Dersler sayfasına geri dönüş

CMP 656: Advanced Computer and Network Security

Fall 2023

Instructor: Ahmet Burak CAN
Course Hours: Thursday, 13:30-16:30
Classroom: Computer Enginering, D6

Course Description

The aim of this course is to study active research topics in computer and network security and to provide students with a research background in the field of security.

Course Resources

Course resources are the articles announced from this page to be read and presented during the semester.

Grading

Reading assignments - 25%
Paper presentations - 15%
Project/report - 20%
Final Exam - 30%
Attendance - 10%

Course Outline

Reading Assignments
  • In some weeks, a scientific paper will be assigned as a reading assignment. All students taking the course are responsible for reading this paper and writing a summary.
  • Paper summaries must be loaded in .pdf/.doc format to the submit system of the department (http://submit.cs.hacettepe.edu.tr ) before the class time.
  • In the paper summary, the aim, method and results of the study will be summarized in a few paragraphs (in English). Also related to the article, at least one positive point, at least one negative point, and at least one future work direction should be given.
Paper Presentations
  • Each week, 2-3 students will present the related articles of the week in class. Each presentation will take 30-40 minutes
  • In these presentations, the aim, method, and results of the article should be explained and discussed with enough details.
  • After each week's presentations, the presenters must submit the presentation files in .ppt/.pptx format to the submit system (http://submit.cs.hacettepe.edu.tr ).
Project/Report
  • Students, in groups of 2-3 people, should either write a survey or do a research project on active security research issues.
  • Report format should confirm to IEEE template.
  • Project reports are sent to the department's submit system (http://submit.cs.hacettepe.edu.tr) within the last week of the semester.
Final Exam
  • In the final exam, questions will be asked from the reading assignments.

Communication

  • All class communication will be done via Piazza CMP656 communication group. Please register to this group on Piazza.com


    WeekSubjectReading/Presentation Assignment
    Oct 5 Information about course outline Reading and evaluating articles:
    Preparing successful presentations:
    Watch List:
    • Antonakakis, M., April, T., Bailey, M., Bernhard, M., Bursztein, E., Cochran, J., ... & Zhou, Y. (2017). Understanding the mirai botnet. In 26th {USENIX} security symposium ({USENIX} Security 17) (pp. 1093-1110). USENIX Security 2017
    Oct 12 Some examples of Recent Security Research Watch List:
    • Fayaz, S. K., Tobioka, Y., Sekar, V., & Bailey, M. (2015). Bohatei: Flexible and elastic ddos defense. In 24th {USENIX} Security Symposium ({USENIX} Security 15) (pp. 817-832).     USENIX 2015
    • Zeng, E., & Roesner, F. (2019). Understanding and improving security and privacy in multi-user smart homes: a design exploration and in-home user study. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 159-176).     USENIX 2019
    • Oest, A., Zhang, P., Wardman, B., Nunes, E., Burgis, J., Zand, A., ... & Ahn, G. J. (2020). Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale. In 29th {USENIX} Security Symposium ({USENIX} Security 20).     USENIX 2020
    Oct 19 Some examples of Recent Security Research Watch List:
    • Wang, B., Yao, Y., Viswanath, B., Zheng, H., & Zhao, B. Y. (2018). With great training comes great vulnerability: Practical attacks against transfer learning. In 27th {USENIX} Security Symposium ({USENIX} Security 18) (pp. 1281-1297).     USENIX 2018
    • Possemato, A., Lanzi, A., Chung, S. P. H., Lee, W., & Fratantonio, Y. (2018, January). Clickshield: Are you hiding something? Towards eradicating clickjacking on Android. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1120-1136).     ACM CCS 2018
    • Tongbo Luo, Zhaoyan Xu, Xing Jin, Yanhui Jia, Xin Ouyang, "IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices",     Black Hat Conference 2017.
    Oct 26 DOS attacks Reading Assignment 1:
    Nguyen, H. V., Iacono, L. L., & Federrath, H. (2019, November). Your cache has fallen: Cache-poisoned denial-of-service attack. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (pp. 1915-1936).

    Presentation Papers:
    • Presenter: Ali Alptuğ Emirdağ
      Wang, C., Miu, T. T., Luo, X., & Wang, J. (2017). SkyShield: A sketch-based defense system against application layer DDoS attacks. IEEE Transactions on Information Forensics and Security, 13(3), 559-573.

