1

An Application-Oriented Approach for Computer Security Education

Xiao QinDepartment of Computer Science and

Software Engineering

Auburn University

Email: xqin@auburn.edu

URL: http://www.eng.auburn.edu/~xqin

2

Goal and Objectives

Goal: New approaches for computer security education

Objective 1: To prepare students to design, implement, and test secure software

Objective 2: A holistic platform for constructing computer security course projects

Student-centered learning

Professor-centered platform

3

From CSSE Students toSoftware Engineers

• To produce reliable, robust, secure software.

• To work in interdisciplinary teams.

• To use appropriate design notations, such as UML.

• To work in multiple programming languages.

4

TeamworkSecure

Software

Design Programming

What projects can help students to learn about

teamwork?

Must we teach students how to design secure software?

How to provide engaging computer security projects?

How to teach multiple programming languages?

Challenges Student-Centered Learning

5

FlexibilityPreparation

GradingTeaching

What projects can be tailored to students to learn

about teamwork?

What is a good way to grade computer security projects?

How to quickly prepare engaging computer security

projects?

How to teach computer security projects?

Challenges Professor-Centered Platform

6

Teaching Philosophy

Computer security education should focus on:

• Fundamental security principles • Security-practice skills.

7

Motivation

Security principles:• Fundamental• A wide spectrum.

PracticePrinciples Real-World

Systems and Apps

Laboratory exercises:• Observing• Evaluating• Testing

Course projects:• Analyzing• Designing• Programming

Real-world secure computing systems:• Programming standards• Large scale• Work on existing products

College Industry

small-scale, fragmented, and isolated course projects

8

Our Solution: Application-Oriented Approach

Security Sensitive Applications

Security Module 1

User Interface

OS (Windows, Linux, etc.)

Non-Security ModulesSecurity Module n

Security Modules

9

Considerations

• Security modules: related to fundamental security principles.

• Applications: represent real world scenario(s)• Each application: contains all possible security

modules.• Flexibility: difficulty levels are configurable.• Programming environment: easy setup• Hints for students: data structures and

algorithms

10

A Unified Programming Environment

Security Sensitive Applications

Security Module 1

User Interface

OS (Windows, Linux, etc.)

Non-Security ModulesSecurity Module n

Virtual Machine(e.g. vmware, virtualBox)

11

Flexibility• Levels of Difficulty

– Beginner– Intermediate– Advanced

Objective 1: To prepare students to design, implement, and test secure software

Objective 2: A holistic platform for constructing computer security course projects

Student-centered learning

Professor-centered platform

12

FlexibilityHow Modules Are Packaged

BeginnerEasy

Intermediate Moderate

AdvancedHard

ExplorativeExplorative

Light EditingLight Editing

Basic Understand Of Concepts

Basic Understand Of Concepts

Normal Implementation

Normal Implementation

Depth Understanding Of

Concept

Depth Understanding Of

Concept

Advanced Implementation

Advanced Implementation

13

Types of Course Projects

• Explorative based projects.

• Partial Implementation projects.

• Full Implementations projects.

• Vulnerability testing, attacking, and fixing.

• Hybrid labs (Exploration & Implementation, etc.)

Beginner

Intermediate

Advanced

14

Choose the First Application

• Real World Scenarios– Banking System: Implemented– P2P File-Sharing: future work

• Three RAs worked on this project– Strategy 1: each RA design and implement a

security sensitive application– Strategy 2: three RAs collaborate on a single

application.

15

Banking Application

• Toy Application– A Secure Teller Terminal System – ATM

• Documentations– Design– Test Cases– Makefile– Readme

16

Implementation Projects

Students’ Tasks

Existing Components

Access Control List

Integrity Checking

Data EncryptionModule

Properties of these projects:• Focused on targeted principles • Focused on a single application• Each project takes 2-6 weeks• Difficulties can be adjusted

IPSec In Attack Lab

Banking Application

Bufferoverflow

17

WorkflowA professor’s perspective

Teach ConceptTeach Concept

Generate Project DescriptionGenerate Project DescriptionDesign Survey QuestionsDesign Survey Questions

Choose Apps & Difficulty

Choose Apps & Difficulty

Work On ProjectWork On Project

Evaluation/FeedbackEvaluation/Feedback

Design Docs & Partial Code

Design Docs & Partial Code

System SetupSystem Setup

18

Design DocumentExample: Data Flow – High Level

19

Put It All Together An example

A Banking System

Access Control

User Interface

OS (Windows, Linux, etc.)

