CSE 599 G/H (Autumn 2007)

Computer Security and Privacy

Class Schedule (Dates More than One Week Later Subject to Slight Changes)

Date	Topic and readings	Announcements
9/27/2007 No Class	No Class -- see email.
10/2/2007 Introduction	Required Reading: P.G. Neumann. Security Criteria for Electronic Voting. In 16th National Computer Security Conference, 1993. A. Adams and M.A. Sasse. Users are Not the Enemy. Communications of the ACM, 1999. Optional Reading: T. Kohno, A. Stubblefield, A.D. Rubin, and D.S. Wallach. Analysis of An Electronic Voting System. In IEEE Symposium on Security and Privacy, 2004. C. Karlof, N. Sastry, and D. Wagner. Cryptographic Voting Protocols: A Systems Perspective. In USENIX Security, 2005. J. Kelsey. Strategies for Software Attacks on Voting Machines. In NIST Threats to Voting Systems, 2005.
10/4/2007 Introduction	Required Reading: J. Franklin, V. Paxson, A. Perrig, and S. Savage. An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants. In ACM Conference on Computer and Communications Security, 2007. C. Jackson, D. Boneh, and J. Mitchell. Transaction Generators: Root Kits for the Web. In USENIX Workshop on Hot Topics in Security, 2007. Optional Reading: C. Guo, H.J. Wang, and W. Zhu. Smart-Phone Attacks and Defenses. In HotNets, 2004.	Project: Determine Groups (due 10/5/2007, 11:59pm, by email)
10/9/2007 Human Factors	Required Reading: J.I. Hong, J.D. Ng, S. Lederer, and J.A. Landay. Privacy Risk Models for Designing Privacy-Sensitive Ubiquitous Computing Systems. In Designing Interactive Systems, 2004. Optional Reading: G. Iachello, I. Smith, S. Consolvo, M. Chen, and G. Abowd. Developing Privacy Guidelines for Social Location Disclosure Applications and Services. In Symposium on Usable Privacy and Security, 2005. T. Kriplean, E. Welbourne, N. Khoussainova, V. Rastogi, M. Balazinska, G. Borriello, T. Kohno, and D. Suciu. Physical Access Control for Captured RFID Data. IEEE Pervasive Computing, 2007. J. Cornwell, I. Fette, G. Hsieh, M. Prabaker, J. Rao, K. Tang, K. Vaniea, L. Bauer, L. Cranor, J. Hong, B. McLaren, M. Reiter, and N. Sadeh. User-Controllable Security and Privacy for Pervasive Computing. In HotMobile, 2007.
10/11/2007 Human Factors	Required Reading: R. Dhamija, J.D. Tygar, and M. Hearst. Why Phishing Works. In ACM Conference on Human Factors in Computing Systems, 2006. Optional Reading: D. Davis, F. Monrose, and M.K. Reiter. On User Choice in Graphical Password Schemes. In USENIX Security, 2004. B.A. Huberman, E. Adar, L.R. Fine. Valuating Privacy. IEEE Security and Privacy, September/October, 2005. S. Schechter, R. Dhamija, A. Ozment, I. Fischer. The Emperor's New Security Indicators: An Evaluation of Website Authentication and the Effect of Role Playing on Usability Studies. In IEEE Symposium on Security and Privacy, 2007.
10/16/2007 Attack Detection, Measurement, Experiment, and Modeling	Required Reading: D. Moore, G.M. Voelker, and S. Savage. Inferring Internet Denial-of-Service Activity. In USENIX Security, 2001. J. Bethencourt, J. Franklin, and M. Vernon. Mapping Internet Sensors with Probe Response Attacks. In USENIX Security, 2005. Note: You are only required to read the Introduction to this paper. But you should think about how you might achieve the authors' goals. You do not need to submit a separate review for this paper; rather your review for the above paper may mention this paper. Optional Reading: A. Moshchuk, T. Bragin, S.D. Gribble, and H.M. Levy. A Crawler-Based Study of Spyware on the Web. In Network and Distributed System Security Symposium, 2006.	Project: Proposals Due (11:59pm, upload to Catalyst)
10/18/2007 Attack Detection, Measurement, Experiment, and Modeling	Required Reading: S. Staniford, V. Paxson, and N. Weaver. How to 0wn the Internet in Your Spare Time. In USENIX Security, 2002. Optional Reading: J. Ma, G.M. Voelker, and S. Savage. Self-Stopping Worms. In ACM WORM Workshop, 2005.
10/23/2007 Attack Detection, Measurement, Experiment, and Modeling	Required Reading: H.J. Wang, C. Guo, D.R. Simon, and A. Zugenmaier. Shield: Vulnerability-Driven Network Filters for Preventing Known Vulnerability Exploits. In ACM SIGCOMM Conference, 2004. Optional Reading: V. Paxson. Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks, 1999. S. Singh, C. Estan, G. Varghese, and S. Savage. Automated Worm Fingerprinting. In Symposium on Operating Systems Design and Implementation, 2004. D. Brumley, J. Newsome, D. Song, H. Wang, and S. Jha. Towards Automatic Generation of Vulnerability-Based Signatures. In IEEE Symposium on Security and Privacy, 2006.
