Date |
Lectures Topics |
Speakers & Notes |
|
Tu 3/27 |
Class overview, project assignment, overview of Internet security. |
Yan [ppt] |
Symantec Internet Security Report, March 2007. |
Th 3/29 |
BGP and routing
anomalies |
Yan [ppt] No paper summary needed. |
1. BGP tutorial from Cisco, please read the “BGP fundamental” part and this simplified tutorial of BGP. (I will go over the slides in the class. You may also want to read the full version of “Introduction to BGP” by Tim Griffin.) 2. Delayed Internet Routing Convergence, by C. Labovitz, A. Ahuja, A. Bose and F. Jahanian, in ACM SIGCOMM 2000. (slides of their NANOG 19 talk) |
Tu 4/3 |
Next generation network architectures and its security implications |
Sagar [ppt] |
Accurate Real-time Identification of IP Hijacking, X. Hu and Z. Mao, IEEE Security Symposium 2007. [Reference] PHAS: A Prefix Hijack Alert System, M. Lad et al, USENIX Security Symposium 2006. [Reference] Next generation network architecture (view point of Cisco) (PowerPoint), Cisco Research Symposium August 2006. |
Th 4/5 |
Honeynet/honeyfarms |
Anup [ppt] |
1. The Internet
Motion Sensor: A Distributed Blackhole Monitoring System, M. Bailey, et al,
NDSS 2005. 2. Scalability, Fidelity, and Containment in the Potemkin Virtual Honeyfarm [presentation], M. Vrable, et al, ACM SOSP 2005. |
Tu 4/10 |
Botnets |
Sam |
1. A Multifaceted
Approach to Understanding the Botnet Phenomenon, M. A. Rajab, et al, ACM
IMC 2006. 2. Revealing Botnet Membership with DNSBL Counter-Intelligence, A. Ramachandran, N. Feamster, and D. Dagon, 2nd USENIX Steps to Reducing Unwanted Traffic on the Internet (SRUTI), 2006. |
Th 4/12 |
Invited talk on network access control |
Kurtis E. Minder,
Mirage Networks [ppt]
|
|
Tu 4/17 |
Spam |
Sagar [ppt] |
Understanding the Network-Level Behavior
of Spammers, A. Ramachandran and |
Th 4/19 |
|
Zhaosheng [ppt] |
1.
ShieldGen:
Automated Data Patch Generation for Unknown Vulnerabilities with Informed
Probing, W. Cui et al, in IEEE Symposium on Security and Privacy ( 2. Packet Vaccine: Black-box Exploit Detection and Signature Generation, X. Wang, et al, ACM CCS 2006. |
Tu 4/24 |
Worms II (debate with CS495) |
|
Worm
Origin Identification Using Random Walks, [Reference] Forensic Analysis for Epidemic Attacks in Federated Networks, Yinglian Xie, Vyas Sekar, Mike Reiter, Hui Zhang, IEEE ICNP 2006 |
Th 4/26 |
Secure Internet architecture (debate with CS495) |
|
SANE: A Protection Architecture for Enterprise Networks, M. Casado et al., in USENIX Security Symposium 2006. |
Tu 5/1 |
Midterm project presentation |
||
Th 5/3 |
World Wide Web security I |
James |
BrowserShield: Vulnerability-Driven Filtering of Dynamic HTML, C. Reis et al, ACM OSDI 2006. |
Tu 5/8 |
Denial-of-Service (DoS) attack defense I (debate with CS495) |
|
DDoS Defense by Offense, M. Walfish et al, ACM SIGCOMM 2006 |
Th 5/10 |
DoS attack defense II (debate with CS495) |
|
A DoS-limiting Network Architecture, X. Yang, D. Wetherall, and T. Anderson, ACM SIGCOMM 2005 |
Tu 5/15 |
Hardware support for network security |
Invited
talk by Prof. Bin Liu, |
Rethinking Hardware
Support for Network Analysis and Intrusion Prevention, V. Paxson,
et al, Proc. USENIX Hot Security, August 2006. Slides
from Vern. |
Th 5/17 |
World Wide Web security II |
[ppt] |
Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure, V. T. Lam, S. Antonatos, P. Akritidis, and K. G. Anagnostakis, ACM CCS 2006 |
Tu 5/22 |
Intrusion detection and forensics I |
Zhaosheng [ppt] |
Protomatching Network Traffic for High Throughput Network Intrusion Detection. Shai Rubin, Somesh Jha, and Barton P. Miller, ACM CCS 2006 |
We 5/23 |
Future Internet architecture (debate with CS495) |
|
Postmodern
Internetwork Architecture, by B. Bhattacharjee et al. |
Tu 5/29 |
Intrusion detection and forensics II |
Jim [ppt] |
Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection, H. Dreger et al, USENIX Security Symposium 2006. [Ref] A
Generic Application-Level Protocol Analyzer and its Language, N. Borisov
et al, NDSS 2007. |
Th 5/31 |
Project presentation |
|
Notes: