| Overview of Security Principles |
Mon.
03/31 |
Introduction
[Slides] |
|
(Classic)
The Security Mindset
(Classic)
Why Information Security is Hard – An Economic Perspective
----
(Optional)
Practice-Oriented Provable-Security
(Optional)
Practice-Oriented Provable Security and the Social Construction of Cryptography
|
| Part I: Network/Internet Security |
Wed.
04/02 |
Internet Protocols
[Slides] |
[HW1 Out]
|
(Classic)
Censys: A Search Engine Backed by Internet-Wide Scanning
(Classic)
Off-Path Hacking: The Illusion of Challenge-Response Authentication
(Classic)
Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices
(Classic)
Validating SSL Certificates in Non-Browser Software
----
(Optional)
Prudent Engineering Practice for Cryptographic Protocols
(Optional)
The First Few Milliseconds of an HTTPS Connection
(Optional)
Keyless SSL: The Nitty Gritty Technical Details
|
Mon.
04/07 |
Ecosystems
[Slides] |
[Team-up!]
|
(Classic)
A Longitudinal, End-to-End View of the DNSSEC Ecosystem
(Classic)
Analysis of SSL Certificate Reissues and Revocations in the Wake of Heartbleed
(Recent)
Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate
(Recent)
Practical Attacks Against DNS Reputation Systems
----
(Optional)
A Tangled Mass: The Android Root Certificate Stores
|
Wed.
04/09 |
Applications
[Slides] |
|
(Classic)
The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords
(Recent)
Tor: The Second-Generation Onion Router
(Recent)
Analyzing the End-to-end Life Cycle and Effectiveness of Phishing ...
(Recent)
A Comprehensive Quality Evaluation of Security and Privacy Advice ...
----
(Optional)
Users Are Not the Enemy
|
| Part II: Computer Systems Security |
Mon.
04/14 |
Memory Safety
[Slides,
Slides] |
|
(Basic)
Hacking Blind
(Classic)
Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks
(Classic)
AddressSanitizer: A Fast Address Sanity Checker
(Recent)
Reenix: Implementing a Unix-Like Operating System in Rust
----
(Optional)
Smashing The Stack For Fun And Profit
(Optional)
Basic Integer Overflows
(Optional)
What Is a "Good" Memory Corruption Vulnerability?
|
Wed.
04/16 |
OS Security I
[Slides] |
on Zoom
[HW1 Due]
[HW2 Out]
|
This lecture will be offered online.
(Classic)
Setuid Demystified
(Classic)
KASR: A Lightweight System for Reducing the Attack Surface of the Kernel by ...
(Classic)
Capsicum: Practical Capabilities for UNIX
----
(Optional)
StackGhost: Hardware Facilitated Stack Protection
(Optional)
kGuard: Lightweight Kernel Protection against Return-to-user Attacks
|
Mon.
04/21 |
- |
[No class]
|
Checkpoint I Presentation Prep.
|
Wed.
04/23 |
Group Project |
|
Checkpoint Presentation I |
Mon.
04/28 |
OS Security II
[Slides] |
[HW2 Due]
[HW3 Out]
|
(Classic)
syzkaller - Kernel Fuzzer
(Classic)
The Flask Security Architecture: System Support for Diverse Security Policies
(Recent)
kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
(Recent)
Securing Linux Systems with AppArmor
----
(Optional)
Fuzzing: A Survey for Roadmap
(Optional)
kGuard: Lightweight Kernel Protection against Return-to-user Attacks
|
|
Part III: Isolation and (Software-induced) Breaks |
Wed.
04/30 |
Isolation
[Slides] |
|
(Classic)
Efficient Software-based Fault Isolation
(Classic)
Shilding Applications from an Untrustsed Cloud with Haven
----
(Optional) Intel SGX Explained
|
Mon.
05/05 |
Rowhammer
[Slides] |
|
(Classic)
Flipping Bits in Memory Without Accessing Them
(Recent)
Exploring Information Leakage in Third-Party Compute Clouds
(Recent)
Exposing the Graceless Degradation in DNNs Under Hardware Fault Attacks
|
Wed.
05/07 |
Side-Channels
[Slides] |
|
(Basic)
Differential Power Analysis
(Classic)
FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack
(Recent)
Meltdown: Reading Kernel Memory from User Space
(Recent)
Spectre Attacks: Exploiting Speculative Execution
|
| Part IV: Software/Web Security |
Mon.
05/12 |
Malware
[Slides] |
on Zoom
[HW3 Due]
|
Sanghyun will be at IEEE S&P 2025.
(Classic)
Towards Automatic Generation of Vulnerability-Based Signatures
(Classic)
AEG: Automatic Exploit Generation
(Recent)
Continuous Learning for Android Malware Detection
(Recent)
When Malware Changed Its Mind: An Empirical Study of ...
|
Wed.
05/14 |
Web Security
[Slides] |
on Zoom
|
Sanghyun will be at IEEE S&P 2025.
(Classic)
Dark Patterns at Scale: Findings from a Crawl of 11K Shopping Websites
(Classic)
Ad Injection at Scale: Assessing Deceptive Advertisement Modifications
(Classic)
All Your iFRAMEs Point to Us
(Classic)
Clickjacking: Attacks and Defenses
----
(Optional)
Social Phishing
|
Mon.
05/19 |
- |
[No class]
|
Checkpoint II Presentation Prep.
|
Wed.
05/21 |
Group Project |
[HW4 Out]
|
Checkpoint Presentation II |
Mon.
05/26 |
- |
[No class]
|
Memorial Day
|
| Part V: Trustworthy ML |
Wed.
05/28 |
Attacks
[Slides] |
|
(Basic)
SoK: Security and Privacy in Machine Learning
(Classic)
Towards Deep Learning Models Resistant to Adversarial Attacks
(Classic)
Poison Frogs! Targeted Clean-Label Poisoning Attacks on Neural Networks
(Classic)
Membership Inference Attacks From First Principles
|
Mon.
06/02 |
Defenses
[Slides] |
|
(Recent)
(Certified!!) Adversarial Robustness for Free!
(Recent)
Diffusion Denoising as a Certified Defense against Clean-label Poisoning
(Classic)
Deep Learning with Differential Privacy
|
Wed.
06/04 |
Group Project |
[HW4 Due]
|
Final Presentations (Showcases) |
| Finals Week (06/09 - 06/13) |
Mon.
06/09 |
- |
[No Lecture]
|
Final Exam & Submit your final project report.
|
Wed.
06/11 |
- |
[No Lecture]
[Final Exam]
|
Late submissions for HW 1-4.
|