CS38: Home Page

CS38, Security and Privacy, Spring 2005

The textbook, required, available at the bookstore

Author: Kaufman, Perlman, Speciner

Title: Network Security: Private Communication in a Public World (2nd Edition)

ISBN: 0-13-046019-2

This is our official textbook. We will not be able to cover all of its crypto part, but it will serve as a good reference for you. The network protocols part is great, and I hope we will have time for projects that delve deeply into that realm. There is also a discussion of systems and other issues that will undermine cryptographic protections. You should keep this book till grad school and be confident it will be useful then. Also, homework will be assigned from it.

Officially "recommended", available at the bookstore

Author: Peter Neumann

Title: Computer-Related Risks

ISBN: 0-201-55805-X

The best scare value for money where dramatic failures of computer systems are concerned -- and what we can learn from them.

Author: Bruce Schneier

Title: Applied Cryptography

ISBN: 0-471-11709-9

An extensive reference book, providing an introduction to most of the cryptography-associated topics you are likely to meet. It provides source code examples and addresses implementation issues.

Author: Matthew Bishop

Title: The Art and science of computer security

ISBN: 0-201-44099-7

This is a very broad overview of the academic field of computer security. It will show you the general lay of the land and treat subjects that are outside the scope of the textbook, but you will have to go to hacking-style tutorials, technical manuals and books listed below for the attacker's point of view.

Reserved at the library, may be useful for projects

I asked for the following books to be reserved at the library. They may be useful to you in your project. They are not on the "recommended" list for several reasons, such as: which ones will be useful to you depends on your project topic choice and previous knowledge; they are easy to order on-line, arrive within days, and will probably be much cheaper there (I think that bookpool.com has bigger discounts, but Amazon or fatbrain.com or one of many other stores may be better); there are plenty of free HOWTOs, tutorials or even books on the web that cover the same technical issues, and I will post links to them.

Author: Neveln, Bob

Title: Linux assembly language programming

ISBN: 0-13-087940-1

This a concise yet detailed summary of the x86 architecture, which starts with explaining the basics of computer architecture and ends with two examples of Linux drivers. It is, perhaps, incorrectly named, because the latter are the only real examples of "Linux assembly programming" per se. On the other hand, if you are not quite sure how your PC works (e.g., what it actually means to for the CPU-RAM bus to transmit a value, how the RAM stores it, what the x86 "protected mode" means and how the CPU keeps the processes apart, what interrupts are and how they work etc.) then this book is great reading. After reading it you will understand what most of OS hacks are about. I regret that I did not have it when I needed it the most and had to read Intel's processor specs instead (they are also a good reading, but they are huge and it is easy to lose your way in the details).

Author: Levine, John

Title: Linkers and loaders

ISBN: 1-55860-496-0

This, to the best of my knowledge, is the popular description of the internal workings of linkers and loaders and of the ELF format. The importance of this topic for security considerations cannot be overestimated, because every program that runs on a computer will be handled by the loader, and almost all of them nowadays also by the dynamic linker. Both linkers and loaders are actively used in exploitation.

Author: Koziol, Jack; Litchfield, David; Aitel, Dave; Anley, Chris; Eren, Sinan; Mehta, Neel; Hassell, Riley

Title: The shellcoder's handbook: discovering and exploiting security holes

ISBN: 0-7645-4468-3

An excellent intro, which also covers finer points of creating exploits. This is what the authors do, so the book dives into details and avoids generalities common for textbooks. The introductory material is well-covered on the web, but the book also contained some vulnerability disclosures that were unknown to the public at the time of its publication.

Author: Hoglund, Greg; McGraw, Gary

Title: Exploiting software: how to break code

ISBN: 0-201-78695-8

A very nice overview of vulnerabilities and the related penetration techniques by kind, with practical examples (one of the authors is a vulnerability researcher). A good overview of Windows security issues (the next step would be the fundamental "Windows Internals" book Mark Russinovich, of sysinternals.com fame).

Author: Young, Adam; Yung, Moti

Title: Malicious cryptography: exposing cryptovirology

ISBN: 0-7645-4975-8

Advanced topics of crypto applications. You will enjoy this if you like math.

Author: Vladimirov, Andrew; Gavrilenko, Konstantin; Mikhailovsky, Andrei

Title: Wi-Foo

ISBN: 0-321-20217-1

This book brings together most bits of publicly available information on hacking 802.11 networks, and reviews over 50 available tools (copies of most can be found on the book's website). It also reviews defensive measures and the mechanics of emerging security protocols. Probably the most useful starting point for wireless penetration testing.

Author: Gast, Matthew

Title: 802.11 wireless networks: the definitive guide

ISBN: 0-596-00183-5

If you decide to choose a wireless project, this book will be indispensable as a reference.