    • Presenter: Kamil San
      Xiong, J., Wei, M., Lu, Z., & Liu, Y. (2021, November). Warmonger: Inflicting denial-of-service via serverless functions in the cloud. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (pp. 955-969).
    Watch List:
    • Niakanlahiji, A., Wei, J., Alam, M. R., Wang, Q., & Chu, B. T. (2020). Shadowmove: A stealthy lateral movement strategy. In 29th {USENIX} Security Symposium ({USENIX} Security 20) (pp. 559-576). USENIX Security 2020
    • Li, Y., Chen, Z., Cao, J., Xu, Z., Peng, Q., Chen, H., ... & Cheung, S. C. (2021). ReDoSHunter: A Combined Static and Dynamic Approach for Regular Expression DoS Detection. In 30th {USENIX} Security Symposium ({USENIX} Security 21) (pp. 3847-3864). USENIX Security 2021
    • Li, Y., Li, H., Lv, Z., Yao, X., Li, Q., & Wu, J. (2021, November). Deterrence of Intelligent DDoS via Multi-Hop Traffic Divergence. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (pp. 923-939). ACM CCS 2021
    • Rizvi, A. S. M., Leandro Bertholdo, João Ceron, and John Heidemann. "Anycast Agility: Network Playbooks to Fight {DDoS}." In 31st USENIX Security Symposium (USENIX Security 22), pp. 4201-4218. 2022. USENIX Security 2022
    • McLaughlin, Robert, Fabio Pagani, Noah Spahn, Christopher Kruegel, and Giovanni Vigna. "Regulator: Dynamic Analysis to Detect {ReDoS}." In 31st USENIX Security Symposium (USENIX Security 22), pp. 4219-4235. 2022. USENIX Security 2022
    Nov 2Network Security Reading Assignment 2:
    Wang, An, Wentao Chang, Songqing Chen, and Aziz Mohaisen. "Delving into internet DDoS attacks by botnets: characterization and analysis." IEEE/ACM Transactions on Networking 26, no. 6 (2018): 2843-2855.

    Presentation Papers:
    • Presenter: Fatih Arslan Tugay
      Feng, X., Fu, C., Li, Q., Sun, K., & Xu, K. (2020, October). Off-path TCP exploits of the mixed IPID assignment. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (pp. 1323-1335).

    • Presenter: İhsan Ünal
      Holland, J., Schmitt, P., Feamster, N., & Mittal, P. (2021, November). New directions in automated traffic analysis. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (pp. 3366-3383).
    Watch List:
    • Barua, A., & Al Faruque, M. A. (2020). Hall spoofing: A non-invasive dos attack on grid-tied solar inverter. In 29th {USENIX} Security Symposium ({USENIX} Security 20) (pp. 1273-1290). USENIX Security 2020
    • Xing, J., Wu, W., & Chen, A. (2021). Ripple: A Programmable, Decentralized Link-Flooding Defense Against Adaptive Adversaries. In 30th {USENIX} Security Symposium ({USENIX} Security 21). USENIX Security 2021
    Nov 9Internet Security Presentation Papers:
    • Presenter: Ahmet Hakan Yıldız
      Bijmans, H. L., Booij, T. M., & Doerr, C. (2019, November). Just the tip of the iceberg: Internet-scale exploitation of routers for cryptojacking. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (pp. 449-464).

    • Presenter: Şafak Özdemir
      Luckie, M., Beverly, R., Koga, R., Keys, K., Kroll, J. A., & Claffy, K. (2019, November). Network hygiene, incentives, and regulation: deployment of source address validation in the internet. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (pp. 465-480).

