COMP 232, Cybersecurity

COMP 232, Cybersecurity

Details

Full syllabus for COMP232 (TBA)

Lecturer: Alexei Lisitsa

Demonstrators:

Faisal Alotaibi: Group 3

Samuel Fish: Group 2

Emmanouil Pitsikalis: Group 4

Musah Shaibu: Group 1

Lectures

Monday, 15:00, ASHT-LR (Ashton Building, Lecture Theatre

Tuesday,14:00, CHAD-BARKLA (Chadwick Building, Barkla Lecture Teathre)

Thursday, 9:00, NICH-LT (Nicholson Building, Nicholson Lecture Theatre)

Practical Sessions

Group 1: Tue 10.00, Lab 5 & Fri, 14.00, Lab 1

Group 2: Mon 12.00, Lab 5 & Fri, 16.00, Lab 5

Group 3: Mon 16.00, Lab 5 & Fri, 11.00, Lab 1

Group 4: Tue 11.00, Lab 5 & Fri, 9.00, Lab 5

Textbooks

Richard R. Brooks, Introduction to Computer and Network Security, Navigating Shades of Grey, CRC Press, 2014

William Stallings, Network Security Essentials: Applications and Standards, Prentice Hall, 2000 (and later editions )

Useful and Interesting Links related to Cybersecurity

Additional Books

A. Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography, CRC Pres, 1996

Applied Advanced Crypto

Accessible and Scalable Secure Multi-Party Computations

Lecture notes (slides) PDF

Introduction

Basic Concepts in Security

Identification and Authentication

RFID repeater used to steal a car
Vulnerabilities in Biometric Systems

Elements of cryptography. Symmetric encryption

Elements of cryptography. Symmetric encryption, 2

Public Key Encryption

Diffie-Hellman key exchange

Message authentication and hash functions

Cryptographic Hash Function
SHA-1 is a Shambles

Quantum Cryptography and Computations

IBM Q Experience (online platform for quantum computing
Quantum in the Cloud (online access to real quantum processor)
Quantum Access Network
D-Wave. The Quantum Computing Company

Computing over Encrypted Data: homomorphic encryption and CryptDB

Additional reading:

Embedding Covert Channels into TCP/IP, by Steven J. Murdoch and Stephen Lewis

Security Protocols and their Analysis

Techniques for Anonymity

Further protocols: Electronic voting

Monitoring and intrusion detection

Techniques for intrusion detection

Malicious software. Attacks and countermeasures

Additional reading: Chapters 7 and 9 of Richard R. Brooks, Introduction to Computer and Network Security, Navigating Shades of Grey, CRC Press, 2014
DeterLab Session:

SQL injection Exercise

Advanced crypto: zero-knowledge proofs and multi-party secure computations

Additional links/reading:

A curated list of multi party computation resources and links

Accessible and Scalable Secure Multi-Party Computations

Interactive zero knowledge 3-colorability demonstration
Zero Knowledge Proofs Primer
Zero Knowledge Proofs and Secure Multi Party Computations

Practical sessions

Lab 1 (Session A, week starting 03.02): Practical attacks on passwords

Lab 2 (Session B, week starting 03.02): Symmetric Encryption in Java

Lab 3 (Session A, week starting 10.02): How fast is DES encryption?

Labs 4-5 (Sessions B and A, weeks starting 10.02 and 17.02, resp.): Message Authentication and Digital Signatures

Labs 6-7 (Sessions B and A, week starting 17.02 and 24.02, resp.): Diffie-Hellman Key Exchange

Lab 8 (Session B, week starting 24.02): HMAC-SHA256: Message Authentication

Lab 9 (Session A, week starting 02.03): Work on Assignment 2

Lab 10 (Session B, week starting 02.03):Formal Verification of Security Protocols. Introduction to ProVerif

ProVerif: Cryptographic protocol verifier in the formal model

Examples from ProVerif User Manual: hello.pv hello_ext.pv ex_handshake.pv

Lab 11 (Session A, week starting 09.03): Work on Assignment 2

Lab 12 (Session B, week starting 09.03): Work on Assignment 2

Online Labs, week starting 23.03: Introduction to DeterLab

DeterLab: Cyber-Defense Technology Experimental Research Laboratory

Online Labs: Securing Legacy Systems with Snort

Securing Legacy Systems, by Jeff Mates

PacketTotal (online PCAP analysis)

Additional DeterLab Session:

SQL injection Exercise

Practical assignments

Assignment 1 (Deadline for submission is 28th of February 2020, Friday, 17.00)

Assignment 2 (Deadline for submission is 24th of March 2020, Tuesday, 17.00)

Assignment 3 (Deadline for submission is 12th of May 2020, Tuesday, 17.00, extended)

EXAM paper (Deadline for submission is 22th of May 2020, Friday, 10.00)

Programming with JCA

JCA/JCE Reference manual

DES encryption in Java with JCA

AES encryption in Java with JCA

Utility class implementing array of bytes to hex strings conversion

RSA encryption and message digest computing with JCA

Diffie-Hellman Key Exchange with JCA

Message Authentication

HMAC-SHA256 Message Authentication

Last updated 04.05.2020