eecs 354 network security introduction. why learn to hack understanding how to break into computer...
TRANSCRIPT
Why Learn To Hack
Understanding how to break into computer systems allows you to better defend them
Learn how to think like an attackerDefense then becomes second-nature
Security is an increasingly important field
There are many jobs for security specialistsDevelopers are expected to be aware of security concerns
3
Why Internet Security>The past decade has seen an explosion in concern
about information securityG-20 countries recently urged to treat cyber-attacks as threat to global economy.G20 have lost 2.5 million jobs to counterfeiting and piracy, and lost $125 billion annually to cyber-attacks.
> Security specialist markets are expanding!“Salary Premiums for Security Certifications Increasing”
(Computerworld 2007)Up to 15% more salaryDemand is being driven not only by compliance and
government regulation, but also by customers who are "demanding more security" from companies
>US Struggles to recruit compute security experts (Washington Post Dec. 23 2009)
Overview
Exploit demoCourse informationVM logisticsx86 stack structureWhat are exploits?Why we use Linux
Course OverviewAtypical structure
This course is based on group learning and experienceOriginally developed in 2007 by two undergrad studentsHave experienced undergrads as co-instructors with oversight by the professor Material tweaked and improved with each iterationBig overhaul by Andrew Kahn in 2014
The class will follow a theory and practice model
We will introduce the basic theory for fundamental hacking techniques, then carry out these techniques in controlled environments
Course Objectives
No mandatory CTF this yearMotivated students are encouraged to field a team in the iCTF
Practical knowledge of computer security
TheoryAttackDefense
Prerequisites and MaterialsRequired
EECS 213 or ECE 205 and 231Networking (EECS 340)
Highly RecommendedOperating Systems (EECS 343)Familiarity with the UNIX environment
TextbooksNetwork Security - Private Communication in a Public World, by Charlie Kaufman, Radia Perlman and Mike Speciner, 2nd Edition, Prentice Hall, 2002. Cryptography and Network Security, by William Stallings, 6th Edition, Prentice Hall, 2013.
Communication
Slides will be made online prior to each classWeb page: http://hamsa.cs.northwestern.edu/Newsgroup: [email protected]: #NorthwesternNetsec on irc.ubuntu.com
Grading
There will be a short written final for this class at the scheduled exam time.
Participation and Labs 25%Homework and projects 40%Final 35%
Overview
Exploit demoCourse informationVM logisticsx86 stack structureWhat are exploits?Why we use Linux
Class Virtual Machines
Everyone has an account on hamsa.cs.northwestern.eduFor testing buffer overflows, etc, use netsec-playground because it does not have modern stack protections
You do not have a login for the other VMs: netsec-projects and netsec-demos
Overview
Exploit demoCourse informationVM logisticsx86 stack structureWhat are exploits?Why we use Linux
Linux Memory LayoutStack
Runtime stack
HeapDynamically allocated storageWhen call malloc, calloc, new
DLLsDynamically Linked LibrariesLibrary routines (e.g., printf, malloc)Linked into object code when first executed
DataStatically allocated dataE.g., arrays & strings declared in code
TextExecutable machine instructionsRead-only
Stack
Heap
DLLs
Heap
Data
Text
FFFF
0000
Linux Memory Allocation
Stack
Data
Text
InitiallyStack
DLLs
Data
Text
LinkedStack
Heap
DLLs
Data
Text
SomeHeap
Stack
Heap
DLLs
Heap
Data
Text
MoreHeap
Overview
Exploit demoCourse informationVM logisticsx86 stack structureWhat are exploits?Why we use Linux
Exploits vs. VulnerabilitiesVulnerability: design flaws enable the bad inputs lead the program to a bad state
An exploit is any computer input that takes advantage of a vulnerability to cause unintended behavior, usually to gain control of a computer system (Wikipedia)
We will craft custom exploits to remotely gain control of computer systems
Creators of exploits vs. creators of vulnerabilities
# of exploits vs. # of vulnerabilities
Overview
Exploit demoCourse informationVM logisticsx86 stack structureWhat are exploits?Why we use Linux
Linux
Learning to hack on MS Windows is like trying to learn how to dance in a body cast
anonymous
Linux offers low-level access to OS services as well as a powerful command-line
By the end of this class everyone will be very comfortable working and hacking in a Linux environment