ECE 8813/CS 8803 Advanced Computer Security

The goal of this course is to discuss some of the most important research topics in computer (systems) security. We will go over very basic elements of research in computer security, like how you read an academic paper and how you present your academic work. 

This is going to be a very demanding course. That is, you will need to read academic papers before class (37 in total), give 3 quizzes, one midterm and deliver a high quality research prototype. It is recommended that you attend all classes, and start working on your project as early as possible. 

Why should you take this course? Quoting Patrick McDaniel, Professor of Computer Science and Engineering at Pennsylvania State University: “[Computer] Security competence is a rare, valuable skill”.



Basic Information

Instructor: Manos Antonakakis
Office: Klaus 3364  
Email: manos@gatech.edu
Class location: College of Business 102
Class date/time: MWF 3:05 - 3:55
Office hours:  MWF  4:10 to 5:10 @Klaus 3364

Teaching assistant: TBD
Office hours: TBD
Email address: TBD
Location: TBD

Syllabus

We will cover various research topics in the area of computer security (excluding crypto). We will study published academic papers only from the tier one academic venues in computer security (Usenix Security, IEEE S&P, ACM CCS, NDSS, etc.). The areas we will discuss are CPS security, web security, malware, DNS security, Botnets, privacy/censorship and mobile security.

Session Date Topic Session Topic Readings
1 8/17/15 Overview    
2 8/19/15 Overview Project Discussion   
3 8/21/15 Web   The Architecture and Implementation of an Extensible Web Crawler
4 8/24/15 Web   ZOZZLE: Fast and Precise In-Browser JavaScript Malware Detection
5 8/26/15 Web   Hulk: Eliciting Malicious Behavior in Browser Extensions
6 8/28/15 Quiz 1 In Class Exam  
7 8/31/15 Web Malware   Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces
8 9/2/15 Malware Analysis   Understanding the Prevalence and Use of Alternative Plans in Malware with Network Games
9 9/4/15 Malware/DriveBy   Measuring Pay-per-Install: The Commoditization of Malware Distribution
10 9/7/15   Labor Day  
11 9/9/15 Guest Lecture XSS Document Structure Integrity: A Robust Basis for Cross-site Scripting Defense
12 9/11/15 Malware/DriveBy   Manufacturing Compromise: The Emergence of Exploit-as-a-Service
13 9/14/15 SPAM   Click Trajectories: End-to-End Analysis of the Spam Value Chain
14 9/16/15 BGP   BGP routing policies in ISP networks
15 9/18/15 Internet Evolution   Ten Years in the Evolution of the Internet Ecosystem
16 9/21/15 Protocol Evolution   The Evolution of Layered Protocol Stacks Leads to an Hourglass-Shaped Architecture
17 9/23/15 Midterm In Class Exam  
18 9/25/15 SDN   Composing Software-Defined Networks
19 9/28/15 Botnets   Building a Dynamic Reputation System for DNS
20 9/30/15 Botnets   From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware
21 10/2/15 Botnets   SoK: P2PWNED — Modeling and Evaluating the Resilience of Peer-to-Peer Botnets
22 10/5/15 Guest Lecture APT  
23 10/7/15 Guest Lecture Takedowns Beheading Hydras: Performing Effective Botnet Takedowns
24 10/9/15 Guest Lecture: TBD ClickFraud Abuse  
25 10/12/15   Columbus Day  
26 10/14/15 Project Update 5&5 minutes update&comments per team  
27 10/16/15 CPS   SABOT: Specification-based Payload Generation for Programmable Logic Controllers
28 10/19/15 DNS Security    Increased DNS Forgery Resistance Through 0x20-Bit Encoding
29 10/21/15 DNS Security    Detecting Malware Domains at the Upper DNS Hierarchy
30 10/23/15 DNS Security    Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority
31 10/26/15 Quiz 2 In Class Exam  
32 10/28/15 DNS Security    DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic
33 10/30/15 DNS Security    Practical Comprehensive Bounds on Surreptitious Communication Over DNS
34 11/2/15 Guest Lecture Mobile Malware The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers
35 11/4/15 Mobile Infections   On the Feasibility of Large-Scale Infections of iOS Devices
36 11/6/15 EDNS0   Exploring EDNS-Client-Subnet Adopters in your Free Time
37 11/9/15 Guest Lecture Privacy and EDNS0
38 11/11/15 Privacy & censorship   Chipping Away at Censorship Firewalls with User-Generated Content
39 11/13/15 Security Metrics    
40 11/16/15 Quiz 3 In Class Exam  
41 11/18/15 Project Presentations, Demo and Q&A  Team Kenton  Presentation and Q&A
42 11/20/15 Project Presentations, Demo and Q&A  Team Kenton  Demo and Code Review
43 11/23/15 Project Presentations, Demo and Q&A  Team Ayush  Presentation and Q&A
44 11/25/15   Thanksgiving Break  
45 11/27/15   Thanksgiving Break  
46 11/30/15 Project Presentations, Demo and Q&A  Team Ayush  Demo and Code Review
47 12/2/15 Project Presentations, Demo and Q&A  Team Tyler  Presentation and Q&A
48 12/4/15 Project Presentations, Demo and Q&A  Team Tyler  Demo and Code Review

