Advanced Topics in Computer Security

CS 657

Fall 2015

MW 12-1:15, SC 334

General Information

Instructor

Jeanna Matthews
Office: Science Center 389
Phone: 268-6288
E-mail: jnm@clarkson.edu
Homepage: http://www.clarkson.edu/~jnm
Class Times: MW 12-1:15, SC 334
Office Hours: MW 1:30-4 COSI/ITL labs/SC 334-336

Papers

I expect to discuss 1-2 papers per class period. The papers for each class will be listed in the syllabus below. Each person should prepare a reaction for each paper before class. Within a week of the discussion, your reaction should be linked off your class page. The reaction should contain the answer to the following questions:

First Half Questions For New Students


1) What is the primary lesson you took away from this paper? 2) What do you think would be the most interesting way to extend this work? 3)If you had to list a criticism of this paper, what would it be? 4) Make a list of terms you don't know to research. 5) List the 3 references that you would be most interested in reading.

Second Half Questions


1) Technical details ( approach/technique) that you found novel/ Something specific you learned that you didn't know before 2)Could I have done this work if I had the idea why or why not? 3)Is there anything I could do to repeat or validate? 4) What is my best idea for follow on work that I could personally do? 5)What is my best idea for follow on work that I'd like to see the authors do? 6)Any logistical experimental lessons I learned? 7)How does this compare to the other papers we read? Most similar? How different? Other comparisons? 8)What is your biggest criticism of the paper? 9) List 3 cited references or terms/concepts that you would be most interested in reading/learning more about.

Objectives

Outcomes

Exams

There will be a final exam in this class.

Attendance

Participation in class discussions is an essential part of this class so attendance is required and the papers must be read prior to the class period.

Late Work

This is a small class and I expect to solicit group input when setting deadlines. Once set, I expect everyone to meet the deadlines.

Tentative Grading Scheme

Tentative Syllabus

Date Topic Other Notes
Mon
8/24
Introduction, Course Logistics, Adobe Connect Logistics, Meeting Times, What is Research
An Evaluation of the Ninth SOSP Submissions
Efficient Reading of Papers in Science and Technology
Strategies for Computer Security Research: Practical Strategies for Taming the Angst and Changing the World
Discussion: What is research? Hot topics? Current vs classic
Look over recent security conferences: USENIX Security 2015 , IEEE Security and Privacy , ACM Computer and Communications Security 2015, Black Hat , Defcon , Others
Older iterations: USENX Security
Weds
8/26
Finish Introductions Feedback on Efficient Reading Pamphlet and Evaluation of the Ninth SOSP Submissions
SOSP 2005: Scalability, fidelity and containment in the Potemkin Virtual Honeyfarm
Mon
8/31
Discussion of other papers/venues
USENIX Security 2013: Measuring the Practical Impact of DNSSEC Deployment
Weds
9/2
USENIX Security 2015: Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden Services
USENIX Security 2015: De-anonymizing Programmers via Code Stylometry
Mon
9/7
USENIX Security 2013: ZMap: Fast Internet-wide Scanning and Its Security Applications
USENIX Security 2015: An Internet-Wide View of Internet-Wide Scanning
Wed
9/9
USENIX Security 2015: Post-Mortem of a Zombie: Conficker Cleanup After Six Years
USENIX Security 2012: PUBCRAWL: Protecting Users and Businesses from CRAWLers
Conficker Working Group
Mon
9/14
CCS 2014: Uncovering Large Groups of Active Malicious Accounts in Online Social Networks
USENIX Security 2015: EVILCOHORT: Detecting Communities of Malicious Accounts on Online Services
Weds
9/16
USENIX Security 2015: SecGraph: A Uniform and Open-source Evaluation System for Graph Data Anonymization and De-anonymization
CCS 2014: Community-Enhanced De-anonymization of Online Social Networks
Mon
9/21
USENIX Security 2013: Take This Personally: Pollution Attacks on Personalized Services
USENIX Security 2015: Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence
Weds
9/23
USENIX Security 2013: The Velocity of Censorship: High-Fidelity Detection of Microblog Post Deletions
USENIX Security 2015: Every Rose Has Its Thorn: Censorship and Surveillance on Social Video Platforms in China
Mon
9/28
FALL BREAK
Weds
9/30
Discuss project ideas
USENIX Security 2015: Measuring Real-World Accuracies and Biases in Modeling Password Guessability
Mon
10/5
Defcon video and paper
Weds
10/7
Mon
10/12
IEEE SP 2015: Towards Making Systems Forget with Machine Unlearning
USENIX Security 2012: Virtual Machine Introspection in a Hybrid Honeypot Architecture
Weds
10/14
CCS12: Cloud Security
Cross-VM side channels and their use to extract private keys
Mon
10/19
USENIX Security 2015: A Measurement Study on Co-resident Threat inside the Cloud
SOSP 2015: Vuvuzela: Scalable Private Messaging Resistant to Traffic Analysis
Weds
10/21
CCS12: Cloud Security
Resource-freeing attacks: improve your cloud performance (at your neighbor's expense)
CCS09: Hey You Get Off My Cloud
Mon
10/26
A Placement Vulnerability Study in Multi-Tenant Public Clouds
Thermal Covert Channels on Multi-core Platforms
Weds
10/28
CCS 2014: Location Privacy Protection for Smartphone Users
CCS 2015: Where's Wally? Precise User Discovery Attacks in Location Proximity Services
Mon
11/2
USENIX Security 2014: The Long Taile of Typosquatting Domain Names (Alan)
USENIX Security 2012: Clickjacking: Attacks and Defenses (Josh)
Weds
11/4
CCS 2014: ClickMiner: Towards Forensic Reconstruction of User-Browser Interactions from Network Traces
USENIX Security 2015: WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths
Mon
11/9
Steal This Movie: Automatically Bypassing DRM Protection in Streaming Media Services (Boyang)
Weds
11/11
USENIX Security 2012: PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs
USENIX Security 2011: Show Me the Money: Characterizing Spam-advertised Revenue
Mon
11/16
USENIX Security 2015: Measuring the Longitudinal Evolution of the Online Anonymous Marketplace Ecosystem (Meilani)
ACM Internet Measurement Conference 2011: An Analysis of Underground Forums (Supraja)
USENIX Security 2011: Dirty Jobs: The Role of Freelance Labor in Web Service Abuse
Weds
11/18
USENIX Security 2015: Eclipse Attacks on Bitcoins Peer-to-Peer Network (Pad)
IEEE SP 2015: SoK: Research Perspectives and Challenges for Bitcoin
Mon
11/23
Practice test
Weds
11/25
NO CLASS; THANKSGIVING
Mon
11/30
Review
Weds
12/2
USENIX Security 2015: Verified Correctness and Security of OpenSSL HMAC
IEEE SP 2015: Security of the J-PAKE Password-Authenticated Key Exchange Protocol
Mon
12/7
Final exam - 3:15 -6:15 PM (questions sent in email; answers sent back in email by 6:15) No questions of 12/2 or 9/16
Fri
12/11
Writeups due - web page linking to them all or zip file in email (5 PM) These 5 (1st paper from 9/14, Both from 10/19, Second paper on 11/16 and the second paper on 11/4) plus 5 more (at least 4 writeups should be in second half of semester style including any after 10/26; all can be in that format)
Fri
12/11
Project writeups - group and individual added to web portfolio; web portfolio complete (5 PM)