    Watch List:
    • Zheng, X., Lu, C., Peng, J., Yang, Q., Zhou, D., Liu, B., ... & Qian, Z. (2020). Poison over troubled forwarders: A cache poisoning attack targeting {DNS} forwarding devices. In 29th {USENIX} Security Symposium ({USENIX} Security 20) (pp. 577-593). USENIX Security 2020
    • Afek, Y., Bremler-Barr, A., & Shafir, L. (2020). NXNSAttack: Recursive {DNS} Inefficiencies and Vulnerabilities. In 29th {USENIX} Security Symposium ({USENIX} Security 20) (pp. 631-648).USENIX Security 2020
    • Izhikevich, Liz, Renata Teixeira, and Zakir Durumeric. "{LZR}: Identifying Unexpected Internet Services." 30th {USENIX} Security Symposium ({USENIX} Security 21). 2021. USENIX Security 2021
    • Dai, T., Jeitner, P., Shulman, H., & Waidner, M. (2021). The Hijackers Guide To The Galaxy: Off-Path Taking Over Internet Resources. Technical Report. USENIX Security 2021
    Nov 16Web Security Reading Assignment 3:
    Jazi, Hossein Hadian, Hugo Gonzalez, Natalia Stakhanova, and Ali A. Ghorbani. "Detecting HTTP-based application layer DoS attacks on web servers in the presence of sampling." Computer Networks 121 (2017): 25-36.

    Presentation Papers:
    • Presenter: Enes Çeliker
      Man, Keyu, et al. "Dns cache poisoning attack reloaded: Revolutions with side channels." Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 2020.

    • Presenter: Volkan Sarıbaş
      Pantelaios, N., Nikiforakis, N., & Kapravelos, A. (2020, October). You've changed: Detecting malicious browser extensions through their update deltas. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (pp. 477-491).

    Watch List:
    • Chen, Q., & Kapravelos, A. (2018, January). Mystique: Uncovering information leakage from browser extensions. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1687-1700). ACM CCS 2018
    • Staicu, C. A., & Pradel, M. (2019). Leaky images: Targeted privacy attacks in the web. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 923-939). USENIX Security 2019
    • Zhang, M., Meng, W., Lee, S., Lee, B., & Xing, X. (2019). All your clicks belong to me: investigating click interception on the web. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 941-957). USENIX Security 2019
    • Azad, B. A., Laperdrix, P., & Nikiforakis, N. (2019). Less is more: quantifying the security benefits of debloating web applications. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 1697-1714). USENIX Security 2019
    Nov 23Web Security Reading Assignment 4:
    Abdelnabi, S., Krombholz, K., & Fritz, M. (2020, October). Visualphishnet: Zero-day phishing website detection by visual similarity. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (pp. 1681-1698).

    Presentation Papers:
    • Presenter: Hidayet Ergin
      Panchenko, A., Lanze, F., Pennekamp, J., Engel, T., Zinnen, A., Henze, M., & Wehrle, K. (2016, February). Website Fingerprinting at Internet Scale. In NDSS.

    • Presenter: Sahir Selçuk Mısır
      Das, A., Acar, G., Borisov, N., & Pradeep, A. (2018, January). The web's sixth sense: A study of scripts accessing smartphone sensors. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1515-1532).

    • Presenter: Wissem Nabili
      Drakonakis, K., Ioannidis, S., & Polakis, J. (2020, October). The cookie hunter: Automated black-box auditing for web authentication and authorization flaws. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (pp. 1953-1970).
    Watch List:
    • Yang, G., Huang, J., & Gu, G. (2019). Iframes/popups are dangerous in mobile webview: studying and mitigating differential context vulnerabilities. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 977-994). USENIX Security 2019
    • Mirheidari, S. A., Arshad, S., Onarlioglu, K., Crispo, B., Kirda, E., & Robertson, W. (2020). Cached and confused: Web cache deception in the wild. In 29th {USENIX} Security Symposium ({USENIX} Security 20) (pp. 665-682). USENIX Security 2020
    • Gong, Jiajun, and Tao Wang. "Zero-delay lightweight defenses against website fingerprinting." 29th {USENIX} Security Symposium ({USENIX} Security 20). 2020. USENIX Security 2020
    • Xiao, F., Huang, J., Xiong, Y., Yang, G., Hu, H., Gu, G., & Lee, W. (2021). Abusing Hidden Properties to Attack the Node. js Ecosystem. In 30th {USENIX} Security Symposium ({USENIX} Security 21). USENIX Security 2021
    Nov 30IoT Security Presentation Papers:
    • Presenter: Cihat Duman
      Zhang, W., Meng, Y., Liu, Y., Zhang, X., Zhang, Y., & Zhu, H. (2018, October). Homonit: Monitoring smart home apps from encrypted traffic. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1074-1088).