Very Important Dates
  • Quiz 1 on 8/28/2015
  • Paper Assignments Due on 8/31/2015
  • Team Creation and Project Selection on 9/2/2015
  • Midterm on 9/23/2015
  • Two paragraph progress report due on 10/9/2015
  • In class project update on 10/14/2015
  • Quiz 2 on 10/26/2015
  • Quiz 3 on 11/16/2015
  • Project report/code/presentation due on 11/18/2015

Paper Assignments

We will expose several papers that need to be presented by the students. Each student will have to create new material for each presentation. With the presentation each student must 1) convey the basic idea around the paper to everybody else in the class, 2) clearly elaborate upon the merits of the published paper, and 3) demonstrate deep understanding of the presented work by addressing any clarification points that will be raised after their presentation (by me or the class). 

At the end of each class I will grade your work. NOTE: Students that will present any of the first 5 topics, will receive 2.5% extra credit and will be judged with extra leniency.  All paper Assignments are due on 8/31/2015.

Projects  

Each student is required to complete a mid-size project being part of a larger team. The project description will be given to the teams in the 1st week of the class. It is your responsibility to form a team and select a topic by 9/2/2015. The responsibilities for the team will be to provide a 10 page technical report around their project. 

The codebase needs to be either in C, Python or Go. It also needs to contain clear technical documentation about 1) the environment assumptions, and 2) the execution process. The TAs and I should be able to operate your code without you being in the room. Each team will be assigned a Debian virtual environment that should be used to prototype their project. The (no more than 10 pages) report should include at least 4 sections: 1) A brief (no more than 3 paragraphs) description of the problem and the proposed solution, 2) a background and related work, 3) an overview of the proposed solution to the problem and 4) the results from the experiments. The paper, code base for the project and the presentation is due the same day for all teams (11/18/2015). In the last two weeks of classes, each team will have to give a 30 minute research presentation for their project, a 5 minutes demonstration in class that their codebase actually works, and answer questions from the audience. 

Clearly, this project requires a lot of work. Therefore, mandatory requirements for the project to be successful are: 1) learn to work as part of a team, 2) learn to write code that other people may use, 3) learn to write a technical report, and 4) learn to present your ideas. The grade distribution for the project is as follows: 40% codebase, 30% presentation, and 30% the technical report.  



Course Expectations, Requirements and Policies 

All students must follow the academic integrity and Georgia Tech Honor Code described here: http://www.honor.gatech.edu/plugins/content/index.php?id=9

I. Course requirements

Three in class quizzes
Present as many papers as possible (min=1)
One Midterm
One semester long project  

II. Grading Scale 

There is no curve in this course. However, we may elect to include extra credit assignments at various times during the semester. The grading breakdown is as follows: NOTE: Grading subject to minor changes. 
Quizzes 30%
Midterm 25%
Project 35%
Class participation 5% (Class attendance is not equal to class participation. You need to participate in order to get this 5%.)
Up to 5% for each paper you present (you may be able to do multiple)

III. Letter Grades

Letter grades are given according to the following cutoffs with no rounding:
90.0 <= A <= 100 
80.0 <= B < 90.0 
70.0 <= C < 80.0 
60.0 <= D < 70.0 
0 <= F < 60.0

IV. Appealing Grades 

You have the right to question your grade on any quiz or midterm; but you must initiate discussion about the grade within one week of receiving the grade. All re-grade requests should be sent via email to the TA for your section. In the email, include your T-square id and a clear description of which questions you would like reviewed and why.

Grade issues addressed outside of the requirements listed above will not be considered. Pay attention to your grades. If something doesn't look right, address it immediately! Be sure to follow the guidelines outlined in the "Problem Escalation Policy".

It is your responsibility to ensure that all the grades in T-Square are correct before finals week. After that, the only grade appeal will be about grading your final. 

V. Problem Escalation Policy 

If you need help and/or have a problem, you should contact the following people in the following order:
(1) Your TA
(2) Your Head TA
(3) Your Instructor (e-mail)

If you are not comfortable talking to your TA about a particular issue, please contact the professor ASAP.

VI. Excused Absences and Late Homework Policy

If you must miss your quiz and/or midterm for a school-approved reason, it is your responsibility to provide adequate documentation and get approval. If you miss your quiz and/or midterm without prior approval or a valid excuse, you may be approved to take a makeup examination, but you will be penalized 25% of the maximum score possible. 

***CAUTION: the preprinted note from the infirmary stating that you visited the infirmary is not sufficient documentation.*** Please contact the Dean of Students with your excuse and they can provide you with the proper documentation. http://www.deanofstudents.gatech.edu/content/4/contact-directions

VII. Open Door Policy 

The instructor maintains an open door policy. You are free to visit me during the posted office hours or, if you prefer a different time, arrange an appointment (via email) with me. It is very important to contact me as soon as you feel that you might need to. Problems, unlike fine wines, typically do not to improve with age.

The last day you may drop the class for the Fall 2015 term is 10/25/2015 (please, double check the day with the registrar's office). By that date, the students will have feedback on the first quiz and the midterm. 


Full Disclosure: Portion of the class policies have been stollen from the syllabus of CS 1371, created by Charles E. Phillips.