CS 261: Computer Security


CS 261 is a graduate class on computer security offered this fall semester.

Instructors: Prof. Eric Brewer, David Wagner, and Ian Goldberg.
Time: Wednesday/Friday 2:00-3:30.
Location: 405 Soda.
Prerequisites: CS 162 or equivalent.
Web page: http://www.cs.berkeley.edu/~daw/classes/cs261/

The class was offered in the Fall '98 semester, and is now over.

Course description

CS261: Security in Computer Systems. Prerequisite: CS162. Graduate survey of modern topics in computer security, including: protection, access control, distributed access control, Unix security, applied cryptography, network security, firewalls, secure coding practices, safe languages, mobile code, and case studies from real-world systems. May also cover cryptographic protocols, privacy and anonymity, and/or other topics as time permits. Term paper or project required. Three hours of lecture per week. (3 units)

Also, an approximate syllabus is available online at http://www.cs.berkeley.edu/~daw/classes/cs261/syllabus.html

Grading (approximate)

Class project: 60%
Problem sets: 30%
Readings and class discussion: 10%


The project writeup is due by 9:00am Monday 14 December (no exceptions).

You were supposed to send us a short note (one paragraph is fine) updating us on your project status by Friday 13 November. You can send email to cs261-homeworks@joseph.cs.berkeley.edu.

A list of the projects various students have signed up to do can be found here. The old instructions on projects and proposals are here.

Problem sets

The first homework was due Friday 2 October; see here for the assignment. A solution set is available.

The second homework was due Friday 30 October; see here for the assignment. A solution set is available.

The third homework was due Friday 20 November; see here for the assignment. A solution set is available.

Assigned readings

Wed 2 Sept:
The protection of information in computer systems, Saltzer and Schroeder (handout).
Fri 4 Sept:
Excerpts from the Orange Book.
Rudimentary Treatise on the Construction of Locks (excerpt), Tomlinson.
Reflections on trusting trust, Thompson.
Wed 9 Sept:
Chapter 10, ``Using Algorithms,'' of Schneier's Applied Cryptography (handout).
Fri 11 Sept:
Cryptography on the Internet, Bellovin.
Why Cryptosystems Fail, Ross Anderson.
Wed 16 Sept:
Using the Domain Name System for System Break-ins, Bellovin.
A simple active attack against TCP, Joncheray.
Fri 18 Sept:
Security Problems in the TCP/IP Protocol Suite, Bellovin. [also available in html and pdf]
Improving the security of your site by breaking into it, Farmer and Venema.
Wed 23 Sept:
No readings assigned, lucky you.
Fri 25 Sept:
Chapter 3 of Firewalls and Internet Security: Repelling the Wily Hacker (Cheswick and Bellovin), handed out in class on the 23d.
Wed 30 Sept:
Network (In)Security Through IP Packet Filtering, Chapman.
Fri 2 Oct
Homeworks due.
Wed 7 Oct:
Bro: A System for Detecting Network Intruders in Real-Time, Vern Paxson [available in pdf]
Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection, Ptacek and Newsham. [also available in html]
Fri 16 Oct:
With microscope and tweezers: an analysis of the Internet virus of Nov 1988, Eichen and Rochlis [a text conversion].
Smashing the stack for fun and profit, Aleph One.
Wed 21 Oct:
Shifting the odds: Writing (more) secure software, slides to a talk by Bellovin [a text conversion].
Fri 23 Oct:
Java Security, J. Bank.
Wed 28 Oct:
Extensibility, safety and performance in the SPIN operating system (you may ignore Section 5) [a text conversion].
Fri 30 Oct:
Java security: from HotJava to Netscape [pdf, a ps2txt conversion]
Extensible security architectures for Java [html, pdf, a ps2txt conversion]
Wed 4 Nov / Fri 6 Nov:
GSM security and encryption, David Margrave. (You may skip sections 2.1--3.3.)
GSM hack -- operator flunks the challenge, Ross Anderson, RISKS vol 19 no 48.
GSM cloning announcement, some local troublemakers.
Wed 11 Nov:
Kerberos: an authentication service for computer networks, Neuman and Ts'o.
Limitations of the Kerberos authentication system, Bellovin and Merritt. [also in ASCII text]
Fri 13 Nov / Wed 18 Nov:
If you are interested in reading more about IPSec, I thought I would point to the following optional reading: Problem Areas for the IP Security Protocols. (Once again, this is entirely optional.)
Fri 20 Nov:
Prudent engineering practice for cryptographic protocols, Abadi and Needham. [also in ASCII text]
Wed 25 Nov:
None, guest lecture.
Fri 27 Nov:
No class; Thanksgiving vacation.
Wed 2 Dec:
Privacy-enhancing technologies for the Internet, Goldberg, Wagner, and Brewer. [also in HTML]
The design, implementation and operation of an email pseudonm server, Mazieres and Kaashoek. [also in PDF and ASCII text]
Wed 4 Dec:
Poster session. Get your posters ready.

