| Date |
Details |
| 09/03 |
Orientation and logistics |
|
Review assignment:
• None! Please make sure to attend class, as important logistics will be discussed!
Suggested reading:
•
Introduction to Information Assurance
|
| 09/05 |
No class due to travel |
|
Will post a video to watch! |
| 09/10 |
Overview of USENIX Security'24 (Class over zoom due to travel, 10am-11:15am) |
|
Review assignment:
• Pick a paper from
USENIX Security'24 program and submit a review. We will be overviewing the program. Make sure to follow the suggested review format.
|
| 09/12 |
Essential Crypto |
|
Review assignment:
• None! You can work on your project proposals!
|
| 09/17 |
Essential Crypto (Continued) |
|
Review assignment:
• None! You can work on your project proposals!
Homework 1 released after class. Due in two weeks!
|
| 09/19 |
Anonymous Communications |
|
Review assignment (pick one for each session; the order of papers is arbitrary!):
•
Locating Hidden Servers
•
Nymble: Blocking Misbehaving Users in Anonymizing Networks
•
RAPTOR: Routing Attacks on Privacy in Tor
•
Dissent: Accountable Anonymous Group Messaging
Other useful resources:
•
Original Tor Design
•
A decent collection of anonymity-related papers
|
| 09/24 |
Anonymous Communications (Continued) |
|
Pick another paper from last class (above) and review! |
| 09/26 |
Project Proposal Day (Class over zoom due to travel) |
|
Tasks:
• Introduce your project in class in 2-3 minutes to get feedback and suggestion from others.
• Submit your 1-page project proposal on Canvas (by 10/03)
|
| 10/01 |
Censorship, Surveillance, and Wiretapping |
|
Review assignment:
•
MassBrowser: Unblocking the Censored Web for the Masses, by the Masses
•
The Parrot is Dead:
Observing Unobservable Network Communications
•
The Waterfall of Liberty:
Decoy Routing Circumvention that Resists Routing Attacks
|
| 10/03 |
Censorship, Surveillance, and Wiretapping (continued) |
|
Review assignment:
•
How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic
•
How China Detects and Blocks Shadowsocks
•
Quack: Scalable Remote Measurement of Application-Layer Censorship
• Additional resource:
A decent collection of censorship papers
Homework 2 released after class. Due in two weeks!
|
| 10/08 |
Data Privacy |
|
Review assignment:
•
BLENDER: Enabling Local Search with
a Hybrid Differential Privacy Model
•
Private Information Retrieval
•
Quantifying Location Privacy
|
| 10/10 |
Privacy Leakage in Machine Learning |
|
Review assignment:
•
Membership Inference Attacks Against Machine Learning Models
•
Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures
•
Stealing Machine Learning Models via Prediction APIs
Optional reading:
•
Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting
•
Machine Learning with Membership Privacy using Adversarial Regularization
•
MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples
|
| 10/15 |
No class (UMass Monday schedule) |
|
| 10/17 |
Machine Learning Security |
|
Review assignment:
•
Stealing the Decoding Algorithms of Language Models
•
Manipulating Machine Learning: Poisoning Attacks
and Countermeasures for Regression Learning
•
DeepXplore: Automated Whitebox Testing of Deep Learning Systems
•
Machine Learning Models that Remember Too Much
Optional reading:
•
Certified Robustness to Adversarial Examples with Differential Privacy
|
| 10/22 |
Trustworthy Federated Learning |
|
Review assignment:
•
Comprehensive Privacy Analysis of Deep Learning: Stand-alone and Federated Learning under Passive and Active White-box Inference Attacks
•
How To Backdoor Federated Learning
•
Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Production Federated Learning
•
Ditto: Fair and Robust Federated Learning Through Personalization
Homework 3 released after class. Due in two weeks!
|
| 10/24 |
Bitcoin and Blockchain |
|
Review assignment:
• None!
|
| 10/29 |
Bitcoin and Blockchain (Continued) |
|
Review assignment:
•
Hijacking Bitcoin: Routing Attacks on Cryptocurrencies
•
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network
•
Catena: Efficient Non-equivocation via Bitcoin
|
| 10/31 |
Overview of HW 3 and HW 4 |
|
No Review assignment.
|
| 11/05 |
No class (Election Holiday) |
|
| 11/07 |
Intrusion Detection |
|
Review assignment:
•
BotMiner: Clustering Analysis of Network Traffic for
Protocol- and Structure-Independent Botnet Detection
•
Outside the Closed World:
On Using Machine Learning For Network Intrusion Detection
•
Kitsune: An Ensemble of Autoencoders for Online
Network Intrusion Detection
•
DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning
•
Fingerprinting Electronic Control Units
for Vehicle Intrusion Detection
|
| 11/12 |
Covert Channels + Side-Channel Attacks |
|
Review assignment:
•
Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow
•
Hello from the Other Side: SSH over
Robust Cache Covert Channels in the Cloud
•
Exploiting a Thermal Side Channel for Power Attacks in
Multi-Tenant Data Centers
|
| 11/14 |
Malware |
|
Review assignment:
•
Data Breaches, Phishing, or Malware?
Understanding the Risks of Stolen Credentials
•
MAMADROID: Detecting Android Malware by
Building Markov Chains of Behavioral Models
•
Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale
•
Click Trajectories: End-to-End Analysis of the Spam Value Chain
|
| 11/19 |
IoT/Embedded Systems Security |
|
Review assignment:
•
From the Aether to the Ethernet—Attacking the Internet using Broadcast Digital Television
•
Understanding the Mirai Botnet
•
Experimental Security Analysis of a Modern Automobile
•
Security Analysis of Emerging Smart Home Applications
|
| 11/21 |
Overview of other topics |
|
| 11/26 |
Final Project Presentations |
|
| 11/28 |
Thanksgiving Holiday |
|
| 12/03 |
Final Project Presentations |
|
| 12/05 |
Final Project Presentations |
|
| 12/10 |
Final Project Presentations |
|