Welcome%20to%20CS%20450%20Internet%20Security:%20A%20Measurement-based%20Approach

1
Welcome to CS 450Internet Security A
Measurement-based Approach
2
Why Internet Security

• Internet attacks are increasing in frequency,
  severity and sophistication
• Denial of service (DoS) attacks
• Cost 1.2 billion in 2000
• 1999 CSI/FBI survey 32 of respondents detected
  DoS attacks directed to their systems
• Thousands of attacks per week in 2001
• Yahoo, Amazon, eBay, Microsoft, White House,
  etc., attacked

3
Why Internet Security (contd)

• Virus and worms
• Melissa, Nimda, Code Red, Code Red II, Slammer
• Cause over 28 billion in economic losses in
  2003, growing to over 75 billion in economic
  losses by 2007.
• Code Red (2001) 13 hours infected gt360K machines
  - 2.4 billion loss
• Slammer (2003) 10 minutes infected gt 75K
  machines - 1 billion loss
• Security has become one of the hottest jobs even
  with downturn of economy

4
Overview

• Course Administrative Trivia
• What is Internet security?
• Principles of cryptography
• Authentication

5
Logistics

• Instructor
• Yan Chen (ychen_at_cs.northwestern.edu),
• Office Hours Tuesday. 2-4pm or by appointment,
  Rm 330, 1890 Maple Ave.

6
Course Overview

• Seminar class paper reading a big project
• Start with the basic concepts of Internet
  architecture, its design principles and evolution
• End-to-end, active networks, etc.
• First half focus on large-scale Internet attacks
  and defense
• Mobile Malcode (virus/worm) global
  characteristics and prevalence, propagation
  strategies
• Internet Quarantine self-propagating code
  containment
• Denial of service attacks (in P2P and stealthy
  DoS) vs flash crowds
• Research agenda by DoD

7
Course Overview (contd)

• First half (large-scale Internet attacks)
• P2P system security
• Wireless, ad hoc and sensor network security
• Second half reverse engineering the Internet
• Motivation Internet ossification
• High-speed network monitoring and detection
• Network fault diagnostics and root cause analysis
• Measurement-based inference

8
Prerequisites and Course Materials

• Required CS340 (Intro to computer networking)
• Highly Recommended OS or having some familiarity
  with Unix systems programming
• No required textbook paper reading!
• Recommended books on computer security (see
  webpage for a complete list)

9
Grading

• No exams for this class
• Class participation and discussion 15
• Paper reading summary 10
• In class paper presentation and debate 20
• Project 55
• Proposal and survey 5
• Midterm presentation and report 10
• Weekly report and meeting 10
• Final presentation 10
• Final report 20

10
Paper Reading

• Write a very brief summary of each paper, to be
  emailed to the TA before the class
• Summary should include
• Paper title and its author(s)
• Brief one-line summary
• A paragraph of the one or two most significant
  new insight(s) you took away from the paper
• A paragraph of the one or two most significant
  flaw(s) of the paper
• A last paragraph where you state the relevance of
  the ideas today, potential future research
  suggested by the article

11
Class Format I - Presentation

• Introduction of the basic problems, ideas and
  solutions (10 minutes)
• Student presentations of the two closely related
  papers
• 20 minutes for presentation, and 10 minutes for
  discussion
• Or spend 40 minutes for the first paper (major
  one), and 20 minutes on the second paper
• Each non-speaker need to ask at least one
  question about the shortcoming for either one of
  the papers
• Summarize with the last 10 minutes
• Take turns for presentation (one student each
  time)

12
Format of the Presentation

• Presentation should include the following
• Motivation
• Classification of related work/background
• Main ideas
• Evaluation and results
• Open issues
• Send the slides to Prof. Kuzmanovic and me for
  review at least 24 hours ahead of the class
• Guidelines online

13
Class Format II - Debate

• Defensive team presentation 30 minutes
• Offensive team presentation 20 minutes
• Follow up argument from the defensive and
  offensive teams
• Other students are welcome to question either
  side either for clarifications or to add to the
  discussions
• Both teams need to send the slides to Prof.
  Kuzmanovic and me for review at least 24 hours
  ahead of the class

14
Projects

• The most important part of class
• Group of 2 people
• Project list online now
• Proposal 4/8
• 3-4 pages describing the purpose of the project,
  work to be done, expected outcome/results and
  related work
• Weekly Meeting and Progress Report 4/4-5/20
• Each team will schedule a weekly meeting (30
  minutes) with me. A work-in-progress report
  (except the 4/13 week) of 1-2 pages is due 24
  hours ahead of the meeting.
• Midterm presentation 4/27
• Midterm report 4/29
• Project Presentation 5/25 and 6/1
• Final Report 6/10

15
Communication and Policies

• Web page http//www.cs.nwu.edu/ychen/classes/cs4
  50-05/
• Send emails to instructor for questions
• No late handins! Will be ignored
• Work division
• Each team member should do similar amount of work
• Survey on work division at the end of quarter
• More contribution, better grade!

16
Next

• Class Survey
• Can everyone make 330-5 M and Wed?
• Do you like peer-review and comments for
  presentation?
• Sign up for Debates and Presentation
• Individual discussion for Projects