What if a Computer Lies?
G22.3033-007, Spring 2007
Th 5-6:50 PM, 101 WWH
Instructor: Prof. Lakshminarayanan Subramanian
Office Hours: Wed 5-6 PM or by appointment (firstname.lastname@example.org)
About this Course
This course is a graduate-level course on security topics in networks and distributed systems. The discussion topics in this course will be centered around the theme, "what if a computer lies?", and the end-goal of this course is to teach students how to design secure network protocols and large-scale systems in the face of misbehaving nodes. Many of today's large scale systems and networks are built around the basic assumption that nodes in the system do not lie - but if they do, then many of these systems completely break down. For example, today, a single misbehaving router can potentially bring down much of the Internet and a fast-propagating worm can infect over 50% of hosts in less than 10 sec. In this class, we will analyze why such attacks happen and what can one do defend against them. The main topics that will be covered in the class include:
- secure routing protocols
- security attacks on the Internet architecture
- reliable communication and byzantine agreement
- byzantine fault tolerant file systems and untrusted storage
- security in enterprise networks (firewalls, end-host based security) and financial systems security (Sarbanes Oxley)
- security issues in P2P networks
- sensor network security
- security in wireless environments
- cryptographic approaches to deal with security attacks
- intrusion detection
- trust and reputation systems
- electronic voting machines
Survey study on a security sub-topic
One unique aspect of this class is that students will be involved in a survey study (individual or in a group depending on class size). The end-goal of this class is to distill some of the basic principles essential for building secure systems and how these principles arise repeatedly in different forms of systems. As part of this process, students in the class will be involved in doing a survey study within a specific subtopic and need to produce a survey report of that subtopic. These topics will be given early in the class and students will begin the survey work early in the semester. Together, all the surveys will be released as a lecture notes in this topic.
As part of the course workload for this project, there are three basic aspects:
- A course project (50%)
- A survey writeup on a topic (suggested by the instructor) (30%)
- Assignment (involving identifying security flaws in an existing system) (10%) [not necessarily programming oriented]
- Continuous participation in class as well as part of an online class blog (10%)
The survey writeups of the class, together, shall be released as lecture notes for the class at the end of the term. The final course project (in groups of 2-3) should be a research oriented project on computer security that either
- identifies security flaws in existing system
- builds a secure version of a network protocol or a system
Potential project ideas will be discussed in class.
A basic undergraduate level background on networks and operating systems is essential for this class. You would need good programming experience in C/C++/Java for this class. The course project is programming based. If you have taken the course offered last semester on "Networks and Distributed Systems", you are welcome to take this class too since some of the material builds upon that material. However, it is not essential to have the class last semester as long as you have some prior exposure to networks and distributed systems.