Fall 2011: 0x1A Great Papers in Computer Security (52540)

Lectures

Tue and Thu: 2-3:15pm
PAI 3.14

Instructor

Vitaly Shmatikov
Email: shmat AT cs
Office: CSA 1.114
Phone: 471-9530
Office hours: Tue 3:30-4:30pm

TA

Arun Seehra
Email: aseehra AT cs
Office: PAI 5.33, desk #6
Office hours: Wed 4-5pm

Course description

This course covers selected topics related to theory and practice of computer security. It is organized around 26 selected research papers. These papers, taken from the past 40 years of computer security research, reflect the instructor's personal taste and are not intended to give a comprehensive survey of modern computer security.

Schedule

Date	Reading and assignments (all dates are tentative and may change as the course progresses)	Topic	Notes
Aug 25	Attacks and defenses for the vulnerability of the decade	Memory attacks	[ppt] [pdf]
Aug 30	The geometry of innocent flesh on the bone	Memory attacks	[ppt] [pdf]
Sep 1	Control-flow integrity	Memory protection	[ppt] [pdf]
Sep 6	Native Client	Memory protection
Sep 8	Intrusion detection via static analysis	Intrusion detection	[ppt] [pdf]
Sep 13	SYN cookies	Denial of service	[ppt] [pdf]
Sep 15	Inferring Internet denial-of-service activity Outwitting the Witty worm	Honeypots and telescopes	[ppt] [pdf]
	Project proposals due
Sep 20	Authentication in distributed systems	Trust management	[ppt] [pdf]
Sep 22	Decentralized trust management	Trust management	[ppt] [pdf]
	Homework 1 due
Sep 27	A note on the confinement problem Certification of programs for secure information flow	Information flow	[ppt] [pdf]
Sep 29	Ensuring operating system kernel integrity with OSck (guest lecture by Owen Hofmann)	OS security
Oct 4	A decentralized model for information flow control	Information flow
Oct 6	Overshadow	Virtual machines	[ppt] [pdf]
Oct 11	Overshadow (continued)
Oct 13	New directions in cryptography	Crypto protocols	[ppt] [pdf]
	Homework 2 due
Oct 18	Cloaking malware with the Trusted Platform Module (guest lecture by Alan Dunn)	(Abusing) trusted hardware
Oct 20	Building secure, efficient sandboxes with system transactions (guest lecture by Suman Jana)	Sandboxing
Oct 25	Prudent engineering practice for cryptographic protocols Breaking and fixing the Needham-Schroeder protocol using FDR	Crypto protocols	[ppt] [pdf]
Oct 27	Midterm
Nov 1	Intercepting mobile communications: The insecurity of 802.11	Crypto protocols	[ppt] [pdf]
Nov 3	Protocols for secure computations	Crypto protocols	[ppt] [pdf]
Nov 8	Protocols for secure computations (continued)
Nov 10	Tor	Anonymity	[ppt] [pdf]
Nov 15	Differential privacy	Privacy	[ppt] [pdf]
Nov 17	Privacy as contextual integrity	Privacy	[ppt] [pdf]
	Homework 3 due
Nov 22	Remote timing attacks are practical	Side-channel attacks	[ppt] [pdf]
Nov 29	Keyboard acoustic emanations revisited	Side-channel attacks	[ppt] [pdf]
Dec 1	Tamper resistance - a cautionary note Cold boot attacks on encryption keys	Physical attacks	[ppt] [pdf]
	Homework 4 due
Dec 12	Project reports due