COMPSCI 660: Advanced Information Assurance (Fall'24)

The schedule is tentative and subject to change! Always check the assignments the week before each class. Here is the class schedule from last offering for your reference.

Date	Details
09/03	Orientation and logistics
	Review assignment: • None! Please make sure to attend class, as important logistics will be discussed! Suggested reading: • Introduction to Information Assurance
09/05	No class due to travel
	Will post a video to watch!
09/10	Overview of USENIX Security'24 (Class over zoom due to travel, Time to be determinted)
	Review assignment: • Pick a paper from USENIX Security'24 program and submit a review. We will be overviewing the program. Make sure to follow the suggested review format.
09/12	Essential Crypto
	Review assignment: • None! You can work on your project proposals!
09/17	Essential Crypto (Continued)
	Review assignment: • None! You can work on your project proposals! Homework 1 released after class. Due in two weeks!
09/19	Anonymous Communications
	Review assignment (pick one for each session; the order of papers is arbitrary!): • Locating Hidden Servers • Nymble: Blocking Misbehaving Users in Anonymizing Networks • RAPTOR: Routing Attacks on Privacy in Tor • Dissent: Accountable Anonymous Group Messaging Other useful resources: • Original Tor Design • A decent collection of anonymity-related papers
09/24	Anonymous Communications (Continued)
	Pick another paper from last class (above) and review!
09/26	Project Proposal Day (Class over zoom due to travel)
	Tasks: • Introduce your project in class in 2-3 minutes to get feedback and suggestion from others. • Submit your 1-page project proposal on Canvas (by 10/03)
10/01	Censorship, Surveillance, and Wiretapping
	Review assignment: • The Parrot is Dead: Observing Unobservable Network Communications • Quack: Scalable Remote Measurement of Application-Layer Censorship • Can They Hear Me Now? A Security Analysis of Law Enforcement Wiretaps Other resources: • A decent collection of censorship papers
10/03	Censorship, Surveillance, and Wiretapping (continued)
	Review assignment: • Pick another paper from last class (above) and review! Homework 2 released after class. Due in two weeks!
10/08	Data Privacy
	Review assignment: • BLENDER: Enabling Local Search with a Hybrid Differential Privacy Model • Private Information Retrieval • Quantifying Location Privacy
10/10	Privacy Leakage in Machine Learning
	Review assignment: • Membership Inference Attacks Against Machine Learning Models • Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures • Stealing Machine Learning Models via Prediction APIs Optional reading: • Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting • Machine Learning with Membership Privacy using Adversarial Regularization • MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples
10/15	No class (UMass Monday schedule)
10/17	Machine Learning Security
	Review assignment: • Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning • DeepXplore: Automated Whitebox Testing of Deep Learning Systems • Machine Learning Models that Remember Too Much Optional reading: • Certified Robustness to Adversarial Examples with Differential Privacy
10/22	Trustworthy Federated Learning
	Review assignment: • Comprehensive Privacy Analysis of Deep Learning: Stand-alone and Federated Learning under Passive and Active White-box Inference Attacks • How To Backdoor Federated Learning • Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Production Federated Learning • Ditto: Fair and Robust Federated Learning Through Personalization Homework 3 released after class. Due in two weeks!
10/24	Bitcoin and Blockchain
	Review assignment: • None!
10/29	Bitcoin and Blockchain (Continued)
	Review assignment: • Hijacking Bitcoin: Routing Attacks on Cryptocurrencies • Eclipse Attacks on Bitcoin’s Peer-to-Peer Network • Catena: Efficient Non-equivocation via Bitcoin
10/31	Intrusion Detection
	Review assignment: • BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection • Outside the Closed World: On Using Machine Learning For Network Intrusion Detection • Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection • DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning • Fingerprinting Electronic Control Units for Vehicle Intrusion Detection
11/05	No class (Election Holiday)
11/07	Covert Channels + Side-Channel Attacks
	Review assignment: • Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow • Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud • Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers
11/12	Authentication
	Review assignment: • The Tangled Web of Password Reuse • Multi-touch Authentication Using Hand Geometry and Behavioral Information • TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication
11/14	IoT/Embedded Systems Security
	Review assignment: • From the Aether to the Ethernet—Attacking the Internet using Broadcast Digital Television • Understanding the Mirai Botnet • Experimental Security Analysis of a Modern Automobile • Security Analysis of Emerging Smart Home Applications
11/19	Malware
	Review assignment: • Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials • MAMADROID: Detecting Android Malware by Building Markov Chains of Behavioral Models • Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale • Click Trajectories: End-to-End Analysis of the Spam Value Chain
11/21	Overview of other topics
11/26	Final Project Presentations
11/28	Thanksgiving Holiday
12/03	Final Project Presentations
12/05	Final Project Presentations
12/10	Final Project Presentations