Cheating: Issues in Security and Privacy

 

General goals: This is a class whose goal it is to teach a basic understanding of computer security by looking at how things can go wrong, and how people can abuse the system. This is a matter of creative cheating: to find loopholes and exploit these. It is first after one has understood how to attack the system that it is possible to propose ways to make the system secure. This class will emphasize the first aspect (cheating) but also touch on the second aspect (protecting against cheating.)

 

Reading material: Computer security is a relatively new field. This is exciting, since a lot of new results come out, and there is a chance of having an impact in the field by finding a new form of attack, or defending against known attacks in new and better ways. However, it also means that there are no good textbooks. Reading material in the form of pointers to on-line articles will be provided, but this requires a little more effort than reading a textbook.

 

Hands-on experience: The class will offer some degree of hands-on experience, both in terms of demonstrations of security attacks during class, and in terms of homework assignments involving implementations of attacks. For the latter part, knowledge of some scripting language such as Perl or Python is helpful.

 

Is cheating allowed in this class? Of course it is, but only clever ways of cheating. Copying somebody’s assignment is not allowed. Breaking in to the instructors’ database of grades to change your grade is encouraged (and is in fact one of the homework assignments.)

 

The Lecture Outline

 

  1. Introduction to Computer Security.

What is a protocol? How can we cheat? What does adversarial modeling mean? What is the difference between a selfish and rational attacker and a malicious attacker? How can we prevent cheating?

  1. Social engineering, phishing, and protection.

We will look into (novel) ways of defrauding eBay and PayPal users, steal passwords, and gain unauthorized access to computer systems by taking advantage of a combination of human gullibility and technical shortcomings.

  1. Homograph attacks and URL encoded attacks.

How can these attacks be used to dupe people, and what can be done to stop it?

  1. One-way functions, digital signatures and encryption.

A review of some common cryptographic tools, both on a conceptual level and on a more technical level. A description of how to use them for security, and of their shortcomings.

  1. Denial of Service attacks.

What is a DoS (Denial of Service) attack? How can it be performed? What types of DoS attacks are there? Why would terrorists want to perform DoS attacks? Criminals? Normal computer users?

  1. Demo: How can I shut down your wireless equipment by draining its battery?

… and without even getting very close to you …

  1. DoS protection.

How can we prevent DoS attacks? Can we always?

  1. Demo: how to steal all the bandwidth from a WiFi access point.

Simple modifications to the network card will allow anyone to cheat. The attack will be illustrated in a hands-on fashion.

  1. More ways to steal bandwidth, and how to protect the system.

What can be done to protect against these attacks?

  1. Wireless privacy and attacks on it.

How does Bluetooth work? How can an attacker track a Bluetooth user’s

movements and interactions with others; steal his address book; eavesdrop on his

conversations?

  1. RFID privacy and attacks on it.

What is an Radio Frequency ID (RFID) token? (Chances are you have owned several without even knowing it!) What are they used for? How can an attacker track RFID users? What can be done to protect against attacks?

  1. Passwords and Token based authentication.

How are passwords stored? How can an attacker “crack” a password? What level of protection do passwords offer? What are the dangers of password reuse? What is an authentication token, and how does it work? How does SecurID and SecurID for Windows work?

  1. Biometrics and attacks.

How do biometrics work (and not work)? How can I steal your genetic information, and what can I do with it?

  1. Demo: How to learn somebody’s birthday and mother’s maiden name.

This is pretty easy. What can individual do to protect themselves?

  1. Payments and micropayments.

How does PayPal work? How do other cryptographic payment schemes work? What is a micro-payment scheme? How can different payment be abused?

  1. Payments to stimulate collaboration.

How can we stimulate collaboration between selfish users? What attacks do we still need to worry about?

  1. Reputation management.

How do reputations help users determining whom to interact with? How can reputations be faked?

  1. Spam and protection mechanisms.

Why is spam so common? What are the trends? Why is spamming hard to protect against? What is being done?

  1. Cryptographic viruses and kleptography.

What will the next generation of viruses be able to do? What is kleptography? Is there anything we can do to secure ourselves?

  1. Tempest attacks and power attacks.

What are these attacks, and how could they be used to steal secret keys (and pretty much anything else.)

  1. How to read censored material.

When the government declassifies material, some still-sensitive information is blotted out. How can one reverse this, to “uncensor” the text?

 

More material will be added, corresponding to current developments and the interests of the class participants. Some homework assignments will require reading of articles describing security breaches and remedies, other will require implementation of simple cryptographic functions – both for attacks and the prevention of these.