Network Security
| Instructor |
Haojin Zhu
Office: SEIEE 3-509 |
| TA | Shaofeng Li (shaofengli2013@gmail.com) |
| Location | Room 207, Chen Ruiqiu Building |
| Lecture Time | 14:00-16:45, Thursday, Week 1-11 |
Course Outline
- Learn some fundamental and advanced issues, concepts, principles, and mechanisms in network security
- Learn recent research advances in network security
- Prepare for graduate research in network security
Grading
- Attendance (20%)
- In-class paper presentation (40%)
- Course research project (3~4 persons a group) (40%)
- A survey on a topic (normally related to your presentation) (30%)
- 1~2 pages on your findings from this survey (10%)
- Improvement of existing works (protocol/algorithm design)
- Or system implementation with a better performance
Syllabus
| Date | Lecture Topic | Slides |
|---|---|---|
| 28 Feb | Fundamental and Emerging Topics in Network Security | Slide01-Introduction.pdf |
| 28 Feb |
Cryptography Basics
|
Slide02-Cryptography_Basics.pdf |
| 7 March | Cryptographic Hash Functions And Message Authentication | Slide03-Hash_MAC.pdf |
| 14 March | Networking Overview | Slide04.pptx |
| 14 March | Link-, IP-, and TCP-layer attacks | Slide05.pptx |
| 21 March | Web Security | Slide06-Web_Security.pdf |
| 28 March | WAP2 Security | Slide07-WAP2_Security.pdf |
| 4 April | Privacy | Slide08-Privacy.pdf |
Presentation
-
Program Analysis (蔡云翔、张亦弛、张磊、褚超群)
- Automating Patching of Vulnerable Open-Source Software Versions in Application Binaries, NDSS 2019.
- CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines, NDSS 2019.
- Asm2Vec: Boosting Static Representation Robustness for Binary Clone Search against Code Obfuscation and Compiler Optimization, S&P 2019.
- LBM: A Security Framework for Peripherals within the Linux Kernel, S&P 2019.
- Invetter: Locating Insecure Input Validations in Android Services, CCS 2018
- Sensitive Information Tracking in Commodity IoT, USENIX 2018
- Automated Binary Analysis on iOS – A Case Study on Cryptographic Misuse in iOS Applications, Wisec 2018
- Spindle: Informed Memory Access Monitoring, USENIX 2018
-
Mobile Security (李晋雷、吴广雄、吴沛霖、孙随彬)
- Please Forget Where I Was Last Summer: The Privacy Risks of Public Location (Meta)Data, NDSS 2019
- Time Does Not Heal All Wounds: A Longitudinal Analysis of Security-Mechanism Support in Mobile Browsers, NDSS 2019
- Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services, NDSS 2019
- ClickShield: Are You Hiding Something? Towards Eradicating Clickjacking on Android, CCS 2018
- Mobile Application Web API Reconnaissance: Web-to-Mobile Inconsistencies & Vulnerabilities, S&P 2018
- Phishing Attacks on Modern Android, CCS 2018
- Precise Android API Protection Mapping Derivation and Reasoning, CCS 2018
- Invetter: Locating Insecure Input Validations in Android Services, CCS 2018
- No Training Hurdles: Fast Training-Agnostic Attacks to Infer Your Typing, CCS 2018
- PatternListener: Cracking Android Pattern Lock Using Acoustic Signals, CCS 2018
- Electrical Cash and Smart Contracts (胡航、李亭君、汪申鹏、李婉怡)
- A Treasury System for Cryptocurrencies: Enabling Better Collaborative Intelligence, NDSS 2019
- Perun: Virtual Payment Hubs over Cryptocurrencies, S&P 2019
- Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody, CCS 2018
- MineSweeper: An In-depth Look into Drive-by Cryptocurrency Mining and Its Defense, CCS 2018
- SECURIFY: Practical Security Analysis of Smart Contracts, CCS 2018
- BitML: a calculus for Bitcoin smart contracts, CCS 2018
- teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts, Usenix 2018
- Enter the Hydra: Towards Principled Bug Bounties and Exploit-Resistant Smart Contracts, Usenix 2018
- Arbitrum: Scalable, private smart contracts, Usenix 2018
- Erays: Reverse Engineering Ethereum's Opaque Smart Contracts, Usenix 2018
- Machine Learning Security (张瑞、陈一齐、李鼎基)
- TextBugger: Generating Adversarial Text Against Real-world Applications, NDSS 2019
- Practical Hidden Voice Attacks against Speech and Speaker Recognition Systems, NDSS 2019
- Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications, NDSS 2019
- DEEPSEC: A Uniform Platform for Security Analysis of Deep Learning Model, S&P 2019
- Exploiting Unintended Feature Leakage in Collaborative Learning, S&P 2019
- LEMNA: Explaining Deep Learning based Security Applications, CCS 2018
- Effective Program Debloating via Reinforcement Learning, CCS 2018
- Turning Your Weakness Into a Strength: Watermarking Deep Neural Networks by Backdooring, Usenix 2018
- Web Security (钱恺宸、丁天琛、彭喆、王伟烽)
- Measuring and Analyzing Search Engine Poisoning of Linguistic Collisions, S&P 2019
- Master of Web Puppets: Abusing Web Browsers for Persistent and Stealthy Computation, NDSS 2019
- JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits, NDSS 2019
- Latex Gloves: Protecting Browser Extensions from Probing and Revelation Attacks, NDSS 2019
- Fidelius: Protecting User Secrets from Compromised Browsers, S&P 2019
- HOLMES: Real-Time APT Detection through Correlation of Suspicious Information Flows, S&P 2019
- Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning, CCS 2018
- DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning, CCS 2018
- Measuring Information Leakage in Website Fingerprinting Attacks and Defenses, CCS 2018
- IoT and Cyber-physical Security (吴嫣然、龚珊三、李佑群)
- HoMonit: Monitoring Smart Home Apps from Encrypted Traffic, CCS 2018
- If This Then What? Controlling Flows in IoT Apps, CCS 2018
- IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT, NDSS 2019
- SoK: Security Evaluation of Home-Based IoT Deployments, S&P 2019
- Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems, S&P 2019
- Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps, S&P 2019
- 6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices, Usenix 2018
- Rethinking Access Control and Authentication for the Home Internet of Things (IoT), Usenix 2018
- Cybercriminal Security (邓若愚,刘汉卿,傅超豪,瞿文浩)
- Cybercriminal Minds:An investigative study of cryptocurrency abuses in the Dark Web, NDSS 2019
- Characterizing Pixel Tracking through the Lens of Disposable Email Services, S&P 2019
- Resident Evil: Understanding Residential IP Proxy as a Dark Service, S&P 2019
- Plug and Prey? Measuring the Commoditization of Cybercrime via Online Anonymous Markets, Usenix 2018
- Reading Thieves' Cant: Automatically Identifying and Understanding Dark Jargons from Cybercrime Marketplaces, Usenix 2018
- Side Channels Attack
- Profit: Detecting and Quantifying Side Channels in Networked Applications, NDSS 2019
- Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information, NDSS 2019
- Attack Directories, Not Caches: Side Channel Attacks in a Non-Inclusive World, S&P 2019
- Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers, CCS 2018
- Malicious Management Unit: Why Stopping Cache Attacks in Software is Harder Than You Think, Usenix 2018
- Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks, Usenix 2018
- Fuzzing and Deanonymization
- NAUTILUS: Fishing for Deep Bugs with Grammars, NDSS 2019
- Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing, NDSS 2019
- Fuzzing File Systems via Two-Dimensional Input Space Exploration, S&P 2019
- Razzer: Finding Kernel Race Bugs through Fuzzing, S&P 2019
- Evaluating Fuzz Testing, CCS 2018
- Hawkeye: Towards a Desired Directed Grey-box Fuzzer, CCS 2018
- MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation, Usenix 2018
- QSYM : A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing, Usenix 2018
- Authentication and Protocol Security
- BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals, NDSS 2019
- Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment, NDSS 2019
- Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane, S&P 2019
- Robust Performance Metrics for Authentication Systems, NDSS 2019
- How to End Password Reuse on the Web, NDSS 2019
- Blind Certificate Authorities, S&P 2019
- The use of TLS in Censorship Circumvention, NDSS 2019
- PASTA: Password-based Threshold Authentication, CCS 2018
- Enterprise Security (吴峣、刘妍岑、王智成)
- Digital Healthcare-Associated Infection: A Case Study on the Security of a Major Multi-Campus Hospital System, NDSS 2019
- Mind Your Own Business: A Longitudinal Study of Threats and Vulnerabilities in Enterprises, NDSS 2019
- NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage, NDSS 2019
- The Battle for New York: A Case Study of Applied Digital Threat Modeling at the Enterprise Level, Usenix 2018
- SAQL: A Stream-based Query System for Real-Time Abnormal System Behavior Detection, Usenix 2018
- Physical Layer Security (张柳明、Adnan Hajomer、张羽丰)
- Key Distribution Based on Phase Fluctuation Between Polarization Modes in Optical Channel. IEEE PHOTONICS TECHNOLOGY LETTERS, 2018
- Physical Layer Cryptographic Key Generation by Exploiting PMD of an Optical Fiber Link. JOURNAL OF LIGHTWAVE TECHNOLOGY, 2018
- Physical Layer Secret Key Generation For Fiber-Optical Networks. Optics Express, 2013
- Nirnimesh Ghose, Loukas Lazos and Ming Li, S&P 2018
- HELP: Helper-Enabled In-Band Device Pairing Resistant Against Signal Cancellation, Usenix 2017
- Location-restricted Services Access Control Leveraging Pinpoint Waveforming, CCS 2015
Important Dates
- Due Date: 6/23 23:59:59pm
- Submission Instructions:
- ftp://public.sjtu.edu.cn
- input username: shaofengli password: public
- put your report into "upload" folder