COMPSCI 561 System Defense and Test

COMPSCI 561 System Defense and Test (formerly COMPSCI 590A)

Syllabus

  • When: January 25 - May 4, 2022. This is a 3-credit, semester-length course.
  • Where: In-person (undergrads) or in-person/Zoom (grad students only) once a week for discussion session. (Sessions led by invited speakers have mandatory attendance.) The final exam is given in person or synchronized. Students should be present (either online or in person) at the time of the exam, unless they made a prior arrangement with instructor.  Materials are available via Blackboard. Students must have a high-quality (high speed) connection to the Internet to access virtual machines in the cloud.
  • Instructor: Dr. Parviz Kermani
  • This class can be applied towards the Information Security Certificate or as an outside elective for the CS MS degree.

UNIV Section 1 Undergrad  (Jr. & Sr. CS majors with prerequisites)
UNIV Section 2 (CS and ECE grad students)
UWW Section 1 (CS and ECE grad students as well as any other students at the grad level with instructor permission (including non-matriculated/non-CS/non-ECE students) 

Prerequisite:  Undergraduate students: COMPSCI 460 or COMPSCI 660 or COMPSCI 597N (formerly CICS 597C, INFOSEC 290S), and COMPSCI 453.  All prerequisites require a "C" grade or better. A student may also be enrolled with instructor permission.

No prerequisites for COMPSCI and ECE graduate students; however, knowledge equivalent to the undergraduate pre-requisites listed above is expected of any student graduate enrolled.

Other grad students require permission of instructor.

Final Exam: TBD. Please consult SPIRE for any change to the final date/time.

Course Objectives

* To learn and understand the phases of penetration testing.

* To learn the core techniques of penetration testing from an ethical perspective, and to gain hands-on
experience with these techniques.

* To learn and gain hands-on experience with the core defenses against each technique.

* To learn how to apply these skills as a professional in information security.

This course trains students to detect and analyze weaknesses and vulnerabilities in target systems as a method of assessing the security of a system. Such techniques have various names, including penetration testing and ethical hacking. We focus on tools and techniques that an attacker would employ but from the perspective of an ethical system administrator. Broad topics include: tools and techniques for penetration testing and attacks, information gathering, social engineering, and defenses. Specific topics include malware, denial-of-service attacks, man-in-the-middle (MITM) attacks, SQL injection, buffer overflow, session hijacking, and system hacking, network sniffing and scans, wireless encryption weaknesses and other Wi-Fi issues, IDS/Firewall evasion, Metasploit tools, physical security, and setting up honeypots.

Assignments will include practical experience setting up defenses and launching attacks on real systems. The systems will be on a private network -- students in the class do not and cannot attack systems owned by others. The class and its assignments may involve group work. There will also be readings and in-(virtual) class discussions, and written assignments will include creating write-ups of attacks and defenses performed on systems. Students will also participate in a lively class discussion. Students will be asked to express an opinion on many topics and challenge the instructor's views and analyses.

Textbooks (Required).

* "Penetration Testing, A Hands-On Introduction to Hacking" by Georgia Weidman. No Starch Press, ISBN 978-1-59327-8.

* "Computer & Internet Security- A Hands-On Approach", Wenliang Du, independently published, ISBN: 978-1-7330039-3-3.

Textbooks (Recommended). * "Basic Security Testing with Kali Linux 2," by Daniel Dieterle

* "The Shellcoder's Handbook: Discovering and Exploiting Security Holes," 2nd edition, by Chris Anley, et al.

* "Hacking: The Art of Exploitation," 2nd edition, by Jon Erickson

Course Layout

The course is a "multi-modal" course offered in spring semester. The class is conducted through UMass' Blackboard site. All homework and supporting materials are available on Blackboard as well. There are weekly (in-person for undergrads/grads or online/grads) discussion sessions during which students can participate. 

In addition to assignments, there will be a semester-long project, the topic of which should be chosen and selected by student. Depending on the availability of time, students might be required to make a short project presentation at the end of the semester.

We plan to invite guest speakers from practitioners of the field. Participation in these talks, either in person or virtually via Zoom, is mandatory. Students are asked to provide a short report of their understanding of the talk.

Planned Weekly Schedule

In this course, students are required to complete number of labs experiments. The labs are in a virtual network environment. Additionally, students are asked to propose and work on a project of their own which they should complete by the end of the semester. There will be a time-limited lab that students complete as their final exam. It is preferred that students take the final exam/lab in a room which we reserve for this purpose. However, if a student, because of logistical reasons, cannot be in the reserved room, we will provide the student means to take the final remotely, at a limited time. (During the pandemic, we will make adjustments as appropriate.)

A tentative list of labs is provided below. Please note that this list may change in the course of the class. For each attack or strategy listed below, the corresponding defense will also be covered. Each week's topic and possible assignment follows.

