Presentation is loading. Please wait.

Presentation is loading. Please wait.

3/10/07ACM SIGCSE'071 SEED: A Suite of Instructional Laboratories for Computer SEcurity EDucation Wenliang (Kevin) Du Zhouxuan Teng & Ronghua Wang Department.

Published byJack Carpenter Modified over 9 years ago

Similar presentations

Presentation on theme: "3/10/07ACM SIGCSE'071 SEED: A Suite of Instructional Laboratories for Computer SEcurity EDucation Wenliang (Kevin) Du Zhouxuan Teng & Ronghua Wang Department."— Presentation transcript:

1 3/10/07ACM SIGCSE'071 SEED: A Suite of Instructional Laboratories for Computer SEcurity EDucation Wenliang (Kevin) Du Zhouxuan Teng & Ronghua Wang Department of Electrical Engineering & Computer Science Syracuse University

2 3/10/07ACM SIGCSE'072 Objectives Improve experiential learning in computer security education Undergraduate & Graduate Develop effective labs (or course projects) for security courses Evaluate the effectiveness of these labs

3 3/10/07ACM SIGCSE'073 About SEED Project Funded by the NSF CCLI Program Phase I ($75K) was funded in 2002 Phase II ($450K) was funded in 2007 Four years of experience and development Four universities involved Web page for all the developed labs http://www.cis.syr.edu/~wedu/seed/

4 3/10/07ACM SIGCSE'074 Teaching Philosophy Computer security education should focus on: fundamental security principles Students should be given opportunities to experience, apply, to integrate, and to experiment with these principles.

5 3/10/07ACM SIGCSE'075 Labs Environment One environment that supports all labs Desired properties Low cost No physical lab space is needed: we focus on software security Repeatable

6 3/10/07ACM SIGCSE'076 Lab Environment Labs MinixLinux Virtual Machine (e.g. vmware ) Host OS (Windows, Linux, etc.)

7 3/10/07ACM SIGCSE'077 Instructional OS (Minix) Widely used by many courses, e.g., Operating Systems, Networking, etc. Advantage: Real OS, not a toy program Much smaller than production OS Less secure than production OS Easy to understand and modify Disadvantage: Lack of tools Lack of advanced security features

8 3/10/07ACM SIGCSE'078 Labs Three types of Labs Design/Implementation Labs Exploration Labs Vulnerability Labs

9 3/10/07ACM SIGCSE'079 Design/Implementation Labs Design/Implementation Labs Minix Virtual Machine (e.g. vmware )

10 3/10/07ACM SIGCSE'0710 Design Labs Students’ Tasks Existing Components Capability Access Control List Sandbox Encrypted File System Properties of this design: Focused on targeted principles Each lab takes 2-6 weeks Difficulties can be adjusted RBAC MAC IPSecFirewallIDS Minix OS System Randomization

11 3/10/07ACM SIGCSE'0711 Exploration Labs Exploration Labs MinixLinux Virtual Machine (e.g. vmware )

12 3/10/07ACM SIGCSE'0712 Exploration Labs Minix/Linux OS Security Component Other Components Guided Tour: Small experiments Guided activities Interact with security components Observe Explain the observations “tour” Set-UID PAM: Pluggable Authentication Module Reference Monitor All the design labs can be transformed to exploration labs Intel 80x86 Protection Mode SYN Cookie

13 3/10/07ACM SIGCSE'0713 Vulnerability/Attack Labs Vulnerability/Attack Labs MinixLinux Virtual Machine (e.g. vmware )

14 3/10/07ACM SIGCSE'0714 Vulnerability/Attack Labs Linux/Minix OS User Space Kernel Space Real-World Vulnerabilities Fault Injection Students’ Tasks: 1.Find out those vulnerabilities 2.Exploit the vulnerabilities 3.Fix the vulnerabilities 4. Design countermeasures

15 3/10/07ACM SIGCSE'0715 Vulnerability Laboratories Buffer-overflow Lab Race-condition Lab Format-string Lab Sandbox (chroot) Lab Attack Lab on TCP Attack Lab on ARP, IP, ICMP Attack Lab on DNS Integer overflow SQL injection attack Lab Set-UID vulnerability Lab Lab on various OS kernel vulnerabilities

16 3/10/07ACM SIGCSE'0716 Example: Capability Lab (1) Learning objectives: Capability-based access control Principle of least privilege Reference monitor Lab Tasks 5 capabilities Capability management functionalities (enabling, disabling, deleting, delegating, revoking capabilities) Time: 4-6 weeks

17 3/10/07ACM SIGCSE'0717 Capability Lab (2) An actual capability system is very complicated Simplification: 5 capabilities (Solaris has 80) CAP_READ, CAP_KILL, etc. Supporting materials: Identify time-consuming places Analyze whether they are security relevant or not If not, tell students how to do those

18 3/10/07ACM SIGCSE'0718 (Crypto + System) Labs Encrypted File System Lab Integrate crypto technologies with file systems 4-5 weeks Can also be used for Operating System course IPSec Lab Integrate crypto technologies with TCP/IP 4-6 weeks Can also be used for Networking course Key management issues: key agreement, key storage, key update, etc.

