COMPSCI 660: Advanced Information Assurance

The schedule is tentative and subject to change! Always check the assignments the week before each class. Here is the class schedule from last offering for your reference.

Date	Details
09/05	Orientation and logistics
	Review assignment: • None! Please make sure to attend class, as important logistics will be discussed! Suggested reading: • Introduction to Information Assurance
09/07	Essential Crypto
	Review assignment: • None! You can work on your project proposals!
09/12	Essential Crypto (Continued)
	Review assignment: • None! You can work on your project proposals! Homework 1 released after class. Due in two weeks!
09/14	Overview of USENIX Security'23
	Review assignment: • Pick a paper from USENIX Security'23 program and submit a review. We will be overviewing the program. Make sure to follow the suggested review format.
09/19	Anonymous Communications
	Review assignment (pick one for each session; the order of papers is arbitrary!): • Locating Hidden Servers • Nymble: Blocking Misbehaving Users in Anonymizing Networks • RAPTOR: Routing Attacks on Privacy in Tor • Dissent: Accountable Anonymous Group Messaging Other useful resources: • Original Tor Design • A decent collection of anonymity-related papers
09/21	Anonymous Communications (Continued)
	Pick another paper from last class (above) and review!
09/26	Censorship, Surveillance, and Wiretapping
	Review assignment: • The Parrot is Dead: Observing Unobservable Network Communications • Quack: Scalable Remote Measurement of Application-Layer Censorship • Can They Hear Me Now? A Security Analysis of Law Enforcement Wiretaps Other resources: • A decent collection of censorship papers Homework 2 released after class. Due in two weeks!
09/28	Project Proposal Day
	Tasks: • Introduce your project in class in 2-3 minutes to get feedback and suggestion from others. • Submit your 1-page project proposal on Canvas (by 10/03)
10/03	Data Privacy
	Review assignment: • BLENDER: Enabling Local Search with a Hybrid Differential Privacy Model • Private Information Retrieval • Quantifying Location Privacy
10/05	Privacy Leakage in Machine Learning
	Review assignment: • Membership Inference Attacks Against Machine Learning Models • Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures • Stealing Machine Learning Models via Prediction APIs Optional reading: • Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting • Machine Learning with Membership Privacy using Adversarial Regularization • MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples
10/12	Machine Learning Security
	Review assignment: • Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning • DeepXplore: Automated Whitebox Testing of Deep Learning Systems • Machine Learning Models that Remember Too Much Optional reading: • Certified Robustness to Adversarial Examples with Differential Privacy Homework 3 released after class. Due in two weeks!
10/17	Trustworthy Federated Learning
	Review assignment: • Comprehensive Privacy Analysis of Deep Learning: Stand-alone and Federated Learning under Passive and Active White-box Inference Attacks • How To Backdoor Federated Learning • Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Production Federated Learning • Ditto: Fair and Robust Federated Learning Through Personalization
10/19	Bitcoin and Blockchain
	Review assignment: • None!
10/26	Bitcoin and Blockchain (Continued)
	Review assignment: • Hijacking Bitcoin: Routing Attacks on Cryptocurrencies • Eclipse Attacks on Bitcoin’s Peer-to-Peer Network • Catena: Efficient Non-equivocation via Bitcoin
10/31	Covert Channels + Side-Channel Attacks
	Review assignment: • Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow • Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud • Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers
11/02	Authentication
	Review assignment: • The Tangled Web of Password Reuse • Multi-touch Authentication Using Hand Geometry and Behavioral Information • TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication
11/07	Online Social Networks
	Review assignment: • Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider • Detecting Fake Accounts in Online Social Networks at the Time of Registrations • Automated Crowdturfing Attacks and Defenses in Online Review Systems Optional reading: • Investigating Ad Transparency Mechanisms in Social Media: A Case Study of Facebook’s Explanations
11/09	IoT/Embedded Systems Security
	Review assignment: • From the Aether to the Ethernet—Attacking the Internet using Broadcast Digital Television • Understanding the Mirai Botnet • Experimental Security Analysis of a Modern Automobile • Security Analysis of Emerging Smart Home Applications
11/14	Malware
	Review assignment: • Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials • MAMADROID: Detecting Android Malware by Building Markov Chains of Behavioral Models • Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale • Click Trajectories: End-to-End Analysis of the Spam Value Chain
11/16	Law and Privacy
	Guest lecure by Prof. Eskhita Radwan (HSLU) Reading assignment (Pick one paper and write a ~one page summary): • What IS PRIVACY? THE HISTORY AND DEFINITION OF PRIVACY • Apply or not to apply? A Comparative View on Territorial Application of CCPA and GDPR
11/28	Final Project Presentations
11/30	Final Project Presentations
12/05	Final Project Presentations
12/07	Final Project Presentations