|
Fall 2007 Syllabus |
|
A tentative schedule of lectures (subject to change) is provided
below. Some of the material that lectures will be based on is
provided below. Required readings are marked with an asterisk (*).
|
|
Week 1 (Sept 10): |
Course Overview, Network security introduction
|
Needham: Using Encryption for authentication in large networks*
Thompson: Reflections on Trusting Trust
|
Week 2 (Sept 17): |
Firewalls and Related Technologies
Schuba: Analysis of service attacks on TCP*
Chapman: Network insecurity through packet filtering
Voydock: Security mechanisms in high-level network protocols*
Simnet Tutorial presented by TAs (?)
|
|
Week 3 (Sept 24): |
Assignment 1 (getting aquainted) handed out
Steiner: Kerberos: an authentication service for open network systems*
SSL/TLS and SSL-splitting
additional readings:
Bryant: Designing an Authentication System: a dialogue in four scenes
Wu: A real world analysis of Kerberos Password Security
Thompson: Reflections on Trusting Trust
|
Week 4 (Oct 1): |
Broadcast Encryption
DDoS and Packet Identification
Client Puzzles: A cryptographic countermeasure against content depletion attacks*
Burch: Tracing anonymous packets to their approximate source*
Peering through the Shroud: The Effect of Edge Opacity on IP-based Client Identification
|
|
Week 5 (Oct 8): |
Moore: Inferring Internet denial of service activity
Savage: Network Support for IP Traceback*
additional readings (covered in class):
Song: Advanced and authenticated marking schemes for IP Traceback
|
Assignment 2 handed out |
Week 6 (Oct 15):
No class on Monday 15 -- Fall Break Day |
Malware propagation (detection, containment, and trends)
Bethencourt: Mapping Internet Sensors with Probe Response Attacks*.
Rajab: A Multifaceted Approach to Understanding the Botnet Phenomenon*
Provos: The Ghost in the Browser.
Franklin: An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants.
|
|
Week 7 (Oct 22): |
Routing Protocols and IPsec
Kent: Secure BGP*
DNS Security (Lioy, Atiennese); DNS Rebinding Attacks
IPsec
|
|
Week 8 (Oct 29): |
Traffic Monitoring and Intrusion Detection
Ptacek: Eluding network intrusion detection*
Wagner: Intrusion detection via Static Analysis*
Paxon: Detecting Stepping Stones
Assignment 3 handed out
Additional reading(s):
Jain: A user-level infrastructure for system call interposition
|
|
Week 9 (Nov 5): |
Traffic Monitoring (cont)
Handley: Traffic normalization and end-to-end protocol semantics
Malan: Transport and application protocol scrubbing*
BLINC: Multi-level Traffic Characterization in the Dark*
Additional readings(s):
Wright: Language Identification of Encrypted VoIP traffic
|
|
Week 10 (Nov.12): |
Anonymity and Privacy
Syverson: Anonymous connections and onion routing
Reiter: Crowds: Anonymity for web transactions*
Additional readings(s):
Goldschlag: Hiding routing information.
Network trace anonymization
Pang: The Devil and Packet Trace anonymization*
|
|
Week 11 (Nov 19): |
Virtualization for "Security"
Stealthy Malware Detection Through VMM-based Semantic View Reconstruction.
Remote Detection of VMMs with Fuzzy Benchmarking.
Detecting System Emulators.
|
|
Week 13 (Nov 26): |
Structured Overlays
Stocia: Chord- A Scalabe peer to peer lookup service for Internet Applications*
Web Security
Phishing (Dynamic Security Skins, Human Interactive Proofs and more)
Protecting Browser State from Web Privacy Attacks.
Spamscatter: Characterizing Internet Scam Hosting Infrustructure
|
|
Week 12 (Dec 3): |
Secure Audit logs
Song: Practical Techniques for Searches on Encrypted Data*
Schneier: Cryptograhic Support for Secure Logs on Untrusted Machines
|
|
Week 13 (Dec 10): |
Catchup; Miscellaneous topics.
In class Project presentations -- December 10th.
|
Dec 17:
Final Project reports due.
|
|