Difference between revisions of "Reading Schedule"

Revision as of 01:41, 13 October 2005

Reading schedule

August 31: The Logic of Terrorism

Modern terrorism has been with us since the 1870s. What can history teach us about the strategy, tactics, and limits of terrorism? Steve Maurer, UC Berkeley: What Can History Teach Us?

Readings: Walter Laqueur, No End to War: Terrorism in the Twenty-First Century (2004) (text; Amazon.com). Please read this text in three segments, concluding 9/21.

September 7: Terrorism as Warfare

Historically, nation states were the only entities that could credibly make war. Have new technologies and the vulnerabilities of modern life changed the rules? Steve Maurer, UC Berkeley: Can Terrorism Challenge the Nation State?

Readings: Walter Laqueur, No End to War: Terrorism in the Twenty-First Century (2004) (text; Amazon.com). Please read this text in three segments, concluding 9/21.

September 13 (Tuesday): The Al Qaida Threat

Can US foreign policy discourage rogue nations from putting WMD into the hands of terrorists? Michael Nacht, UC Berkeley: Post 9/11 Diplomacy: The Bush Doctrine, Rogue Nations, and US Non-Proliferation Policy

Readings:

• Online Bush Doctrine Memo.

September 21: Technology Policy and the War on Terror

Can new technologies improve current trade-offs between civil liberties and security? How do homeland security experts use Threat, Vulnerability, and Consequence (TVC) models to identify and protect society’s most critical assets?

Don Prosnitz, LLNL: Security and Civil Liberties: Can Technology Improve the Balance? Steve Maurer, UC Berkeley: The Bioshield Dilemma: Developing New Technologies at an Affordable Price Eric Norman, LLNL: Cargo screening technologies.

Readings:

• Walter Laqueur, No End to War: Terrorism in the Twenty-First Century (2004) (text; Amazon.com). Please read this text in three segments, concluding 9/21.
• Steve Maurer, “When Patents Fail: Finding New Drugs for the Developing World,” (pdf) May 2005.

September 28: Profiling the Terrorist Adversary

What are the motives and capabilities of current terrorist groups? How likely are they to use WMD or attack the nation’s cyber-infrastructure?

Gary Ackerman & Jeffrey Bale, Monterey Institute: Profiling the Terrorist Adversary

Readings:

• Jeffrey M. Bale and Gary Ackerman. Recommendations on the Development of Methodologies and Attributes for Assessing Terrorist Threats of WMD Terrorism. (pdf). Center for Nonproliferation Studies, Monterey Institute of International Studies.

October 5: Computer Security Primer

Comprehensive introduction to basic computer security principles, mechanisms, and approaches. Essentially, the highlights of an undergraduate computer security course, reduced to 3 hours. Geoff Voelker, UCSD

Readings:

• Ken Thompson, “Reflections on Trusting Trust,” Communications of the ACM 27(8), August 1984.
• Alma Whitten and J.D. Tygar, “Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0,” Proc. USENIX Security Symposium, August 1999.
• Ross Anderson, “Why Cryptosystems Fail,” Communications of the ACM 37(11), November 1994.

October 12: Cyber Security In-The-Large

Using information technology to attack – or to amplify attacks on – various elements of the nation’s critical infrastructure

Ed Lazowska, UW: Assessing Cyber-Vulnerabilities: PITAC and Beyond Phil Venables, CISO, Goldman Sachs: The Resilient Enterprise: Convergence of Security, Compliance, Redundancy and Risky Kirk Bailey, ex-CISO, City of Seattle: Cyber-attacks and cyber-defense in the City of Seattle

Readings:

• Information Technology for Counterterrorism. Computer Science & Telecommunications Board, National Research Council, 2003. . Read the Executive Summary, Chapter 1, Chapter 2, and Chapter 4.
• Cyber Security: A Crisis of Prioritization. President’s Information Technology Advisory Committee, 2005. (pdf).
• Washington Post Washington Post articles on cyber terrorism, August 2005.
• New York Times article, “The Rise of the Digital Thugs,” August 2005.
• Time article, “The Invasion of the Chinese Cyberspies,” September 2005.

