Van Oorschot: Courses: COMP 5407F Classes

Class outline and references (COMP 5407F)

Last updated: Nov. 9, 2004 10:45pm

Notation (for background references):
"HAC ssN" denotes section N in Handbook of Applied Cryptography (Menezes, Van Oorschot, Vanstone, 1996).

Class outline - overview:

Class 1-3: Online and offline password attacks
Class 4: Graphical passwords
Class 5: Identity theft, key loggers and phishing
Class 6-8: Buffer overflows and memory exploits
Class 9-10: Computer viruses and Trojan horses
Class 11-13: Computer worms
Class 14: Test (in class)
Class 15-16: Digital signatures: practical issues
Class 17-18: Software diversity
Class 19-24: Student presentations
(If any class time remaining:) Software attestation & integrity checking

Class outline - details (updated as term progresses):

Class 1: On-line Password Dictionary Attacks. Pinkas and Sander, Securing Passwords Against Dictionary Attacks, ACM CCS-9: Computer and Communications Security, Nov.2002; also visit the CAPTCHA Project site. Begin Project 1 immediately (optional background: Spafford, "Crisis and Aftermath (The Internet Worm)", Comm. of the ACM, vol.32 no.6 (1989), pp.678-687; PDF available online).
Classes 2-3: Off-line Password Dictionary Attacks. Class 2: Bellovin and Merritt, Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attack, IEEE Security and Privacy, May 1992. Also review reading - passwords: HAC ss10.2.1-10.2.2; time variant parameters: HAC ss10.3.1. Class 3: Gong, Lomas, Needham, Saltzer, Protecting Poorly Chosen Secrets from Guessing Attacks, IEEE J. Selected Areas in Comm., vol.11 no.5 (June 1993).
Class 4: Graphical Passwords. Jermyn et al., The Design and Analysis of Graphical Passwords, 1999 USENIX Security. Further analysis: see J.Thorpe (2004 USENIX Security; and ACSAC 2004).
Class 5: Web-based Identity Theft and Key Loggers. Chou et al., Client-Side Defense Against Web-Based Identity Theft, NDSS'04 (11th Symposium on Network and Distributed System Security) .
Classes 6-8: Buffer overflow exploits. Wilander and Kamkar, A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention, NDSS'03. Additonal notes from instructor (Class 7). Bhatkar et al., Address Obfuscation: an Efficient Approach to Combat a Broad Range of Memory Error Exploits (pdf also available online), USENIX Security 2003.
Classes 9-10: Computer Viruses and Trojan Horses. Class 9: Nachenberg, Computer Virus-Antivirus Coevolution (Comm. ACM, Jan. 1997); pdf available online. Class 10: McIlroy, Virology 101 (Computing Systems, Spring 1989); and Thompson, Reflections on Trusting Trust (Comm. ACM, Aug.1984).
Classes 11-13: Computer Worms. Class 11: Spafford, "Crisis and Aftermath (The Internet Worm)", Comm. of the ACM, vol.32 no.6 (1989), pp.678-687; PDF available online. Class 12: Staniford et al., How to 0wn the Internet in Your Spare Time (2002 Usenix Security). Class 13: more recents worms (Sapphire/Slammer, Blaster, Witty). Moore et al., The Spread of the Sapphire/Slammer Worm (Feb.2003); N. Weaver, Reflections on Witty (;login, vol.29 no.3, June 2004).
Class 14: Test (in class), Monday, Nov.1 2004.
Classes 15-16: Digital Signatures - Practical Issues. Public key infrastructure for digital signatures: RSA signatures (background) - HAC pp.433-434; public-key certificates - HAC pp.559-560; certificate and key life cycle - HAC pp.576-581. A Comparison of Digital and Handwritten Signatures (D. Fillingham, 1997 course paper).
Class 17-18: Software Diversity. Operating System Protection Through Program Evolution (F. Cohen, Computers and Security, Oct.1993). Redundancy and Diversity in Security (Littlewood, Strigini, ESORICS 2004).