Students Who Don't Understand Information Flow Should Be Eaten: An Experience Paper

Information flow is still relevant, from browser privacy to side-channel attacks on cryptography. However, many of the seminal ideas come from an era when multi-level secure systems were the main subject of study. Students have a hard time relating the material to today's familiar commodity systems. We describe our experiences developing and utilizing an online version of the game Werewolves of Miller's Hollow (a variant of Mafia). To avoid being eaten, students must exploit inference channels on a Linux system to discover "werewolves" among a population of "townspeople." Because the werewolves must secretly discuss and vote about who they want to eat at night, they are forced to have some amount of keystroke and network activity in their remote shells at this time. In each instance of the game the werewolves are chosen at random from among the townspeople, creating an interesting dynamic where students must think about information flow from both perspectives and keep adapting their techniques and strategies throughout the semester. This game has engendered a great deal of enthusiasm among our students, and we have witnessed many interesting attacks that we did not anticipate. We plan to release the game under an open source software license.

[1]  Steven B. Lipner,et al.  A comment on the confinement problem , 1975, SOSP.

[2]  Richard A. Kemmerer,et al.  Shared resource matrix methodology: an approach to identifying storage and timing channels , 1983, TOCS.

[3]  Prabhaker Mateti A laboratory-based course on internet security , 2003, SIGCSE.

[4]  Archer L. Batcheller,et al.  Testing the technology: playing games with video conferencing , 2007, CHI.

[5]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[6]  Jeffrey S. Fenton Memoryless Subsystems , 1974, Comput. J..

[7]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[8]  Colin Percival CACHE MISSING FOR FUN AND PROFIT , 2005 .

[9]  Piotr Migdal,et al.  A mathematical model of the Mafia game , 2010, ArXiv.

[10]  Vitaly Shmatikov,et al.  Memento: Learning Secrets from Process Footprints , 2012, 2012 IEEE Symposium on Security and Privacy.

[11]  Bill Broyles Notes , 1907, The Classical Review.

[12]  Terrence O'Connor,et al.  Experiences with Practice-Focused Undergraduate Security Education , 2010, CSET.

[13]  Michal Zalewski Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks , 2005 .

[14]  Sergey Bratus What Hackers Learn that the Rest of Us Don't: Notes on Hacker Curriculum , 2007, IEEE Security & Privacy.

[15]  Corey D. Schou,et al.  A Model for Information Assurance : An Integrated Approach , 2001 .

[16]  Rayford B. Vaughn,et al.  Integration of computer security into the software engineering and computer science programs , 1999, J. Syst. Softw..

[17]  Sergey Bratus Dartmouth,et al.  What Hackers Learn that the Rest of Us Don't , 2007 .

[18]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[19]  C. Q. Lee,et al.  The Computer Journal , 1958, Nature.

[20]  XiaoFeng Wang,et al.  Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems , 2009, USENIX Security Symposium.

[21]  Mark Braverman,et al.  Mafia: A theoretical study of players and coalitions in a partial information environment , 2008 .

[22]  BratusSurgey What Hackers Learn that the Rest of Us Don't , 2007, S&P 2007.

[23]  A. Tanenbaum Computer recreations , 1973 .

[24]  Diana G. Oblinger,et al.  The Next Generation of Educational Engagement , 2004 .

[25]  Danfeng Zhang,et al.  Predictive black-box mitigation of timing channels , 2010, CCS '10.

[26]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[27]  Deepak Kapur,et al.  Idle Port Scanning and Non-interference Analysis of Network Protocol Stacks Using Model Checking , 2010, USENIX Security Symposium.

[28]  Zhuoqing Morley Mao,et al.  Off-path TCP Sequence Number Inference Attack - How Firewall Middleboxes Reduce Security , 2012, 2012 IEEE Symposium on Security and Privacy.

[29]  John C. Wray An Analysis of Covert Timing Channels , 1992, J. Comput. Secur..