CS 600.643: Advanced Topics in Computer Security

Graduate Seminar

Course description

Topics will vary from year to year, but will focus mainly on network perimeter protection, host-level protection, authentication technologies, intellectual property protection, formal analysis techniques, intrusion detection and similarly advanced subjects. Emphasis in this course is on understanding how security issues impact real systems, while maintaining an appreciation for grounding the work in fundamental science. The course will consist of in-class workshops and interactive discussions. There will be programming assignments and a course project. Students will also be expected to read assigned papers and to present at least one research paper and lead a discussion on it.

MW 10:00 - 11:15 a.m.
Location: Wyman Park 4th floor conference room.

Office Hours

I will hold my office hours in 404 Wyman Park after class, and I'm also available by appointment other times.

Grading

This is an interactive class, so class participation will play a significant role in grading. Besides that, grades will be based on your paper presentation, your participation in discussions and questions, programming assignments and your project.

Course Project

The course project assignment is available here.


Week 1

1/25

Introduction to the course
Select students for first presentation

1/27

No class

Week 2

2/1

Paper presentations

Matthew Pirretti, Patrick Traynor, Patrick McDaniel, and Brent Waters
Secure Attribute Based Systems.

Students: Mike, Ayo

2/3

Paper discussion


Week 3

2/8

Paper presentations

Brent R. Waters, Dirk Balfanz2, Glenn Durfee, and D. K. Smetters
Building an Encrypted and Searchable Audit Log

Students: Venkata

2/10

Paper discussion


Week 4

2/15

Paper presentations

William Enck, Machigar Ongtang, and Patrick McDaniel
On Lightweight Mobile Phone Application Certification

Students:

2/17

Part II of project due, beginning of class

Paper discussion


Week 5

2/22

No class.

2/24

Part III of project due, beginning of class

In class project demo and project discussion


Week 6

No class, RSA conference

Week 7

3/8

Paper presentations

J. Franklin, V. Paxson, A. Perrig, and S. Savage
An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants

Students: Paul

3/10

Design for Part III of project due, beginning of class

Paper discussion



Week 8

Spring Break

Week 9

3/22

Paper presentations

David Dagon, Niels Provos, Chris Lee, and Wenke Lee
Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority

Students: Ayo & Ian

3/24

Paper discussion


Week 10

3/29

Paper presentation

D. Halperin, T.S. Heydt-Benjamin, B. Ransford, S.S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W.H. Maisel
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses

Students: Mike

Paper discussion

3/31

No class, Passover. paper will be presented and discussed on Monday, March 29.

Week 11

4/5

Paper presentations

Chris Karlof, Umesh Shankar, J. D. Tygar and David Wagner
Dynamic pharming attacks and the locked same-origin policies for web browsers

Students: Ian

4/7

Paper discussion


Week 12

4/12

Paper presentation

T. Ristenpart, G. Maganis, A. Krishnamurthy, and T. Kohno
Privacy-preserving Location Tracking of Lost or Stolen Devices: Cryptographic Techniques and Replacing Trusted Third Parties with DHTs

Students: Paul & Venkata

4/14

Paper discussion


Week 13

4/19

Paper presentations

David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications.

Students: Ayo

4/21

Paper discussion


Week 14

4/26 and 4/28

Project write-ups due 4/26, beginning of class

Project presentations


Computer Science Department Academic Integrity Code

Cheating is wrong. Cheating hurts our community by undermining academic integrity, creating mistrust, and fostering unfair competition. The university will punish cheaters with failure on an assignment, failure in a course, permanent transcript notation, suspension, and/or expulsion. Offenses may be reported to medical, law or other professional or graduate schools when a cheater applies.

Violations can include cheating on exams, plagiarism, reuse of assignments without permission, improper use of the Internet and electronic devices, unauthorized collaboration, alteration of graded assignments, forgery and falsification, lying, facilitating academic dishonesty, and unfair competition. Ignorance of these rules is not an excuse.

Academic honesty is required in all work you submit to be graded. Except where the instructor specifies group work, you must solve all homework and programming assignments without the help of others. For example, you must not look at anyone else’s solutions (including program code) to your homework problems. However, you may discuss assignment specifications (not solutions) with others to be sure you understand what is required by the assignment.

If your instructor permits using fragments of source code from outside sources, such as your textbook or on-line resources, you must properly cite the source. Not citing it constitutes plagiarism. Similarly, your group projects must list everyone who participated.

Falsifying program output or results is prohibited.

Your instructor is free to override parts of this policy for particular assignments. To protect yourself: (1) Ask the instructor if you are not sure what is permissible. (2) Seek help from the instructor, TA or CAs, as you are always encouraged to do, rather than from other students. (3) Cite any questionable sources of help you may have received.

On every exam, you will sign the following pledge: "I agree to complete this exam without unauthorized assistance from any person, materials or device. [Signed and dated]". Your course instructors will let you know where to find copies of old exams, if they are available.

For more information, see the guide on "Academic Ethics for Undergraduates" and the Ethics Board web site (http://ethics.jhu.edu).