1/25 |
Introduction and Basic Concepts
Lecture Slides
Recommended Reading
Reflections on Trusting Trust
Why Offensive Security Needs Engineering Textbooks
Legal Issues Surrounding Monitoring During Network Research
|
1/27 |
Threat Landscape
Lecture Slides
Recommended Reading
The Internet Worm Program: An Analysis
Smashing The Stack For Fun And Profit
The advanced return-into-lib(c) exploits: PaX case study
Hacker Curriculum
Crash course on buffer overflows by the 10K Students initiative
|
2/1 |
Lower Layers
Lecture Slides
Recommended Reading
Packets Found on an Internet
A look back at “Security problems in the TCP/IP protocol suite”
IP-spoofing Demystified
|
2/3 |
Core Protocols: BGP and DNS
Lecture Slides
Recommended Reading
A Survey of BGP Security Issues and Solutions
Using the Domain Name System for System Break-ins
Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority
Hold-On: Protecting Against On-Path DNS Poisoning
An Illustrated Guide to the Kaminsky DNS Vulnerability
Homework 1 is out (due February 26): Passive Network Monitoring
|
2/8 |
Denial of Service Cancelled due to winter storm
|
2/10 |
Denial of Service
Lecture Slides
Recommended Reading
Inferring Internet Denial-of-Service Activity
A Taxonomy of DDoS Attack and DDoS Defense Mechanisms
Amplification Hell: Revisiting Network Protocols for DDoS Abuse
China’s Great Cannon
|
2/15 |
Firewalls and Gateways
Lecture Slides
Recommended Reading
Firewalls and Internet Security: Repelling the Wily Hacker (Second Edition)
Walls and Gates
|
2/17 |
Firewalls and Gateways (Cont.)
Lecture Slides
Paper Discussion
Detecting Forged TCP Reset Packets
Homework 2 is out (due March 11): Programming with Libpcap
|
2/22 |
Hands-on Session
|
2/24 |
Encrypted Communication (Part 1)
Lecture Slides
Recommended Reading
Handbook of Applied Cryptography
How (not) to use symmetric encryption
The Matasano Crypto Challenges
|
2/29 |
Encrypted Communication (Part 2)
Lecture Slides
Recommended Reading
The Case for Ubiquitous Transport-Level Encryption
Analyzing the MD5 collision in Flame
|
3/2 |
Authentication
Lecture Slides
Recommended Reading
Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing
The Tangled Web of Password Reuse.
Designing an Authentication System: a Dialogue in Four Scenes
The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes
A Future-Adaptable Password Scheme
|
3/7 |
SSL/TLS
Lecture Slides
Recommended Reading
Analyzing Forged SSL Certificates in the Wild
Analysis of the HTTPS Certificate Ecosystem
An Experimental Study of TLS Forward Secrecy Deployments
|
3/9 |
Midterm
Homework 3 is out (due April 8): Plugboard Proxy
|
3/14 |
Spring Recess
|
3/16 |
Spring Recess
|
3/21 |
Encrypted Communication (Part 3: Failures)
Paper Discussion
The Matter of Heartbleed
An Empirical Study of Cryptographic Misuse in Android Applications
Recommended Reading
Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices
Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice
A Comprehensive Study of BEAST, CRIME, TIME, BREACH, Lucky 13 & RC4 Biases
FREAK
POODLE
DROWN
|
3/23 |
Intrusion Detection
Lecture Slides
Recommended Reading
Bro: A System for Detecting Network Intruders in Real-Time
Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection
Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics
The Base-Rate Fallacy and its Implications for the Difficulty of Intrusion Detection
|
3/28 |
Reconnaissance and Scanning
Lecture Slides
Recommended Reading
nmap
ZMap: Fast Internet-Wide Scanning and its Security Applications
A Brief History of Scanning
An Internet-Wide View of Internet-Wide Scanning
|
3/30 |
Hands-on Session
|
4/4 |
Malware and Botnets
Lecture Slides
Recommended Reading
The Art of Computer Virus Research and Defense
How to 0wn the Internet in Your Spare Time
Your Botnet is My Botnet: Analysis of a Botnet Takeover
Manufacturing Compromise: The Emergence of Exploit-as-a-Service
Beheading Hydras: Performing Effective Botnet Takedowns
|
4/6 |
Honeypots and Decoys
Lecture Slides
Paper Discussion
All Your iFRAMEs Point to Us
Recommended Reading
A Virtual Honeypot Framework
Stalking the Wily Hacker
There Be Dragons
Designing Host and Network Sensors to Mitigate the Insider Threat
Homework 4 is out (due May 6): DNS Packet Injection
|
4/11 |
Email
Lecture Slides
Recommended Reading
Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0
End-To-End
A Critique Of Lavabit
Off-the-Record Communication, or, Why Not To Use PGP
Forward Secrecy for Asynchronous Messages
Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security
|
4/13 |
Spam and Phishing
Lecture Slides
Recommended Reading
Understanding the Network-Level Behavior of Spammers
@spam: The Underground on 140 Characters or Less
Click Trajectories: End-to-End Analysis of the Spam Value Chain
The Harvester, the Botmaster, and the Spammer: On the Relations Between the Different Actors in the Spam Landscape
|
4/18 |
Hands-on Session
|
4/20 |
Web (Part 1)
Lecture Slides (on Piazza - courtesy of Nick Nikiforakis)
Recommended Reading
App Isolation: Get the Security of Multiple Browsers with Just One
Regular Expressions Considered Harmful in Client-Side XSS Filters
Robust Defenses for Cross-Site Request Forgery
|
4/25 |
No Class
|
4/27 |
Web (Part 2) - Guest lecture by Nick Nikiforakis
Lecture Slides (on Piazza - courtesy of Nick Nikiforakis)
Recommended Reading
SQLrand: Preventing SQL Injection Attacks
Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications
|
5/2 |
Privacy
Lecture Slides
Recommended Reading
Detecting and Defending Against Third-Party Tracking on the Web
Adnostic: Privacy Preserving Targeted Advertising
Privacy-Preserving Social Plugins
Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting
|
5/4 |
Anonymity
Lecture Slides
Recommended Reading
Tor: The Second-Generation Onion Router
Low-Cost Traffic Analysis of Tor
Detecting Traffic Snooping in Tor Using Decoys
Internet Censorship in China: Where Does the Filtering Occur?
|