Presentation is loading. Please wait.

Presentation is loading. Please wait.

Herbert Bos Erik van der Kouwe Remco Vermeulen Andrei Bacs

Published byDella Fields Modified over 8 years ago

Similar presentations

Presentation on theme: "Herbert Bos Erik van der Kouwe Remco Vermeulen Andrei Bacs"— Presentation transcript:

1 Herbert Bos Erik van der Kouwe Remco Vermeulen Andrei Bacs cns-l@few.vu.nl

2 Computer and Network Security Little crypto Much hacking No book Very intensive

3 Who should pick this course? You, if you would like to be a “security expert” You, if you are technical in the Systems sense – C and Linux should not be a problem for you – If you have never written a C program… then this might not be for you – At the very least, you will have to catch up You, if you are interested in solving technical problems You, if you are not afraid to invest “private” time…

4 Set up 70% challenges and 30% exam – all grades must be >= 5 Theory in lectures Four challenges – Throughout the course duration – Solve in your own time Final exam – Exam material: all material covered in the lectures – Papers and material provided during the lectures

5 Challenges Start simple, end tough You will not know in advance what the challenges are Speed matters – top 3: 1pt bonus – below that: it still matters! Top achievers will be announced and applauded Choose nicks – compete, have fun!

6 If you work hard… this will be an extremely rewarding course.

7 2010

8 2011

9 VU-Bar we run a regular CTF team excellent way to learn more and have fun

10 Hack in the Box 2010 (Amsterdam) – Capture the Flag competition – 6 VU students participated – When the dust settled… we ranked 1-6!

11 2011

12

13 Contacts guest lecture(s) internships – KPMG – Atos – NFI – Smaller security firms – …

14 Alert: new course Binary and malware analysis (first term next year)

15 Course information Everything will be made available via blackboard There is a discussion board, use it! – All questions should first be posted on the discussion board – Help each other, but do not give full solutions

16 Case Study: Operation Aurora A massive cyber attack first disclosed by Google on January, 2010 – The attack targeted many different organizations (Google, Adobe, Yahoo, Symantec,... ) – Originated in China Goal: to compromise the source code repositories of several high tech companies

17 How did it work?

18 Case study: operation Aurora 1.The attackers spam infected URLs (e-mail, IM,... )

19 Case study: operation Aurora 1.The attackers spam infected URLs (e-mail, IM,... ) 2.A victim opens an infected web page

20 Case study: operation Aurora 1.The attackers spam infected URLs (e-mail, IM,... ) 2.A victim opens an infected web page 3.Some JavaScript code exploits a 0-day vulnerability in IE

21 Case study: operation Aurora 1.The attackers spam infected URLs (e-mail, IM,... ) 2.A victim opens an infected web page 3.Some JavaScript code exploits a 0-day vulnerability in IE 4.The payload of the exploit downloads & installs multiple malware samples

22 Case study: operation Aurora 1.The attackers spam infected URLs (e-mail, IM,... ) 2.A victim opens an infected web page 3.Some JavaScript code exploits a 0-day vulnerability in IE 4.The payload of the exploit downloads & installs multiple malware samples 5.The malware scan the LAN, looking for source code repositories

23 Case study: operation Aurora 1.The attackers spam infected URLs (e-mail, IM,... ) 2.A victim opens an infected web page 3.Some JavaScript code exploits a 0-day vulnerability in IE 4.The payload of the exploit downloads & installs multiple malware samples 5.The malware scan the LAN, looking for source code repositories 6.The malware contact a remote server and ask for commands from the attackers “attack www.cs.vu.nl”

24

25 Case study: operation Aurora Lessons learned 1.Most security threats start from the web 2.A malicious web page leverages a defect in a program to gain arbitrary code execution 3.The exploit downloads and installs a malware sample, infecting the victim 4.Victim turns into a bot Steals sensitive information Performs scan, DDoS, SPAM, and other malicious activities April 5, 16.17 (Network Security) May 4, 7, 10 April 20, 23, 27 May 14 What about today, and May 25 th ?  History, hacking, and (a crash course on) cryptography May 21

