE'074 Teaching Philosophy Computer security education should focus on: fundamental security principles Students should be given opportunities to experience, apply, to integrate, and to experiment with these principles.

3/10/07ACM SIGCSE'075 Labs Environment One environment that supports all labs Desired properties Low cost No physical lab space is needed: we focus on software security Repeatable

3/10/07ACM SIGCSE'076 Lab Environment Labs MinixLinux Virtual Machine (e.g. vmware ) Host OS (Windows, Linux, etc.)

3/10/07ACM SIGCSE'077 Instructional OS (Minix) Widely used by many courses, e.g., Operating Systems, Networking, etc. Advantage: Real OS, not a toy program Much smaller than production OS Less secure than production OS Easy to understand and modify Disadvantage: Lack of tools Lack of advanced security features

3/10/07ACM SIGCSE'078 Labs Three types of Labs Design/Implementation Labs Exploration Labs Vulnerability Labs

3/10/07ACM SIGCSE'079 Design/Implementation Labs Design/Implementation Labs Minix Virtual Machine (e.g. vmware )

3/10/07ACM SIGCSE'0710 Design Labs Students’ Tasks Existing Components Capability Access Control List Sandbox Encrypted File System Properties of this design: Focused on targeted principles Each lab takes 2-6 weeks Difficulties can be adjusted RBAC MAC IPSecFirewallIDS Minix OS System Randomization

3/10/07ACM SIGCSE'0711 Exploration Labs Exploration Labs MinixLinux Virtual Machine (e.g. vmware )

3/10/07ACM SIGCSE'0712 Exploration Labs Minix/Linux OS Security Component Other Components Guided Tour: Small experiments Guided activities Interact with security components Observe Explain the observations “tour” Set-UID PAM: Pluggable Authentication Module Reference Monitor All the design labs can be transformed to exploration labs Intel 80x86 Protection Mode SYN Cookie

3/10/07ACM SIGCSE'0713 Vulnerability/Attack Labs Vulnerability/Attack Labs MinixLinux Virtual Machine (e.g. vmware )

3/10/07ACM SIGCSE'0714 Vulnerability/Attack Labs Linux/Minix OS User Space Kernel Space Real-World Vulnerabilities Fault Injection Students’ Tasks: 1.Find out those vulnerabilities 2.Exploit the vulnerabilities 3.Fix the vulnerabilities 4. Design countermeasures

3/10/07ACM SIGCSE'0715 Vulnerability Laboratories Buffer-overflow Lab Race-condition Lab Format-string Lab Sandbox (chroot) Lab Attack Lab on TCP Attack Lab on ARP, IP, ICMP Attack Lab on DNS Integer overflow SQL injection attack Lab Set-UID vulnerability Lab Lab on various OS kernel vulnerabilities

3/10/07ACM SIGCSE'0716 Example: Capability Lab (1) Learning objectives: Capability-based access control Principle of least privilege Reference monitor Lab Tasks 5 capabilities Capability management functionalities (enabling, disabling, deleting, delegating, revoking capabilities) Time: 4-6 weeks

3/10/07ACM SIGCSE'0717 Capability Lab (2) An actual capability system is very complicated Simplification: 5 capabilities (Solaris has 80) CAP_READ, CAP_KILL, etc. Supporting materials: Identify time-consuming places Analyze whether they are security relevant or not If not, tell students how to do those

3/10/07ACM SIGCSE'0718 (Crypto + System) Labs Encrypted File System Lab Integrate crypto technologies with file systems 4-5 weeks Can also be used for Operating System course IPSec Lab Integrate crypto technologies with TCP/IP 4-6 weeks Can also be used for Networking course Key management issues: key agreement, key storage, key update, etc.

3/10/07ACM SIGCSE'0719 Set-UID Exploration Lab “Play” with the Set-UID mechanism in both Minix and Linux, and answer: How is it implemented? Why is it necessary? Why is it dangerous? How to make Set-UID programs more secure? Why does Linux appear more secure than Minix against vulnerable Set-UID programs.

3/10/07ACM SIGCSE'0720 Buffer-Overflow Lab Students are given: A vulnerability program: stack.c Shell code (binary code) Partially implemented exploit program: exploit.c (shell code is also given) Students need to: Finish exploit.c Construct a string that can be used to overflow the buffer in the vulnerable program Invoke root shell. Time: 1 week

3/10/07ACM SIGCSE'0721 Evaluation Survey Questionnaires The quality of lab design and supporting materials Students’ perspective in the labs: How interested they are Whether the labs are worthwhile Whether the labs spark their interests in security Participants: 30 students on average

3/10/07ACM SIGCSE'0722 Evaluation Results (1) A: Strongly disagree B: Disagree C: Neutral D: Agree E: Strongly agree Survey: Your level of interest in this lab is high. Set-UID LabCapability LabIPSec Lab

3/10/07ACM SIGCSE'0723 Evaluation Results (2) A: Strongly disagree B: Disagree C: Neutral D: Agree E: Strongly agree Set-UID LabCapability LabIPSec Lab Survey: The lab is a valuable part of this course.

3/10/07ACM SIGCSE'0724 Evaluation Results (3) A: Strongly disagree B: Disagree C: Neutral D: Agree E: Strongly agree Set-UID LabCapability LabIPSec Lab Survey: The lab sparks your interest in computer security.

3/10/07ACM SIGCSE'0725 Summaries SEED lab environment is low-cost, portable, easy to use We have developed 15 labs We have used them during the last 4 years Some other universities are also using them Anyone interested are free to use them Evaluation results are encouraging

3/10/07ACM SIGCSE'0726 NSF CCLI Showcase Time: 10: :00 Place: Exhibit Hall I will handout hardcopies of all our labs Project web site: or google: wedu seed