|
Date |
Lectures Topics |
Speakers & Notes |
|
|
Tu 1/6 |
Class overview, overview of Internet security. |
Yan [ppt] |
Symantec Internet Security Threat Report, May. 2008. |
|
Th 1/8 |
BGP and routing anomalies |
Yan [ppt] No paper summary needed. |
BGP tutorial from Cisco, please read the "BGP fundamental" part and this simplified tutorial of BGP. (I will go over the slides in the class. You may also want to read the full version of Introduction to BGP by Tim Griffin.) [Ref]
Delayed Internet Routing Convergence, by C. Labovitz,
A. Ahuja, A. Bose and F. Jahanian,
in ACM SIGCOMM 2000. (slides
of their NANOG 19 talk) |
|
Tu 1/13 |
Internet routing anomaly |
Kai [ppt] |
Accurate Real-time Identification of IP Hijacking, X. Hu and Z. Mao, IEEE Security Symposium 2007. [Ref]A Light-weight Distributed Scheme for Detecting IP Prefix Hijacks In Real-time, C. Zheng, et al, in ACM SIGCOMM 2007. |
|
Th 1/15 |
Diagnosis of distributed systems |
Yinzhi [ppt] |
X-Trace: A Pervasive Network Tracing Framework, Rodrigo Fonseca, George Porter, Randy Katz, Scott Shenker, Ion Stoica, ACM NSDI 2007. (presentation available in mp3 format) [Ref] Towards Highly Reliable Enterprise Network Services via Inference of Multi-level Dependencies, Paramvir Bahl, Ranveer Chandra, Albert Greenberg, Srikanth Kandula, David A. Maltz, Ming Zhang, SIGCOMM, 2007. |
|
Tu 1/20 |
Mobile Malcode |
Yan [ppt] No paper summary needed. |
A Taxonomy of Computer Worms, N. Weaver, V. Paxson, S. Staniford, and R. Cunningham, the First ACM Workshop on Rapid Malcode (WORM), 2003. |
|
Th 1/22 |
Botnets and underground economy |
Issac [pdf] |
Detection and Mitigation of Fast-flux Service Networks, T. Holz, C. Gorecki, K. Rieck, and F. C. Freiling. In NDSS, 2008. [Ref] An
Inquiry into the Nature and Causes of the Wealth of Internet Miscreants,
J. Franklin, V. Paxson, A. Perrig,
and S. Savage, Proc. ACM CCS, October 2007. Related slides and some
interesting news can be found here.
|
|
Tu 1/27 |
Botnets II |
Guest lecture by Zhaosheng Zhu [ppt] |
Botminer: Clustering analysis of network traffic for protocol- and structure-independent botnet detection, Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee, In USENIX Security Symposium 2008. [Ref] Bothunter: Detecting malware infection through IDS-driven dialog correlation, Guofei Gu, Phillip Porras, Vinod Yegneswaran, Martin Fong, and Wenke Lee. In USENIX Security Symposium, 2007. Botsniffer: Detecting botnet
command and control channels in network traffic, Guofei
Gu, Junjie Zhang, and Wenke Lee, In NDSS, 2008. |
|
Th 1/29 |
Network intrusion detection/prevention systems (NIDS/NIPS) |
Alex [ppt] |
Bro: A System for Detecting Network Intruders in Real-Time, Vern Paxson, Computer Networks, 31(23-24), Dec. 1999. |
|
Tu 2/3 |
NIDS evasion |
Clint [pdf] |
Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics, Mark Handley, Christian Kreibich, and Vern Paxson, USENIX Security 2001. |
|
Th, 2/5 |
NIDS evaluation |
Hongyu [ppt] |
Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Off-line Intrusion Detection System Evaluation as Performed by Lincoln Laboratory, John McHugh, ACM Transactions on Information and System Security, 3(4). November, 2000. |
|
Tu 2/10 |
Network security in industry |
Guest lecture by Brandon Hoffman, KPMG LLP [ppt] |
|
|
Th
2/12 |
Midterm project presentation: High-Speed NIDS, Phishing in Social Networks. |
||
|
Tu
2/17 |
Midterm project presentation: Web Security. |
||
|
Th
2/19 |
World Wide Web vulnerability analysis |
Yi [ppt] |
Vulnerability Analysis of Web-Based Applications, Marco Cova, Viktoria Felmetsger, Giovanni Vigna, Chapter in ``Test and Analysis of Web Services" Springer, September 2007. |
|
Tu 2/24 |
WWW vulnerability analysis cont'd |
Ben [ppt] |
Main paper same as above. [Ref] Multi-Module Vulnerability Analysis of Web-based Applications. ACM Conference on Computer and Communications Security (CCS 2007). |
|
Th 2/26 |
WWW defnese |
Hongyu [ppt] |
BrowserShield: Vulnerability-Driven Filtering of Dynamic HTML Charles Reis, et al, Usenix OSDI, 2006 |
|
Tu 3/3 |
Social Network |
Kai [ppt] |
Social Honeypots: Making Friends With A Spammer Near You, Steve Webb, J. Caverlee, and C. Pu, ACM CEAS 2008. [Ref]Social Phishing, Tom Jagatic et al,Volume 50 , Issue 10 (October 2007), Communication of ACM. |
|
Th 3/5 |
Wireless Network Security |
Yinzhi [ppt] |
Can Ferris Bueller Still Have His Day Off? Protecting Privacy in the Wireless Era, Ben Greenstein et al, USENIX HotOS XI 2007. [Ref]Devices That Tell on You: Privacy Trends in Consumer Ubiquitous Computing, T Scott Saponas, et al, USENIX Security Symposium 2007. |
|
Tu 3/10 |
Spamming Botnets in Hotmail |
Guest lecture by Yao Zhao [ppt] |
|
|
3/12 |
No class. |
||
|
Tu 3/17 |
Project presentation |
Web Security, Phishing in Social Networks, High-Speed NIDS. | |
Notes: You may find the brochure useful: Efficient reading of papers in Science and Technology by Michael J. Hanson, 1990, revised 2000 Dylan McNamee.