· Lectures: Tue and Thu 2-3:20pm, 3-350 Ford.
The evolution of Internet has spawned rich complexity and vulnerability in its infrastructure. In this course, we will take a measurement-based approach to understand the complexity of the Internet, i.e., characterize, understand, and model the enormous volume and great variety of Internet traffic in terms of large-scale behaviors. Based on that, we will investigate the vulnerability of the Internet when different services have evolved and innovated in different and competing ways, with increasingly less global consensus.
We will start with the basic concepts of network security, the Internet architecture and its design principles, and then focus on security challenges of network and distributed systems as well as the counter-attack approaches. Topics include mobile malcode, like virus, worms and botnets, and their propagation strategies, denial of service attacks (DoS) (stealthy, and DoS on P2P networks), advanced detection and defense techniques (e.g., for high-speed networks), World Wide Web security, measurement-based inference, intrusion detection and forensics, BGP and routing anomalies, overlay network and peer-to-peer system security.
This course is intended for both CS and CE undergraduates and graduate students. During the course, we will read and discuss research papers, and identify a list of open research problems, from which the students can choose their class projects. In addition to deploying end-to-end measurement on global network testbed, PlanetLab (http://www.planet-lab.org/), massive real-world anonymized router/gateway and honeynet/darknet traffic data will be obtained to analyze the reliability/vulnerability of the Internet and to detect both well-known and unknown virus/worm/attacks. There will be no exams. Students are encouraged to take 399/499 courses with me, and use the same project for 399/499 and this course. This is also counted as a project course for CS major students.
No exams for this class.
There is no required textbook. All reading will be from papers. Whenever possible, handouts and papers will be placed online on the web page. A schedule of assigned readings is available online.
To ensure lively discussions, you will be required to write a very brief summary of each paper you read, to be electronically handed in to me by 11:59pm of the day before the class. Your summary should include at least:
We will start each class with an introduction of the basic problems/ideas/solutions (10 minutes), followed by student presentations of the two papers assigned. For each paper, there are 20 minutes for presentation, and 10 minutes for discussion. We will summarize them with the last 10 minutes. Some rules for the paper presentation are available online.
Each presentation should include at least the following from the paper:
You must send the slides to me for review at least 48 hours before your presentation. There are some guidelines which you will find useful.
Projects (done in groups of size 2+) are a critical component of this course. Your goal is to design, build and evaluate interesting systems that address issues, solve problems and exploit techniques from classroom discussions and readings.
Projects must be written up in a term paper and teams will present their results at the end of the course in a mini-conference and write up a report. The list of potential ideas for projects will be posted soon. Feel free to use one, propose something completely different, or refine one of these into your own idea.
Project Deliverables and Deadlines (all due at 11:59pm of the due date)
Proposal – April 8: 3-4 pages describing the purpose of the project, work to be done and potential load distribution, expected outcome/results, etc. Make sure to describe the context and related work for the proposed project.
Weekly Meeting and Progress Report – 4/9-5/25: Each team will schedule a weekly meeting (30 minutes) with me. Send me the updated report and highlight the new updated part (except the 4/25 week). For each week, I expect updates of 1-2 pages on the project status, initial results, and problems encountered, etc. The report is due 24 hours ahead of the meeting.
Midterm presentation – May 1 Presentation of your project in progress to the class (20 minutes each group)
Midterm report – April 29 Work-in-progress report of about 6 pages long.
Project Presentation – May 31: Present the results in class, including Q&A.
Final Report – June 6: The final report is a workshop-level paper describing your work, evaluation, related research, potential avenues to explore, etc. You should incorporate the comments received during the presentation. Code should be submitted electronically.