Schedule and Readings
Tentative Topics
Week 1
Mon, Mar 30 – [Lecture]
Wed, Apr 1 – Network Security 101 [Lecture]
Week 2
Mon, Apr 6 – TBD
Wed, Apr 8 – Denial of Service [Lecture]
Week 3
Mon, Apr 13 – Denial of Service [Presentations]
- Inferring Internet Denial-of-Service Activity
Moore, Voelker and Savage, USENIX Security 2001 - SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks
Yaar, Perrig, and Song, IEEE S&P 2004 - Identifying the Scan and Attack Infrastructure Behind Amplification DDoS Attacks
Krupp, Backes, and Rossow, CCS 2016
Week 4
Mon, Apr 20 – SSL/TLS [Presentations]
- When private keys are public: Results from the 2008 Debian OpenSSL vulnerability
Yilek, Rescorla, Shacham, Enright, and Savage. IMC 2008 - The most dangerous code in the world: validating SSL certificates in non-browser software
Georgiev, Iyengar, Jana, Anubhai, Boneh, and Shmatikov, CCS 2012 - Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices
Heninger, Durumeric, Wustrow, and Halderman, Usenix Security 2012 - The Matter of Heartbleed
Durumeric et al., IMC 2014
Week 5
Mon, Apr 27 – Censorship [Presentations]
- ConceptDoppler: A Weather Tracker for Internet Censorship
Crandall, Zinn, Byrd, Barr, and East, CCS 2007 - Censorship in the Wild: Analyzing Web Filtering in Syria
Abdelberi Chaabane, Terence Chen, Mathieu Cunche, Emiliano De Cristofaro, Arik Friedman, Dali Kaafar, IMC 2014 - Empirical Study of a National-Scale Distributed Intrusion Detection System: Backbone-level Filtering of HTML Responses in China
Park and Crandall, ICDCS 2010.
Week 6
Mon, May 4 – Tracking/Profiling [Presentations]
- An Audit of Facebook's Political Ad Policy Enforcement
Le Pochat et al., USENIX Security Symposium 2022 - Unveiling and Quantifying Facebook Exploitation of Sensitive Personal Data for Advertising Purposes
José González Cabañas, Ángel Cuevas, and Rubén Cuevas, USENIX Security Symposium 2018 - Tracking, Profiling, and Ad Targeting in the Alexa Echo Smart Speaker Ecosystem
Iqbal et al., ACM IMC 2023 - The Hitchhiker's Guide to Facebook Web Tracking with Invisible Pixels and Click IDs
Bekos et al., WWW 2023
Week 7
Mon, May 11 – TBD
Wed, May 13 – Midterm [Mandatory]
Week 8
Mon, May 18 – DNS Security [Presentations]
- DNS Cache Poisoning Attack: Resurrections with Side Channels
Man, Zhou, and Qian, ACM CCS 2020 - Security of Patched DNS
Amir Herzberg, Haya Shulman, ESORICS 2012 - On the Performance and Analysis of DNS Security Extensions
Curtmola, Del Sorbo, Ateniese. CANS 2005 - Measuring the Practical Impact of DNSSEC Deployment
Lian, Rescorla, Shacham, and Savage. USENIX Security 2013
Wed, May 20 – Cybercrime [Presentations]
- Tracking Ransomware End-to-end
Huang, Aliapoulios, Li, Invernizzi, McRoberts, Bursztein, Levin, Levchenko, Snoeren, and McCoy, IEEE S&P 2018 - Traveling the Silk Road: A measurement analysis of a large anonymous online marketplace
Nicolas Christin, WWW 2013 - SocialHEISTing: Understanding Stolen Facebook Accounts
Onaolapo, Leontiadis, Magka, Stringhini, USENIX Security 2021 - Characterizing Eve: Analysing cybercrime actors in a large underground forum
Pastrana, Hutchings, Caines, and Buttery, RAID 2018
Week 9
Mon, May 25 – Class Canceled
- Memorial Day
Wed, May 27 – BGP Attacks [Presentations]
- Beware of BGP attacks
Nordstrom and Dovrolis, ACM SIGCOMM CCR 2004 - BGP with BGPsec: Attacks and Countermeasures
Li, Liu, Hu, Xu, Wu, IEEE Network 2018
Week 10
Mon, Jun 1 – TBD
- TBA
- TBA
Wed, Jun 3 – TBD
- TBA
NB: Most papers should be publicly accessible. If any links are broken, please search for them. If any of them require paid subscription, you can access them for free when connecting on campus. For off-campus access, try UCR VPN.
Paper Presentation Guidelines
Prepare a #TBA minutes presentation of the paper. Focus on the following:
- State the problem that they try to solve, why, and how, and the paper's main contributions.
- High-level discussion points: What are things that you like and dislike about the paper? Why is this a good or bad paper (yes it is completely okay to say it is bad as long as you provide evidence to support your claim. We strongly encourage you to be critical!)? What assumptions (explicit and implicit) are made and are they valid? How do you think the authors come up with the idea (is there a single key observation that led to the whole paper)? How you might do it differently? Any other suggestions to improve the paper? What principles can you extract from the paper? From the insights described in the paper, how you might apply it to solve other problems?
- Low-level discussion points: frame them as questions for the rest of the class to respond to. Really, the discussion points should be designed to engage students in critical and creative thinking.
- * For attack/vulnerability analysis papers: Why does an identified
vulnerability exist (any implicit assumptions)? Can you imagine or come up
with other attack scenarios exploiting the same underlying vulnerability?
How do you think the authors discover the vulnerability (what prompted them)?
Why were the networks/protocols designed this way (any alternatives)?
* For defense papers: Why is a defense successful (what are some metrics to quantify the success)? Any serious limitations? Do you think the defense will be deployed in practice? What are the hurdles that may prevent it from being deployed? What assumptions or necessary conditions (in the attack being addressed by the paper) are broken by the defense?
* For measurement papers: What are the key observations? How are the data collected (are they representative / biased)? Can you replicate the measurement? Are the conclusions convincing? Any alternative explanations of the results?