Presentation is loading. Please wait.

Presentation is loading. Please wait.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 1 Wenbing Zhao Department of Electrical and Computer Engineering.

Published byΑφροδίσιος Βλαστός Modified over 6 years ago

Similar presentations

Presentation on theme: "EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 1 Wenbing Zhao Department of Electrical and Computer Engineering."— Presentation transcript:

1 EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing
Lecture 1 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

2 Outline Motivation Course objectives Course outline
Tuesday, December 04, 2018Tuesday, December 04, 2018

3 Motivation Why secure and dependable computing is important?*
Increased reliance on software to optimize everything from business processes to engine fuel economy Relentlessly growing scale and complexity of systems and systems-of-systems Near-universal reliance on a commodity technology base that is not specifically designed for dependability Growing stress on legacy architectures (both hardware and software) due to ever-increasing performance demands Worldwide interconnectivity of systems Continual threats of malicious attacks on critical systems *Taken from “A high dependability computing consortium”, James H. Morris, CSMU, Tuesday, December 04, 2018Tuesday, December 04, 2018

4 More Motivation The cost of poor software is very high
Annual cost to US economy of poor quality software: $60B source: US NIST Report , May 2002. Industry needs greater dependability and security Improved quality of products Improved quality of development processes Better system and network security, to avoid: viruses, trojans, denial of service, ... network penetration, loss of confidential data, ... Improved customer satisfaction Tuesday, December 04, 2018Tuesday, December 04, 2018

5 (1996 Cost of Downtime Study – by Contingency Planning Research)
Tuesday, December 04, 2018Tuesday, December 04, 2018

6 2001 Cost of Downtime per Hour – by Contingency Planning Research
Tuesday, December 04, 2018Tuesday, December 04, 2018

7 More Motivation – An Example
Amazon 2001: Revenue $3.1B, 7744 employees Revenue (24x7): $350k per hour Employee productivity costs: $250k per hour Assuming average annual salary and benefits is $85,000 and 50 working hours week Total Downtime Costs: $600,000 per hour Note: Employee cost/hour comparable to revenue, even for an Internet company Source: D. Patterson A simple way to estimate the cost of downtime. 16th Systems Administration Conference, November 2002. Tuesday, December 04, 2018Tuesday, December 04, 2018

8 Problem of Data Breach Compromised computer systems
Lost laptop, backup tapes Well-known incidents Massive confidential data loss in a UC Berkley system (1.4 million people are affected) Potential revealing of personal data of 26.5 million veterans due to loss of laptops Tuesday, December 04, 2018Tuesday, December 04, 2018

9 Cost of Data Breach Data loss costs U.S. businesses more than $18 billion a year (according to a 2003 study) Data breaches cost companies an average of $182 per compromised record => typically several million dollars per incident Tuesday, December 04, 2018Tuesday, December 04, 2018

10 Industry is Embracing Secure and Dependable Computing
The hardware platforms are changing: Smartcards Pervasive computing / embedded systems IBM, Sun “autonomic computing” Major PC dependability and security initiatives under way: Trusted Computing Group Promoters: Intel, HP, Compaq, IBM, Microsoft Microsoft’s trustworthy computing push Intel’s LaGrande dependable hardware Tuesday, December 04, 2018Tuesday, December 04, 2018

11 Course Objectives Have solid understanding of the basic theory of secure and dependable computing Getting familiar with some basic building blocks (tools and APIs) needed to build secure and dependable systems No attempt to be comprehensive: topics covered are what I am interested in and what I think important Focus on basic knowledge and skills, rather than cutting edge state of the art Tuesday, December 04, 2018Tuesday, December 04, 2018

12 Prerequisite Operating system principles Computer networks
Processes, scheduling, file systems, etc. Computer networks TCP, UDP, IP, Ethernet, etc. Java programming language At least you should know how to write a Hello World program You don’t have to be a Java expert Tuesday, December 04, 2018Tuesday, December 04, 2018

13 Grading Policy Class participation (10%) Two midterms (40%)
5 labs (20%) Mandatory attendance, lab report due at then end of each lab Grade based on effort, instead of result Course project (30%) Tuesday, December 04, 2018Tuesday, December 04, 2018

14 Grading Policy A: 90-100% A-: 85-89% B+: 70-84% B: 60-69% B-: 55-59%
F: <50% Tuesday, December 04, 2018Tuesday, December 04, 2018

15 Class Participation 10% of the course credit
In general, there is a mock quiz in the beginning of each lecture, so that I know who is here & I get feedback for my teaching To obtain the full credit for class participation, you must satisfy ALL of the following conditions: You do not miss more than 2 lectures You do not miss any quiz and lab sessions You asked at least 10 questions during the semester You will lose all 10% credit if you miss more than 6 lectures/labs For undergraduate students: (if you choose to the labs option) Tuesday, December 04, 2018Tuesday, December 04, 2018