    • Presenter: Halil İbrahim Çavdar
      Cao, Y., Xiao, C., Cyr, B., Zhou, Y., Park, W., Rampazzi, S., ... & Mao, Z. M. (2019, November). Adversarial sensor attack on lidar-based perception in autonomous driving. In Proceedings of the 2019 ACM SIGSAC conference on computer and communications security (pp. 2267-2281).
    Watch List:
    • Celik, Z. B., Babun, L., Sikder, A. K., Aksu, H., Tan, G., McDaniel, P., & Uluagac, A. S. (2018). Sensitive information tracking in commodity IoT. In 27th {USENIX} Security Symposium ({USENIX} Security 18) (pp. 1687-1704). USENIX Security 2018
    • Celik, Z. B., Tan, G., & McDaniel, P. D. (2019, February). IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT. In NDSS 2019. NDSS 2019
    • Yuan, B., Jia, Y., Xing, L., Zhao, D., Wang, X., Zou, D., ... & Zhang, Y. (2020). Shattered Chain of Trust: Understanding Security Risks in Cross-Cloud IoT Access Delegation. In 29th {USENIX} Security Symposium ({USENIX} Security 20) (pp. 1183-1200).USENIX Security 2020
    • FU, Chenglong, ZENG, Qiang, et DU, Xiaojiang. Hawatcher: Semantics-aware anomaly detection for appified smart homes. In : 30th {USENIX} Security Symposium USENIX Security 2021 . 2021.
    Dec 7IoT Security Reading Assignment 5:
    Bastys, I., Balliu, M., & Sabelfeld, A. (2018, January). If this then what? Controlling flows in IoT apps. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1102-1119).

    Watch List:
    • Soltan, S., Mittal, P., & Poor, H. V. (2018). {BlackIoT}:{IoT} Botnet of High Wattage Devices Can Disrupt the Power Grid. In 27th USENIX Security Symposium (USENIX Security 18) (pp. 15-32).
    • He, W., Golla, M., Padhi, R., Ofek, J., Dürmuth, M., Fernandes, E., & Ur, B. (2018). Rethinking access control and authentication for the home internet of things (IoT). In 27th {USENIX} Security Symposium ({USENIX} Security 18) (pp. 255-272). USENIX Security 2018
    Dec 14IoT Security Presentation Papers:
    • Presenter: Ömer Faruk Işık
      Schuster, R., Shmatikov, V., & Tromer, E. (2018, October). Situational access control in the internet of things. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1056-1073).

    • Presenter: Yusuf Aslan
      Han, Jun, Albert Jin Chung, Manal Kumar Sinha, Madhumitha Harishankar, Shijia Pan, Hae Young Noh, Pei Zhang, and Patrick Tague. "Do you feel what I hear? Enabling autonomous IoT device pairing using different sensor types." In 2018 IEEE symposium on Security and Privacy (SP), pp. 836-852. IEEE, 2018.
    Watch List:
    • Kumar, S., Hu, Y., Andersen, M. P., Popa, R. A., & Culler, D. E. (2019). {JEDI}: Many-to-Many End-to-End Encryption and Key Delegation for IoT. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 1519-1536). USENIX Security 2019
    • Huang, B., Cardenas, A. A., & Baldick, R. (2019). Not everything is dark and gloomy: Power grid protections against IoT demand attacks. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 1115-1132).USENIX Security 2019
    • Alrawi, O., Lever, C., Valakuzhy, K., Snow, K., Monrose, F., & Antonakakis, M. (2021). The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle. In 30th {USENIX} Security Symposium ({USENIX} Security 21). USENIX Security 2021 .
    Dec 21Mobile Security Reading Assignment 6:
    Lu, L., Li, Z., Wu, Z., Lee, W., & Jiang, G. (2012, October). Chex: statically vetting android apps for component hijacking vulnerabilities. In Proceedings of the 2012 ACM conference on Computer and communications security (pp. 229-240).

    Presentation Papers:
    • Presenter: Zeynep İnkaya
      Aafer, Y., Tao, G., Huang, J., Zhang, X., & Li, N. (2018, January). Precise Android API protection mapping derivation and reasoning. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1151-1164).

