Introduction to Security & Class Mechanics - Luke Anderson 5th March 2021 University Of Sydney - ELEC5616
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Introduction to Security & Class Mechanics Luke Anderson luke@lukeanderson.com.au 5th March 2021 University Of Sydney
Overview 1. Class Mechanics 1.1 The Lecturer 1.2 Overview 1.3 Mechanics 1.4 Assessment 1.5 Expectations
Class Mechanics
About Me
Luke Anderson - Lecturer
# Security lecturer at USYD & previously UTS.
# Previously:
◦ Director of Sigma Prime
◦ PhD Candidate @ USYD - researching blockchain technology.
◦ Security Engineer @ Freelancer.com
◦ Tech. Lead @ Hagglr (web startup)
B.I.T. (Hons) / B.Sc (adv.) @ Sydney University
Double Degree in Computer Science + PhysicsContacting Luke
Luke Anderson - Lecturer
The best way to get in touch with me is via e-mail:
luke@lukeanderson.com.au
Check yo’ spam!
Luke’s domain has SPF, DKIM, and DMARC enabled.
If you configured your university e-mails to forward to a different inbox,
DKIM will be broken. This will cause Luke’s e-mails to end up in your
spam folder.
Make sure you whitelist Luke’s e-mail address!Overview
elec5616.comCourse Mechanics One 2 hour Lecture per Week - Friday 15:00 One 2 hour Lab per Week - Tuesday or Friday 12:00
Assessment
# Quizzes - 2.5% total
# Project - 25%
Involves programming!
Part 1: 9% – Due Week 6 (16th April)
Part 2: 9% – Due Week 10 (14th May)
Part 3: 7% – Due Week 12 (28th May)
# Assignment - 10% (Week 13/14)
# Wargames - 12.5% (Week 13)
# Exam - 50%Expectations
# All lectures are compulsory
# All labs are compulsory
# Attendance below 50% is grounds for failure
# It is your responsibility to make up for missed classesProgramming
No complaints if you can’t program
Programming is fundamental for this course and your future career.
It is 2021.
If you can’t program by the time you leave university you will be road kill
in the real world.
Learn Programming Now
You can learn to program during this course!
We will spend the first few weeks ensuring everyone is up-to-speed.
Get started now, there are lots of resources online.
Try: groklearning.comProject: Defeating Skynet It’s 2021. Almost every device has a CPU in it and is connected to the Internet. Whilst this is a stunning advance for humanity, the security for these devices has come as an afterthought or not at all. Millions of computers and devices, all with valuable information and processing power, are left vulnerable to attack. Blackhats, and even possibly governments, have created viruses, worms and other dastardly schemes to mine for information and turn a profit using these weaknesses.
Project: Defeating Skynet
In this project, we’ll be specifically looking at why botnets can be
valuable and why its so difficult to defeat them.
Botnets perform various tasks including but not limited to:
# Stealing confidential information (passwords, banking details, etc.)
# Sending spam email
# Distributed Denial of Service (DDoS) against chosen websites
# Mining for CryptoCurrency
# Providing a secure proxy network for other illegal enterprise
You are to work in teams of 2 or 3 in the labs.
This project will run all semester long and be in three parts.
Part one will be released in week 3, where you will play the role of a
blackhat and implement a cryptographic protocol for your botnet to
communicate using:
# strong cryptography
# key exchange
# message tampering resistance
# replay attack resistanceWargames
Wargames consists of a set of problems, or challenges.
Challenges can be done individually or in teams
(max: 4, can be different from project)
Some challenges are easy, some are near-impossible. It’s up to you to
choose the right challenges.
There will be some cool prizes for the winning team, and getting the
marks for wargames helps with the $1,000 CBA Cyber Prize.
Due: Midnight, Thursday before last lecture in week 13. Yes, midnight
exactly.Wargames Marking
Each challenge is worth a different number of points based upon difficulty.
There are several types of challenges that include:
Single Solution: Points decay as more people get it correct. If you
cheat and tell other teams the answer, you will all get
lower scores.
Infinite Solutions: There may be an infinite number of solutions! The
best solution gets the highest points. You may submit
multiple solutions as you find better answers.
Yes, this class is responsible for the secret load that suddenly
hits the computer labs at the end of semester.
Your team’s final mark will be scaled against the other teams competing
in the Wargames, with a threshold to make the resulting marks fair.
Some tasks do have a first‐mover advantage, so be sure to pay attention
when challenges are released. These will be announced ahead of time.Wargames Rules
# No attacking / breaking into the Wargames website
This rule has been revoked, have at it.
However, destructive actions to the system will result in a score of zero!
# No breaking the law (obviously)
# No signing up under multiple teams
# No destructive behaviour (e.g. no DoS – that’s not cool)
# High‐value questions must be accompanied by an explanation of how
it was solved, and must have been done fairly, to retain the points.Course Assistance
Lectures, projects, assignments and notices can be found at both:
https://elec5616.com/ OR https://canvas.sydney.edu.au/
The discussion board is available via Ed, where lecturers, tutors, and
studnets can answer questions:
Still waiting for Ed to be configured, look out for an invite.
(you will receive an invite e‐mail at your university e‐mail address)
Failing that, e‐mail also works:
Tutor: arob8086@uni.sydney.edu.au
Lecturer: luke@lukeanderson.com.auYou can also read
