|
Date |
Lectures Topics |
Presenter |
Reading |
Assignment |
|
Tue 8/30 |
Class overview, motivation and overview of computer security |
Dr. Yinzhi Cao [ppt] |
|
|
|
Thu 9/1 |
Software Vulnerability I |
Dr. Yinzhi Cao [ppt] |
|
|
|
Tue 9/6 |
Software Vulnerability II |
Dr. Yinzhi Cao |
|
HW1 Shellcode out |
|
Thu 9/8 |
Software Vulnerability Paper Presentation |
Defense: Matthew Chin Offense: James Currie |
[Primary] Heisenbyte: Thwarting memory disclosure attacks using destructive code reads, CCS 2015.
[Secondary] Return to the Zombie Gadgets: Undermining Destructive Code Reads via Code Inference Attacks, IEEE Security and Privacy (Oakland) 2016.
|
|
|
Tue 9/13 |
Web Security and Privacy I |
Dr. Yinzhi Cao [ppt] |
|
|
|
Thu 9/15 |
Web Security and Privacy II |
Dr. Yinzhi Cao |
|
HW1 Shellcode in |
|
Tue 9/20 |
Web Paper Presentation I |
Defense: Shujiang Wu Offense: |
Trusted Browsers for Uncertain Times, USENIX Security 2016.
|
HW2 Buffer overflow out |
|
Thu 9/22 |
Web Paper Presentation II |
Defense: Benjamin Weinfeld Offense: Drew Siedel |
Request and Conquer: Exposing Cross-Origin Resource Size, USENIX Security 2016. |
|
|
Tue 9/27 |
Mobile Security and Privacy |
Dr. Yinzhi Cao [ppt] |
|
|
|
Thu 9/29 |
Mobile Paper Presentation I |
Defense: Erik Outhwaite Offense: |
On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis, USENIX Security 2016. |
|
|
Tue 10/4 |
Mobile Paper Presentation II |
Defense: Michael Holdorf Offense: |
TriggerScope: Towards Detecting Logic Bombs in Android Applications, IEEE Security and Privacy (Oakland), 2016. |
HW2 Buffer overflow in |
|
Thu 10/6 |
Mobile Paper Presentation III |
Defense: Ryan Newberry Offense: |
Staying Secure and Unprepared: Understanding and Mitigating the Security Risks of Apple ZeroConf, IEEE Security and Privacy (Oakland), 2016. |
|
|
Tue 10/11 |
Software-defined Network (SDN) |
Dr. Yinzhi Cao [ppt] |
|
|
|
Thu 10/13 |
SDN Paper Presentation |
Defense: Zhiheng Liu Offense: Shujiang Wu |
AVANT-GUARD: Scalable and Vigilant Switch Flow Management in Software-Defined Networks, in the Proc. of ACM CCS 2013. |
|
|
Tue 10/18 |
Pacing Break |
|
|
|
|
Thu 10/20 |
Mid-term Project Presentation |
TBA |
|
|
|
Tue 10/25 |
TLS/SSL |
Dr. Yinzhi Cao |
|
HW3 XSS out |
|
Thu 10/27 |
Guest Lecture from Industry |
Presenter: Mike Lemley (OSISoft) |
|
|
|
Tue 11/1 |
TLS/SSL Paper Presentation II |
Defense: Zhenqiang Li Offense: Zhiheng Liu |
TLS in the Wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication, NDSS 2016. |
|
|
Thu 11/3 |
Social Network Security and Firewalls |
Dr. Yinzhi Cao [ppt] |
|
HW3 XSS in |
|
Tue 11/8 |
Social Network Security Paper Presentation |
Defense: James Clements Offense: Jinbu Wang |
You Are Who You Know and How You Behave: Attribute Inference Attacks via Users’ Social Friends and Behaviors, USENIX Security 2016. |
HW4 Firewall out |
|
Thu 11/10 |
Machine Learning Security |
Dr. Yinzhi Cao [ppt] |
|
|
|
Tue 11/15 |
Machine Learning Security Paper Presentation I |
Defense: Zhenqiang Li Offense: |
Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks, IEEE Security and Privacy, 2016. |
|
|
Thu 11/17 |
Machine Learning Security Paper Presentation II |
Defense: Jinbu Wang Offense: Alexander Van Heest |
Deep Learning with Differential Privacy, CCS 2016. |
|
|
Tue 11/22 |
SSL/TLS Paper Presentation I (moved due to a visitor) |
Defense: Zhiheng Liu Offense: Ryan Cooney |
Killed by Proxy: Analyzing Client-end TLS Interception Software, NDSS 2016. |
HW4 Firewall in |
|
Thu 11/24 |
Holiday |
|
|
|
|
Tue 11/29 |
Privacy |
Dr. Yinzhi Cao [ppt] |
|
|
|
Thu 12/1 |
Privacy Paper Presentation |
Defense: Shujiang Wu Offense: Daniel Sohn |
Identifying and Characterizing Sybils in the Tor Network, USENIX Security 2016. |
|
|
Tue 12/6 |
Final Project Presentation I |
|
|
|
|
Thu 12/8 |
Final Project Presentation II |
|
|
|