All reading will be from papers. Whenever possible, handouts and papers will be placed online on the web page; papers not available online will be handed out in class.

There is no required text. If you would like more reading, one useful book is Firewalls and Internet Security: Repelling the Wily Hacker by Cheswick and Bellovin (Addison-Wesley). If you would like additional reading on cryptography background, you can read an essay by Bruce Schneier titled Why cryptography is harder than it looks. (Neither of these are required.)


A list of planned lectures. (Online lecture notes are available for some of the first few lectures.)
Wed 26 Aug:
Trust (not available online)
Fri 28 Aug:
Protection and OS security [also in html]
Wed 02 Sept:
Design principles for security-conscious systems [also in html]
Fri 04 Sept:
Military security and the Orange Book [also in html]
Wed 09 Sept:
Cryptography: tools and techniques.
Fri 11 Sept:
Cryptography: tools and techniques, continued.
Wed 16 Sept:
Network security: DNS security, TCP ISN prediction.
Fri 18 Sept:
Network security: TCP hijacking, routing attacks.
Wed 23 Sept:
Network security: vulnerabilities in Internet protocols, port scanning, and exploitation.
Fri 25 Sept:
Firewalls: introduction, protocol stacks, packet filters.
Wed 30 Sept:
Firewalls: application layer firewalls.
Fri 2 Oct:
More on firewalls.
Wed 7 Oct:
Intrusion detection: background, network IDS systems, Bro.
Fri 9 Oct:
Homework #1.
Wed 14 Oct:
Eluding intrusion detection. Introduction to buffer overruns.
Fri 16 Oct:
Buffer overruns continued. The Internet Worm.
Wed 21 Oct:
Secure coding.
Fri 23 Oct:
Java, a type-safe language.
Wed 28 Oct:
Mobile code, Java, ActiveX.
Fri 30 Oct:
Low-level details of Java as a system, and the SOSP paper.
Wed 4 Nov:
Java as a system, cont.: the last bits of the SOSP paper, and the IEEE paper.
Fri 6 Nov:
Real world systems: GSM cellphones. (Here are the slides Ian will use.)
Wed 11 Nov:
Real world systems: Kerberos.
Fri 13 Nov:
Real world systems: IP security.
Wed 18 Nov:
Real world systems: commonly-used tools: PGP, SSL, SSH.
Fri 20 Nov:
Cryptographic protocols.
Wed 25 Nov:
Guest lecture: Doug Tygar. Powerpoint slides are here.
Fri 27 Nov:
No class; Thanksgiving vacation.
Wed 2 Dec:
Privacy and anonymity systems: remailers, rewebbers, Crowds, Onion Routing, ZKS.
Wed 4 Dec:
Poster session.


From time to time, we may discuss vulnerabilities in widely-deployed computer systems. This is not intended as an invitation to go exploit those vulnerabilities. It is important that we be able to discuss real-world experience candidly; students are expected to behave responsibly.

Berkeley's policy (and our policy) on this is clear: you may not break into machines that are not your own; you may not attempt to attack or subvert system security. Breaking into other people's systems is inappropriate; and the existence of a security hole is no excuse.

Other notes

Office hours to be decided. The instructors may be reached by email to cs261@joseph.cs.berkeley.edu

More information will appear on the web page as it becomes available.

For those wanting access on our security research subnet, here is the acceptable use policy.

CS261, cs261@joseph.cs.berkeley.eduhttp://www.cs.berkeley.edu/~daw/classes/cs261/