16 Class Participation Send me an with the following information for each question you have asked within 24 hours after each lecture: The question you asked My response Your comment on my response and suggestion for improvement, if any To help me keep track who asked me questions, … I think this follow up will be beneficial to both you and me Tuesday, December 04, 2018Tuesday, December 04, 2018

17 Class Participation You are also encouraged to give me advice/suggestions on how you would like me to improve my teaching to make it more conducive For each piece of advice/suggestion, it will be counted as 2 questions Tuesday, December 04, 2018Tuesday, December 04, 2018

18 Outline of Lectures Dependability concepts Security and cryptography
Secure communication Intrusion detection and prevention Faults and their manifestation Dependability techniques Intrusion tolerance Recovery-oriented computing Tuesday, December 04, 2018Tuesday, December 04, 2018

19 Outline of Labs Lab 0 – Getting familiar with Linux
Lab 1 – Secure shell Lab 2 – Secure computing in Java Lab 3 – Traffic analysis and intrusion detection Lab 4 – Group communication with Spread toolkit Due to the large number of students and limited resources, each lab is broken up into two consecutive session. You need to sign up for one of them only Tuesday, December 04, 2018Tuesday, December 04, 2018

20 Course Project Build an interesting secure and/or dependable system/application Course project must be original. You cannot use research project to substitute the course project Example course project topics Gmail secure data backup and recovery Causally ordered reliable multicast Token-based totally ordered reliable multicast Public-key based authentication service Traffic analysis of Telnet traffic Tuesday, December 04, 2018Tuesday, December 04, 2018

21 Course Project Team of up to two (2) persons
You define the project you want to work on A secure Java application A dependable Java service based on replication Deliverables Project proposal: must have my approval Progress report to help you keep good pace Final project report Design documentation Source code of your system/application Performance measurement and analysis Demonstration and presentation Tuesday, December 04, 2018Tuesday, December 04, 2018

22 What You Should Not Do Steal other’s project and use it as yours
Join a team but do not work on it at all Why it is not a good idea to do so? If you can find it from the Internet, I can find it too => You get F grade During presentation, I will ask you questions => Your grade on the project will be reduced significantly if I determine you don’t know what you are talking about You lose the chance of learning something practical and useful for your future career Tuesday, December 04, 2018Tuesday, December 04, 2018

23 What You Should Do Make your own design, code your own system
Write in your own words and create your own power point slides Don’t copy and paste => I can detect it easily If you are on a team, make your best contribution to the project Different grade might be assigned to different team members Start early and don’t wait until the last week of the semester to start Communicate with me often and ask for help Tuesday, December 04, 2018Tuesday, December 04, 2018

24 Project Presentation Each team is required to give an oral presentation in class (10-15min) Describe briefly your design, implementation, correctness and performance evaluation Don’t spend too much time on background info Don’t mention something you don’t know: I will ask you questions It is best to show a demo of your work Top 4 projects voted by students will get full credit automatically (2 projects per session) Tuesday, December 04, 2018Tuesday, December 04, 2018

25 Project Report Requirement
Introduction: define the problem domain and your implementation. Provide motivation on your system System model: assumption, restrictions, models Design: component diagram, class diagram, pseudo code, algorithms, header explanation Implementation: what language, tools, libraries did you use, a simple user guide on how to user your system Performance and testing: throughput, latency, test cases Related work Conclusion and future work Tuesday, December 04, 2018Tuesday, December 04, 2018

26 Project Report Requirement
Report format: IEEE Transactions format pages MS Word Template LaTex Template IEEEtran.zip (main text) IEEEtranBST.zip (bibliography) Report due: May 8 midnight (no extensions!) Electronic copy of the report & source code is required Tuesday, December 04, 2018Tuesday, December 04, 2018

27 Exams Two midterms Exams are closed book and closed notes, except that you are allowed to bring with you a one-page cheat sheet no larger than the US letter size (double-sided allowed) There is no makeup exam! Tuesday, December 04, 2018Tuesday, December 04, 2018

28 Do not cheat! Do not copy other student’s lab report, exams or projects Do not copy someone else’s work found on the Internet Including project implementation and report You can quote a sentence or two, but put those in quote and give reference You can build your projects on top of open source libraries, but again, you need to explicitly give acknowledgement and state clearly which parts are implemented by you Tuesday, December 04, 2018Tuesday, December 04, 2018

29 Consequences for Cheating
You get 0 credit for the project/lab/exam that you have cheated If the task is worth more than 25% of the course, it is considered a major infraction Otherwise, it is considered a minor infraction Tuesday, December 04, 2018Tuesday, December 04, 2018

30 Consequences for Cheating
For major infraction and repeated minor infractions You will get an F grade, and You may be suspended or repulsed from CSU CSU Code of Conduct More detailed guideline from ECE is coming Tuesday, December 04, 2018Tuesday, December 04, 2018

