Course Lecture Plan


Lectures Topics

Speakers & Notes


Tu 1/6

Class overview, overview of Internet security.

Yan [ppt]

Symantec Internet Security Threat Report, May. 2008.

Th 1/8

BGP and routing anomalies

Yan [ppt]

No paper summary needed.

BGP tutorial from Cisco, please read the "BGP fundamental" part and this simplified tutorial of BGP. (I will go over the slides in the class. You may also want to read the full version of Introduction to BGP by Tim Griffin.)

[Ref] Delayed Internet Routing Convergence, by C. Labovitz, A. Ahuja, A. Bose and F. Jahanian, in ACM SIGCOMM 2000. (slides of their NANOG 19 talk)

Tu 1/13

Internet routing anomaly

Kai [ppt]

Accurate Real-time Identification of IP Hijacking, X. Hu and Z. Mao, IEEE Security Symposium 2007.

[Ref]A Light-weight Distributed Scheme for Detecting IP Prefix Hijacks In Real-time, C. Zheng, et al, in ACM SIGCOMM 2007.

Th 1/15

Diagnosis of distributed systems

Yinzhi [ppt]

X-Trace: A Pervasive Network Tracing Framework, Rodrigo Fonseca, George Porter, Randy Katz, Scott Shenker, Ion Stoica, ACM NSDI 2007. (presentation available in mp3 format)

[Ref] Towards Highly Reliable Enterprise Network Services via Inference of Multi-level Dependencies, Paramvir Bahl, Ranveer Chandra, Albert Greenberg, Srikanth Kandula, David A. Maltz, Ming Zhang, SIGCOMM, 2007.

Tu 1/20

Mobile Malcode

Yan [ppt]

No paper summary needed.

A Taxonomy of Computer Worms, N. Weaver, V. Paxson, S. Staniford, and R. Cunningham, the First ACM Workshop on Rapid Malcode (WORM), 2003.

Th 1/22

Botnets and underground economy

Issac [pdf]

Detection and Mitigation of Fast-flux Service Networks, T. Holz, C. Gorecki, K. Rieck, and F. C. Freiling. In NDSS, 2008.

[Ref] An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants, J. Franklin, V. Paxson, A. Perrig, and S. Savage, Proc. ACM CCS, October 2007. Related slides and some interesting news can be found here.

Tu 1/27

Botnets II

Guest lecture by Zhaosheng Zhu [ppt]

Botminer: Clustering analysis of network traffic for protocol- and structure-independent botnet detection, Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee, In USENIX Security Symposium 2008.

[Ref] Bothunter: Detecting malware infection through IDS-driven dialog correlation, Guofei Gu, Phillip Porras, Vinod Yegneswaran, Martin Fong, and Wenke Lee. In USENIX Security Symposium, 2007.

Botsniffer: Detecting botnet command and control channels in network traffic, Guofei Gu, Junjie Zhang, and Wenke Lee, In NDSS, 2008.

Th 1/29

Network intrusion detection/prevention systems (NIDS/NIPS)

Alex [ppt]

Bro: A System for Detecting Network Intruders in Real-Time, Vern Paxson, Computer Networks, 31(23-24), Dec. 1999.

Bro IDS website

Slides on Bro overviwe by Vern Paxson.

Tu 2/3

NIDS evasion

Clint [pdf]

Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics, Mark Handley, Christian Kreibich, and Vern Paxson, USENIX Security 2001.

Th, 2/5

NIDS evaluation

Hongyu [ppt]

Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Off-line Intrusion Detection System Evaluation as Performed by Lincoln Laboratory, John McHugh, ACM Transactions on Information and System Security, 3(4). November, 2000.

Tu 2/10

Network security in industry

Guest lecture by Brandon Hoffman, KPMG LLP [ppt]

Th 2/12

Midterm project presentation: High-Speed NIDS, Phishing in Social Networks.

Tu 2/17

Midterm project presentation: Web Security.

Th 2/19

World Wide Web vulnerability analysis

Yi [ppt]

Vulnerability Analysis of Web-Based Applications, Marco Cova, Viktoria Felmetsger, Giovanni Vigna, Chapter in ``Test and Analysis of Web Services" Springer, September 2007.

Tu 2/24

WWW vulnerability analysis cont'd

Ben [ppt]

Main paper same as above.

[Ref] Multi-Module Vulnerability Analysis of Web-based Applications. ACM Conference on Computer and Communications Security (CCS 2007).

Th 2/26

WWW defnese

Hongyu [ppt]

BrowserShield: Vulnerability-Driven Filtering of Dynamic HTML Charles Reis, et al, Usenix OSDI, 2006

Tu 3/3

Social Network

Kai [ppt]

Social Honeypots: Making Friends With A Spammer Near You, Steve Webb, J. Caverlee, and C. Pu, ACM CEAS 2008.

[Ref]Social Phishing, Tom Jagatic et al,Volume 50 , Issue 10 (October 2007), Communication of ACM.

Th 3/5

Wireless Network Security

Yinzhi [ppt]

Can Ferris Bueller Still Have His Day Off? Protecting Privacy in the Wireless Era, Ben Greenstein et al, USENIX HotOS XI 2007.

[Ref]Devices That Tell on You: Privacy Trends in Consumer Ubiquitous Computing, T Scott Saponas, et al, USENIX Security Symposium 2007.

Tu 3/10

Spamming Botnets in Hotmail

Guest lecture by Yao Zhao [ppt]


No class.



Project presentation

Web Security, Phishing in Social Networks, High-Speed NIDS.

Notes: You may find the brochure useful: Efficient reading of papers in Science and Technology by Michael J. Hanson, 1990, revised 2000 Dylan McNamee.