CS590D Spring 2004: Security Topics in Networking and Distributed Systems




Class Information
Calendar
Projects
Additional Reading
Other Resources


CERIAS Security Seminar


Class Information

The goal of the course is to familiarize graduate students with state-of-the-art and open problems in network security and secure distributed systems. The course will involve weekly research papers readings, and a semester-long project.

Homework

Reading will be assigned for each lecture. Before lecture, every student must submit a one page report of one of the assigned papers (report should contain a one paragraph summary of the paper, description of three strong points of the paper and three weak points of the paper). The reports are due one hour before the class starts (DUE TIME: 12:30 PM), by email, include 590D and the homework number or the date in the subject. Homework can be submitted by email to me and TA, include 590D - HW# in the subject. If more than one paper was assigned, you have to submit a report only on one of the papers. IMPORTANT: Submit your homework in PDF format or txt.

Project

Every student must complete a project on one of the topics discussed in the class. Students are required to work in teams of 2 or 3 on the project. In addition to the presentation given in the class every team will meet with me to discuss the accomplished results and asses the contribution of each team member. Every project must have a practical component that will require you to do an implementation and demonstration. You are required to submit:
  • Project proposal (2-3 pages), due Jan.29
      Should include:
    • Problem you address.
    • What is your approach.
    • Milestones (main steps and when annd how you plan to address them)
    • References: additional reading that you intend to do
    • Tools: if you plan to use tools (software already available), specify if you already have experience with it or you will need first to get to know how to use it.
    • What will be the deliverables: implementation, simulation results, etc,
    • What are the points that if achieved, you will consider that the project was succesful.
  • Project progress (1-2 pages), due March 11
      Should relate to the project proposal:
    • What points from the milestones in project proposal were finished.
    • What are the main challenges so far.
    • Describe if you are stuck in solving a problem (technical or research).
    • Sometimes things do not work the way you intended, specify all the modifications from the original proposal, and why were they necessary.
  • Project final report (10-12 pages), due 1 day before your demonstration of the project
      Should include:
    • Problem addressed
    • Proposed solution; In case of a system, describe and motivate the chosen architecture, design. If any new algorithm/protocol is designed, include description of the algorithm.
    • In case of comparison, simulations, include results.
    • What was your personal lessons learnt from the project.
Evaluation of the project will be based on:
  • Final report (10-12 pages) (25%).
  • Demonstration of the project and discussions about the project with the professor (50%).
  • Presentation of the project, accomplished results and lessons learnt, in the class (25%).

Grading

The grade will be based on:
  • the activity in the class (involvement in discussing the papers) (15%)
  • homework (25%)
  • the quality of the project (60%).

Topics

  • Overview of network security issues: what is the current status, what are the current interesting problems in point-to-point and multicast protocols.
  • Security of the Internet infrastructure: DNS, BGP.
  • Denial of service: intrusion detection systems, IP traceback, distributed denial of service tools, classifying denial of service.
  • Key management: why is key management so important, what are the most successful proposed solutions, what are their limitations.
  • Security in wireless communication: what are the main issues in security for distributed systems in a wireless environments, what are the particularities, solutions, and open problems.
  • Peer-to-peer systems: after familiarizing with the main services that these systems provide, we will examine possible security problems and look at recent research papers focused on proposing solutions.

Computer Networks, Distributed Systems and Information Security or Cryptography are highly recommended.

Class Schedule and Office Hours

  • TTh 1:30-2:45pm, CS G066
  • Cristina Nita-Rotaru: Tu 3-4:30 and Th 5:6:30 CS 174
  • Chi-Bun Chan: Mon. 10-11:30 AM and Wed. 12:00 - 1:30 PM, CS G16

Academic Integrity

Academic Honesty and Ethical behavior are required in this course, as it is in all courses at Purdue University (here is the guide for academic integrity). The class will be conducted according to the policy written by Professor Gene Spafford. Please take the time to read it carefully. This will be followed unless I provide written documentation of exceptions.

As of Spring 2004, all students taking CS courses, including CS 590D, must read and "sign" the Purdue University Department of Computer Science Academic Integrity Policy. This is available on the CS Department Website. Click on the link "Student Resource Page Now Online" and from there the link to "Academic Integrity Policy". You will need your Purdue Career Account login and password to access this page. There, after reading the policy, you will indicate that you have read and understand both the policy and its consequences. There is also information there about some implementation details.

You are encouraged to talk with the professor about any questions you have about what is permitted on any particular assignment.


