CS6035 OMSCS - Introduction to Information Security

Overall review

I took introduction to info sec along with ML4T.

When I took gios, there were a couple of people that recommended pairing IIS since fall 2022, the course is 100% project based.

Overall, I agree with this sentiment and strongly recommend this as a pairing course and not a stand alone course, unless you’re relatively new to computer science. In which case you might be better off taking this during summer.

Overall, there are a total of 7+1 projects (Links are provided if available and may be outdated):

The project site has been updated!

1. Man in the Middle
2. Malware Analysis
3. Web Security
4. Machine Learning for CLAMP
   • This has a quiz component.
5. RSA Cryptography
6. Binary Exploitation
7. Log4Shell
8. API Security - This was extra credit

During/After this course, I gain a better understanding of various tools and security exploits such as sql injection, encryption, how assembly works, as well as the log4shell zero day exploit.

I have also found new appreciation for security folks. Given that this is a “assignment” setting where a security fault is guaranteed to exists, I wonder what do security engineers/analyst do on a full time basis? Certain questions I could spent hours staring at it until the “ah-ha” moment.

This is not an intensive programming course although it covers quite a few of them (java, c, python, javascript, php). You will be able to learn what is required on the go.

Time requirements

I spent about 1-2 nights for the first few projects and 2 nights + 1 day for the last 3 projects. I did not watch any of the lectures, partly because I was taking ML4T at the same time. The module is also 100% Project based.

From what I understood, Binary / Log4Shell are the first two projects in the previous semester and happen to be two hardest projects (for me at least, unless you have no experience in ML then maybe ML take precedence). Perhaps they shuffled the order because the first two were the easiest?

One word of caution though, there are no materials provided other than whatever is in the project requirements/description. This may require extensive googling/searching/experimenting.

Lectures

I did not spent any time watching the lectures nor textbook. From what I understood, it is also largely unrelated to the projects.

M1 Mac

You definitely need an intel machine for this course, especially for RSA, Binary and log4shell. There is a VM provided.

Projects

One of the reasons why it is one of the easiest course is because there are no hidden tests (you read that right!). There are some components such as the ML quiz or certain parts of the projects with limited submissions (to prevent you from brute forcing the answers but the quota is more than generous).

Also, the TAs in the course are pretty responsive on both slack and ed, generally nice, reasonable and very respectful.

Man In The Middle

You are given packets over a network, and you need to use a tool (Wireshark) to sniff out what hackers are trying to communicate over the network.

It is almost like trying to piece together various parts of the puzzle.

Malware Analysis

This project has two parts. The first part of the project, you are given a few reports from joesandbox about different historical malwares. Your job is to find out from these reports whether they exhibit certain malicious behavior. For example, which of the malwares contains a keylogger? I some what brute force the project with control + F.

The second part of the project requires you using the Malheur - Automatic Analysis of Malware Behavior tool to cluster the malware together. If you have a ML background, tuning this will be super straight forward. Otherwise, my advice is do not over think it. It is relatively straight forward.

Web security

This project requires you to “inject” code (html/javascript) into a website. The website is still fully functional and “legit” in the sense that is it the actual business website. The user will be able to login and proceed with his/her usual activities. What the victim does not know is he/she has unintentionally also forward you his credentials.

You will also try to modify your login text to overcome the security checks (by studying the backend php code) to gain access to credentials, as well as sql injection to gain access with just the username!

Machine Learning for CLAMP

This is almost like a typical kaggle problem, you are given a dataset, run some features, various models, and try to achieve a certain level of performance for the out of sample dataset. Overall, the intention is to show students that ML can be used to detect malware.

This project received a lot of complains to the extend that they are taking it offline for the summer to revamp it.

RSA

This course is mainly teaching you the RSA encryption system. It is a nice exposure to numerical analysis/number theory. If you did an undergrad math class in STEM, you should have nothing to worry about.

Binary Exploitation

This course gives a rundown on how a program is translated to assembly instructions. You will be required to learn gdb and/or pwntools in an attempt to overwrite variables on the stack to gain access to the program.

Log4Shell

This is the toughest project in my opinion but also the most rewarding. I recall during 2022 where the whole world were trying to patch this overnight. My previous job were also using google cloud and they sent out huge warning signals/notifications to get us to patch our log4j library or to remove it.

Looking at the assignment, I would say it is warranted, with this vulnerability the hacker is able to gain root access to your servers.

API security

You will use this tools to try to hack into the API service and try to steal files and credentials. You will learn about:

• curl requests
• Using postman for RESTFUL requests
• Jwt tokens.
• Swagger API

If you have used swagger / implemented flask before, learning curve will be quite small for you. Otherwise it is a good opportunity to learn about these tools. Postman is also used quite often in industry to test APIs. The surprising bit for me was how JWT tokens are constructed and what information they actually contain!