Date |
Topic |
Sept 28 |
Class Introduction: Slides. |
Oct 3 |
Low-level control-flow Vulnerabilities:
“Low-Level Software Security by Example,” (just this chapter) Handbook of Information and Communication Security 2010.
|
Oct 5 |
Low-level Software Defenses: (Kirill Levchenko guest lecture)
“Control-Flow Integrity: Principles, Implementations, and Applications,” ACM CCS 2005 and
“NOZZLE: A Defense Against Heap-spraying Code Injection Attacks,” USENIX Sec. 2009.
Related papers [not assigned]:
Counterfeit Object-oriented Programming IEEE Security and Privacy '15 and ROP is Still Dangerous: Breaking Modern Defenses, USENIX Sec '14.
|
Oct 10 |
Cancelled |
Oct 12 |
Software vulnerabilities in aggregate
“Milk or Wine: Does Software Security Improve with Age?” USENIX Sec. 2006. and Before We Knew It: An Empirical Study of Zero-Day Attacks in the Real World, ACM CCS 2012.
Related papers [not assigned]:
An Empirical Study of Vulnerability Rewards Programs, USENIX Sec '13, Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits, RAND report and Is finding security holes a good idea?” IEEE S&P 2005.
|
Oct 17 |
Usability and human factors in security
“A Framework for Reasoning about the Human in the Loop, UPSec '08, and Allice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness, USENIX Security '13.
Related papers [not assigned]:
Users are not the Enemy, CACM v42no12, and So Long, and No Thanks for the Externalities: The Rational Rejection of Security Advice by Users, NPSW '09, and The Psychology of Security, CACM v51no4.
|
Oct 19 |
Usability II
Network-in-a-Box: How to Set Up A Secure Wireless Network in Under a Minute, USENIX Security '04, and Why Johnny Can't Encrypt: a Usability Evaluation of PGP 5.0, USENIX Sec '99
Related papers [not assigned]:
The Emperor's New Security Indicators: An evaluation of website authentication and the effect of role playing on usability studies, IEEE Security and Privacy '07
|
Oct 24 |
Side Channels I: Keyboard Acoustic Emanations Revisited, CCS 2005 and Lest we Remember: Cold Boot Attacks on Encryption Keys, USENIX Security 2008.
|
Oct 26 |
Other Channels II: Exploioting the DRAM rowhammer bug to gain kernel privileges, ?Google Project Zero Blog post and Neuroscience Meets Cryptography: Designing Crypto Primitives Secure against Rubber Hose Attacks, USENIX Security '12.
|
Oct 31 |
Ecosystem I: Click Trajectories: End-to-End Analysis of the Spam Value Chain IEEE S&P 2011 and Re: CAPTCHAs -- Understanding CAPTCHA-Solving from an Economic Context USENIX Sec. 2010.
|
Nov 2 |
Ecosystem II: Examining the Impact of Website Take-down on Phishing, APWG eCrime Summit, 2007. and The Underground Economy of Fake Antivirus Software, WEIS 2011.
Related papers [not assigned]:
Pricless: the Role of Payments in Adbuse-advertised Goods, CCS 2012 and Empirically Characterizing Domain Abuse and the Revenue Impact of Blacklisting, WEIS 2014.
|
Nov 7 |
Cancelled due to illness
|
|
Nov 9 |
SSL/TLS I: The
Most Dangerous Code in the World: Validating SSL Certificates in
Non-Browser Software, CCS 2012 and Analysis of the HTTPS Certificate Ecosystem, IMC 2013.
|
Nov 14 |
SSL/TLS II: The Security Impact of HTTPS Interception, NDSS 2017 and DROWN: Breaking TLS using SSLv2, USENIX Security '16. |
Nov 16 |
Cyber-Physical Security: Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses, IEEE Security and Privacy '08 and Comrehensive Experimental Analyses of Automative Attack Surfaces, USENIX Security '11. |
Nov 21 |
Web Privacy I: I Still Know What you Visited Last Summer: Leaking browsing history via user interaction and side channel attacks and XRay: Enhancing the Web's Transparency with Differential Correlation |
Nov 23 |
Thanksgiving! Class cancelled
|
|
Nov 28 |
Web Privacy II: An Analysis of Private Browsing Modes in Modern Browsers, USENIX Sec '10 and Internet Jones and the Raiders of the Lost Trackers: An Archaelogical Study of Web Tracking from 1996 to 2016, USENIX Sec '16 |
Nov 30 |
Web Security: XSS-Guard: Precise Dynamic Prevention of Cross-Site Scripting Attacks, DIMVA '08 and Robust defenses for cross-site request forgery, CCS '08
Background (not required) reading on XSS and CSRF
|
Dec 5 |
Bitcoin: SOK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies, IEEE Security and Privacy, 2015. |
Dec 7 |
Science of Security: Science, Security and the Elusive Goal of Security as a Scientific Pursuit, IEEE Security and Privacy '17 |
Dec 14 |
Final presentations
10 minutes max. Send me slides by 1pm same day (ppt, odp, or pdf accepted) so we can use one laptop. Presentations from 3pm-6pm.
Presentation order:
- Memauth: Implicit memory based authentication schemes
- Classifying Software Changes: Safe or Vulnerable
- Voice As an Attack: Using Browser Extensions to Access Voice-Controlled Intelligent Personal Assisstants
- Extending a Native Library Sandbox to 64-bit
- Defense Mechanisms against Adversarial Machine Learning for Malware Classifiers
- Firefox: Security Vulnerability Analysius
- Fool the malware: Malware code inspection using VM Cloning
- Exploring strategies for disincentivizing minimum-wage CAPTCHA solvers
- An AWS Lambda-based HTTP Flooding Attack
|