Advanced Topics in Computer Security

CS 657

Fall 2018

MW 11-12:15, SC 334

General Information

Instructor

Jeanna Matthews
Office: Science Center 389
Phone: 268-6288
E-mail: jnm@clarkson.edu
Homepage: http://www.clarkson.edu/~jnm
Class Times: MW 11-12:15, SC 334
Office Hours: MW 10-11, 2-3, M 3-4 (Always in SC 334/336 not SC 389!!)

Papers

I expect to discuss 1-2 papers per class period. The papers for each class will be listed in the syllabus below. Each person should prepare a reaction for each paper before class. Within a week of the discussion, your reaction should be linked off your class page. The reaction should contain the answer to the following questions:

First Half Questions For New Students


1) What is the primary lesson(s) you took away from this paper? 2) What do you think would be the most interesting way to extend this work? 3)If you had to list a criticism of this paper, what would it be? 4) Make a list of terms you don't know to research. 5) List the 3 references that you would be most interested in reading.

Second Half Questions


1) Technical details ( approach/technique) that you found novel/ Something specific you learned that you didn't know before 2)Could I have done this work if I had the idea why or why not? 3)Is there anything I could do to repeat or validate? 4) What is my best idea for follow on work that I could personally do? 5)What is my best idea for follow on work that I'd like to see the authors do? 6)Any logistical experimental lessons I learned? 7)How does this compare to the other papers we read? Most similar? How different? Other comparisons? 8)What is your biggest criticism of the paper? 9) List 3 cited references or terms/concepts that you would be most interested in reading/learning more about.

Objectives

Outcomes

Exams

There will be a final exam in this class.

Attendance

Participation in class discussions is an essential part of this class so attendance is required and the papers must be read prior to the class period.

Late Work

This is a small class and I expect to solicit group input when setting deadlines. Once set, I expect everyone to meet the deadlines.

Tentative Grading Scheme

Tentative Syllabus


Date Topic Other Notes
Mon
8/27
Introduction, Course Logistics, Occasional Fridays, What is Research, Semester Project: Accountability in Criminal Justice Software
Becoming A Researcher , Related Materials
An Evaluation of the Ninth SOSP Submissions
Efficient Reading of Papers in Science and Technology
Discussion: What is research? Hot topics? Current vs classic
FATML ,
Fairness, Accountability and Transparency (FAT*)
Look over recent security conferences: USENIX Security , HotSec , WOOT , FOCI , SOUPS , IEEE Security and Privacy , Black Hat , DEF CON , Others
Older iterations: USENX Security
Weds
8/29
Accountability in Criminal Justice Software from a security perspective, DEF CON talk , Bsides talk
Finish Introductions Feedback on Efficient Reading Pamphlet and Evaluation of the Ninth SOSP Submissions
USENIX Security 2018: James Mickens Keynote
Are GANs Created Equal? A Large-Scale Study
WINNER’S CURSE? ON PACE, PROGRESS, AND EMPIRICAL RIGOR
Ali Rahimi's Test of Time Talk at NIPS
Mon
9/3
FAT2018: Gender Shades: Intersectional Accuracy Disparities in Commercial Gender Classification
Gender Shades Project ,
Facial recognition software is not ready for use by law enforcement
Employees at Google, Amazon and Microsoft Have Threatened to Walk Off the Job Over the Use of AI
FATML2018: InclusiveFaceNet: Improving Face Attribute Detection with Race and Gender Diversity
Datasheets for Datasets
Weds
9/5
USENIXSECURITY2018: When Does Machine Learning FAIL? Generalized Transferability for Evasion and Poisoning Attacks
Mon
9/10
FATML16: Man is to Computer Programmer as Woman is to Homemaker? Debiasing Word Embeddings ( video ) http://blog.conceptnet.io/posts/2017/how-to-make-a-racist-ai-without-really-trying/
Wed
9/12
USENIXSECURITY2018: Practical Accountability of Secret Processes
Mon
9/17
FATML2016: Why Should I Trust You?: Explaining the Predictions of Any Classifier , Ribeiro et al., video
How the machine thinks: Understanding opacity in machine learning algorithms
Weds
9/19
USENIXSECURITY2018: Unveiling and Quantifying Facebook Exploitation of Sensitive Personal Data for Advertising Purposes
Mon
9/24
FAT2018: Discrimination in Online Personalization: A Multidisciplinary Inquiry
FAT2018: Potential for Discrimination in Online Targeted Advertising
Weds
9/26
USENIX Security 2018: Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?
Mon
10/1
FATML 2018: Achieving Fairness through Adversarial Learning: an Application to Recidivism Prediction
"Fair" Risk Assessments: A Precarious Approach for Criminal Justice Reform
Does Removing Stereotype Priming Remove Bias? A Pilot Human-Robot Interaction Study
Sample COMPAS questions
Weds
10/3
USENIXSECURITY 2018: With Great Training Comes Great Vulnerability: Practical Attacks against Transfer Learning
Mon
10/8
FALL BREAK
Weds
10/10
Life, Liberty, and Trade Secrets: Intellectual Property in the Criminal Justice System
Mon
10/15
RESEARCH DISCUSSION AND WORK
Weds
10/17
RESEARCH DISCUSSION AND WORK
Mon
10/22
RESEARCH DISCUSSION AND WORK
Weds
10/24
RESEARCH DISCUSSION AND WORK
Mon
10/29
USENIX Security 2018: CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition
Weds
10/31
RESEARCH DISCUSSION AND WORK
Mon
11/5

Listen to panel: From Spam to Speech: Policing the Next Generation of Unwanted Traffic
Weds
11/7
Watch FAT2017 and discuss: Friends Don't Let Friends Deploy Black Box Models: Preventing Bias via Transparent Machine Learning ( Slides )
Mon
11/12
Read and discuss: Matt Blaze Voting Machine Security Hacking Democracy
Weds
11/14
USENIX Security 2018: Schrödinger's RAT: Profiling the Stakeholders in the Remote Access Trojan Ecosystem
Mon
11/19
USENIX Security 2018: Better managed than memorized? Studying the Impact of Managers on Password Strength and Reuse
Weds
11/21
THANKSGIVING NO CLASS
Mon
11/26
USENIX Security 2018: Reading Thieves' Cant: Automatically Identifying and Understanding Dark Jargons from Cybercrime Marketplaces

Weds
11/28
USENIX Security 2018: Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies
Mon
12/3
USENIX Security 2018: Fp-Scanner: The Privacy Implications of Browser Fingerprint Inconsistencies
Weds
12/5
USENIX Security 2018: The aftermath of a crypto-ransomware attack at a large academic institution FATML2017: Runaway Feedback Loops in Predictive Policing
FAT2018: Understanding the Context and Consequences of Pre-trial Detention
FATML2016: Fair prediction with disparate impact: A study of bias in recidivism prediction instruments
Moral Crumple Zones: Cautionary Tales in Human-Robot Interaction
Video: People Analytics and Employment Selection: Opportunities and Concerns
FATML16: Combatting Police Discrimination in The Age of Big Data
Equal Protection Under the Algorithm: A Legal-Inspired Framework for Identifying Discrimination in Machine Learning
Thurs
12/13
12-1:30 Research Presentations
4-7 Written Exam