Non-Security ModulesEncryption IPSec

Virtual Machine(e.g. vmware, virtualBox)

20

Class Diagram A secure teller terminal system

Intermediate

21

Class Diagram A secure teller terminal system

Advanced

No security modules in the design document (e.g., class diagram)

22

An Encrypted Staff FileBeginne

r

BeginnerEasy

ExplorativeExplorative

Light EditingLight Editing

23

An Unencrypted Staff FileBeginne

r

BeginnerEasy

ExplorativeExplorative

Light EditingLight Editing

24

Encryption Modules

• Transposition - good, low-level encryption algorithm.

• Substitution - good, low-level encryption algorithm.

• Put both of them together – A transposition of a substitution.

25

Access ControlAccess Control

• Role-based system.

• Implemented in a separate module.

• Give students data flow diagram.

26

Access ControlAccess Control

• Students implement Access Control module.

• Allows them to insert in existing system.

• Better real world experience.

27

Choose a Course to Test Our Approach

• Introductory-level• Programming experiences• Small-scale projects work

Introduction to Computer Security

Advanced Computer Security

• Research projects• Examples

• Memory attacks• Parallel Antivirus• Testing

Security Courses Other Courses

• No design experience• New programming language• Weak programming skill• Teach/learn basic security concepts

e.g., Software Construction

28

Comp 2710 Software Construction

• Two projects– A secure teller terminal system: access

control– A cryptographic system: two algorithms

• 57 students (CSSE and ECE)– Computer Science– Software Engineering– Electrical Engineering– Wireless Engineering

29

Preliminary Studies

• Survey Questionnaires– The quality of project design– Students’ evaluation on projects:

• How interested they are• Programming background• Whether the labs spark their interests in security• How many hours they spent on the projects

• Participants: – 48 students for project 1– 53 students for project 2

30

Evaluation Results (1)

(1) ≤ 5 hours (2) 6-10 hours (3) 11-20 hours (4) 21-30 hours (5) > 30 hours

Survey: Approximately, how many hours did you spend on the project?

Design81% <10h

Implementation46% >21h

Entire Project40% >30h

31

Evaluation Results (2)

(1) Strongly disagree (2) Disagree (3) Neutral (4) Agree (5) Strongly agree

Survey: The project instructions were clear.

Teller terminal system69%: agree or strongly agree

Cryptographic system 58%: agree or strongly agree

32

Evaluation Results (3)

(1) Very easy (2) Somewhat easy (3) Average (4) Somewhat difficult (5) Very difficult

Survey: What was the level of difficulty of this project?

Teller terminal system61%: somewhat difficult or very difficult

Cryptographic system 53%: somewhat difficult or very difficult

33

Evaluation Results (4)Survey: What was the level of interest in this project?

Teller terminal system58%: Average, High, or very high

Cryptographic system 85%: Average, High, or very high

1.  (1) Very low (2) Low (3) Average (4) High (5) Very high

34

Evaluation Results (5)Survey: What was the most time consuming part of in the design portion of the project?

Teller terminal system44%: Use cases

Cryptographic system 58%: Testing

(1) Use Cases (2) Class Diagram (3) System Sequence Diagram (4) Testing

35

Evaluation Results (6)

(1) Strongly disagree (2) Disagree (3) Neutral (4) Agree (5) Strongly agree

Survey: As a result of the lab, I am more interested in computer security.

Teller terminal system17%: strongly disagree or disagree

Cryptographic system 20%: strongly disagree or disagree

36

Evaluation Results (7)

• develop a non-trivial application using classes, constructors, vectors, and operator overloading;

• learn a security issue – authentication;

• perform object-oriented analysis, design, and testing; and

• develop a reasonably user-friendly application.

• learn two cryptographic algorithms;

• develop a simple cryptographic tool;

• perform separate compilation; and

• to develop a command-line application.

Survey: Overall, I have attained the learning objectives of the project.

Teller terminal system Cryptographic system

37

Evaluation Results (7 cont.)

(1) Strongly disagree (2) Disagree (3) Neutral (4) Agree (5) Strongly agree

Survey: Overall, I have attained the learning objectives of the project.

Teller terminal system52%: strongly agree or agree

Cryptographic system 65%: strongly agree or agree

38

About the QoSec Project

• Funded by the NSF CCLI Program – Phase I ($150K) was funded in 2009– 1 PI and 4 Research Assistants– Alfred Nelson– Andrew Pitchford– John Barton

• Web pages of the project will be available soon: – http://www.eng.auburn.edu/~xqin

39

Plan and Collaborations• Prepare for an NSF TUES Phase II Project

– Four to six universities involved– 10 Pis– More tool applications– More preliminary results– Evidence for collaborations

• Contact me if you are interested in– this NSF CCLI Phase I project or – our future NSF TUES Phase II project

Xiao Qin: xqin@auburn.edu

40

41

Demo & Examples

42

Questions?Questions?

• If you are interested in information regarding this project, add your name to our newsletter list after this discussion.

http://www.eng.auburn.edu/~xqin• Slides are available at

http://www.slideshare.net/xqin74