Fall 2007 Syllabus

A tentative schedule of lectures (subject to change) is provided below. Some of the material that lectures will be based on is provided below. Required readings are marked with an asterisk (*).

Week 1 (Sept 10):

Course Overview, Network security introduction

  • Needham: Using Encryption for authentication in large networks*
  • Thompson: Reflections on Trusting Trust

  • Week 2 (Sept 17):

    Firewalls and Related Technologies

  • Schuba: Analysis of service attacks on TCP*
  • Chapman: Network insecurity through packet filtering
  • Voydock: Security mechanisms in high-level network protocols*

    Simnet Tutorial presented by TAs (?)

  • Week 3 (Sept 24):

    Assignment 1 (getting aquainted) handed out

  • Steiner: Kerberos: an authentication service for open network systems*
  • SSL/TLS and SSL-splitting

    additional readings:

  • Bryant: Designing an Authentication System: a dialogue in four scenes
  • Wu: A real world analysis of Kerberos Password Security
  • Thompson: Reflections on Trusting Trust

  • Week 4 (Oct 1):
    Broadcast Encryption

    DDoS and Packet Identification

  • Client Puzzles: A cryptographic countermeasure against content depletion attacks*
  • Burch: Tracing anonymous packets to their approximate source*
  • Peering through the Shroud: The Effect of Edge Opacity on IP-based Client Identification
  • Week 5 (Oct 8):
  • Moore: Inferring Internet denial of service activity
  • Savage: Network Support for IP Traceback*

    additional readings (covered in class):

  • Song: Advanced and authenticated marking schemes for IP Traceback
  • Assignment 2 handed out

    Week 6 (Oct 15):

    No class on Monday 15 -- Fall Break Day

    Malware propagation (detection, containment, and trends)

  • Bethencourt: Mapping Internet Sensors with Probe Response Attacks*.
  • Rajab: A Multifaceted Approach to Understanding the Botnet Phenomenon*
  • Provos: The Ghost in the Browser.
  • Franklin: An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants.
  • Week 7 (Oct 22):
    Routing Protocols and IPsec

  • Kent: Secure BGP*
  • DNS Security (Lioy, Atiennese); DNS Rebinding Attacks
  • IPsec
  • Week 8 (Oct 29):

    Traffic Monitoring and Intrusion Detection

  • Ptacek: Eluding network intrusion detection*
  • Wagner: Intrusion detection via Static Analysis*
  • Paxon: Detecting Stepping Stones

    Assignment 3 handed out

    Additional reading(s):

  • Jain: A user-level infrastructure for system call interposition
  • Week 9 (Nov 5):
    Traffic Monitoring (cont)

  • Handley: Traffic normalization and end-to-end protocol semantics
  • Malan: Transport and application protocol scrubbing*
  • BLINC: Multi-level Traffic Characterization in the Dark*

    Additional readings(s):

  • Wright: Language Identification of Encrypted VoIP traffic
  • Week 10 (Nov.12):

    Anonymity and Privacy

  • Syverson: Anonymous connections and onion routing
  • Reiter: Crowds: Anonymity for web transactions*

    Additional readings(s):

  • Goldschlag: Hiding routing information.

    Network trace anonymization

  • Pang: The Devil and Packet Trace anonymization*
  • Week 11 (Nov 19):
    Virtualization for "Security"

  • Stealthy Malware Detection Through VMM-based Semantic View Reconstruction.
  • Remote Detection of VMMs with Fuzzy Benchmarking.
  • Detecting System Emulators.
  • Week 13 (Nov 26):
    Structured Overlays
  • Stocia: Chord- A Scalabe peer to peer lookup service for Internet Applications*
  • Web Security

  • Phishing (Dynamic Security Skins, Human Interactive Proofs and more)
  • Protecting Browser State from Web Privacy Attacks.
  • Spamscatter: Characterizing Internet Scam Hosting Infrustructure
  • Week 12 (Dec 3):
    Secure Audit logs

  • Song: Practical Techniques for Searches on Encrypted Data*
  • Schneier: Cryptograhic Support for Secure Logs on Untrusted Machines
  • Week 13 (Dec 10):
  • Catchup; Miscellaneous topics.
  • In class Project presentations -- December 10th.

  • Dec 17:
  • Final Project reports due.