1 / 15

Welcome to EECS 354 Network Penetration and Security

Welcome to EECS 354 Network Penetration and Security. Why Computer Security. The past decade has seen an explosion in the concern for the security of information Malicious codes (viruses, worms, etc.) caused over $28 billion in economic losses in 2003, and will grow to over $75 billion by 2007

Download Presentation

Welcome to EECS 354 Network Penetration and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Welcome to EECS 354Network Penetration and Security

  2. Why Computer Security • The past decade has seen an explosion in the concern for the security of information • Malicious codes (viruses, worms, etc.) caused over $28 billion in economic losses in 2003, and will grow to over $75 billion by 2007 • Jobs and salaries for technology professionals have lessened in recent years. BUT … • Security specialists markets are expanding ! • “ Full-time information security professionals will rise almost 14% per year around the world, going past 2.1 million in 2008” (IDC report)

  3. Why Computer Security (cont’d) • Internet attacks are increasing in frequency, severity and sophistication • Denial of service (DoS) attacks • Cost $1.2 billion in 2000 • 1999 CSI/FBI survey 32% of respondents detected DoS attacks directed to their systems • Thousands of attacks per week in 2001 • Yahoo, Amazon, eBay, Microsoft, White House, etc., attacked

  4. Why Computer Security (cont’d) • Virus and worms faster and powerful • Melissa, Nimda, Code Red, Code Red II, Slammer … • Cause over $28 billion in economic losses in 2003, growing to over $75 billion in economic losses by 2007. • Code Red (2001): 13 hours infected >360K machines - $2.4 billion loss • Slammer (2003): 10 minutes infected > 75K machines - $1 billion loss • Spams, phishing … • New Internet security landscape emerging: BOTNETS !

  5. The Spread of Sapphire/Slammer Worms

  6. Logistics • Instructors Sam Mc Yan Chen (ychen@cs.northwestern.edu), • TA TBD

  7. Why Learn to Hack • If you can break into computer systems, then you can defend computer systems. • The fundamental idea is to learn how to think as an attacker. • Defense then becomes second-nature. • “The devil is in the details.” • Only by understanding low-level details of vulnerabilities and attacks is it possible to avoid the introduction of similar flaws and to design effective protection mechanisms.

  8. Logistics • Instructors Sam McIngvale (CS alumni) Jim Spadaro (undergrad) Whitney Young (to be CS alumni) Yan Chen • TA TBD

  9. Course Overview • This course will emphasize the practical security techniques rather than the theory • Complementary to EECS 350 “Intro to Computer Security” and EECS 450 “Internet Security” research course • Satisfy the project course requirement for undergrads • Security has become one of the depth areas for CS major requirements • Satisfy the breadth requirement for system Ph.D. students

  10. Course Objective • Be able to identify basic vulnerabilities in software systems and design corresponding protection mechanisms • Be able to use some important and popular security tools for network/system vulnerability discovery and risk assessment • Be able to use configure a computer/network with current security software, e.g., firewalls, intrusion detection systems (IDS) • Compete in the international Capture the Flag competition

  11. Course Contents • Shellcode • Buffer Overflows, Heap Overflows • Format Strings • Web Attacks • SQL injection and Shell attacks • Cross Site Scripting (XXS) • Using Metasploit for Penetration • Firewalls and IDSs • Wireshark and Finding Illegal Users • Looking at tcpdump data with Wireshark

  12. Course Contents (cont’d) • Reverse Engineering • Reverse engineering compiled code • Reverse engineering byetcode • Windows Hacking • Differences between Windows and Linux • Example Windows vulnerabilities

  13. Prerequisites and Course Materials • Required: EECS 213 or (ECE 205 and 231) or any equivalent operating systems introductory courses • Highly Recommended: networking (EECS 340) and OS (EECS 343) or having some familiarity with Unix systems programming • No textbooks – all readings will come from handouts

  14. Grading • No exams for this class. • Participation in CTF and Practice Competitions is mandatory • Date: December • Participation 25% • RTFM classes are very interactive. Students should come to class prepared and ready to participate. • Homework 30% • Students will be expected to complete weekly hacking assignments. • Competition 20% • Group Project 25%

  15. Communication • Slides will be made online prior to each class • Web page: http://cal.cs.northwestern.edu/nuctf • Newsgroup on Google Groups: Network Penetration and Security

More Related