Selected Topics in Network Security (Spring 05)

Meeting Times and Location

Thursdays & Fridays, 1 - 2:15 pm, NEB 12


This course focuses on selected research topics in communications security. The course is structured as a research seminar where students present research papers to their peers. Topics may include side-channel attacks, searches on encrypted data, broadcast encryption, private information retrieval, covert channels and anonymous communication, information hiding, among others.

Prerequisites of 600.424 and 600.449 (or equivalent) are strongly advised. In addition, familiarity with basic cryptographic primitives will be necessary to understand the details of some of the assigned papers.

Assignment: There will be one team assignment. Students will be tasked with inferring the network topology of a closed network, as well as discovering all hosts on the network. The network will be reconfigured during the discovery phase of the assignment, and the goal is to perform network tomography with as minimal traffic as possible. Experiments will take place in a isolated lab comprising of a series of switches and routers donated by Cisco. This assignment will be worth 25% of your final grade.

Course project:Your course project will entail submitting (to me) a workshop quality research paper outlining novel ideas. This project can involve application of concepts learned from other research papers, but MUST depict original ideas. The course project constitutes 50% of your final grade. Students are encouraged to work in groups. You are required to use LaTeX when preparing your final report.

Readings and Presentations:Students are required to read all papers assigned during the semester and be able to competently discuss the material in class. Each student will be responsible for presenting one lecture (depending on the class size) -- that lecture will be based on the assigned paper for the week including as much relevant related work as necessary to distill the work presented in the paper. The speaker should try to present a comprehensive view of the topic suitable for a 1 hour talk. Additionally, each student is responsible for submitting a summary of the paper, which includes (1) at least two thought-provoking questions on the assigned paper (2) a discussion of any strengths and weaknesses (3) one direction for an extension on the ideas / topic presented in the paper. Your questions should critically evaluate the paper (eg, questioning the assumptions, questioning whether the experiments are lacking (and why), flaws in the analysis, etc). This summary will be turned in to the moderator (and me) on the Thursday session.

The moderator is responsible for recapping the ideas for the previous day (10 mins max) and presenting any supplimentary material not covered by the presenter. The moderator will lead the general discussions on Friday. Notes on the week's discussion must also be compiled by the moderator, and submitted to me no later than 1 week after the lecture. These notes will be made publicly available (via the website) to rest of the class.

Office Hours

Tuesday 1 - 3 pm or by appointment.

Mailing list

send email to majordomo (at) with subscribe cs624 in the message body


This is intended to be an interactive class, and as such, class participation will play a significant role in my grading criteria. Students will be graded on the presentation of their assigned paper, their participation in discussions and questions, the assignment and course project. Weights are as follows:

Deliverable Grade
Assignment 25%
Presentations 25%
Project 50%

Reading List

Topic Presenter
Moderator  (Friday)

Feb. 3/4

Course Introduction, selection of presenters, project discussion.

Feb. 10/11

Remote Timing Attacks are Practical

D. Brumley and D. Boneh
Proceedings of the 12th Usenix Security Symposium, 2003

related readings:

  • Timing attack: What can be achieved by a powerful adversary? The full paper can be found here
  • Timing Attacks on Implementations of DH, RSA, DSS and other Systems by Paul Kocher





Feb. 17/18

IP Covert Timing Channels: An Initial Exploration

S. Cabuk, C. Brodley, R. Forte, C. Shields
Proceedings of Computer and Communications Security, 2004

related readings:
  • J. Giffen, R. Greenstadt, P. Litwack, R. Tibbetts. Covert messages through TCP timestamps. In workshop on Privacy Enhancing technologies, 2002.





Feb. 24/25

Building an Encrypted and Searchable Audit Log

B.Waters, D. Balfanz, G. Durfee, and D.K. Smetters
Proceedings of the ISOC Network and Distributed System Security, 2004

related readings:

  • Cryptographic support for secure logs on untrusted machines




March 3/4

Secure Indexes

G. Eu-Jin Goh
Cryptology ePrint Archive, 2004

related readings:

  • D.Song, D. Wagner, A. Perrig. Searches on Encrypted data. In Proceedings of IEEE Security and Privacy, 2000.
  • S. Bellovin, W. Cheswick. Privacy enhanced searches using encrypted bloom filters, 2004.



Mar 10/11

Space-efficient Block Storage Integrity

A. Oprea and M. Reiter
Proceedings of ISOC Network and Distributed System Security, 2005

related readings:

  • D. Mazieres et al. Separating Key Management from File System Security. In ACM SOSP 1999.

Lucas (+ Josh)




March 14-20 Spring Break

Mar 24/25

A new client Puzzle outsourcing technique for DoS resistance

B. Waters, A. Juels, J. Halderman, E. Felten
In ACM CCS 2004

related readings:
  • A. Juels and J. Brainard. Client Puzzles: A cryptographic countermeasure against content depletion attacks. In NDSS 99.

Michael Peck




March 31/April 1st

Lab Exercise --- Network Tomography

Team 1

Team 2

Apr 7th/8th

Towards Distributed Blackhole Placement

E. Cooke, M. Bailey, Z Mao and D. McPerson
In Proceedings of WORM, 2004

Roaming Honeypots for Mitigating Server-level Denial of Service Attacks

S. Khattab et al. In Proceedings of ICDCS, 2004

related readings:

    Monitoring and Early Warning for Internet Worms. In proceedings of CCS, 2003.



Apr 14/15

Secret Sharing and Visual Cryptography Schemes. Stinson

Visual Cryptography.Moni Naor and Adi Shamir.

related readings:

  • Stinson's page on visual cryptography.
  • Y. Desmedt and T. Le. Moire Cryptography. In proceedings of CCS 2000.
  • M. Nakajima. Extended Visual Cryptography for natural Images
  • B. Zhu et al. Print Signatures for Document Authentication. In proceedings of CCS 2003.




Apr 21/22

Privacy-Preserving Data Mining

R. Agrawal and R. Srikant
Proceedings of SIGMOD, 2000

related readings:
  • C. Clifton et al. Tools for Privacy Preserving Distributed Data Mining
  • A. Evfimievski et al. Limiting Privacy Breaches in Privacy Preserving Data Mining.
  • B. Pinkas, Cryptographic Techniques for Privacy-Preserving Data Mining
  • These and other relevant papers can be found here.



No class

Apr 28/29

Secure and efficient Metering

M. Noar and B. Pinkas,

related readings:
  • (motivating material): V. Anupam et al. On the Security of Pay-Per-Click and other Web Adv. Schemes. Computer Networks, 1999.
  • C. Blundo. SAWM: A tool for Secure and Authenticated Web Metering. In proceedings of ACM SEKE 2002.
  • M.K. Franklin and D. Malkhi. Auditable metering with lightweight security. In proceedings of Financial Crypto, 1997





May 5/6

Securing Passwords Against Dictionary Attacks

B. Pinkas and Sanders. In Proceedings of ACM CCS, 2002

Telling Humans and Computers Apart Automatically: Or how lazy cryptographers do AI

Luis von Ahn, Manuel Blum and John Langford. In communications of the ACM, 2004

related readings:
  • M. Chew and J.D. Tygar. Image Recognition Captchas. In proceedings of Information Security Conference, 2004.
  • G. Mori and K. Malik. Recognizing objects in adversarial clutter: Breaking a visual Captcha". In Computer Vision and Pattern Recognition, 2003.

Akpose + Steve

In-class project presentations.
Reading Week
Friday May 20th Final Projects due by 10pm. NO EXCEPTIONS

Other possible papers: