Introduction to Security & Class Mechanics - Luke Anderson 1st March 2019 University Of Sydney - ELEC5616
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Introduction to Security & Class Mechanics Luke Anderson luke@lukeanderson.com.au 1st March 2019 University Of Sydney
Overview 1. Class Mechanics 1.1 The Lecturer 1.2 Overview 1.3 Mechanics 1.4 Assessment 1.5 Expectations
Class Mechanics
About Me Luke Anderson - Lecturer # Security lecturer at USYD & previously UTS. # Director of Sigma Prime # Previously: ◦ PhD Candidate @ USYD - researching blockchain technology. ◦ Security Engineer @ Freelancer.com ◦ Tech. Lead @ Hagglr (web startup) B.I.T. (Hons) / B.Sc (adv.) @ Sydney University Double Degree in Computer Science + Physics
Contacting Luke Luke Anderson - Lecturer The best way to get in touch with me is via e-mail: luke@lukeanderson.com.au Check yo’ spam! Luke’s domain has SPF, DKIM, and DMARC enabled. If you configured your university e-mails to forward to a different inbox, DKIM will be broken. This will cause Luke’s e-mails to end up in your spam folder. Make sure you whitelist Luke’s e-mail address!
Overview elec5616.com
Course Mechanics One 2 hour Lecture per Week - Friday 15:00 One 2 hour Lab per Week - Tuesday or Friday 12:00
Assessment # Quizzes - 2.5% total # Project - 25% Involves programming! Part 1: 9% – Due Week 6 (5th April) Part 2: 9% – Due Week 8 (19th April) Part 3: 7% – Due Week 11 (17th May) # Assignment - 10% (Week 12/13) # Wargames - 12.5% (Week 13) # Exam - 50%
Expectations # All lectures are compulsory # All labs are compulsory # Attendance below 50% is grounds for failure # It is your responsibility to make up for missed classes
Programming No complaints if you can’t program Programming is fundamental for this course and your future career. It is 2019. If you can’t program by the time you leave university you will be road kill in the real world. Learn Programming Now You can learn to program during this course! We will spend the first few weeks ensuring everyone is up-to-speed. Get started now, there are lots of resources online. Try: groklearning.com
Project: Defeating Skynet It’s 2019. Almost every device has a CPU in it and is connected to the Internet. Whilst this is a stunning advance for humanity, the security for these devices has come as an afterthought or not at all. Millions of computers and devices, all with valuable information and processing power, are left vulnerable to attack. Blackhats, and even possibly governments, have created viruses, worms and other dastardly schemes to mine for information and turn a profit using these weaknesses.
Project: Defeating Skynet In this project, we’ll be specifically looking at why botnets can be valuable and why its so difficult to defeat them. Botnets perform various tasks including but not limited to: # Stealing confidential information (passwords, banking details, etc.) # Sending spam email # Distributed Denial of Service (DDoS) against chosen websites # Mining for CryptoCurrency # Providing a secure proxy network for other illegal enterprise You are to work in teams of 2 or 3 in the labs. This project will run all semester long and be in three parts. Part one you will play the role of a blackhat and implement a cryptographic protocol for your botnet to communicate using: # strong cryptography # key exchange # message tampering resistance # replay attack resistance
Wargames WarGames consists of a set of problems, or challenges. Challenges can be done individually or in teams (max: 4, can be different from project) Some challenges are easy, some are near-impossible. It’s up to you to choose the right challenges. There will be some cool prizes for the winning team, and getting the marks for wargames helps with the $1,000 CBA Cyber Prize. Due: Midnight, Thursday before last lecture in week 13. Yes, midnight exactly.
Wargames Marking Each challenge is worth a different number of points based upon difficulty. There are several types of challenges that include: Single Solution: Points decay as more people get it correct. If you cheat and tell other teams the answer, you will all get lower scores. Infinite Solutions: There may be an infinite number of solutions! The best solution gets the highest points. You may submit multiple solutions as you find better answers. Yes, this class is responsible for the secret load that suddenly hits the computer labs at the end of semester. Your team’s final mark will be scaled against the other teams competing in the Wargames, with a threshold to make the resulting marks fair. Some tasks do have a first‐mover advantage, so be sure to pay attention when challenges are released. These will be announced ahead of time.
Wargames Rules # No attacking / breaking into the Wargames website This rule has been revoked, have at it. However, destructive actions to the system will result in a score of zero! # No breaking the law (obviously) # No signing up under multiple teams # No destructive behaviour (e.g. no DoS – that’s not cool) # High‐value questions must be accompanied by an explanation of how it was solved, and must have been done fairly, to retain the points.
Course Assistance Lectures, projects, assignments and notices can be found at both: https://elec5616.com/ OR https://canvas.sydney.edu.au/ The discussion board is available via Ed, where lecturers, tutors, and studnets can answer questions: https://edstem.org/courses/3480/discussion/ (you will receive an invite e‐mail at your university e‐mail address) Failing that, e‐mail also works: Tutor: arob8086@uni.sydney.edu.au Lecturer: luke@lukeanderson.com.au
You can also read