University of Southern California


CS530L - Security Systems
lab component
David Morgan

see "Syllabus" link for email address

German "Enigma" cryptographic device




Lab policies

Student lab times

CS530 main class

DETER net testbed
  get/use an account

a vi cheat sheet


Cryptography & Key Mgmt



Application security

Packet sniffing

Firewalls (DETER)

Intrusion detection

Arp spoofing (DETER)

Tunnels and vpns (DETER)

Computer forensics (DETER)





FALL 2015
lecture 4:30p - 5:20p Fri OHE122

Until recent years, information systems security was the limited focus of the military and the financial communities. With the recent explosive growth and merging of telecommunications and computing, security has become an integral element of any reliable and robust information systems environment. This class will cover information systems security at the graduate level. Students should have a basic understanding of networking and operating systems prior to attending the class.

Thank you for your efforts and interest in this subject and class. I enjoyed the opportunity to teach it. (11/13)

Fall 2016 CS530 grader position - information here. (11/13)

Tip - for copying the image file of the forensics lab's corrupted disk:


CTF scoring information
- to check current score go to /proj/USCCSci530 and do


Please note that while you can see the location of score files by looking at that script changing scores directly is not allowed. (11/11)

CTF who attacks whom - here's the map who attacks whom

for i=1:8
Team i attacks Team i+1 using experiment real(i+1)

For example:
Team 2 attacks Team 3 using experiment real 3 

Team 8 attacks Team 1 using experiment real 1

Defenders can access server and gateway and attackers can access two out of three client machines in each experiment. (11/11)

Alternative network specification (.ns) file is available for DETER firewalls lab. (10/30)

Capture-the-flag team names - please visit URL for your team

A - Team Avengers

B - Team Fantastic 10

C - Team Green Lantern Corps

D - Team Guardians of the Galaxy

E - Team Heroes

F - Team Jedi Masters

G - Team Justice League

H - Team X Men  (10/22)

Capture-the-flag team assignments. They come from the set of survey respondents. Please stay tuned for further information about what to do. You might at this point contact your fellow team members. (10/21)

Please welcome Professor Jelena Mirkovic who will speak to us in class tomorrow. She will introduce to us the "Resilient Server" capture-the-flag competitive exercise that you will do next. Here are some related background materials
  Slides on denial of service
  man pages for tcpdump and iptables commands
In preparation, please take a 1-question survey.It will help group you into evenly matched teams for the upcoming capture-the-flag exercise. (10/15)

Due date clarification for application security lab this week - it's Friday 10/16 for everybody. (10/12)

Adjusted lab calendar- for midterm and for topic reorganization
midterm - is next week, Friday. No previous labs due next week, no current lab performed next week, no lab lecture next week.
topic reorganization - the capture the flag exercise will be introduced at our next lecture 10/16 by Professor Jelena Mirkovic.


DETER practice
- if you are unfamiliar with the usage of DETER you may want to go through the mechanics of creating and using a very simple experiment, as outlined at the link entitled "get/use an account" under the heading "DETER net testbed" at left. We will soon begin performing most of our exercises remotely on DETER instead of locally in OHE406 so this can serve as a familiarization exercise. (10/2)

Heartbleed demo - from the "know-how" show on, a popular tech podcast. It was recorded last year not long after heartbleed was announced. The demo starts at about the 45-minute mark in the video. In case you're interested. (9/28)

Application flaws, somebody's fault?? maybe in the Spanish language sense of "fault" (a lack) but generally, certainly not the English language connotation (blameworthiness). In class yesterday I came to the defense of open source software authors, R. Seggelmann of OpenSSL fame representing them. They solve "difficult design problems":

   "Experience has shown [that] ... holes do not generally result from rank stupidity
    but from human oversight in dealing with a difficult design problem
       "Concepts and Terminology for Computer Security," R. Schell, p82   (9/26)

Matt Bishop oral history interview
I mentioned in class, from the Charles Babbage Institute at the University of Minnesota.

This interview with your textbook author is part of a series of interviews with over 300 computer industry contributors. Of personal interest I notice among them our Terry Benzel of I.S.I. and Viterbi professor Roger Schell. There are a lot of people who were involved with ARPA and early internet development (Cerf, Kleinrock, Crocker, Roberts, Kahn, Licklider). There are also early inventors or implementers of fundamental operating system and computer science concepts we take for granted today (Corbato, Dijkstra) and some who first recognized and defined computer security issues (Denning, Neumann, Spafford, Ware). There is Donald Knuth who wrote the books that educated a generation of CS students. (9/18)

Email filter rule keywords used for managing the 10 reports you submit are:


for the respective labs we do over 10 weeks. Please be sure to embed these keywords in the titles of the email messages in which you will submit your work. (9/18)

