CSCI 6900 - Computer Network Attacks and DefensesFall 2010 |
This is
the course calendar for the Fall 2010 semester. Please notice that the
schedule is not definitive and will be updated as the course progresses.
Students are responsible for visiting this page often to stay informed on
the latest reading assignments and other information. Of course, I will
also inform you of significant changes during the lectures, but this
page is the one place you should refer to for all the details. |
Date |
Topic |
Lecture/Reading |
Other
Assignments |
8/16 |
Introduction |
CSCI-6900 Introduction [slides] |
|
8/17 |
Introduction |
Overview of research
topics in computer and network security (part A) [slides] |
(no
reviews) |
8/19 |
Overview of research
topics in computer and network security (part B) [slides] |
(no
reviews) Choose 3 papers from the paper list by 8/20-11:59pm |
|
8/23 |
Botnet Detection |
G. Gu, R. Perdisci, J. Zhang, W. Lee. BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection. USENIX'08: Proceedings of the 17th conference on Security symposium. Presenter: Prof. Perdisci [slides] | (no review, but read the paper) |
8/24 |
Malware Detection |
R. Perdisci, W. Lee, and N. Feamster. Behavioral Clustering of HTTP-based Malware and Signature Generation
using Malicious Network Traces. USENIX Symposium on Networked Systems
Design and Implementation, NSDI 2010. Presenter: Prof. Perdisci [slides] Course announcements [slides] |
(no review, but read the paper) |
8/26 |
Botnets | B.
Stone-Gross, M. Cova, L. Cavallaro, B. Gilbert, M. Szydlowski, R.
Kemmerer, C. Kruegel, G. Vigna. Your botnet is my
botnet: analysis of a botnet takeover. CCS '09: Proceedings of the
16th ACM conference on Computer and communications security. Presenter: Farhan Jiva [slides] [optional] M. Abu Rajab, J. Zarfoss, F. Monrose, and A. Terzis. A multifaceted approach to understanding the botnet phenomenon. IMC'06: Proceedings of the 6th ACM SIGCOMM conference on Internet measurement. |
review due today by 12:15pm Summary of Research Interests due today by 11:59pm |
8/30 |
Botnets |
Y. Zhao, Y. Xie, F. Yu, Q. Ke, Y. Yu, Yuan, Y. Chen, E. Gillum.
BotGraph: large scale spamming botnet detection. NSDI'09:
Proceedings of the 6th USENIX symposium on Networked systems design and
implementation. Presenter: Cole Sherer [slides] [optional] J.P. John, A. Moshchuk, S.D. Gribble, and A. Krishnamurthy, Arvind. Studying spamming botnets using Botlab. NSDI'09: Proceedings of the 6th USENIX symposium on Networked systems design and implementation. |
review due today by 12:15pm |
8/31 |
Botnets |
Y. Xie, F. Yu, K. Achan, R. Panigrahy, G. Hulten, and I. Osipkov.
Spamming Botnets: Signatures and Characteristics. SIGCOMM'08.
Presenter: Bo Feng [slides] Project Proposal Guidelines [slides] |
review due today by 12:15pm |
9/2 |
Worms |
J. Newsome, B. Karp, and D. Song. Polygraph: Automatically Generating
Signatures for Polymorphic Worms. IEEE SP '05: Proceedings of the 2005
IEEE Symposium on Security and Privacy. Presenter: MLavoie [slides] [optional] S. Staniford, V. Paxson, and N. Weaver. How to Own the Internet in Your Spare Time. Proceedings of the 11th USENIX Security Symposium. | review due today by 12:15pm |
9/6 |
Holiday (Labor Day) |
||
9/7 |
Worms |
R. Perdisci, D. Dagon, W. Lee, P. Fogla, and M. Sharif. Misleading
Worm Signature Generators Using Deliberate Noise Injection. IEEE SP
'06: Proceedings of the 2006 IEEE Symposium on Security and Privacy. Presenter: Prof. Perdisci [slides] |
(no review, but read the paper) |
9/9 |
5 minutes research proposal presentations | ||
9/13 |
Malware |
J. Oberheide, E. Cooke, and F. Jahanian. CloudAV: N-Version
Antivirus in the Network Cloud. USENIX'08: Proceedings of the 17th
conference on Security symposium. Presenter: Presenter: Carl Brett Meyer [slides] [optional] N. Provos, P. Mavrommatis, M. Abu Rajab, F. Monrose. All Your iFRAMEs Point to Us. USENIX'08: Proceedings of the 17th conference on Security symposium. |
review due today by 12:15pm |
9/14 |
Malware |
H. Yin,
D. Song, M. Egele, C. Kruegel, and E. Kirda. Panorama: capturing
system-wide information flow for malware detection and analysis. CCS
'07: Proceedings of the 14th ACM conference on Computer and
communications security. Presenter: MLavoie [slides] |
review due today by 12:15pm |
9/16 |
Malware |
A.
