| Instructor: |
Shuai Hao Email: shao -AT- odu.edu Office: 3111 E&CS Building |
| Lecture time: | TR 4:20 pm - 5:35 pm |
| Location: | DRGS 2104 |
| Office hours: | 2-4 pm Wednesday |
Course website: https://shhaos.github.io/courses/CS872/netsec-fall2022.html
This course is a research-oriented, graduate-level course, centering around both classic and state-of-the-art techniques on various aspects of compter and network security. The course involves both reading/discussing research papers and a term project/final report. The course aims to provide a thorough grounding on the computer and network security for the students who are interested in conducting research in this area, as well as a comprehensive background for those generally interested in networking or security. See below the completed paper list for the topics covered in the course.
The schedule could be revised as the course progresses.
The papers will be presented as a seminar-style presentation in of ~1 hour talk plus 15 mins questions/discussions. (Note: You should consider the audience who are not expert in the relevant topic and provide a comprehensive and thorough technical background for the presented paper, which may require you adopt some materials not included in the paper.) The sequence of presentations aim to somehow provide prerequisites for the following papers. Keeping the sequence is suggested. The adjustment is possible but need receive instructor approval.
| Date/Topic | Papers/Notes | Presenter | |
|---|---|---|---|
| 8/30 | Lecture: Course Introduction [slides] | Instructor | |
| 9/1 | Lecture: Network and Internet Security 1 | ||
| 9/6 | Lecture: Network and Internet Security 2 [slides] | ||
| 9/8 | Lecture: Foundations of Cryptography 1 | ||
| 9/13 | Lecture: Foundations of Cryptography 2 [slides] | ||
| 9/20 | Lecture: Web and Browser Security 1: Web Security | ||
| 9/22 | Lecture: Web and Browser Security 2: Vulnerabilities [slides] | ||
| 9/27 DNS Security | Paper: All Your DNS Records Point to Us: Understanding the Security Threats of Dangling DNS Records, ACM CCS'16 [slides] | ||
| 9/29 DNS Security | Paper: EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis, NDSS'11 | ||
| 10/4 10/6 | No Class: Instructor TravelingDue: Paper Selection for Presention | ||
| 10/11 | No Class: Fall BreakDue: Final Report Topic Selection | ||
| 10/13 Botnet | Paper: Understanding the Mirai Botnet, USENIX Security'17 | Instructor | |
| 10/18 PKI/DNSSEC | Paper: A Longitudinal, End-to-End View of the DNSSEC Ecosystem, USENIX Security'17 | ||
| 10/20 NIDS | Paper: Bro: A System for Detecting Network Intruders in Real-Time, USENIX Security'98 | Ibrahim | |
| 10/25 PKI/RPKI | Paper: Are We There Yet? On RPKI’s Deployment and Security, NDSS'17 | ||
| 10/27 Censorship | Paper: Understanding the Practices of Global Censorship through Accurate, End-to-End Measurements, ACM SIGMETRICS'22 | ||
| 11/1 Web Rehost | Paper: Melting Pot of Origins: Compromising the Intermediary Web Services that Rehost Websites, NDSS'20 | Dhanushkanda | |
| 11/3 | Rescheduled | ||
| 11/8 | No Class: Eelection Day Holiday | ||
| 11/10 | No Class: Instructor Traveling | ||
| 11/15 PKI/HTTPS | Paper: When HTTPS Meets CDN: A Case of Authentication in Delegated Service, IEEE S&P (Oakland)'14 | Fowlkes | |
| 11/17 Web Tracking | Paper: The Web Never Forgets: Persistent Tracking Mechanisms in the Wild, ACM CCS'14. | Slayton | |
| 11/22 11/24 | No Class: Thanksgiving Holiday | ||
| 11/29 Web Security | Paper: Cookies Lack Integrity: Real-World Implications, USENIX Security'15. | Jayanetti | |
| 12/1 AI Security | Paper: Dos and Don'ts of Machine Learning in Computer Security, USENIX Security'22 | Atwood | |
| 12/6 AI Security | Paper: Trojaning Attack on Neural Networks, NDSS'18 | Esfahani | |
| 12/8 Project & Summary | Project Presentations (5 min each) Lecture: Course Summary | ||
Each student will give one full paper presentation selected from above pool. The slides used to present the paper in the class must be created by the presenters. Using materials from original authors or others is allowed but needs to be properly cited.
The slides should be sent to the instructor 2-3 days ahead of the presentation (a draft version will be fine), so the instructor can review the technical part and provide feedback, as well as arrange additional lecture for providing background if necessary.
Each student is required to write two paper reviews. The Final report is either a research-oriented technical report or a survey paper for a specific topic within the scope of the course. Details and instruction will be given in the lecture and post later.
Network Security: Private Communication in a Public World, 3rd Edition, by Charlie Kaufman, Radia Perlman, Mike Speciner, and Ray Perlner
Computer Security: A Hands-on Approach, by Wenliang Du
The suggested textbooks are not required.