In this course, we will discuss and read papers on a wide range of systems security topics including: anonymity, application security, cryptocurrencies, government surveillance, physical security, private communication, side-channel attacks, and more.
|Time:||Tue/Thu 6:30pm - 7:45pm|
|Professor:||Eric Wustrow <firstname.lastname@example.org> ECOT 352|
|Office Hours:||Wed 1-2pm or by appointment|
This course will include reading 3-4 papers per week, with written reviews and in-class discussion on the topics. Each student must complete an open-ended final project on a security topic, with the goal of submitting it to a computer security conference or workshop. In addition, each student must pick and present a security tool, trick or attack during the semester.
- 50% - Final project
- 25% - Paper reviews
- 20% - In-class tool presentation
- 5% - Participation
For each paper we read, please submit a short (~100-200 word) summary that describes the paper, and some of your comments about the paper; for example, insights, questions, future directions, or what lessons are learned, etc. Please send these to email@example.com with the subject "5014 reading", and include your review as inline text in the email. It's ok to include both reviews in the same email, just make the separation clear.
Each group will give a 10-15 minute presentation in class (Tue, Apr 26), describing
what problem they are solving, how they solved it, and anything they plan to do by the due
date of the final project. There will be a couple minutes for Q&A for each group.
Final papers will be due
Friday, Apr 29Tuesday, May 3, 11:59PM MDT. Please submit papers in
as a single PDF, 5-8 pages in length, including references.
Each student will pick a topic (or propose a new one!) and present it to the class. Presentations should be 10-15 minutes, and we will have a short Q&A session. Send your top 2 choices to me (firstname.lastname@example.org) by class on Thursday, Jan 14.
- TLS - (Tue, Jan 19) Set up a webserver with a signed certificate (you can obtain free ones from Let's Encrypt). Walk us through what happens during a TLS connection handshake between a popular web browser and your server. Show us packets in Wireshark, and explain the purpose of each packet. Describe how you can invoke such connections progamatically (either through command line, or in a programming language/library of your choice).
- Dining cryptographers networks - (Tue, Feb 2) Describe the dining cryptographers problem, and how it is solved. Pick an existing implementation or system that uses dining cryptographers (such as Dissent), and describe its operation in detail.
- DNS tunneling - (Tue, Feb 9) Describe iodine and how it works, by setting up your own server/client. Show us in Wireshark how it works, and describe how it could be improved and defended against.
- Application Security - (Tue, Feb 23) Implement and demonstrate a simple buffer overflow on a vulnerable application you write. Show how modern defenses prevent such attacks, and how you could circumvent them.
- Web Security - (Thu, Feb 25) Create an example web application that is vulnerable to cross-site request forgery (CSRF) and cross-site scripting (XSS) attacks. Describe how these attacks can have real impact on users' and servers' security. Demonstrate attacking the server (both CSRF and XSS), and describe how to defend against it.
- Post-Quantum Crypto - (Tue, Mar 15) Choose a post-quantum cryptographic primitive (e.g. lattice-based crypto, hash-based signatures, code-based crypto), and describe its operation in detail.
- Oblivious RAM - (Tue, Apr 5) Describe the concept, and pick one (reasonably) practical implementation or design, and walk through its operation. Describe what attacks this stops, and how much overhead (in practical terms) the scheme requires.
- Zero-knowledge proofs - (Thu, Apr 14) Describe how zero-knowledge proofs work by using a concrete example. It's ok if you describe an existing scheme, but it should be more interesting than either conveying a single bit or password hashing). Bonus: describe your scheme with a non-interactive zero-knowledge proof!
