|
CNT4406/5412: Network Security
|
Course Information
| Instructor: | Zhi Wang |
| Email: | zwang at cs dot fsu dot edu (preferred way to communicate) |
| Office: | 172 LOVE Bldg |
| Phone: | (850) 645-0476 |
| Class Meeting: | 301 LOVE Bldg; Monday, Wednesday, and Friday; 1:25 - 2:15pm |
| Office Hour: | Monday 2:30-4:30 pm, or by appointment |
| TA: | Umit Karabiyik (karabiyi at cs dot fsu dot edu, 104A LOVE Bldg) Monday and Wednesday 9:00-11:00 am |
| Required Textbook: | Charles Kaufman, Radia Perlman and Mike Speciner Network Security: Private Communication in a Public World Prentice Hall, 2nd edition, 2002 |
Announcements
- 09/07/12: Homework 1 and paper review 2 are posted!
- 08/27/12: Welcome back!
Schedules
| Lecture | Slides | Topic | Reading |
|---|---|---|---|
| Lecture 1 | slides 1 | Introduction and a primer on networking (2) | Chapter 1 |
| Lecture 2 | slides 2 | Introduction to cryptograph (1) | Chapter 2 |
| Lecture 3 | slides 3 | Secret key cryptograph (3.5) | Chapter 3 and 4 |
| Lecture 4 | slides 4 | Cryptographic hash function(1.5)) | Chapter 5 |
| Lecture 5 | slides 5 | Basic number theory(2) | Chapter 7 |
| Lecture 6 | slides 6 | Public key cryptograph(2) | Section 6.1~6.6 |
| Lecture 7 | slides 7 | Authentication(3) | Chapter 9, 10, and 12 |
| Lecture 8 | slides 8 | Security handshake pitfalls (2) | Chapter 11 |
| Lecture 9 | slides 9 | PKI (2) | Chapter 15 |
| Lecture 10 | slides 10 | Real-time Communication Security (1) | Chapter 17 |
| Lecture 11 | slides 11 | IPsec/IKE (1) | Chapter 17 |
| Lecture 12 | slides 12 | IPsec/IKE (1) | Chapter 18 |
| Lecture 13 | slides 13 | SSL | Chapter 19 |
| Lecture 14 | slides 14 | Special Topic: Virtualization (1) | N/A |
| Lecture 15 | slides 15 | Special Topic: Virtualization (2) | N/A |
The schedule is tentative and subject to change with announcements in class. Please check back at least once a weekly.
Homework
| Homework | Due Date |
|---|---|
| pdf, latex | 09/21/2012, 11:45 PM |
| pdf, latex | 10/05/2012, 11:45 PM |
| pdf, | 10/26/2012 11:45 PM |
| pdf, | 11/16/2012 11:45 PM |
| pdf, | 11/30/2012 11:45 PM |
Homework will be posted here with announcements in class. You may find a Latex tutorial here.
Paper Review
| Paper | Due Date | presenter |
|---|---|---|
| Shuo Chen, Rui Wang, XiaoFeng Wang, and Kehuan Zhang, Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow In proceedings of the 2010 IEEE Symposium on Security and Privacy | 09/07/2012 | Md Atiqul Mollah |
| Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson, Measuring Pay-per-Install: The Commoditization of Malware Distribution In Proceedings of the 20th USENIX Security Symposium (outstanding paper award, MIT Technology Review) | 09/14/2012 | K Dhaval Kashyap Siddarahally |
| Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar Native Client: A Sandbox for Portable, Untrusted x86 Native Code, In Proceedings of 2009 IEEE Symposium on Security and Privacy(Best Paper Award open source) | 09/21/2012 | Andre King |
| Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Rich Shay, Tim Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Julio Lopez Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms, In Proceedings of 2012 IEEE Symposium on Security and Privacy | 09/28/2012 | Abdullah Raiaan |
| Google, Android Security Overview | 10/05/2012 | Michael Kerr |
| Adam Barth, Collin Jackson The Security Architecture of the Chromium Browser, Google Chrome Comics | 11/09/2012 | Thomas Rolinger |
| Yu-Yuan Chen, Pramod A. Jamkhedkar, and Ruby B. Lee A Software-Hardware Architecture for Self-Protecting Data (CCS 2012) | 11/30/2012 | Katukoori, Ramreddy |
| Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, Vitaly Shmatikov The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software (CCS 2012) | 12/03/2012 | Sharma, Aditya |
| Kathy Wain Yee Au, Yi Fan Zhou, Zhen Huang and David Lie PScout: Analyzing the Android Permission Specification (CCS 2012) | 12/03/2012 | Patidar, Ratnesh |
| Shakeel Butt H. Andres Lagar-Cavilla Abhinav Srivastava Vinod Ganapathy Self-service Cloud Computing (CCS 2012) | 12/05/2012 | Sethi, Ankit |
| Chi-Yao Hong, Fang Yu, Yingliang Xie Populated IP Addresses - Classification and Applications (CCS 2012) | 12/05/2012 | Tummala, Divya Tej |
| Yinglian Xie, Fang Yu, Qifa Ke, Martin Abad, Eliot Gillum, Krish Vitaldevaria, Jason Walter, Junxian Huang, Z. Morley Mao Innocent by Association: Early Recognition of Legitimate Users (CCS 2012) | 12/07/2012 | Soni, Vaibhav |
| Alexei Czeskis, Michael Dietz, Tadayoshi Kohno, Dan Wallach, Dirk Balfanz Strengthening User Authentication through Opportunistic Cryptographic Identity Assertions (CCS 2012) | 12/07/2012 | Salguti, Krupakar Reddy |
Here is some information about how to write a paper review.
Syllabus
The course's syllabus can be found here.
Links about Web Security
The Tangled Web: A Guide to Securing Modern Web Applications