CS 590T
Penetration Analysis

Directory of Topics

Course Description

One of the traditional methods of testing system configuration and staff readiness is through the use of penetration analysis, commonly called "tiger teaming" or "red teaming." Although not as strong a form of assurance as good design and more formal testing of system software prior to deployment, tiger teaming can expose some kinds of flaws in the assumptions and policies of system security that might otherwise go unnoticed. Furthermore, in conjunction with those other methods, penetration analysis can be used to identify otherwise unidentified problems in design, configuration, and administration.

This seminar class will be largely hands-on. Students will work in teams to attempt to find exploitable flaws in one or more commerical operating systems. We will start with black box analysis, and then move on to white box analysis (if we are able to obtain appropriate source code). Included in the coursework will be study of common theories of flaws, testing tools, software design, intrusion and misuse detection, and audit trails.

Classwork will consist of research and reading, writing software, performing experiments, writing reports, and making classroom presentations. There will be a midterm and final exam based on the readings, lectures and the coursework.

Course Schedule and Topics

The following is a schedule of topics by week. This is approximate, and may change based on class interest, availability of outside speakers, and other factors. Schedule is approximate and subject to revision.

1/12 -- Introduction (1 week): What is computer security? Role of various forms of assurance testing.
1/19 -- Structure of security: Policy formation, risk assessment, defining a perimeter. Role of audit and verification.
1/26 -- Physical security: Methods of compromise and protection.
2/2 -- Personnel security: Why people are the weakest link. Methods and mechanisms of training, assurance, monitoring. Social engineering.
2/9 -- Communications security: Roles of cryptography, escrow, checksums, and other forms of protection.
2/16 -- Operations security: Procedures and mechanisms to avoid and detect problems, and how to exploit their weaknesses.
2/23 -- Software flaws: Why software faults occur, and where. Emergent faults.
3/2 -- midterm and project: In-class midterm on 3/3. Discussion of projects on 3/5.
3/9 -- Spring break (1 week): No classes all week!
3/16 -- Software flaws II: Common software flaws and their origins. How to find such flaws and exploit them.
3/23 -- Covert channels & residue: Finding and transmitting information where it is not supposed to be.
3/30 -- Change detection: Testing reactions to changes, including viruses.
4/6 -- Intrusion detection: Probing the alarms and audit to see if they work.
4/13 -- Response testing: Structure of response teams, and testing them.
4/20 -- Criminal Liability: Brief survey of U.S. Legal structure. Discussion of possible criminal liability for acts committed during testing.
4/27 -- Civil Liability: Discussion of issues of non-disclosure, negligence, due diligence, hiring "hackers," and other liability-related issues.
5/4 -- Finals week: No classes!

Course Details

Credit

3 class hours, 3 credit hours

Scheduling

Spring 1998. Tues/Thur noon-1:30pm (class)

Location

REC 313

Instructor

Gene Spafford

Office hours (CS 122): Thursday 1:30-4pm; Friday 3:30-4:30 pm; by appointment (arrange with <walls@cs.purdue.edu>)
Phone: 494-7825 (x47825)
E-mail: spaf@cs.purdue.edu

Prerequisites

CS 413 or CS 503 (or equivalent) and permission of instructor

Texts & Readings

These will be placed on reserve in the Math/Science library (MATH).
Reading list to be augmented as the semester progresses

The Mythical Man-Month, Frederick P. Brooks, Jr., Addison-Wesley Publishing Company, 1995. (Reprinted with corrections, October 1995)

Computer Related Risks, Peter G. Neumann, Addison-Wesley/ACM Press, 1995. (reprinted with corrections, Jan 1995).

Fundamentals of Computer Security Technology, Edward G. Amoroso, Prentice-Hall, Inc., 1994.

Security in Computing, 2nd Ed. Charles P. Pfleeger, Prentice Hall, Inc., 1997.

NT Reference Books

Inside Windows NT, Helen Custer, Microsoft Press
Inside Windows NT File Systems, Helen Custer, Microsoft Press
Windows NT Security, Charles Rutstein
Windows NT Server 4: Security, Troubleshooting and Optimization, Dalton, Fuller, et. al.
MS NT 3.5 Guidelines for Security Audit and Control, MS Press
Windows NT Security Guide., Stephen A. Sutton. Addison Wesley
Windows NT Programming in Practice, R&D Books
Windwos NT File System Internals, Rajeev Nagar, O'Reilly
The Windows NT Device Driver Book, Art Baker, Prentice Hall
Toubleshooting and Configuring the Windows NT/95 Registry, Clayton Johnson, SAMS Publishing
Windows NT Workstation 4.0, Allen Wyatt
Windows NT Security, Steve Sutton
Windows NT Registry -- Troubleshooting, Rob Tidrow
Microsoft Windows NT 4.0 Security Handbook -- Guidelines for Security, Audit and Control, Coopers & Lybrand
PC Week Microsoft Windows NT 4.0 Security Systems Administration Guide, Nevin Lambert and Manish Patel
Essential Windows NT Systems Administration, Aileen Frisch, O'Reilly
Windows NT User Administration, Ashley Meggitt and Timothy Ritchey
Windows NT Answer Book, Jim Groves, Microsoft Press
Windows NT Security Handbook -- Everything You Need to Know to Protect Your Network, Tom Sheldon, McGraw-Hill, Inc.
Windows NT Server 4.0 Administrator's Bible, Robert Cowart and Kenneth Gregg, IDG Books

Some Interesting WWW Links

Notes for the class, as provided by David Cole, are available.

A comprehensive list of securty-related WWW sites is on the COAST list.

CS 590T Penetration Analysis