1 Learning the Environment. Windows and Unix systems overview.

Possible assignments: Allocating, installing, and launching virtual machines on a personal system and in a private cloud. Starting, configuring, and stopping services. Installing patches. Recovering from backup. Learning Kali-Linux.

2 Exploitation. Introducing how powerful tools are used for exploitation, how remote connections are used to an exploited target or trick users into entering their company credentials into fake, cloned website.

Possible assignments: Running Metasploit in a virtual network environment to learn how to use it to exploit other hosts.

3 Network Reconnaissance. Using search engines and social networking sites, WHOIS and DNS records. Port scans. Network mapping, system identification (Nmap).

Possible assignments: Running network scanners and reconnaissance tools. Using Recon-NG. Using Shodan. Other tools: DMitry, Sparta, Netdiscover, Zenmap.

4 Finding Vulnerabilities. Using tools to discover various vulnerabilities, such aa Vulnerabilities that allow a remote hacker to control or access sensitive data on a system, Misconfiguration, Denials of service against the TCP/IP stack

Possible assignments: Using Nessus to find vulnerabilities

5 Capturing Traffic. Using tools, to sniff and manipulate traffic to gain useful information from other machines on the local network and remote hosts

Possible assignments: Introduction to Wireshark and its uses, using Wireshark for Capturing & Analyzing Traffic, finding a password, peeking through ARP cache, ARP cache poisoning with Arpspoof.

6 Man-in the middle (MITM) attacks. Using different tools do a MITM attack and reveal encrypted and hidden information of the target, attack an SSL connection.

Possible assignments: Using Ettercap to do a MITM attach and do ARP cache poisoning and reveal SSL connections. SSL stripping by using the SSLstrip tool.

7 Local privilege escalation. Password Security. Testing and rainbow tables. SQL injection. Buffer over- flow.

Possible assignments: SQL injection. Metasploit, PSEXEC, PTH-winex. Linux passwords

8 Network monitoring. Man-in-the-middle attacks. Wi-Fi security and defense.

Possible assignments: Wireshark, Xplico, Metasploit tools, Arpspoof, URLsnarf. SSL Strip.

9 Privilege escalation through network attacks II. Session hijacking. Trojans, backdoors, and rootkits. Administration of privilege via users or roles.

Possible assignments: Windows AV bypass with Veil- Evasion. Keyloggers.

10 File Systems. Samba scanners. File encryption.

Possible assignments: recovering deleted files; recovery of slack data; unauthorized connections to remote file systems; file encryption backdoors.

11 Covering tracks and Miscellaneous topics. Altering log files and histories. Hidden files and kernel modifications. Tor and VPNs. Physical security. Honeypots.

Possible assignments: File metadata re-writing with Metasploit. Lock picking. Setting up a honeypot.

Grading: 

Your overall grade for the course will be derived from three components. At a high-level grading is based on the following formula:

Criteria                                Percentage           
Assignments                              60%

Semester-long project/CTFs     15%

Final Exam (in-class). Must
achieve a passing grade on the
final exam to pass the class.       20%

Class participation, including
attendance at and reports of talks
by invited guest speakers              5%

Each assignment, including CTF challenges, will have a slightly different number of points. Your score will be the total number of points earned over total number of points available for the assignments you completed. Late homework assignments are NOT accepted.

Exam

There will be a final exam. The final is cumulative; it will cover material presented throughout the semester. You cannot pass this class without a passing grade on the final exam, even with full marks otherwise.

Class Participation

5% of grade will be based on class discussion, participation, and presence, and the posing and answering

questions as appropriate.  I intend to have a series of experts from other disciplines come join us in class. Not attending on these days will weigh more heavily against your participation grade. I will assign grades of only none (0/3), some (1/3), somemore (2/3), or highest level (3/3) for class participation.

Audio/Video Recording

Lectures will be recorded. This course's lectures will be recorded. When physically present, every effort is made to not capture students' likenesses, as the system is designed to capture the instructor and the front of the classroom, however, students' audio participation might be recorded. These recordings will be made accessible to students enrolled this semester and in subsequent offerings of the class.

Policies

We follow all university adopted policies. Please DO read the UMass Academic Honest Policy

Code of Conduct/Words of Caution. In this course, students will learn techniques which, if abused, could be potentially dangerous, and more important, illegal! As future experts in the field, students need to know tools that are at the disposal of malicious hackers and how to defend against them, hence the name System Test and Defense. I expect you are enrolled in this class to learn to defend networks from abuse. As you'll learn, it ismuch more challenging to defend networks and systems from attack than it is to attack them.

To allow you to apply the knowledge taught in this class, we have carefully set up a virtual environment for you to use and test attack techniques. Please be aware that use of attack tools in the real world on computers and sites around the Internet is illegal. Attacking computers and devices of friends, family, and colleagues is also illegal. Please be aware of these facts! Abuse of the knowledge in this will not be tolerated.