Author: Long, Johnny

Title: Google hacking

ISBN: 1-931836-36-1

A fun book, but not very deep. The author did create a few headaches for Google at one point. This is mostly useful as a guide to the types of documents people accidentally leave on-line and that get indexed by search engines. Some of those formats were a complete surprise to me, a slightly paranoid Linux user, and I pity the users who have to use the respective applications.

Sergey Bratus

Author:	Kaufman, Perlman, Speciner
Title:	Network Security: Private Communication in a Public World (2nd Edition)
ISBN:	0-13-046019-2
This is our official textbook. We will not be able to cover all of its crypto part, but it will serve as a good reference for you. The network protocols part is great, and I hope we will have time for projects that delve deeply into that realm. There is also a discussion of systems and other issues that will undermine cryptographic protections. You should keep this book till grad school and be confident it will be useful then. Also, homework will be assigned from it.

Author:	Peter Neumann
Title:	Computer-Related Risks
ISBN:	0-201-55805-X
The best scare value for money where dramatic failures of computer systems are concerned -- and what we can learn from them.

Author:	Bruce Schneier
Title:	Applied Cryptography
ISBN:	0-471-11709-9
An extensive reference book, providing an introduction to most of the cryptography-associated topics you are likely to meet. It provides source code examples and addresses implementation issues.

Author:	Matthew Bishop
Title:	The Art and science of computer security
ISBN:	0-201-44099-7
This is a very broad overview of the academic field of computer security. It will show you the general lay of the land and treat subjects that are outside the scope of the textbook, but you will have to go to hacking-style tutorials, technical manuals and books listed below for the attacker's point of view.

Author:	Neveln, Bob
Title:	Linux assembly language programming
ISBN:	0-13-087940-1
This a concise yet detailed summary of the x86 architecture, which starts with explaining the basics of computer architecture and ends with two examples of Linux drivers. It is, perhaps, incorrectly named, because the latter are the only real examples of "Linux assembly programming" per se. On the other hand, if you are not quite sure how your PC works (e.g., what it actually means to for the CPU-RAM bus to transmit a value, how the RAM stores it, what the x86 "protected mode" means and how the CPU keeps the processes apart, what interrupts are and how they work etc.) then this book is great reading. After reading it you will understand what most of OS hacks are about. I regret that I did not have it when I needed it the most and had to read Intel's processor specs instead (they are also a good reading, but they are huge and it is easy to lose your way in the details).

Author:	Levine, John
Title:	Linkers and loaders
ISBN:	1-55860-496-0
This, to the best of my knowledge, is the popular description of the internal workings of linkers and loaders and of the ELF format. The importance of this topic for security considerations cannot be overestimated, because every program that runs on a computer will be handled by the loader, and almost all of them nowadays also by the dynamic linker. Both linkers and loaders are actively used in exploitation.

Author:	Koziol, Jack; Litchfield, David; Aitel, Dave; Anley, Chris; Eren, Sinan; Mehta, Neel; Hassell, Riley
Title:	The shellcoder's handbook: discovering and exploiting security holes
ISBN:	0-7645-4468-3
An excellent intro, which also covers finer points of creating exploits. This is what the authors do, so the book dives into details and avoids generalities common for textbooks. The introductory material is well-covered on the web, but the book also contained some vulnerability disclosures that were unknown to the public at the time of its publication.

Author:	Hoglund, Greg; McGraw, Gary
Title:	Exploiting software: how to break code
ISBN:	0-201-78695-8
A very nice overview of vulnerabilities and the related penetration techniques by kind, with practical examples (one of the authors is a vulnerability researcher). A good overview of Windows security issues (the next step would be the fundamental "Windows Internals" book Mark Russinovich, of sysinternals.com fame).

Author:	Young, Adam; Yung, Moti
Title:	Malicious cryptography: exposing cryptovirology
ISBN:	0-7645-4975-8
Advanced topics of crypto applications. You will enjoy this if you like math.

Author:	Vladimirov, Andrew; Gavrilenko, Konstantin; Mikhailovsky, Andrei
Title:	Wi-Foo
ISBN:	0-321-20217-1
This book brings together most bits of publicly available information on hacking 802.11 networks, and reviews over 50 available tools (copies of most can be found on the book's website). It also reviews defensive measures and the mechanics of emerging security protocols. Probably the most useful starting point for wireless penetration testing.

Author:	Gast, Matthew
Title:	802.11 wireless networks: the definitive guide
ISBN:	0-596-00183-5
If you decide to choose a wireless project, this book will be indispensable as a reference.

Author:	Long, Johnny
Title:	Google hacking
ISBN:	1-931836-36-1
A fun book, but not very deep. The author did create a few headaches for Google at one point. This is mostly useful as a guide to the types of documents people accidentally leave on-line and that get indexed by search engines. Some of those formats were a complete surprise to me, a slightly paranoid Linux user, and I pity the users who have to use the respective applications.