10/25/2007 Cryptography: Basic Primitives and Protocols	Required Reading: D. Wagner and B. Schneier. Analysis of the SSL 3.0 Protocol. In 2nd USENIX Workshop on Electronic Commerce, 1996. (Read the revised version.) S.M. Bellovin. Problem Areas for IP Security Protocols. In 6th USENIX Security Symposium, 1996. Optional Reading:
10/30/2007 Cryptography: Basic Primitives and Protocols	Required Reading: None (still on basic crypto). Optional Reading: M. Abadi and R. Needham. Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering, 1995. R. Anderson. Why Cryptosystems Fail. In ACM Conference on Computer and Communications Security, 1993.
11/1/2007 Cryptography: Basic Primitives and Protocols	Required Reading: M. Bellare, T. Kohno, and C. Namprempre. Authenticated Encryption in SSH: Provably Fixing the SSH Binary Packet Protocol. In ACM Conference on Computer and Communications Security, 2002. Optional Reading: M. Bellare. Practice-oriented Provable Security. In International Workshop on Information Security, 1997.
11/6/2007 Cryptography: Applications and Network Security	Required Reading: Clue.	Attack Lab: Hand out
11/8/2007 Cryptography: Applications and Network Security	Required Reading: None (still on Clue and crypto).
11/13/2007 Cryptography: Applications and Network Security	Required Reading: Colin Dixon, Thomas Anderson, Arvind Krishnamurthy. Phalanx: Withstanding Multimillion-Node Botnets.	Project: Checkpoint (11/10/2007, 11:59pm, upload to Catalyst)
11/15/2007 System Design and Implementation	Required Reading: P. England, B. Lampson, J. Manferdelli, M. Peinado, and B. Willman. A Trusted Open Platform. IEEE Computer, 2003. A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla. Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems. In ACM Symposium on Operating Systems Principles, 2005. Optional Reading: T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A Virtual Machine-Based Platform for Trusted Computing. In ACM Symposium on Operating Systems Principles, 2003. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and Implementation of a TCG-Based Integrity Measurement Architecture. In USENIX Security, 2004.
11/20/2007 System Design and Implementation	Required Reading: M. Casado, T. Garfinkel, M. Freedman, A. Akella, D. Boneh, N. McKeowon, and S. Shenker. SANE: A Protection Architecture for Enterprise Networks. In USENIX Security, 2006. Optional Reading: E. Wobber, M. Abadi, M. Burrows, and B. Lampson. Authentication in the Taos Operating System. ACM Transactions on Computer Systems, 1994. L. Bauer, S. Garriss, J. M. McCune, M. K. Reiter, J. Rouse, and P. Rutenbar. Device-enabled Authorization in the Grey System. In Information Security: 8th International Conference, 2005. L. Bauer, S. Garriss, and M.K. Reiter. Distributed Proving in Access-Control Systems. In IEEE Symposium on Security and Privacy, 2005.	Attack Lab: Due (by 11:59pm to Catalyst)
11/27/2007 System Design and Implementation	Required Reading: D. Wagner, J.S. Foster, E.A. Brewer, and A. Aiken. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. In Network and Distributed System Security Symposium, 2000. Optional Reading: C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In USENIX Security, 1998.
11/29/2007 System Design and Implementation, Side Channels, and Anonymity	Required Reading: R. Wahbe, S. Lucco, T.E. Anderson, and S.L. Graham. Efficient Software-Based Fault Isolation. In Symposium on Operating Systems Principles, 1994. Optional Reading: U. Erlingsson and F.B. Schneider. IRM Enforcement of Java Stack Inspection. In IEEE Symposium on Security and Privacy, 2000. F.A.P. Petitcolas, R.J. Anderson, and M.G. Kuhn. Information Hiding -- A Survey. Proceedings of the IEEE, 1999. P.C. Kocher. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In Advances in Cryptology -- CRYPTO, 1996. T. Kohno, A. Broido, and K.C. Claffy. Remote Physical Device Fingerprinting. IEEE Transactions on Dependable and Secure Computing, 2005. I.S. Moskowitz and M.H. Kang. Covert Channels Here to Stay? In 9th Annual Conference on Computer Assurance, 1994. R. Dingledine, N. Mathewson, and P. Syverson. Tor: The Second-Generation Onion Router. In USENIX Security, 2004.	Project: Draft of Written Report (11:59pm, upload to Catalyst)
12/4/2007 None
12/6/2007 None		Project: Peer Reviews (of Drafts) Due (11:59pm, to Catalyst)
12/13/2007 Project Presentations	Project presentations (10:30am--12:20pm, EEB 003)	Project: Presentations and Final Written Reports Due (10:30am, upload both the presentation and the written report to Catalyst)

