Internet Data Science for Cybersecurity

CSE 291-e, Winter 2023

Professor kc claffy
TA: Ben Du | Office Hours: Friday 12-1pm, CSE B250A


Week 1: Network infrastructure data science: challenges and opportunities 

Mon Jan 9th: Overview:  

  • Overview, Motivation, Goals, Layout of Course, Expectations, Grading (kc)
  • slides
Required reading: READ BEFORE 11 JAN 

Wed Jan 11: Why Internet infrastructure is insecure: Structure of the Internet 

  • Some building blocks of Internet infrastructure. IPv4. IPv6. AS. ICANN. BGP. Transit.
  • Introduction to address allocation and routing architecture   
  • Introduction to spoofing
  • slides

Week 2: IP addresses - Spoofing

Mon Jan 16: MLK Day: HOLIDAY

Required reading: READ BEFORE 18 JAN 
Optional reading

Wed Jan 18: IP address spoofing: Guest Lecturer Matthew Luckie (CAIDA) 

Assignment 1: DUE 23 JAN: 

Week 3: Global Internet Routing – How Does It Work?

Required reading: READ BEFORE 23 JAN 

Mon Jan 23: Inferring Internet routing relationships based on transit economics

Guest Lecturer: Matthew Luckie (CAIDA) 
Recommended reading: (You meet the author 25 JAN) 

Wed Jan 25: Internet Security

Guest Lecturer: David Clark (MIT), Internet Architect
  • Internet security: past, present, future
  • Why Internet infrastructure challenges are so persistent: 
    • “You can’t secure what you can’t measure”.   
  • Slides
Assignment 2: DUE 3 FEB:  

Week 4: BGP Route Hijacking || Ethics of Internet Measurement

Required reading: READ BEFORE 1 FEB 
Optional reading

Mon Jan 30:  BGP Hijacking

Guest Lecturer: PhD Candidate Ben Du 
  • Lecture: BGP Hijacking Definitions and Classification
  • Dataset: CAIDA’s RouteViews-based prefix2as data
  • Slides

Wed Feb 1: Ethics of Internet Measurement

  • Review of paper: Ethics of Internet Measurement
  • Preparation to read DNS hijacking papers.  
  • Introduction of an Internet measurement tool: Traceroute
  • Ethics slides
  • Traceroute slides
Required reading: READ BEFORE 6 FEB
Recommended video
Optional reading: 

Week 5:  Domain Name System Vulnerabilities 

Assignment 3 DUE FEB 20: 

Mon Feb 6:  DNS Hijacking. 

Guest lecturer: PhD Alumnus Gautam Akiwate. 
Optional reading: READ BEFORE 8 FEB

Web Feb 8:  DNS Hijacking (2). 

Guest lecturer: Gautam Akiwate. 

Week 6: BGP Defenses and Their Limitations 

Required reading: READ BEFORE 13 FEB
Optional reading:

Mon Feb 13:  BGP Hijacking Defenses: IRR and RPKI.

Guest Lecturer: PhD Candidate Ben Du 

Wed Feb 15:  BGP Communities.

Guest Lecturer: Thomas Krenc

Week 7: Policy Aspects of Routing Security  

Required reading: READ BEFORE 22 FEB
  • This week's reading is a bit different -- they are not research papers
  • List of Readings and Questions
    1. Read the FCC Notice of Inquiry and the responses listed in the pdf
    2. Read the items in bold before class.


Wed Feb 22:  Regulatory Interest in Routing Security

Assignment 4 DUE MAR 1: 

Week 8: Router-Level Topology: Revisited || Traffic Data Introduction  

Optional reading:

Mon Feb 27:  Router-Level Topology: Review

Wed Mar 1:  Traffic Data: Internet Background Radiation

Week 9: DNS Landscape  

Recommended reading

Mon Mar 6: DNS Harms and How to Study Them

Wed Mar 8: DNS Harms in wake of Expanding TLD namespace.

Week 10: TLS Landscape  

Recommended reading

Mon Mar 13: Transport Layer Security and the CA System

    (also review project assignment details, answer questions)

Wed Mar 15: Trust Zones: Paths Forward. Feedback on course.

Final Project Assignments  

  1. Explore CAIDA Internet Topology Data Kit
  2. Analyze Darknet Traffic (pcaps)
  3. Explore ROV deployment using BGP2GO and BGPStream