Inclusive Discussion.  In this course, each voice in the classroom has something of value to contribute. Please take care to respect the different experiences, beliefs and values expressed by students and staff involved in this course. I support the commitment of the UMass Amherst College of Information and Computer Sciences to diversity, and welcome individuals of all ages, backgrounds, citizenships, disability, sex, education, ethnicities, family statuses, genders, gender identities, geographical locations, languages, military experience, political views, races, religions, sexual orientations, socioeconomic statuses, and work experiences.

Plagiarism.  As a condition of continued enrollment in this course, you agree to submit all assignments to the Turnitin and/or My Drop Box services for textual comparison or originality review for the detection of possible plagiarism. All submitted assignments will be included in the UMass Amherst dedicated databases of assignments at Turnitin and/or My Drop Box. These databases of assignments will be used solely for the purpose of detecting possible plagiarism during the grading process and during this term and in the future. Students who do not submit their papers electronically to the selected service will be required to submit copies of the cover page and first cited page of eachsource listed in the bibliography with the final paper in order to receive a grade on the assignment.

Accommodation Statement. The University of Massachusetts Amherst is committed to providing an equal educational opportunity for all students. If you have a documented physical, psychological, or learning disability on file with Disability Services (DS), you may be eligible for reasonable academic accommodations to help you succeed in this course. If you have a documented disability that requires an accommodation, please notify me within the first two weeks of the semester so that we may make appropriate arrangements.

Academic Honesty Statement. Since the integrity of the academic enterprise of any institution of higher education requires honesty in scholarship and research, academic honesty is required of all students at the University of Massachusetts Amherst. Academic dishonesty is prohibited in all programs of the University. Academic dishonesty includes but is not limited to: cheating, fabrication, plagiarism, and facilitating dishonesty. Appropriate sanctions may be imposed on any student who has committed an act of academic dishonesty. Instructors should take reasonable steps to address academic misconduct. Any person who has reason to believe that a student has committed academic dishonesty should bring such information to the attention of the appropriate course instructor as soon as possible. Instances of academic dishonesty not related to a specific course should be brought to the attention of the appropriate department Head or Chair. Since students are expected to be familiar with this policy and the commonly accepted standards of academic integrity, ignorance of such standards is not normally sufficient evidence of lack of intent.(http://www.umass.edu/dean_students/codeofconduct/acadhonesty/ ).

 

Inclusive Discussion.  In this course, each voice in the classroom has something of value to contribute. Please take care to respect the different experiences, beliefs and values expressed by students and staff involved in this course. I support the commitment of the UMass Amherst College of Information and Computer Sciences to diversity, and welcome individuals of all ages, backgrounds, citizenships, disability, sex, education, ethnicities, family statuses, genders, gender identities, geographical locations, languages, military experience, political views, races, religions, sexual orientations, socioeconomic statuses, and work experiences.

Plagiarism.  As a condition of continued enrollment in this course, you agree to submit all assignments to the Turnitin and/or My Drop Box services for textual comparison or originality review for the detection of possible plagiarism. All submitted assignments will be included in the UMass Amherst dedicated databases of assignments at Turnitin and/or My Drop Box. These databases of assignments will be used solely for the purpose of detecting possible plagiarism during the grading process and during this term and in the future. Students who do not submit their papers electronically to the selected service will be required to submit copies of the cover page and first cited page of each source listed in the bibliography with the final paper in order to receive a grade on the assignment.

Accommodation Statement.  The University of Massachusetts Amherst is committed to providing an equal educational opportunity for all students. If you have a documented physical, psychological, or learning disability on file with Disability Services (DS), you may be eligible for reasonable academic accommodations to help you succeed in this course. If you have a documented disability that requires an accommodation, please notify me within the first two weeks of the semester so that we may make appropriate arrangements.

Academic Honesty Statement.  Since the integrity of the academic enterprise of any institution of higher education requires honesty in scholarship and research, academic honesty is required of all students at the University of Massachusetts Amherst. Academic dishonesty is prohibited in all programs of the University. Academic dishonesty includes but is not limited to: cheating, fabrication, plagiarism, and facilitating dishonesty. Appropriate sanctions may be imposed on any student who has committed an act of academic dishonesty. Instructors should take reasonable steps to address academic misconduct. Any person who has reason to believe that a student has committed academic dishonesty should bring such information to the attention of the appropriate course instructor as soon as possible.  Instances of academic dishonesty not related to a specic course should be brought to the attention of the appropriate department Head or Chair. Since students are expected to be familiar with this policy and the commonly accepted standards of academic integrity, ignorance of such standards is not normally sucient evidence of lack of intent

(http://www.umass.edu/dean_students/codeofconduct/acadhonesty/ ).

Credits: 
3
Date: 
Tuesday, January 25, 2022 to Wednesday, May 4, 2022
Class meets on: 
Tuesday
Time: 
5:30 – 6:45 P.M.
Instructor: 
Parviz Kermani
CompSci
ECE
Graduate
Undergraduate
January, 2022