Date

Topic and readings

Announcements

9/27/2007

No Class

No Class -- see email.

10/2/2007

Introduction

Required Reading:

P.G. Neumann. Security Criteria for Electronic Voting. In 16th National Computer Security Conference, 1993.
A. Adams and M.A. Sasse. Users are Not the Enemy. Communications of the ACM, 1999.

Optional Reading:

T. Kohno, A. Stubblefield, A.D. Rubin, and D.S. Wallach. Analysis of An Electronic Voting System. In IEEE Symposium on Security and Privacy, 2004.
C. Karlof, N. Sastry, and D. Wagner. Cryptographic Voting Protocols: A Systems Perspective. In USENIX Security, 2005.
J. Kelsey. Strategies for Software Attacks on Voting Machines. In NIST Threats to Voting Systems, 2005.

10/4/2007

Introduction

Required Reading:

J. Franklin, V. Paxson, A. Perrig, and S. Savage. An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants. In ACM Conference on Computer and Communications Security, 2007.
C. Jackson, D. Boneh, and J. Mitchell. Transaction Generators: Root Kits for the Web. In USENIX Workshop on Hot Topics in Security, 2007.

Optional Reading:

C. Guo, H.J. Wang, and W. Zhu. Smart-Phone Attacks and Defenses. In HotNets, 2004.

Project: Determine Groups (due 10/5/2007, 11:59pm, by email)

10/9/2007

Human Factors

Required Reading:

J.I. Hong, J.D. Ng, S. Lederer, and J.A. Landay. Privacy Risk Models for Designing Privacy-Sensitive Ubiquitous Computing Systems. In Designing Interactive Systems, 2004.