31 Reference Texts Security in Computing (4th Edition), by Charles P. Pfleeger, Shari Lawrence Pfleeger, Prentice Hall, 2006 Computer Networks (4th Edition), by Andrew S. Tanenbaum, Prentice Hall, 2003 Cryptography and Network Security: Principles and Practices (3rd Edition), by William Stallings, Prentice Hall, 2003 SSH, the Secure Shell (2nd Edition), by Daniel J. Barrett, Robert G. Byrnes, Richard E. Silverman, O'Reilly, 2005 Tuesday, December 04, 2018Tuesday, December 04, 2018

32 Reference Texts Reliable Computer Systems: Design and Evaluation (3rd Edition), by Daniel P. Siewiorek and Robert S. Swarz, A K Peters, 1998 Distributed Systems: Principles and Paradigms, by Andrew S. Tanenbaum, and Maarten van Steen, Prentice Hall, 2002 Reliable Distributed Systems: Technologies, Web Services, and Applications, by Kenneth P. Birman, Springer, 2005 Network Intrusion Detection (3rd Edition), by Stephen Northcutt, Judy Novak, New Riders Publishing, 2002 Tuesday, December 04, 2018Tuesday, December 04, 2018

33 Instructor Information
Instructor: Dr. Wenbing Zhao Lecture hours: T Th 4:00-5:50pm Office hours: M W 4:00-6:00pm and by appointment Anonymous Password: if you are not happy, please do let me know Course Web site: Tuesday, December 04, 2018Tuesday, December 04, 2018

34 Homework Due Jan 16, 11:59pm (today midnight!)
me the following information (mandatory) The amount of time per week you commit to this course The grade you expect to get If your schedule conflicts with my office hours, what is the best time for you to talk to me? Any topics you are most interested in but not listed, if any Comments and suggestions, if any This is the only homework for the course Tuesday, December 04, 2018Tuesday, December 04, 2018

Download ppt "EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 1 Wenbing Zhao Department of Electrical and Computer Engineering."

Similar presentations

EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao

EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao
EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao Cleveland State University

EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao Cleveland State University
General information CSE 230 : Introduction to Software Engineering

General information CSE 230 : Introduction to Software Engineering
EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall)

EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall)
EEC-681/781 Distributed Computing Systems Lecture 1 Wenbing Zhao Cleveland State University

EEC-681/781 Distributed Computing Systems Lecture 1 Wenbing Zhao Cleveland State University
EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao Cleveland State University

EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao Cleveland State University
EEC-681/781 Distributed Computing Systems Lecture 1 Wenbing Zhao Cleveland State University

EEC-681/781 Distributed Computing Systems Lecture 1 Wenbing Zhao Cleveland State University
COMP 14 Introduction to Programming Miguel A. Otaduy Summer Session I, 2004 MTWRF 9:45-11:15 am Sitterson Hall 014.

COMP 14 Introduction to Programming Miguel A. Otaduy Summer Session I, 2004 MTWRF 9:45-11:15 am Sitterson Hall 014.
CSE 322: Software Reliability Engineering Topics covered: Course outline and schedule Introduction, Motivation and Basic Concepts.

CSE 322: Software Reliability Engineering Topics covered: Course outline and schedule Introduction, Motivation and Basic Concepts.
EECE 571R (Spring 2010) Autonomic Computing (Building Self* Systems) Matei Ripeanu matei at ece.ubc.ca.

EECE 571R (Spring 2010) Autonomic Computing (Building Self* Systems) Matei Ripeanu matei at ece.ubc.ca.
EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.

EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao

EEC-484/584 Computer Networks Lecture 1 Wenbing Zhao
EEC-584 Computer Networks Lecture 1 Wenbing Zhao (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall)

EEC-584 Computer Networks Lecture 1 Wenbing Zhao (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall)
Introduction to Network Security J. H. Wang Feb. 24, 2011.

Introduction to Network Security J. H. Wang Feb. 24, 2011.
Course Introduction Software Engineering

Course Introduction Software Engineering
MAT 3724 Applied Analysis Fall 2012

MAT 3724 Applied Analysis Fall 2012
Syllabus. Instructor Dr. Hanan Lutfiyya Middlesex College 418 Ext. 86888 Office Hours: Tuesday from 12:05-1:05 and Thursday from 11:05-1:05.

Syllabus. Instructor Dr. Hanan Lutfiyya Middlesex College 418 Ext Office Hours: Tuesday from 12:05-1:05 and Thursday from 11:05-1:05.
CSCI 51 Introduction to Computer Science Dr. Joshua Stough January 20, 2009.

CSCI 51 Introduction to Computer Science Dr. Joshua Stough January 20, 2009.
Course Information Sarah Diesburg Operating Systems COP 4610.

Course Information Sarah Diesburg Operating Systems COP 4610.
Course Information Andy Wang Operating Systems COP 4610 / CGS 5765.

Course Information Andy Wang Operating Systems COP 4610 / CGS 5765.

Similar presentations

Ads by Google