Course Lecture Plan


Date

Lectures Topics

Speakers & Notes

Reading

Wed 9/21

Class Overview, Overview of Internet Security.

Yan

Symantec Internet Security Threat Report, April 2016.

Mon 9/26

Intro to Mobile Security and App Instrumentation

[AppShield]
Zhengyang
No paper summary needed

Understanding Android's Security Framework (Tutorial) by W. Enck, and P. McDaniel.
The ART runtime tutorial video at Google I/O 2014.
Zhengyang Qu, Guanyu Guo, Zhengyue Shao, Vaibhav Rastogi, Yan Chen, Hao Chen and Wangjun Hong, AppShield: Enabling Multi-entity Access Control Cross Platforms for Mobile App Management, in the Proc. of Securecomm 2016.

Wed 9/28

Mobile User Identification [RiskCog-Gait]
Sandeep and Karan
Zhengyang Qu, Tiantian Zhu, Jingsi Zhang, Zhengyue Shao, Yan Chen, Sandeep Prabhakar, Jianfeng Yang, "RiskCog: Implicit and Continuous User Identification on Smartphones in the Wild", under submission.
[Ref] Lu, Hong, et al. "Unobtrusive gait verification for mobile phones."Proceedings of the 2014 ACM international symposium on wearable computers. ACM,

Mon 10/3

App Repacking
(Project Proposal due)

[App_Repacking]
WIlliam, Harshin, and Fahad

K. Chen, P. Wang, Y. Lee, X.Wang, N. Zhang, H. Huang, W. Zou and P. Liu, “Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale”.  In the Proc. of the 24th USENIX Security Symposium (Security). 2015.

[Ref] Zhou, Wu, et al. "Detecting repackaged smartphone applications in third-party android marketplaces." in the Proc. of the second ACM conference on Data and Application Security and Privacy. ACM, 2012.

Mon 10/10

Intro to Static Analysis

[part1][part2]
Xiang
No paper summary

http://people.cs.vt.edu/ryder/ACACES07/ACACES1-2up.pdf
http://people.cs.vt.edu/ryder/ACACES07/ACACES2-2up.pdf

Mon 10/17

Android App Static Analysis

[FlowDroid-Susi]
James, Diane and Gan

S Arzt, S Rasthofer, C Fritz, E Bodden, A Bartel, J Klein, Y Traon, D Octeau and P McDaniel: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps, PLDI 2014.

[Ref] S Arzt, S Rasthofer and E Bodden: SuSi: A Tool for the Fully Automated Classification andCategorization of Android Sources and Sinks, University of Darmstadt, Tech. Rep. TUDCS-2013-0114.

Mon 10/24

APT and Intro to Dynamic Analysis

[RAT_detection][dynamic_analysis]
Haitao
No paper summary

H. Xu, Y. Chen, et al., RAT Detection with Potentially Harmful Functions (PHFs)
Schwartz, Edward J., Thanassis Avgerinos, and David Brumley. "All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)." IEEE Symposium on Security and Privacy, 2010.

Mon 10/31 Malware Detection
[Malware_Detection]
Xutong and Xin
Clemens Kolbitsch, Paolo Milani Comparetti, Christopher Kruegel, Engin Kirda, Xiaoyong Zhou, and XiaoFeng Wang. Effective and Efficient Malware Detection at the End Host. In USENIX Security 2009.

[Ref] Clemens Kolbitsch, Thorsten Holz, Christopher Kruegel, and Engin Kirda. Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries. In IEEE S&P 2010.
Wed 11/2
Midterm proj presentation
Mon 11/7
Openflow and SDN Background
[Slides by Shenker]
Yan
[Openflow] Libin
No paper summary needed

The Future of Networking, and the Past of Protocols, Scott Shenker (video of talk at Ericsson)

How SDN will Shape Networking, talk by Nick McKeown at Open Network Summit, 2011.

McKeown, Nick, et al., OpenFlow: enabling innovation in campus networks,  ACM SIGCOMM Computer Communication Review 38.2 (2008).
[Ref]Teemu Koponen et al, Onix: A Distributed Control Platform for Large-scale Production Networks, in the Proc. of ACM OSDI, 2010.

Mon 11/14
SDN Application and Control Plane
[Control-Plane]
Yijie, Suman and Greg

Sun, Peng, Mahajan, Ratul, Rexford, Jennifer, et al. A network-state management service, in the Proc. of ACM SIGCOMM 2014.

[Ref] Canini M, Venzano D, Perešíni P, et al. A NICE Way to Test OpenFlow Applications. Proceedings of the 9th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2012.

Mon 11/21
SDN Data Plane
[Data-Plane]
Jiham, Nikhil and Aagam
Kazemian P, Chang M, Zeng H, et al. Real time network policy checking using header space analysis, in the Proc. of Usenix Conference on Networked Systems Design and Implementation (NSDI). 2013
[Ref] Seungwon Shin et al, AVANT-GUARD: Scalable and Vigilant Switch Flow Management in Software-Defined Networks, in the Proc. of ACM CCS 2013.
Mon 11/28
Merged with Wed class for 2 hour presentation.

Wed 11/30

Final project presentation


Notes: You may find the brochure useful: Efficient reading of papers in Science and Technology by Michael J. Hanson, 1990, revised 2000 Dylan McNamee.