Email: shao -AT- odu.edu
Office: 3111 E&CS Building
|Lecture time:||Thursday / 9:30 am - 12:15 pm|
|Location:||Dragas Hall 1102|
|Office hours:||2-4 pm Wednesday|
This course is a research-oriented, graduate-level course, centering around introducing both classical and emerging Internet technologies and security enhancements. The course aims to provide a thorough grounding on the Internet and security for the students who are interested in conducting research in this area, as well as a comprehensive background for those generally interested in networking or security. Topics covered in the course include: Internet infrastrucuture and fundamental services; intrusion detection systems; DDoS attacks; malware and botnets; routing system; public key infrastructure; Anonymity and Cencorship; Web systems and attacks; Cybercrime (e.g., advertising networks and spam).
The papers will be presented as a seminar-style presentation in ~50 mins talk plus 10 mins questions/discussions. The sequence of presentations aim to somehow provide prerequisites for the following papers. Keeping the sequence is suggested. The adjustment is possible but need receive instructor approval.
Reference Reading provides a background, comparison, or supplement to the presented paper. Reading these papers is not required and it is up to the presenter to decide if/how to involve the reference reading paper in the presentation.
The schedule could be revised as the course progresses.
|/||Lecture: Course Introduction [slides]|
|/||Lecture: Internet Architecture and Fundemental Services [slides]|
|/||Lecture: Network Security [slides]|
|Infrastructure||Content Delivery and the Natural Evolution of DNS: Remote DNS Trends, Performance Issues and Alternative Solutions, ACM IMC'12 |
|Infrastructure||Satellite: Joint Analysis of CDNs and Network-Level Interference, USENIX ATC'16|
|DNS Security||Building a Dynamic Reputation System for DNS, USENIX Security'10|
|DNS Security||Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates, NDSS'18 |
|DDoS||Inferring Internet Denial of Service Activity, USENIX Security'01|
|DDoS||SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks, IEEE S&P (Oakland)'04|
|10/10||No Class (Instructor traveling)|
|NIDS||Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics, USENIX Security'01|
|Botnets; DNS Security||From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware, USENIX Security'12|
|Botnets||Spamming Botnets: Signatures and Characteristics, ACM SIGCOMM'08|
|Botnets||Understanding the Mirai Botnet, USENIX Security'17
|PKI/DNSSEC||A Longitudinal, End-to-End View of the DNSSEC Ecosystem, USENIX Security'17
|PKI/HTTPS||When HTTPS Meets CDN: A Case of Authentication in Delegated Service, IEEE S&P (Oakland)'14|
|PKI/HTTPS||The Security Impact of HTTPS Interception, NDSS'17|
|Routing Security||Accurate Real-time Identification of IP Prefix Hijacking, IEEE S&P (Oakland)'07 |
|PKI/RPKI||Are We There Yet? On RPKI’s Deployment and Security, NDSS'17
|Anonymity||RAPTOR: Routing Attacks on Privacy in Tor, USENIX Security'15|
|Anonymity||Measuring and Mitigating AS-level Adversaries against Tor, NDSS'16|
|Censorship||Augur: Internet-Wide Detection of Connectivity Disruptions, IEEE S&P (Oakland)'17|
|Censorship||Global Measurement of DNS Manipulation, USENIX Security'17|
|Web||Finding the Linchpins of the Dark Web: a Study on Topologically Dedicated Hosts on Malicious Web Infrastructures, IEEE S&P (Oakland)'13|
|Web||Detecting and Defending Against Third-Party Tracking on the Web, NSDI'12 |
|Web||Dynamic Pharming Attacks and Locked Same-origin Policies for Web Browsers, ACM CCS'07 |
|Ad network; Spam||Click Trajectories: End-to-End Analysis of the Spam Value Chain, IEEE S&P (Oakland)'11|
|Ad network||Characterizing Large-Scale Click Fraud in ZeroAccess, ACM CCS'14.|
|TLS||The Matter of Heartbleed, ACM IMC'14 |
|Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security, ACM IMC'15|
The slides used to present the paper in the class must be created by the presenters. Using materials from original authors or others needs to be properly cited. The slides should be sent to the instructor 2-3 days ahead of the presentation (a draft version will be fine), so the instructor can review the technical part and provide feedback, as well as arrange additional lecture for providing background if necessary.
The slides will be made available on the course website. If you are not comfortable with that, let the instructor know and you will be granted your preference.
Homework is submitted as paper reviews for the papers studied in the class. The Final report is a survey paper for a specific topic within the scope of the course. Details and instruction will be given in the lecture and post later.