Advanced Topics in Network Security (Spring 06)

Meeting Times

Thursdays & Fridays, 1 - 2:15 pm, Wyman Park Conference rm.

Description

This course focuses on selected research topics in communications security. The course is structured as a research seminar where students present research papers to their peers. Topics may include

Prerequisites of 600.424 and 600.449 (or equivalent) are strongly advised. In addition, familiarity with basic cryptographic primitives will be necessary to understand the details of some of the assigned papers.

Course Project

Your course project will entail submitting (to me) a workshop quality research paper outlining novel ideas. This project can involve application of concepts learned from other research papers, but MUST depict original ideas. There will be some checkpoints throughout the semester and will include a short survey paper on work related to your topic. The course project constitutes 60% of your final grade. You are required to use LaTeX when preparing your final report.

Readings and Presentations

Students are required to read all papers assigned during the semester and be able to competently discuss the material in class. Each student will be responsible for presenting one lecture (depending on the class size) -- that lecture will be based on the assigned paper for the week including as much relevant related work as necessary to distill the work presented in the paper. The speaker should try to present a comprehensive view of the topic suitable for a 1 hour talk. Additionally, each student is responsible for submitting a summary of the paper, which includes (1) at least two thought-provoking questions on the assigned paper (2) a discussion of any strengths and weaknesses (3) two possible directions for extensions on the ideas / topic presented in the paper. Your questions should critically evaluate the paper (eg, questioning the assumptions, questioning whether the experiments are lacking (and why), flaws in the analysis, etc). This summary will be turned in to the moderator (and me) on the Thursday session.

The moderator is responsible for recapping the ideas for the previous day (15 mins max) and presenting any supplimentary material not covered by the presenter. The moderator will lead the general discussions on Friday. Notes on the week's discussion must also be compiled by the moderator, and submitted to me no later than 1 week after the lecture. These notes will be made publicly available (via the website) to rest of the class.

Office Hours

Tuesday 1 - 3 pm or by appointment.

Mailing List

send email to majordomo (at) cs.jhu.edu with subscribe cs624 in the message body

Grading

This is intended to be an interactive class, and as such, class participation will play a significant role in my grading criteria. Students will be graded on the presentation of their assigned paper, their participation in discussions and questions, the assignment and course project. Weights are as follows:

Reading List

Date	Topic	Presenter (Thursday)	Moderator  (Friday)
Feb. 2nd	Course Introduction, selection of presenters, project discussion.
Feb. 9/10	Practical Techniques for Searches on Encrypted Data D. Song, D. Wagner and A. Perrig Proceedings of IEEE Security and Privacy, 2000 related readings: B.Waters, D. Balfanz, G. Durfee, and D.K. Smetters. Building an Encrypted and Searchable Audit Log	Lucas slides	Seny/Fabian slides
Feb. 16/17	Modeling Botnet Propagation Using Time Zones D. Dagon, C. Zou, and W. Lee Proceedings of ISOC NDSS 2006 related readings: Protocol-Independent Adaptive Replay of Application Dialog M.Vrable et al. Scalability, Fidelity and Containment in the Potemkin Virtual Honeyfarm. F. Freiling, T. Holz and G. Wicherski. Botnet Tracking: Exploring a Root-Cause Methodology to Prevent DDoS.	Jay slides	Fabian/Moheeb slides
Feb. 23/24	BLINC: Multi-level Traffic Classification in the Dark T. Karagiannis, K. Papagiannaki, and M. Faloutsos Proceedings of ACM SIGCOMM, 2005 related readings: P. McDaniel et al. Enterprise Security: A Community of Interest Based Approach, NDSS, 2006. K. Xu et al. Profiling Internet Backbone Traffic: Behavior Models and Applications. In ACM SIGCOMM,2005.	Scott slides	Charles slides
March 2/3	Keyboard Acoustics Emanations Revisited L. Zhuang, F. Zhou and J.D. Tygar ACM CCS, 2005 related readings: D. Asonov and R. Agrawal. Keyboard Acoustic Emanations, IEEE S&P 2004 Acoustic Cryptanalysis Optical Time-Domain Eavesdropping Risks of CRT Displays (IEEE S&P,2002)	Dan slides	Razvan slides
March 9/10	On the Effectiveness of Instruction set randomization N. Sovarel, D. Evans, and N. Paul USENIX Security, 2005 related readings: S. Bhatkar, R. Sekar, D. DuVarney. Efficient Techniques for Comprehensive Protection from Memory Error Exploits. H. Schacham, M. Page, B. Pfaff, E. Goh, N. Modadugu, D. Boneh. On the effectiveness of Address space randomization, ACM CCS 04.	(no class)	Kevin (presenter) slides
March 16/17	Payload Attribution via Hierarchical Bloom Filters K. Shanmugashundaram, H. Bronnimann, N. Memon Proceedings of ACM CCS, 2005 related readings: B. Chazelle, J. Kilian, R. Rubinfeld and A. Tal.The Bloomier Filter: An Efficient Data Structure for Static Support Lookup Tables. Space-code bloom filter for efficient per-flow traffic measurement. A. Kumar et al. In IEEE INFOCOM, 2004.	Jacob slides	Raluca part 1 part 2
March 20-26 Spring Break
March 30/31	No Class -- away at PC meeting
Apr. 6/7	Tracking Anonymous Peer-to-Peer VoIP Calls on the Internet X.Wang, S.Chen, and S. Jajodia Proceedings of ACM CCS, 2005 related readings: D. Sicker and T. Lookabaugh. VOIP Security: Not an afterthought. J. Millen. 20 Years of covert channel modeling and analysis. In Proceedings of IEEE Symposium on Security and Privacy, 1999. B. Ventatraman and R.E. Newman-Wolfe. Capacity Estimation and Auditability of Network Covert Channels. In IEEE Symposium on Security and Privacy, 1995.	Amos slides	Scott slides surver paper due 4/7
Apr. 13/14	Robust TCP Stream Reassembly in the presence of adversaries S. Dharmapurikar and V. Paxson Proceedings of USENIX Security, 2005 related readings: R. Sherwood et al. Misbehaving TCP Receivers can cause Internet-Wide congestion collapse, ACM CCS 2005.	Razvan	Amos
April 20/21	Distillation Codes and Applications to DoS Resistant Multicast Authentication C. Karlof, N. Sastry, Y. Li, A. Perrig, J.D. Tygar. Proceedings of NDSS, 2004 related readings: J. Park et al. Efficient multicast stream authentication using erasure codes. ACM Transactions on Information and System Security, 2003.	Ryan slides	Kevin part 1 part 2
Apr. 27/28	Churn as Shelter T. Condie, V. Kacholia, S. Sankararaman, K. Hellerstein, P. Maniatis. Proceedings of ISOC NDSS, 2005 related readings: M. Srivatsa and L. Liu. Countering Targeted File Attack using LocationGuard. In USENIX Security, 2005.	Jay slides	Dan slides
May 4/5	Aggregated Path Authentication for Efficient BGP Security M. Zhao, S. Smith and D. Nicol ACM CCS 2005 related readings: J.M. Park, E.K.P. Chong, H.J. Siegel, Efficient multicast packet authentication using signature amortization, IEEE Symposium on Security and Privacy, 2002.	Raluca	In Class Presentations
Reading Week
Thursday May 18th	Final Projects due by 10pm. NO EXCEPTIONS

• On-the-Fly Verification of Rateless Erasure Codes for Efficient Content Distribution
• Authentication and Integrity in Outsourced Databases
• Collaborative Filtering with Privacy