Exercises for computer security course in the University of Oulu.

The course covers the essential aspects of computer security and computer security research in theory and through practical examples.

The course is intended for computer engineering masters students and additionally to any student interested in computer security that has the sufficient technical background to complete the course exercises.

This repository contains a folder for following labs. Each folder contains tasks and instructions on how to complete them.

1. Fuzzing lab

2. Network lab

3. Botnets and malwares lab

4. Shellcoding lab

5. ChipWhisperer lab

The lectures and place for returning assignments can be found from University Moodle: https://oystack.oulu.fi Course is under Computer Engineering and Science.

The course has seven (7) lectures, seven (7) weekly lecture questionnaires, five (5) laboratory exercises and final coursework (no exam).

Lectures are handling topics from high perspective and they are not going technically deep. Lecture questionnaires are based on lectures (surprisingly!).

Laboratory exercises are thought as individual packages: containing theory and exercises, and going technologically very deep.

To pass the course, you have to get enough points totally from exercises/questionnaires and final coursework. From the beginning, you should be able to see, what you have to do for earning some specific grade.

This means: as long as you get enough points from somewhere, you can skip even final coursework. Grading table is presented here.

Generally, every week there is a choice: Make lecture questionnaires sufficiently and you will get grade 1 from that week OR participate for lab and complete tasks as described to get grade 2 or more from that week. You can't get points from both lecture questionnaires and labs in the same week.

Grades from the labs are equal to amount of points they are offering.

Everyone can make weekly questionnaires from lectures in last two weeks, and earn total of two (2) points, even if all of the five labs has been completed.

In practise, exercises of the course have been divided to five (5) different levels. Level is indicating for grade/points you are able to achieve by reaching that level.

When level rises, so does workload/difficulty.

Labs have been split to different tasks. The amount of tasks which are required for each level/grade is defined in the grading section of corresponding lab.

• Level 1: You don't have to participate in the lab. You earn grade 1 from that week by attending lectures and answering to lecture questionnaires of corresponding topic
• Level 2: Complete the bare minimum of the lab. This will earn you grade 2 from that week. You are expected to do this during lab hours.
• Level 3: Complete the whole lab without extra work. This will earn you grade 3 from this week. You are expexted to do this during the lab hours but you are allowed to finish it on your own time
• Level 4: Complete the above (excluding lecture questionnaires) and some extra work. This will earn you a grade of 4 from that week. It is likely that you don't have time to complete this during lab hours so you are expected to do this extra work on your own time, and return it before deadline.
• Level 5: Complete all the above (excluding lecture questionnaires) and the most challenging extra work. You will earn a grade of 5 from that week. It is likely that you don't have time to complete this during lab hours so you are expected to do this extra work on your own time, and return it before deadline.

As described earlier, you can get up to 5 points in each week during the first five weeks. (Total 25 points)

For last two weeks, there is still possibility earn total of 2 points from weekly lecture questionnaires (one (1) each), even if you have completed five labs already.

From final coursework, points can be obtained as following. There are four (4) different tiers for final coursework.

42 points are maximun.

Note, that all topics are not equal in maximum points they are offering. More information can be found in Final Project lecture slides.

1. BE AWARE - Personal risk analysis (non-technical)

   • Write a personal risk analysis according to template

2. FIND OUT - Survey paper (non-technical)

   • Write a scientific survey article on a security topic for points up to good level. No technical implementation needed.

3. IMPLEMENT - Simple technical project report

   • Using one of the provided topics, perform a short technical project and write an associated report for points from satisfactory to laudable.
   • The expected level is: repeat and demonstrate something known.

4. CONTRIBUTE - Advanced project report

   • Choosing your own topic, and perform a technical project and write a report
   • The guideline for choosing topics is: the topic should have the potential of having a positive contribution to security.

In each lab, there is option to make grade 5 task to be more challenging and comprehensive, and make it as final coursework. This has to be approved by assistant.

Deadline for final course work is in the end of week 42. (End of course week 7.)

For each week you are expected to return assignments of corresponding lab OR corresponding lecture assignment.

**This is deadline of final coursework as well.

NOTE: Week 5 and 6 have been mixed, because there are limited amount of devices which are required for ChipWhisperer lab.

• Enroll to the course

• Find course's Moodle page from University's Moodle

• Find a link whereof you can receive and create a private repository containing all the return folders.

• Create GitHub account, if you don't have one already, and create this private repository from the link.

• You can see deadlines above. They are same in Moodle. There might be exceptions for ChipWhisperer.

• Complete as many tasks as you wish and update your repository accordingly. Check the grading table found in each labs instructions on what you have to complete in order to earn the grade of your choosing

• Push your changes to your repository before deadline.

• Return a document to Moodle's return box with following content:

  • Your name(s) (There is group work in ChipWhisperer lab)
  • Link to your private GitHub repository
  • Remember to do this for each lab, if you want to get things reviewed!
  • Additionally for Week 6/Lab6, if you are returning some improvements for previous labs, mention what have you improved or done.

Check cheat sheet if you need a refresher on how to use Git. Some basic commands below

git add </path/filename>
git commit -m "<message>"
git push

Note: If you are using following virtual machines in your own pc, they are preconfigured with 4GB of RAM for VMware player. So if you have less than 8 GB of RAM in your pc, you might want to reduce this preconfigured RAM.