Revised timeslot assignments - are posted at the link entitled "Student lab times," at left. If there are errors or anomalies please contact me. (9/8)

No assignments for the following students because they provided malformed input:

lan, rege, sundaram

If you wish to participate in lab work please contact me. (9/8)

Server up for round-two lab time requests - the server is back up. Those of you who provided no input or malformed input last week may provide or fix it now. Please do so by the end of the day tomorrow, Monday, and I will seek to publish a final list of timeslot assignments on Tuesday at the "Student lab times" link, at left. (The first lab meeting will then take place Wednesday.) (9/6)

My RSA lecture available online - I ran out of time in today's lecture, without having talked about the latter slides in my presentation. Those slides covered the steps and math of the RSA algorithm. They are closely related to the lab activity you'll do in a week. I have those slides online, with my narration. You may listen to them if you like (it would definitely help) before coming to the lab next week. (9/4)

Timeslot assignments - the lab times are set for

Mon 10:30-11:50
Wed 12:30-13:50
Thu 10:30-11:50
Fri 15:00-16:20

Your lab time assignments are posted at the link entitled "Student lab times," at left.

No assignments for the following students because they provided no input:

hanasoge, lin, liush, maragiri, mccarthy, park, patil, peng, rustagi, saklecha, satyamangalam, sharan, singh, vadlamani, wadhawan

and the following because they provided malformed input:

nagarle, lan, rege, aitmukhanbetova, guptani

Please provide or fix input if you wish to be assigned.  (9/2)

Which machine do we use, for which lab? - the various lab activities were developed to work on one or another of the 4 virtual machines installed in the lab. The instructions for each lab should tell you on which platform to do it. As a matter of record, here are the platforms corresponding the activities.


First homework tasks -
 1) express your lab timeslot preferences (unless you are a DEN student) deadline: end of day Tuesday 9/1/15
If you are a DEN student, install VMWare Player 6 (or other version of VMware) if you do not have it already. See "DEN students" comments below.
 2) as a tourist, visit the informational links listed at left under the heading "DETER net testbed". Gain initial familiarity with DETER at tourist level. We will arrange DETER accounts for you shortly.
 3) visit link at left entitled "Cryptography" under the heading "Labs." Our upcoming initial lab topic will be on the subject of cryptography. My lecture on the subject will be September 4, with corresponding lab exercise (the first one) performed the following week. (8/28)

Individual lab timeslot assignments

You will be assigned to a particular lab session. You will express preference among the timeslots using this web form:

On the form (which unfortunately does not validate entries) please take care to enter a unique explicit digit from among 0, 1, 2, and 5 for each of the seven lab timeslot possibilities.
 - enter 0 for any slot with which you have a bona fide conflict (other commitment that cannot be changed)
 - enter 1 for your most preferred non-conflicting timeslot
 - enter 2 for your second-most preferred non-conflicting timeslot
 - enter 5s for your less preferred non-conflicting timeslots

The software that will process your entry will filter it out (post-validate) if it deviates from that. So fill in the form correctly to avoid adversely affecting our meeting your preference. I will do my best to follow student preference within my ability to control. (8/28)

The web form is here . To use it, you need to supply an ID. Your ID is your last name, all lower case. On-campus  students who were registered as of yesterday are in the web form's database. There are multiple chens, guptas, and jains. In those cases suffix your last name with 1 or 2 characters of your first name. I will make a supplemental update with names of later registrants sometime next week. (8/28)

Slides from today's lecture in color or greyscale.(8/28)

The calendar is subject to later adjustment, which would be announced here and in lecture. (8/28)

Strong recommendation - each week, preview or scan (visually) the lab instructions in advance before your lab session. It will enable you to do the exercises more efficiently, with greater understanding, and ensure you can finish before the lab ends. (8/28)

Support questions - try the "Labs" category of the discussion board found on DEN/Blackboard for CS530. If it's a question of general interest (maybe somebody else has the same question in mind) put it there. Alternatively, or for more specifically personal questions, email address, shared by me and the lab graders. (8/28)

Your graders - Xuanni Du and Gautam Bhatnagar. Both took CS530 last year. Both are helpful and familiar with the lab exercises you will do. (8/28)

Lab location - room OHE406. The hardware-identical computers in this room have removable hard drives. You will be assigned a drive. You will insert it in one of the computers when you arrive at the lab each week. You will put it in a locker afterward, where it will be stored for you until the following week's session. (8/28)

DEN students - most if not all of the lab exercises are performed in VMware virtual machines. We will make available images of the same vm's that are installed in the lab, for you to install on your machine. You will then be able to run that vm using VMware player, which is distributed free from The lab handouts (instructions) will be posted online, here on this website, weekly. I intend to distribute the vm images to you via download, details to be communicated to you by email. (These are not for the consumption of on-campus students.) (8/28)