Moser, C. Kruegel, and E. Kirda. Exploring Multiple Execution Paths for
Malware Analysis. IEEE SP '07: Proceedings of the 2007 IEEE Symposium
on Security and Privacy. Presenter: Rohit Mullangi [slides] [optional] M. Sharif, A. Lanzi, J. Giffin and W. Lee. Impeding Malware Analysis Using Conditional Code Obfuscation. 15th Annual Network and Distributed System Security Symposium (NDSS'08) |
review due today by 12:15pm Research Project Proposal due 9/17 by 11:59pm |
9/20 |
Malware |
F. Guo, P. Ferrie, and T. Chiueh. A Study of the Packer Problem
and Its Solutions. RAID'08: Proceedings of the 11th international
symposium on Recent Advances in Intrusion Detection 2008. [download it from SpringerLink website, trhough library.uga.edu]. Presenter: Will Whiteside [slides] |
review due today by 12:15pm |
9/21 |
Malware |
A.
Dinaburg, P. Royal, M. Sharif, and W. Lee. Ether: Malware Analysis via
Hardware Virtualization Extensions. In Proceedings of The 15th ACM
Conference on Computer and Communications Security (CCS 2008).
Presenter: Enrico Galli [slides] [optional] S. King, P. Chen, Y. Wang, C. Verbowski, H. Wang, and J. Lorch. SubVirt: Implementing malware with virtual machines. IEEE Symposium on Security and Privacy, 2006. |
review due today by 12:15pm |
9/23 |
Malware |
U.
Bayer, P. Milani, C. Hlauschek, C. Kruegel, and E. Kirda. Scalable,
Behavior-Based Malware Clustering. 16th Annual Network and Distributed
System Security Symposium (NDSS 2009). Presenter: Sal LaMarca [slides] |
review due today by 12:15pm |
9/27 |
Spam |
V.
Metsis, I. Androutsopoulos, G. Paliouras. Spam Filtering with Naive
Bayes – Which Naive Bayes? CEAS'06: Collaboration, Electronic
messaging, Anti-Abuse and Spam Conference 2006. Presenter: Carl Brett
Meyer [slides] |
review due today by 12:15pm |
9/28 |
Spam |
A.
Ramachandran and N. Feamster. Understanding the Network-Level Behavior
of Spammers. Proc. ACM SIGCOMM 2006. Presenter: MLavoie [slides] [optional] S. Hao, N. Feamster, A. Gray, N. Syed, S. Krasser. Detecting Spammers with SNARE: Spatio-Temporal Network-Level Automated Reputation Engine. 18th USENIX Security Symposium 2009 |
review due today by 12:15pm |
9/30 |
Vulnerabilities |
C. Cowan, P. Wagle, C. Pu, S. Beattie, J. Walpole. Buffer
overflows: attacks and defenses for the vulnerability of the decade.
Foundations of Intrusion Tolerant Systems, 2003. Presenter: Chris Neasbitt [slides] |
review due today by 12:15pm |
10/4 |
Prepare for Midterm Project Report and Presentation |
||
10/5 |
Prepare for Midterm Project Report and Presentation | ||
10/7 |
Prepare for Midterm Project Report and Presentation | ||
10/11 |
Vulnerabilities |
H. Shacham. The Geometry of Innocent Flesh on the Bone:
Return-into-libc without function Calls (on the x86). Proceedings of
ACM CCS 2007. Presenter: Enrico Galli [slides] [optional] D. Brumley, T. Chiueh, R. Johnson, H. Lin, D. Song. RICH: Automatically Protecting Against Integer-Based Vulnerabilities. NDSS 2007. |
review due today by 12:15pm |
10/12 |
Mideterm 10 minutes progress resport presentations | ||
10/14 |
Mideterm 10 minutes progress resport presentations | Midterm Project Progress Report due on 10/15 at 11:59pm | |