October 19: Nuclear, Radiological & Chemical Weapons

The physics and technology of WMD.

Richard A. Muller, UC Berkeley and LBNL: The Physics of WMD Christine Hartmann-Siantar, LLNL: Radiation and Human Health Steve Maurer, UC Berkeley: Nuclear Fear

Readings:

• Online papers

October 26: Biological Weapons; Remediation and Recovery Technologies

The biological weapons threat: today and tomorrow. Recovering from WMD attacks.

J. Patrick Fitch, LLNL: Biological Weapons and Detection Technologies J. Keasling, UC Berkeley: Synthetic Biology and Tomorrow’s Bioweapons Tina Carlson, LLNL: Remediation Christine Hartmann-Siantar, LLNL: Recovery Technologies

Readings:

November 2: WMD Defenses

Technology and Policy Options for Early Detection of WMD.

Michael Nacht & B. Perez, UC Berkeley: Port Security.

Readings:

• Online Paper

November 9: Large-Scale Internet Criminal Activity

Internet crime. Denial of service, extortion, phishing, botnet reselling, spam, spyware, etc.

Dave Aucsmith, Senior Director, Institute for Advanced Technology in Governments, Microsoft Corp. Steve Gribble, UW: Spyware

Readings:

• David Moore, Geoffrey Voelker, and Stefan Savage, “Inferring Internet Denial of Service Activity.” Proc. 2001 USENIX Security Symposium, August 2001.
• Stefan Saroiu, Steven D. Gribble, and Henry M. Levy, “Measurement and Analysis of Spyware in a University Environment,” Proc. NSDI 2004, March 2004.
• The Honeynet Project & Research Alliance, “Know your Enemy: Tracking Botnets,” March 2005.

November 16: Incentives to Exploit and Protect

What do we know about the Internet’s vulnerabilities? History of past exploits, worms, viruses. What could a determined, well-funded adversary accomplish?

• Hal Varian, Berkeley, incentive-based strategies for enhancing cyber security
• Stefan Savage, UCSD, Internet outbreaks: Epidemiology and Defenses
• Vern Paxson, ICIR and LBNL, Network intrusion detection systems

Readings:

• Carey Nachenberg, “Computer Virus-Antivirus Coevolution,” Communications of the ACM 40(1), January 1997.
• David Moore, Vern Paxson, Stefan Savage, Colleen Shannon, Stuart Staniford and Nicholas Weaver, “Inside the Slammer Worm,” IEEE Security and Privacy 1(4):33-39, July 2003.
• Vern Paxson, “Bro: A System for Detecting Network Intruders in Real-Time,” Computer Networks 31(23-24), December 1999.

November 23: Cyber-defenses

Host-based, network-based, software engineering with security goals

• Mark Pustilnik, Microsoft, Eliminating security vulnerabilities from commercial software.
• Josh Lackey, Microsoft (ex-IBM), Ethical hacking: Using white-hat cyber-attacks to improve security.
• Eric Rescorla, consultant, does it make sense to discover/publicize vulnerabilities?

Readings:

• Sumeet Singh, Cristian Estan, George Varghese and Stefan Savage, “Automated Worm Fingerprinting," Proc. OSDI 2004, December 2004.
• Eric Rescorla, “Is finding security holes a good idea?”, Workshop on Economics and Information Security 2004, May 2004.
• Eric Rescorla, “Security holes... Who cares?”, Proceedings of the 12th USENIX Security Conference, August 2003.

November 30: Intelligence and Interrogation

How can IT improve US intelligence capabilities?

(TBD)

Steve Maurer: Databases and Intelligence

S. Scotchmer: Do Terrorism Futures Make Sense?

Readings:

December 7: Cyberforensics

What constitutes evidence for computer exploitation crimes, how is it gathered, etc.

Possible: Butler Lampson

Possible: FBI

Readings: