Computer and Communication Security

Instructor: Benny Pinkas, benny (at), benny (at)
Spring semester 2009.
Dept. of Computer Science, University of Haifa.

This course will cover topics of interest in computer and communication security.
Preferred prerequisites:
Introduction to cryptography.
Operating systems, compilation.
Office Hours: Wednesday, 12-1pm, by appointment. 
Grading: 0.4*projects grade  + 0.6 * exam grade. If the finla exam grade is below 51, then the your final grade will be equal to the exam grade.
Course Plan:
 The pdf files are password protected. The password is the name of the room in which the class takes place (if the class was being held in Jacobs 201, then the password would have been 201).

שימו לב, הבחינה הסופית היא ללא חומר עזר
Lecture Date Subject Files
1 February 28, 2009 Overview.  slides
2 March 15, 2009 Buffer overflows, format string bugs. slides

background material:
  Smashing the stack for fun and profit
  Smashing the modern stack for fun and profit

  Exploiting format string vulnerabilities
3 March 22, 2009 Programming secure code. slides
4 March 29, 2009 Java security model, software fault isolation, proof carrying code. slides
5 April 5, 2009 User authentication. slides
6 April 19, 2009 User authentication. slides
7 April 26, 2009 Web application security. slides

background material:
  Cross site scripting explained
8 May 3, 2009 Network security, DOS, DNS security. slides

background material:
  SYN cookies
  IP spoofing demystified
BIND 9 DNS Cache Poisoning
  Increased DNS Forgery Resistance Through 0x20-Bit Encoding

May 10, 2009 No Class

9 May 17, 2009. DDos
10 May 24, 2009. Spam.
11 May 31, 2009. Firewals, intrusion detection.
12 June 7, 2009. Intrusion detection, anonymization.
13 June 14, 2009. Anonymization, security of the https protocol.
14 June 21, 2009. Digital Rights Management.
Last updated: June 20, 2009.