10/18 |
IDS |
M. Handley, C. Kreibich, and V. Paxson. Network Intrusion
Detection: Evasion, Traffic Normalization, and End-to-End Protocol
Semantics. USENIX Security Symposium 2001. Presenter: Chris Neasbitt [slides] |
review due today by 12:15pm |
10/19 |
IDS |
K. Wang, and S. J. Stolfo. Anomalous payload-based network intrusion detection. RAID 2004. Presenter: Prof. Perdisci |
review due today by 12:15pm |
10/21 |
IDS |
J. Mason, S. Small, F. Monrose, and G. MacManus. English
shellcode. CCS '09: Proceedings of the 16th ACM conference on Computer
and communications security 2009. Presenter: Will Whiteside [slides] |
review due today by 12:15pm |
10/25 |
IDS |
C. Kruegel, and G. Vigna. Anomaly detection of web-based attacks.
CCS '03: Proceedings of the 10th ACM conference on Computer and
communications security 2003. Presenter: Farhan Jiva [slides] |
review due today by 12:15pm |
10/26 |
IDS |
C. Warrender, S. Forrest, B. Pearlmutter. Detecting Intrusions
Using System Calls: Alternative Data Models. IEEE Symposium on Security
and Privacy 1999. Presenter: Enrico Galli [slides] |
review due today by 12:15pm |
10/28 |
IDS |
C. Kruegel, E. Kirda, D. Mutz, W. Robertson, and G. Vigna.
Automating Mimicry Attacks Using Static Binary Analysis. In the
Proceedings of the 14th USENIX Security Symposium 2005. Presenter: Rohit Mullangi [slides] |
review due today by 12:15pm |
11/1 |
Web Security |
Y. Wang , D. Beck , X. Jiang , R. Roussev, C. Verbowski, S. Chen, and S. King. Automated Web Patrol with Strider HoneyMonkeys. NDSS 2006 Presenter: Bo Feng [slides] |
review due today by 12:15pm |
11/2 |
Web Security |
C. Grier, S. Tang, and S.T. King. Secure Web Browsing with the OP
Web Browser. Proceedings of the 2008 IEEE Symposium on Security and
Privacy. Presenter: Farhan Jiva [slides] |
review due today by 12:15pm |
11/4 |
Web Security |
D. Balzarotti, M. Cova, V. Felmetsger, N. Jovanovic, E. Kirda, C.
Kruegel, G. Vigna. Saner: Composing Static and Dynamic Analysis to
Validate Sanitization in Web Applications. Proceedings of the 29th IEEE
Symposium on Security and Privacy 2008. Presenter: Rohit Mullangi [slides] |
review due today by 12:15pm |
11/8 |
Prepare for Final Project Report and Presentation Tips on how to write a conference style paper [slides] |
||
11/9 |
Privacy |
R. Geambasu, T. Kohno, A. Levy, H. M. Levy. Vanish: Increasing Data Privacy with Self-Destructing Data. In Proceedings of the USENIX Security Symposium 2009. Presenter: Cole Sherer [slides] | review due today by 12:15pm |
11/11 |
Privacy |
A. Narayanan, V. Shmatikov. Robust De-anonymization of Large Sparse Datasets. IEEE Symposium on Security and Privacy, 2008. Presenter: Carl Brett Meyer [slides] | review due today by 12:15pm |
11/15 |
Prepare for Final Project Report and Presentation | ||
11/16 |
Privacy |
S. Chen, R. Wang, X. Wang, K. Zhang. Side-Channel Leaks in Web
Applications: a Reality Today, a Challenge Tomorrow. IEEE Symposium on
Security and Privacy 2010. Presenter: Will Whiteside [slides] |
review due today by 12:15pm |
11/18 |
Miscellanea |
J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul,
J. A. Calandrino, A. J. Feldman, E. W. Felten. Lest We Remember: Cold
Boot Attacks on Encryption Keys. USENIX Security Symposium 2008. Presenter: Bo Feng [slides] |
review due today by 12:15pm |
11/22 - 11/26 |
Thanksgiving Holiday |
||
11/29 |
Miscellanea |
A. Bittau, M. Handley and J. Lackey. The Final Nail in WEP's Coffin. Proceedings of the IEEE Symposium on Security and Privacy, 2006. Presenter: Chris Neasbitt | review due today by 12:15pm |
11/30 |
Miscellanea |
J. Zhang, P. Porras, J. Ullrich. Highly Predictive Blacklisting. USENIX Security Symposium 2008. Presenter: Cole Sherer | review due today by 12:15pm |
12/2 |
Final 15 minutes research project results presentation |
||
12/6 |
Final 15 minutes research project results presentation | ||
12/7 |
Final 15 minutes research project results presentation | ||
12/10 |
Final paper submission deadline (due on 12/10 by 11:59pm) |