26 Course outline (tentative) Mon 2 April : Introduction Announce assignment 1  due on Mon 9 Apr @ 23:59 CET (1 week) Thu 5 Apr 9:00?!: Network security Announce assignment 2  due on Mon 23 Apr @ 23:59 CET (2+ weeks) Mon 16 Apr : Network security (CONT'd) Tue 17 : Network security (CONT'd) Fri 20 Apr : Application security Mon 23 Apr : Application security (CONT'd) Deadline assignment 2 Announce assignment 3  due 14 May Apr @ 23:59 CET (3+ weeks) Fri 27 Apr : Application security (CONT'd)

27 Course outline (tentative) Fri 4 May: Web App security Mon 7 May: Web App security (CONT'd) Fri 10 May: Web App security (CONT'd) Mon 14 May : Web App security (CONT'd) Deadline assignment 3 Announce assignment 4  due 31 May @ 23:59 CET (2 weeks) Mon 21 May : Botnets Fri 25 May : Cryptography Thu 31 May : EXAM Deadline assignment 3

28 Grading 70% assignments, 30% exam Every grade should be at least a 5.0 Speed matters

29 Assignment grade

30 Assignment grade breakdown

31

32

33

34 Instructors Herbert Bos herbertb@cs.vu.nl herbertb@cs.vu.nl Erik van der Kouwe vdkouwe@cs.vu.nl vdkouwe@cs.vu.nl Remco Vemeulen r.vermeulen@few.vu.nl r.vermeulen@few.vu.nl Andrei Bacs a.bacs@vu.nl a.bacs@vu.nl cns-l@few.vu.nl but send all your email to

35 Questions?

Download ppt "Herbert Bos Erik van der Kouwe Remco Vermeulen Andrei Bacs"

Similar presentations

Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs.

Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs.
MIRAGE MALWARE SIDDARTHA ELETI CLEMSON UNIVERSITY.

MIRAGE MALWARE SIDDARTHA ELETI CLEMSON UNIVERSITY.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Threats To A Computer Network

Threats To A Computer Network
Why Use Blackboard? Workshop presented by Luba Iskold August 27, 2006.

Why Use Blackboard? Workshop presented by Luba Iskold August 27, 2006.
CS 410 Applied Algorithms Applied Algorithms Lecture #1 Introduction, class information, first problems.

CS 410 Applied Algorithms Applied Algorithms Lecture #1 Introduction, class information, first problems.
CpE 419 / SysEng 419 Network-Centric Systems Architecting and Engineering Dr. Cihan Dagli and Dr. Ann Miller Course Overview 23 August 2005.

CpE 419 / SysEng 419 Network-Centric Systems Architecting and Engineering Dr. Cihan Dagli and Dr. Ann Miller Course Overview 23 August 2005.
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: 509-359-6908 Office.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Browser Exploitation Framework (BeEF) Lab

Browser Exploitation Framework (BeEF) Lab
CSCD 330 Network Programming Winter 2012 Lecture 1 - Course Details.

CSCD 330 Network Programming Winter 2012 Lecture 1 - Course Details.
Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.

Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.
11 The Ghost In The Browser Analysis of Web-based Malware Reporter: 林佳宜 Advisor: Chun-Ying Huang 2010/3/29.

11 The Ghost In The Browser Analysis of Web-based Malware Reporter: 林佳宜 Advisor: Chun-Ying Huang /3/29.
Botnets An Introduction Into the World of Botnets Tyler Hudak

Botnets An Introduction Into the World of Botnets Tyler Hudak
Introduction Our Topic: Mobile Security Why is mobile security important?

Introduction Our Topic: Mobile Security Why is mobile security important?
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

Similar presentations

Ads by Google