Each lab utilizes one of the virtual machines below:

• Kali Linux - for shellcoding, fuzzing and web security lab
  • User: compsec
  • Password: course
• Ubuntu 16.04 - for botnets and malware analysis
  • User: compsec
  • Password: course
• Lubuntu 17.04- side-channel attacks with ChipWhisperer
  • User: cwuser
  • Password. cwpassword

These virtual machines are located on network drive.

Machines can be run directly from there, but all changes on virtual machines are lost, after shutting them down.

If you have enough space on your lab computer, and you are not too hesitated to start, recommended way is to copy virtual machine from network drive, and then start it locally. This way changes are not lost in shutdown.

You can mount network drive with following cmd command:

net use z: "\\kaappi\Virtuaalikoneet$"

There should be now new Z: drive, named as Virtuaalikoneet$

And virtual machines are located in:

Virtuaalikoneet$ -> VMware -> CompSec

Copy selected virtual machine to C:\Temp folder.

Run machine from .vmx file, which does not say 'copy and run'.

When the virtual machine asks if you have copied or moved the machine, press "I copied it".

This is the fastest way to start working: you don't need to wait copy-process.

If you don't mind that changes are lost on shutdown, machines can be run directly from network drive.

To run virtual machines from there, you have to use following commands. Open Windows cmd, and run them in there:

(if exist "Z:" (echo "Drive already mounted") else (net use z: "\\kaappi\Virtuaalikoneet$")) && (if exist "C:\Temp\Kali" (rd /s /q "C:\Temp\Kali" && mkdir "C:\Temp\Kali") else (mkdir "C:\Temp\Kali")) && copy "Z:\VMware\CompSec\Kalix64\Kali_copy_and_run_me.vmx" "C:\Temp\Kali\Kali_copy_and_run_me.vmx" && start "" "C:\Temp\Kali\Kali_copy_and_run_me.vmx"

(if exist "Z:" (echo "Drive already mounted") else (net use z: "\\kaappi\Virtuaalikoneet$")) && (if exist "C:\Temp\Ubuntux64" (rd /s /q "C:\Temp\Ubuntux64" && mkdir "C:\Temp\Ubuntux64") else (mkdir "C:\Temp\Ubuntux64")) && copy "Z:\VMware\CompSec\Ubuntu 64-bit\Ubuntu64_copy_and_run.vmx" "C:\Temp\Ubuntux64\Ubuntu64_copy_and_run.vmx" && start "" "C:\Temp\Ubuntux64\Ubuntu64_copy_and_run.vmx"

(if exist "Z:" (echo "Drive already mounted") else (net use z: "\\kaappi\Virtuaalikoneet$")) && (if exist "C:\Temp\LUbuntu64" (rd /s /q "C:\Temp\LUbuntu64" && mkdir "C:\Temp\LUbuntu64") else (mkdir "C:\Temp\LUbuntu64")) && copy "Z:\VMware\CompSec\ChipWhisperer\LUbuntu64-bit_copy_and_run.vmx" "C:\Temp\LUbuntu64\LUbuntu64_copy_and_run.vmx" && start "" "C:\Temp\LUbuntu64\LUbuntu64_copy_and_run.vmx"

When the virtual machine asks if you have copied or moved the machine, press "I copied it".

You can mount network drive into your own PC, if it has been connected to Eduroam .

After you have successfully connected to network, you can mount network drive as following. If any credentials are asked, username is username@student.oulu.fi

Open Windows cmd:

net use z: "\\kaappi\Virtuaalikoneet$"

Drive should be mounted after giving correct credentials.

If you have mnt folder in root directory, and package cifs-utils is installed, you can:

sudo mount -t cifs //kaappi/Virtuaalikoneet$ /mnt/ -o user=username@student.oulu.fi

Depending on your versions, you might need to play with 'sec' -variable, for example Ubuntu 16.04 might require:

sudo mount -t cifs //kaappi/Virtuaalikoneet$ /mnt/ -o user=username@student.oulu.fi,sec=ntlm

Passwords should be prompted.

Virtual machines are located in:

Virtuaalikoneet$ -> VMware -> CompSec

If you are not able to get in to University to copy virtual machines from network drive by using Lab computer , you can do it remotely as well. This requires setting up VPN - connection to University network. This can be aquired by following guidlines presented here.

Looks like two factor authentication(Authentication via SMS) is not enabled by default. You have to enable it by following instructions here: http://www.oulu.fi/ict/authentication#vpn

Shortly:

• Download suitable VPN client here: https://www.oulu.fi/jakelu/vpn/
• Login with student creadentials is required
• Once you have installed the correct client, start it
• Use sa.oulu.fi as server URL.
• Connect by using your student username and selecting Student (SMS) authentication method. You have to use strong authentication (Student (SMS)) to be able to mount the drive.

After you have successfully connected to network, instructions are same as here.

Do you have a lot of ideas or suggestions to improve course? Fork repository, and make a pull request. Let's have a look!

This might have positive effect for your grade as well.

Any information, guidelines, tutorials, examples or code pieces here are for teaching purposes, under MIT license, unless otherwise declared.

This repository contains tutorials and examples for how to use some spefic tools

• The licence of corresponding tool should be applied for the usage of tool