|Tue, Jan 12||Crypto||No reading
|Thu, Jan 14||Crypto||The
Moral Character of Cryptographic Work Rogaway
No response required
|Tue, Jan 19||Crypto Failures||TLS presentation
Null Prefix Attack Marlinspike
Lucky Thirteen: Breaking the TLS and DTLS Record Protocols AlFardan and Paterson
|Thu, Jan 21||Crypto Failures||The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software Georgiev, Iyengar, Jana, Anubhai, Boneh, and Shmatikov
Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice Adrian, Bhargavan, Durumeric, Gaudry, Green, Halderman, Heninger, Springall, Thomé, Valenta, VanderSloot, Wustrow, Zanella-Béguelin, and Zimmermann
|Tue, Jan 26||Web Tracking||Third-Party Web Tracking: Policy and Technology Mayer and Mitchell|
|Thu, Jan 28||Web Tracking||"You Might Also Like:" Privacy Risks of Collaborative Filtering Calandrino, Kilzer, Narayanan, Felten, and Shmatikov
Selling Off Privacy at Auction Olejnik, Minh-Dung, and Castelluccia
|Tue, Feb 2||Anonymity||Dining cryptographers networks presentation
Tor: The Second-Generation Onion Router Dingledine, Mathewson, and Syverson
Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries Johnson, Wacek, Jansen, Sherr, and Syverson
|Thu, Feb 4||Anonymity/Censorship||Examining How the Great Firewall Discovers Hidden Circumvention Servers Ensafi, Fifield, Winter, Feamster, Weaver, and Paxson
Scramblesuit: A Polymorphic Network Protocol to Circumvent Censorship Winter, Pulls, and Fuss
|Tue, Feb 9||Anticensorship||
DNS tunneling presentation
Protocol Misidentifcation Made Easy with Format-Transforming Encryption Dyer, Coull, Ristenpart, and Shrimpton
StegoTorus: A Camouflage Proxy for the Tor Anonymity System Weinberg, Wang, Yegneswaran, Briesemeister, Cheung, Wang, and Boneh
|Thu, Feb 11||Anticensorship||Telex: Anticensorship in the Network Infrastructure Wustrow, Wolchok, Goldberg, and Halderman
Blocking-resistant communication through domain fronting Fifield, Lan, Hynes, Wegmann, and Paxson
|Tue, Feb 16||No class||No class - go see Edward Snowden speak instead!|
|Thu, Feb 18||Network Security||Increased DNS Forgery Resistance Through 0x20-Bit Encoding Dagon, Antonakakis, Vixie, Jinmei, and Lee
Your Botnet is My Botnet: Analysis of a Botnet Takeover Stone-Gross, Cova, Cavallaro, Gilbert, Szydlowski, Kemmerer, Kruegel, and Vigna
|Tue, Feb 23||Application Security||Application Security presentation
Smashing the Stack for Fun and Profit Aleph One
The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86) Shacham
|Thu, Feb 25||Web Security||Web security presentation
I Still Know What You Visited Last Summer: Leaking browsing history via user interaction and side channel attacks Weinberg, Chen, Jayarman, and Jackson
Protecting Browsers from DNS Rebinding Attacks Jackson, Barth, Bortz, Shao, and Boneh
|Tue, Mar 1||Secure Communication||Off-the-Record Communication, or, Why Not To Use PGP Borisov, Goldberg, and Brewer
SoK: Secure Messaging Unger, Dechand, Bonneau, Fahl, Perl, Goldberg, and Smith
|Thu, Mar 3||Data at Rest||Lest We Remember: Cold Boot Attacks on Encryption Keys Halderman, Schoen, Heninger, Clarkson, Paul, Calandrino, Feldman, Appelbaum, and Felten|
|Tue, Mar 8||Usability||Why Johnny Can't
Encrypt: A Usability Evaluation of PGP 5.0 Whitten and Tygar
Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness Akhawe and Felt
|Thu, Mar 10||Final Project Proposals|
|Tue, Mar 15||Government Backdoors||Post-Quantum Crypto presentation
On the Practical Exploitability of Dual EC in TLS Implementations Checkoway, Fredrikson, Niederhagen, Everspaugh, Green, Lange, Ristenpart, Bernstein, Maskiewicz, and Shacham
Keys under doormats Abelson, Anderson, Bellovin, Benaloh, Blaze, Diffie, Gilmore, Green, Landau, Neumann, Rivest, Schiller, Schneier, Specter, and Weitzner
|Thu, Mar 17||Government Threats||Decoding the Summer of Snowden Sanchez
W32.Stuxnet Dossier Falliere, Murchu, and Chien
|Tue, Mar 22||No Class||Spring Break|
|Thu, Mar 24||No Class||Spring Break|
|Tue, Mar 29||Hardware Security||Stealthy Dopant-Level Hardware Trojans Becker, Regazzoni, Paar, and Burleson
Designing and implementing malicious hardware King, Tucek, Cozzie, Grier, Jiang, and Zhou
|Thu, Mar 31||The Cloud||Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Compute Clouds Ristenpart, Tromer, Shacham, and Savage|
|Tue, Apr 5||Theoretical Privacy||Oblivious RAM presentation
Differential Privacy Dwork
Robust De-anonymization of Large Sparse Datasets Narayanan and Shmatikov
|Thu, Apr 7||Medical Privacy||Final project checkpoint due
Security and Privacy for Implantable Medical Devices Halperin, Heydt-Benjamin, Fu, Kohno, and Maisel
|Tue, Apr 12||Cryptocurrency||Bitcoin Nakamoto
Majority is not enough: Bitcoin mining is vulnerable Eyal and Sirer
|Thu, Apr 14||Cryptocurrency||Zero-knowledge proofs presentation
Zerocoin Miers, Garman, Green, and Rubin
|Tue, Apr 19||Electromagnetics||Emission Security Anderson|
|Thu, Apr 21||Side Channels||Remote
Physical Device Fingerprinting Kohno, Broido, and Claffy
Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks On PCs Genkin, Pipman, and Tromer
|Tue, Apr 26||Final Project Presentations|
|Thu, Apr 28||Physical Security||Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks Blaze|