Optional Reading:

G. Iachello, I. Smith, S. Consolvo, M. Chen, and G. Abowd. Developing Privacy Guidelines for Social Location Disclosure Applications and Services. In Symposium on Usable Privacy and Security, 2005.
T. Kriplean, E. Welbourne, N. Khoussainova, V. Rastogi, M. Balazinska, G. Borriello, T. Kohno, and D. Suciu. Physical Access Control for Captured RFID Data. IEEE Pervasive Computing, 2007.
J. Cornwell, I. Fette, G. Hsieh, M. Prabaker, J. Rao, K. Tang, K. Vaniea, L. Bauer, L. Cranor, J. Hong, B. McLaren, M. Reiter, and N. Sadeh. User-Controllable Security and Privacy for Pervasive Computing. In HotMobile, 2007.

10/11/2007

Human Factors

Required Reading:

R. Dhamija, J.D. Tygar, and M. Hearst. Why Phishing Works. In ACM Conference on Human Factors in Computing Systems, 2006.

Optional Reading:

D. Davis, F. Monrose, and M.K. Reiter. On User Choice in Graphical Password Schemes. In USENIX Security, 2004.
B.A. Huberman, E. Adar, L.R. Fine. Valuating Privacy. IEEE Security and Privacy, September/October, 2005.
S. Schechter, R. Dhamija, A. Ozment, I. Fischer. The Emperor's New Security Indicators: An Evaluation of Website Authentication and the Effect of Role Playing on Usability Studies. In IEEE Symposium on Security and Privacy, 2007.

10/16/2007

Attack Detection, Measurement, Experiment, and Modeling

Required Reading:

D. Moore, G.M. Voelker, and S. Savage. Inferring Internet Denial-of-Service Activity. In USENIX Security, 2001.
J. Bethencourt, J. Franklin, and M. Vernon. Mapping Internet Sensors with Probe Response Attacks. In USENIX Security, 2005. Note: You are only required to read the Introduction to this paper. But you should think about how you might achieve the authors' goals. You do not need to submit a separate review for this paper; rather your review for the above paper may mention this paper.

Optional Reading:

A. Moshchuk, T. Bragin, S.D. Gribble, and H.M. Levy. A Crawler-Based Study of Spyware on the Web. In Network and Distributed System Security Symposium, 2006.

Project: Proposals Due (11:59pm, upload to Catalyst)

10/18/2007

Attack Detection, Measurement, Experiment, and Modeling

Required Reading:

S. Staniford, V. Paxson, and N. Weaver. How to 0wn the Internet in Your Spare Time. In USENIX Security, 2002.

Optional Reading:

J. Ma, G.M. Voelker, and S. Savage. Self-Stopping Worms. In ACM WORM Workshop, 2005.

10/23/2007

Attack Detection, Measurement, Experiment, and Modeling

Required Reading:

H.J. Wang, C. Guo, D.R. Simon, and A. Zugenmaier. Shield: Vulnerability-Driven Network Filters for Preventing Known Vulnerability Exploits. In ACM SIGCOMM Conference, 2004.

Optional Reading:

V. Paxson. Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks, 1999.
S. Singh, C. Estan, G. Varghese, and S. Savage. Automated Worm Fingerprinting. In Symposium on Operating Systems Design and Implementation, 2004.
D. Brumley, J. Newsome, D. Song, H. Wang, and S. Jha. Towards Automatic Generation of Vulnerability-Based Signatures. In IEEE Symposium on Security and Privacy, 2006.

10/25/2007

Cryptography: Basic Primitives and Protocols

Required Reading:

D. Wagner and B. Schneier. Analysis of the SSL 3.0 Protocol. In 2nd USENIX Workshop on Electronic Commerce, 1996. (Read the revised version.)
S.M. Bellovin. Problem Areas for IP Security Protocols. In 6th USENIX Security Symposium, 1996.

Optional Reading:

10/30/2007

Cryptography: Basic Primitives and Protocols

Required Reading:

None (still on basic crypto).

Optional Reading:

M. Abadi and R. Needham. Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering, 1995.
R. Anderson. Why Cryptosystems Fail. In ACM Conference on Computer and Communications Security, 1993.

11/1/2007

Cryptography: Basic Primitives and Protocols

Required Reading:

M. Bellare, T. Kohno, and C. Namprempre. Authenticated Encryption in SSH: Provably Fixing the SSH Binary Packet Protocol. In ACM Conference on Computer and Communications Security, 2002.

