1. slide 1 Vitaly Shmatikov CS 378 Network Security and Privacy http://www.cs.utexas.edu/~shmat/courses/cs378_spring09/

2. slide 2 Course Personnel uInstructor: Vitaly Shmatikov Office: TAYLOR 4.115C Office hours: Tuesday, 4-5pm (after class) Open door policy – don’t hesitate to stop by! uTA: Jimmy Yang Office hours: Wednesday, 1:30-3:30pm (ENS 31NQ) uWatch the course website Assignments, reading materials, lecture notes

3. slide 3 Prerequisites uRequired: working knowledge of C and JavaScript One of the projects involves writing buffer overflow attacks in C –You must have detailed understanding of x86 architecture, stack layout, calling conventions, etc. The other project will be about Web security uRecommended: Introduction to Computer Security; Cryptography; Computer Networks; Compilers and/or Operating Systems Not much overlap with this course, but will help gain deeper understanding of security mechanisms and where they fit in the big picture

4. slide 4 Course Logistics uLectures Tuesday, Thursday 2-3:30pm uThree homeworks (30% of the grade) uTwo projects (10 + 15% of the grade) Projects involve a fair bit of C coding and PHP hacking Can be done in teams of 2 students Security is a contact sport! uMidterm (20% of the grade) uFinal (25% of the grade) uUTCS Code of Conduct will be strictly enforced No make-up or substitute exams! If you are not sure you will be able to take the exams in class on the assigned dates, do not take this course!

5. slide 5 Late Submission Policy uEach take-home assignment is due in class at 2pm on the due date 5 take-home assignments (3 homeworks, 2 projects) uYou have 3 late days to use any way you want You can submit one assignment 3 days late, 3 assignments 1 day late, etc. After you use up your days, you get 0 points for each late assignment Partial days are rounded up to the next full day

6. slide 6 Course Materials uTextbook: Kaufman, Perlman, Speciner. “Network Security” Lectures will not follow the textbook Lectures will focus on “big-picture” principles and ideas of network attack and defense Attend lectures! Lectures will cover some material that is not in the textbook – and you will be tested on it! uOccasional assigned readings Start reading “Smashing the Stack For Fun and Profit” by Aleph One (from Phrack hacker magazine) Understanding it will be essential for your project

7. slide 7 Other Helpful Books uRoss Anderson’s “Security Engineering” Focuses on design principles for secure systems Wide range of entertaining examples: banking, nuclear command and control, burglar alarms u“The Shellcoder’s Handbook” Practical how-to manual for hacking attacks Not a required text, but you will find it extremely useful for the buffer overflow project uKevin Mitnick’s “The Art of Intrusion” Real-world hacking stories Good illustration for many concepts in this course

8. slide 8 Main Themes of the Course uVulnerabilities of networked applications Worms, denial of service attacks, malicious code arriving from the network, attacks on infrastructure uDefense technologies Protection of information in transit: cryptography, application- and transport-layer security protocols Protection of networked applications: firewalls and intrusion detection uStudy a few deployed systems in detail: from design principles to gory implementation details Kerberos, SSL/TLS, IPsec

9. slide 9 What This Course is Not About uNot a comprehensive course on computer security uNot a course on ethical, legal or economic issues No file sharing, DMCA, free speech issues uOnly cursory overview of cryptography Take CS 346 for deeper understanding uOnly some issues in systems security No access control, OS security, language-based security Very little about secure hardware Will cover buffer overflow: #1 cause of remote penetration attacks

10. slide 10 Motivation https://

11. slide 11 Excerpt From “General Terms of Use” YOU ACKNOWLEDGE THAT NEITHER WELLS FARGO, ITS AFFILIATES NOR ANY OF THEIR RESPECTIVE EMPLOYEES, AGENTS, THIRD PARTY CONTENT PROVIDERS OR LICENSORS WARRANT THAT THE SERVICES OR THE SITE WILL BE UNINTERRUPTED OR ERROR FREE; NOR DO THEY MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES OR THE SITE, OR AS TO THE TIMELINESS, SEQUENCE, ACCURACY, RELIABILITY, COMPLETENESS OR CONTENT OF ANY INFORMATION, SERVICE, OR MERCHANDISE PROVIDED THROUGH THE SERVICES AND THE SITE.