Calendar
Week Tuesday Thursday
Jan. 12 - Jan. 16 Lecture 1: Course overview, topics and possible projects
Lecture2: Introduction to attacks on protocol.
Jan. 19 - Jan. 23 Lecture3: Attacks on TCP
 Lecture 4: Clasifying DDoS attacks.
Jan. 26 - Jan. 30 Lecture 5: IP Traceback Optional:
  • Hash-Based IP Traceback Alex C. Snoeren, Craig Partridge, Luis A. Sanchez, Christine E. Jones, Fabrice Tchakountio, Stephen T. Kent, W. Timothy Strayer. SIGCOMM 2001.
Lecture 6: Proactive countermeasures against DDoS
Project proposal due SUNDAY FEB. 1st by 10 PM(electronic submission, PDF preferred.)
Feb. 2 - Feb. 6 Lecture7: Intrusion detection Lecture 8: Intrusion detection. Presentation by M. Pusara. NO HOMEWORK TODAY!
Feb. 9 - Feb. 13 Lecture 9: Worms - survey and trends.
You have to read one of the following two papers. Optional:
  • Inside the Slammer Worm. David Moore, Vern Paxson, Stefan Savage, Colleen Shannon, Stuart Staniford and Nicholas Weaver, IEEE Security and Privacy 2003.
Lecture 10: Worms - modeling and defense.
Feb. 16 - Feb. 20 Lecture 11: BGP security. Lecture 12: BGP security.
Feb. 23 - Feb. 27 Lecture 13: DNS security. Optional: Lecture 14: Security of WEP.
March 1 - March 5 Lecture 15: 802.11 Denial of Service. Lecture 16: Security Issues in Routing protocols for Ad Hoc Wireless Network(1).
March 8 - March 12 Lecture 17: Security Issues in Routing protocols for Ad Hoc Wireless Network (2). Lecture 18: Security Issues in Routing protocols for Ad Hoc Wireless Network (3).
March 15 - March 18 SPRING BREAK SPRING BREAK
March 21 - March 25 Class canceled because of CERIAS Security Symposium. Project progress presentations and discussions:
    Team 1: Analysis of Network Design and Worm Propagation
  • Team 2: Intrusion Fault-Tolerance using Threshold Cryptography
  • Team 3: Simulation and Analysis of Attacks on MAC Protocols on Wireless Networks
March 29 - April 2 Project progress presentations and discussions:
    Team 4: Intrusion Detection Applications: User Re-Authentication and Covert Channel Detection
  • Team 5: A Key Management Scheme for Wireless Sensors Networks
  • Team 6: Defending Against SPAM
Project progress presentations and discussions:
  • Team 7: DDoS Attacks, Protection and Recovery
  • Team 8: JAZ: Web Services for Healthcare Applications
  • Team 9: RFIDs and Privacy
April 5 - April 9 Lecture 19: Sensor networks: Key Management. Lecture 20: Sensor networks.
April 12 - April 16 Lecture 21: RFIDs and privacy.
You have to read the first paper and one of the following two (only one report required). 		Lecture 22: Traffic analysis on annonimity providing systems. Presentation by Chi-Bun Chan.
April 19 - April 23 Lecture 23: Summary. Homework: Based on all the papers discussed, select 3 problems that you consider major research and argue about: is progress possible, why, what will be the benefit to solve them, what are good directions in finding a solution.
Project final presentation:
  • Team 7: DDoS Attacks, Protection and Recovery
  • Team 3: Simulation and Analysis of Attacks on MAC Protocols on Wireless Networks
  • Team 5: A Key Management Scheme for Wireless Sensors Networks
April 26 - April 30 Project final presentation:
  • Team 6: Receipient Empowered Email
  • Team 2: Intrusion Fault-Tolerance using Threshold Cryptography
  • Team 9: Securing Off-the-Shelf RFID Systems
Project final presentation:
  • Team 1: Analysis of Network Design and Worm Propagation
  • Team 8: JAZ: Web Services for Healthcare Applications
  • Team 4: Intrusion Detection Applications: User Re-Authentication and Covert Channel Detection


Class Projects

  • Team 1: Analysis of Network Design and Worm Propagation
  • Team 2: Intrusion Fault-Tolerance using Threshold Cryptography
  • Team 3: Simulation and Analysis of Attacks on MAC Protocols on Wireless Networks
  • Team 4: Intrusion Detection Applications: User Re-Authentication and Covert Channel Detection
  • Team 5: A Key Management Scheme for Wireless Sensors Networks
  • Team 6: Defending Against SPAM
  • Team 7: DDoS Attacks, Protection and Recovery
  • Team 8: JAZ: Web Services for Healthcare Applications
  • Team 9: Securing Off-The-Shelf RFID Systems

Additional Reading


Other Resources

Purdue University Department of Computer Sciences