    • Presenter: Furkan Karakuş
      Xi, S., Yang, S., Xiao, X., Yao, Y., Xiong, Y., Xu, F., ... & Lu, J. (2019, November). DeepIntent: Deep icon-behavior learning for detecting intention-behavior discrepancy in mobile apps. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (pp. 2421-2436).

    Watch List:
    • Possemato, A., & Fratantonio, Y. (2020). Towards {HTTPS} Everywhere on Android: We Are Not There Yet. In 29th {USENIX} Security Symposium ({USENIX} Security 20) (pp. 343-360).USENIX Security 2020
    • Andow, B., Mahmud, S. Y., Wang, W., Whitaker, J., Enck, W., Reaves, B., ... & Xie, T. (2019). Policylint: investigating internal privacy policy contradictions on Google play. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 585-602).USENIX Security 2019
    Dec 28Mobile Security Presentation Papers:
    • Presenter: Refik Can Öztaş
      Li, L., Li, D., Bissyandé, T. F., Klein, J., Le Traon, Y., Lo, D., & Cavallaro, L. (2017). Understanding android app piggybacking: A systematic study of malicious code grafting. IEEE Transactions on Information Forensics and Security, 12(6), 1269-1284.

    • Presenter: M. Aslı Taşgetiren
      Aonzo, S., Merlo, A., Tavella, G., & Fratantonio, Y. (2018, January). Phishing attacks on modern android. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1788-1801).

    • Presenter: Deniz Gürer
      Zhang, X., Zhang, Y., Zhong, M., Ding, D., Cao, Y., Zhang, Y., ... & Yang, M. (2020, October). Enhancing state-of-the-art classifiers with api semantics to detect evolved android malware. In Proceedings of the 2020 ACM SIGSAC conference on computer and communications security (pp. 757-770).
    Watch List:
    • Chakraborty, D., Hanzlik, L., & Bugiel, S. (2019). simTPM: User-centric {TPM} for Mobile Devices. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 533-550).USENIX Security 2019
    • Chen, J., Hengartner, U., Khan, H., & Mannan, M. (2020). Chaperone: Real-time Locking and Loss Prevention for Smartphones. In 29th {USENIX} Security Symposium ({USENIX} Security 20) (pp. 325-342).USENIX Security 2020
    • Reardon, J., Feal, Á., Wijesekera, P., On, A. E. B., Vallina-Rodriguez, N., & Egelman, S. (2019). 50 ways to leak your data: An exploration of apps' circumvention of the android permissions system. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 603-620).USENIX Security 2019
    • Elsabagh, M., Johnson, R., Stavrou, A., Zuo, C., Zhao, Q., & Lin, Z. (2020). {FIRMSCOPE}: Automatic Uncovering of Privilege-Escalation Vulnerabilities in Pre-Installed Apps in Android Firmware. In 29th {USENIX} Security Symposium ({USENIX} Security 20).
    Jan 4Machine Learning Security Reading Assignment 7:
    Nguyen A, Yosinski J, Clune J. Deep Neural Networks are Easily Fooled: High Confidence Predictions for Unrecognizable Images. In Computer Vision and Pattern Recognition (CVPR ’15), IEEE, 2015.

    Presentation Papers:
    • Presenter: Hakan Mutlu
      Madry, A., Makelov, A., Schmidt, L., Tsipras, D., & Vladu, A. (2017). Towards deep learning models resistant to adversarial attacks. arXiv preprint arXiv:1706.06083.

    • Presenter: Mehmet Safa Gökalp
      Ji, Y., Zhang, X., Ji, S., Luo, X., & Wang, T. (2018, January). Model-reuse attacks on deep learning systems. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 349-363).

    • Presenter: Mert Can Ak
      Tramèr, F., Shokri, R., Joaquin, A. S., Le, H., Jagielski, M., Hong, S., & Carlini, N. (2022). Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
    Watch List:
    • Carlini, N., Liu, C., Erlingsson, Ú., Kos, J., & Song, D. (2019). The secret sharer: Evaluating and testing unintended memorization in neural networks. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 267-284).USENIX Security 2019
    • Jagielski, M., Carlini, N., Berthelot, D., Kurakin, A., & Papernot, N. (2020). High Accuracy and High Fidelity Extraction of Neural Networks. In 29th {USENIX} Security Symposium ({USENIX} Security 20).USENIX Security 2020
    Jan 18Project Presentations Project Presentations