Optional Reading:

M. Bellare. Practice-oriented Provable Security. In International Workshop on Information Security, 1997.

11/6/2007

Cryptography: Applications and Network Security

Required Reading:

Clue.

Attack Lab: Hand out

11/8/2007

Cryptography: Applications and Network Security

Required Reading:

None (still on Clue and crypto).

11/13/2007

Cryptography: Applications and Network Security

Required Reading:

Colin Dixon, Thomas Anderson, Arvind Krishnamurthy. Phalanx: Withstanding Multimillion-Node Botnets.

Project: Checkpoint (11/10/2007, 11:59pm, upload to Catalyst)

11/15/2007

System Design and Implementation

Required Reading:

P. England, B. Lampson, J. Manferdelli, M. Peinado, and B. Willman. A Trusted Open Platform. IEEE Computer, 2003.
A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla. Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems. In ACM Symposium on Operating Systems Principles, 2005.

Optional Reading:

T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A Virtual Machine-Based Platform for Trusted Computing. In ACM Symposium on Operating Systems Principles, 2003.
R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and Implementation of a TCG-Based Integrity Measurement Architecture. In USENIX Security, 2004.

11/20/2007

System Design and Implementation

Required Reading:

M. Casado, T. Garfinkel, M. Freedman, A. Akella, D. Boneh, N. McKeowon, and S. Shenker. SANE: A Protection Architecture for Enterprise Networks. In USENIX Security, 2006.

Optional Reading:

E. Wobber, M. Abadi, M. Burrows, and B. Lampson. Authentication in the Taos Operating System. ACM Transactions on Computer Systems, 1994.
L. Bauer, S. Garriss, J. M. McCune, M. K. Reiter, J. Rouse, and P. Rutenbar. Device-enabled Authorization in the Grey System. In Information Security: 8th International Conference, 2005.
L. Bauer, S. Garriss, and M.K. Reiter. Distributed Proving in Access-Control Systems. In IEEE Symposium on Security and Privacy, 2005.

Attack Lab: Due (by 11:59pm to Catalyst)

11/27/2007

System Design and Implementation

Required Reading:

D. Wagner, J.S. Foster, E.A. Brewer, and A. Aiken. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. In Network and Distributed System Security Symposium, 2000.

Optional Reading:

C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In USENIX Security, 1998.

11/29/2007

System Design and Implementation, Side Channels, and Anonymity

Required Reading:

R. Wahbe, S. Lucco, T.E. Anderson, and S.L. Graham. Efficient Software-Based Fault Isolation. In Symposium on Operating Systems Principles, 1994.

Optional Reading:

U. Erlingsson and F.B. Schneider. IRM Enforcement of Java Stack Inspection. In IEEE Symposium on Security and Privacy, 2000.
F.A.P. Petitcolas, R.J. Anderson, and M.G. Kuhn. Information Hiding -- A Survey. Proceedings of the IEEE, 1999.
P.C. Kocher. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In Advances in Cryptology -- CRYPTO, 1996.
T. Kohno, A. Broido, and K.C. Claffy. Remote Physical Device Fingerprinting. IEEE Transactions on Dependable and Secure Computing, 2005.
I.S. Moskowitz and M.H. Kang. Covert Channels Here to Stay? In 9th Annual Conference on Computer Assurance, 1994.
R. Dingledine, N. Mathewson, and P. Syverson. Tor: The Second-Generation Onion Router. In USENIX Security, 2004.

Project: Draft of Written Report (11:59pm, upload to Catalyst)

12/4/2007

None

12/6/2007

None

Project: Peer Reviews (of Drafts) Due (11:59pm, to Catalyst)

12/13/2007

Project Presentations

Project presentations (10:30am--12:20pm, EEB 003)

Project: Presentations and Final Written Reports Due (10:30am, upload both the presentation and the written report to Catalyst)

yoshi@cs.washington.edu