Home > Current > ENTS 689I: Network Immunity

ENTS 689I: Network Immunity

Short Course 2: System Security

The second course concentrates on immunity of individual machines or systems. Students will study specific threats to individual machines and learn how to mitigate these attacks with different tools. The topics of the second course include: user manipulation, phishing, attacking poor system configuration, malware, virus, worm, spyware, virus internals, template matching, heuristics, statistical approaches, polymorphic viruses, cleaning affected systems, privilege escalation, role-based access control, buffer overflow attacks and prevention, manipulating of system call tables, and kernel integrity.

Dates: October 9 - October 30, 2008
Time: Thursdays, 5:30 - 8:15 pm
Location: Martin Hall, room 3114

Instructor Biography

Instructor Image

Dr. Nick Petroni is a research staff member at the Institute for Defense Analyses Center for Computing Sciences. Prior to joining IDA/CCS, Dr. Petroni was a founding member and senior engineer at Komoku, Inc., which was acquired by Microsoft in Spring 2008. At Komoku, he focused on developing systems and techniques for detecting sophisticated low-level threats against operating system kernels. Dr. Petroni earned his M.S. and Ph.D. in Computer Science from the University of Maryland and his B.S. in Computer Science from the University of Notre Dame.

Email: npetroni@cs.umd.edu
Phone: (301) 805-7489

Short Course 2 Syllabus

Lecture 1: Protecting individual systems against attacks

  • User manipulation
  • Phishing
  • Attacking poor system configuration
  • Malware: virus, worm, spyware
  • Virus internals

Lecture 2: Virus Protection

  • Template matching, heuristics
  • Statistical approaches
  • Polymorphic viruses
  • Cleaning affecting systems

Lecture 3: Computer Exploitation

  • Privilege escalation
  • Role-based access control
  • Buffer overflow attacks, prevention

Lecture 4: Presence

  • Root kits (manipulating of system call tables and mitigation methods)
  • Kernel integrity
  • Case studies