19 3/10/07ACM SIGCSE'0719 Set-UID Exploration Lab “Play” with the Set-UID mechanism in both Minix and Linux, and answer: How is it implemented? Why is it necessary? Why is it dangerous? How to make Set-UID programs more secure? Why does Linux appear more secure than Minix against vulnerable Set-UID programs.

20 3/10/07ACM SIGCSE'0720 Buffer-Overflow Lab Students are given: A vulnerability program: stack.c Shell code (binary code) Partially implemented exploit program: exploit.c (shell code is also given) Students need to: Finish exploit.c Construct a string that can be used to overflow the buffer in the vulnerable program Invoke root shell. Time: 1 week

21 3/10/07ACM SIGCSE'0721 Evaluation Survey Questionnaires The quality of lab design and supporting materials Students’ perspective in the labs: How interested they are Whether the labs are worthwhile Whether the labs spark their interests in security Participants: 30 students on average

22 3/10/07ACM SIGCSE'0722 Evaluation Results (1) A: Strongly disagree B: Disagree C: Neutral D: Agree E: Strongly agree Survey: Your level of interest in this lab is high. Set-UID LabCapability LabIPSec Lab

23 3/10/07ACM SIGCSE'0723 Evaluation Results (2) A: Strongly disagree B: Disagree C: Neutral D: Agree E: Strongly agree Set-UID LabCapability LabIPSec Lab Survey: The lab is a valuable part of this course.

24 3/10/07ACM SIGCSE'0724 Evaluation Results (3) A: Strongly disagree B: Disagree C: Neutral D: Agree E: Strongly agree Set-UID LabCapability LabIPSec Lab Survey: The lab sparks your interest in computer security.

25 3/10/07ACM SIGCSE'0725 Summaries SEED lab environment is low-cost, portable, easy to use We have developed 15 labs We have used them during the last 4 years Some other universities are also using them Anyone interested are free to use them Evaluation results are encouraging

26 3/10/07ACM SIGCSE'0726 NSF CCLI Showcase Time: 10:30 - 12:00 Place: Exhibit Hall I will handout hardcopies of all our labs Project web site: http://www.cis.syr.edu/~wedu/seed or google: wedu seed

Download ppt "3/10/07ACM SIGCSE'071 SEED: A Suite of Instructional Laboratories for Computer SEcurity EDucation Wenliang (Kevin) Du Zhouxuan Teng & Ronghua Wang Department."

Similar presentations

Module X Session Hijacking

Module X Session Hijacking
A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.

A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Practical Training of Information Security Masahito Gotaishi, R & D Initiative, Chuo Universty.

Practical Training of Information Security Masahito Gotaishi, R & D Initiative, Chuo Universty.
Introduction to Operating Systems CS-2301 B-term 20081 Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.

Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.
© 2004, D. J. Foreman 1 CS350 Operating Systems. © 2004, D. J. Foreman 2 Administrivia  Assignments ■ Homework on most chapters ■ Approximately 8 lab.

© 2004, D. J. Foreman 1 CS350 Operating Systems. © 2004, D. J. Foreman 2 Administrivia  Assignments ■ Homework on most chapters ■ Approximately 8 lab.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: 509-359-6908 Office.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Browser Exploitation Framework (BeEF) Lab

Browser Exploitation Framework (BeEF) Lab
Secure Coding Faculty Workshop, April 14-15, Orlando, FL 1 SEED: A Suite of Instructional Laboratories for Computer SEcurity EDucation Wenliang (Kevin)

Secure Coding Faculty Workshop, April 14-15, Orlando, FL 1 SEED: A Suite of Instructional Laboratories for Computer SEcurity EDucation Wenliang (Kevin)
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Computer Science Department 1 An Open Source Laboratory for Operating Systems Projects * Mark Claypool, David Finkel, Craig Wills Computer Science Department.

Computer Science Department 1 An Open Source Laboratory for Operating Systems Projects * Mark Claypool, David Finkel, Craig Wills Computer Science Department.
Patch Management Module 13. Module 2-421 You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
Objectives  Understand the purpose of the superuser account  Outline the key features of the Linux desktops  Navigate through the menus  Getting help.

Objectives  Understand the purpose of the superuser account  Outline the key features of the Linux desktops  Navigate through the menus  Getting help.
1 An Application-Oriented Approach for Computer Security Education Xiao Qin Department of Computer Science and Software Engineering Auburn University Email:

1 An Application-Oriented Approach for Computer Security Education Xiao Qin Department of Computer Science and Software Engineering Auburn University
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
CS252: Systems Programming Ninghui Li Final Exam Review.

CS252: Systems Programming Ninghui Li Final Exam Review.

Similar presentations

Ads by Google