Class schedule will be posted during the first week of classes. Please make sure to attend the first class as we will be discussing the topics. The following is the tentative schedule, to be completed.

Date Details
01/23/2018 Orientation and logistics
Review assignment:
• None! Please make sure to attend class, as we will be planning the schedule for the semester-- together!
Suggested reading:
Introduction to Information Assurance
01/25/2018 Intro to Crypto I
Review assignment:
• None! Work on your project proposals!
01/30/2018 Intro to Crypto II
Review assignment:
• None! Work on your project proposals!
02/01/2018 Overview of NDSS'2018
Review assignment:
• Pick a paper from NDSS'18 program and submit a review. You should Google the title of the paper you'd like to review to find the paper's PDF. We will be overviewing the program.
02/06/2018 Anonymous Communications
Review assignment (pick one):
Tor: The Second-Generation Onion Router
RAPTOR: Routing Attacks on Privacy in Tor
Dissent: Accountable Anonymous Group Messaging
02/08/2018 Project Proposal Day
• Submit your 1-page project proposal on Moodle (before class)
• Introduce your project in class in 2-3 minutes to get feedback and suggestion from others.
02/13/2018 Bitcoin and Blockchain
Review assignment:
Hijacking Bitcoin: Routing Attacks on Cryptocurrencies (Justin Svegliato)
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network (Aditya Shastry)
Catena: Efficient Non-equivocation via Bitcoin (Abhay Mittal)
02/15/2018 IoT Security and Privacy
Review assignment:
Security Analysis of Emerging Smart Home Applications (Daksh Jotwani)
From the Aether to the Ethernet—Attacking the Internet using Broadcast Digital Television (Albert Williams)
Watching the Watchers: Automatically Inferring TV Content From Outdoor Light Effusions (Arian Niaki)
02/20/2018 Online Social Networks
Review assignment:
IVD: Automatic Learning and Enforcement of Authorization Rules in Online Social Networks (Fatemeh Rezaei)
Automated Crowdturfing Attacks and Defenses in Online Review Systems (Sam Witty)
Investigating Ad Transparency Mechanisms in Social Media: A Case Study of Facebook’s Explanations (Pratik Mehta)
02/22/2018 Online Social Networks (continued) + Authentication
Review assignment:
Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider (Shiva Ramezani)
Multi-touch Authentication Using Hand Geometry and Behavioral Information (Andrew Gramigna)
TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication (Soha Rostaminia)
02/27/2018 Censorship, Surveilance, and Wiretapping
Review assignment:
The Parrot is Dead: Observing Unobservable Network Communications (Nidhi Mundra)
The Waterfall of Liberty: Decoy Routing Circumvention that Resists Routing Attacks (David Zagreda)
Can They Hear Me Now? A Security Analysis of Law Enforcement Wiretaps (Divyesh Harit)
03/01/2018 Censorship (continued)+ Future Internet
Review assignment:
Analyzing the Great Firewall of China Over Space and Time (Ananya Suraj)
SCION: Scalability, Control, and Isolation on Next-Generation Networks (Hamid Mozaffari)
LAP: Lightweight Anonymity and Privacy (Ramteja Tadishetti)
03/06/2018 Covert Channels + Side-Channel Attacks
Review assignment:
Microarchitectural Minefields: 4K-Aliasing Covert Channel and Multi-Tenant Detection in IaaS Clouds (Sophie Koffler)
Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud (JianYi Huang)
Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers (Roy Chan)
03/08/2018 Side-Channel Attacks (Continued)
Review assignment:
Beauty and the Burst: Remote Identification of Encrypted Video Streams (Alireza Bahramali)
03/13/2018 Spring Break
03/15/2018 Spring Break
03/20/2018 No Class
03/22/2018 Data Privacy + Location Privacy
Review assignment:
Computer Security, Privacy, and DNA Sequencing: Compromising Computers with Synthesized DNA, Privacy Leaks, and More (Yash Chandak)
BLENDER: Enabling Local Search with a Hybrid Differential Privacy Model (Virat Shejwalkar)
Quantifying Location Privacy (Chen Qu)
03/27/2018 Learning Security
Review assignment:
Membership Inference Attacks Against Machine Learning Models (Rumeng LI)
Privacy-Preserving Deep Learning (Suraj Subraveti)
Stealing Machine Learning Models via Prediction APIs (Xiang Li)
DeepXplore: Automated Whitebox Testing of Deep Learning Systems (Ali Montazeralghaem)
03/29/2018 Intrusion Detection + Botnet Detection
Review assignment:
Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection (Michael Sadler)
Fingerprinting Electronic Control Units for Vehicle Intrusion Detection (Apoorva Saxena)
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection (Abhiram Eswaran)
Understanding the Mirai Botnet (Akul Siddalingaswamy)
04/03/2018 Economy of Malware+ Measurements for Security
Review assignment:
Click Trajectories: End-to-End Analysis of the Spam Value Chain (Joshua Pikovsky)
Apps, Trackers, Privacy, and Regulators A Global Study of the Mobile Tracking Ecosystem (Anil Kumar Saini)
Encore: Lightweight Measurement of Web Censorship with Cross-Origin Requests (Shahrooz Pouryousef)
04/05/2018 Hardware Security
Review assignment:
Spectre Attacks: Exploiting Speculative Execution (John Geenty)
The Meltdown Attack
Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing (Sadegh Rabiee)
Supplemental Reading:
Spectre, Meltdown and the Mill CPU
On the Meltdown & Spectre Design Flaws
04/10/2018 Mobile Security + Security Protocols
Review assignment:
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones (Nick Merlino)
MAMADROID: Detecting Android Malware by Building Markov Chains of Behavioral Models (Jacob Downs)
The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software (Shreyas Mishra)
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 (Amir Ramtin)
Supplemental Reading:
Intercepting Mobile Communications: The Insecurity of 802.11
The Krack Attack
04/12/2018 Phishing + Tracking
Review assignment:
Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials (Pardis Malekzadeh)
PhishEye: Live Monitoring of Sandboxed Phishing Kits (Qishen Li)
Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting (Sandeep Polisetty)
04/19/2018 Final Project Presentations
04/24/2017 Final Project Presentations
04/26/2018 Final Project Presentations
05/01/2018 Final Project Presentations
05/10/2018 Final Project Reports Due