12. slide 12 “Privacy and Security” “As a Wells Fargo customer, your privacy and security always come first.” Privacy policy for individuals Online privacy policy Our commitment to online security Online and computer security tips How we protect you General terms of use

13. slide 13 What Do You Think? What do you think should be included in “privacy and security” for an e-commerce website? ?

14. slide 14 Desirable Security Properties uAuthenticity uConfidentiality uIntegrity uAvailability uAccountability and non-repudiation uFreshness uAccess control uPrivacy of collected information uIntegrity of routing and DNS infrastructure

15. slide 15 Syllabus (1): Security Mechanisms uBasics of cryptography Symmetric and public-key encryption, certificates, cryptographic hash functions, pseudo-random generators uAuthentication and key establishment Case study: Kerberos uIP security Case study: IPsec protocol suite uWeb security Case study: SSL/TLS (Transport Layer Security)

16. slide 16 Syllabus (2): Attacks and Defenses uBuffer overflow attacks uNetwork attacks Distributed denial of service Worms and viruses Attacks on routing and DNS infrastructure uDefense tools Firewalls and intrusion detection systems uWireless security uSpam and phishing

17. slide 17 Peek at the Dark Side The only reason we will be learning about attack techniques is to build better defenses Don’t even think about using this knowledge to attack anyone

18. slide 18 What Drives the Attackers? uPut up a fake financial website, collect users’ logins and passwords, empty out their accounts uInsert a hidden program into unsuspecting users’ computers, use them to spread spam uSubvert copy protection, gain access to music and video files uStage denial of service attacks on websites, extort money uWreak havoc, achieve fame and glory in the blackhat community

19. slide 19 Network Stack people application session transport network data link physical IP TCP email, Web, NFS RPC 802.11 Sendmail, FTP, NFS bugs, chosen- protocol and version-rollback attacks SYN flooding, RIP attacks, sequence number prediction IP smurfing and other address spoofing attacks RPC worms, portmapper exploits WEP attacks Only as secure as the single weakest layer… … or interconnection between the layers RF RF fingerprinting, DoS Phishing attacks, usability

20. slide 20 Network Defenses Cryptographic primitives Protocols and policies Implementations Building blocks Blueprints Systems RSA, DSS, SHA-1… TLS, IPsec, access control… Firewalls, intrusion detection… … all defense mechanisms must work correctly and securely End uses People Password managers, company policies…

21. slide 21 Correctness versus Security uSystem correctness: system satisfies specification For reasonable input, get reasonable output uSystem security: system properties preserved in face of attack For unreasonable input, output not completely disastrous uMain difference: active interference from adversary uModular design may increase vulnerability … Abstraction is difficult to achieve in security: what if the adversary operates below your level of abstraction? u… but also increase security (small TCB)

22. slide 22 Bad News uSecurity often not a primary consideration Performance and usability take precedence uFeature-rich systems may be poorly understood uImplementations are buggy Buffer overflows are the “vulnerability of the decade” Cross-site scripting and other Web attacks uNetworks are more open and accessible than ever Increased exposure, easier to cover tracks uMany attacks are not even technical in nature Phishing, impersonation, etc.

23. slide 23 Better News uThere are a lot of defense mechanisms We’ll study some, but by no means all, in this course uIt’s important to understand their limitations “If you think cryptography will solve your problem, then you don’t understand cryptography… and you don’t understand your problem” -- Bruce Schneier Many security holes are based on misunderstanding uSecurity awareness and user “buy-in” help uOther important factors: usability and economics

24. slide 24 Reading Assignment uReview Kaufman, section 1.5 Primer on networking uStart reading buffer overflow materials on the course website “Smashing the Stack for Fun and Profit” You will definitely need to understand it for the buffer overflow project