This page is organized by the weeks of the quarter in which discussions were scheduled. The weeks are in inverse order, on the assumption you will most often be looking for the most recent week.
This class will be taught by Peter Reiher.
As announced in the final class meeting, we will have a take-home final. You will be able to pick up the final from Janice Martin in 3732H at 1 PM on Monday, June 9. You must turn it in to the same place by 1 PM on Tuesday, June 10. The final may be taken open-book, open-notes. You should spend no more than three hours taking the final.
Spreadsheet showing topics, schedule, and current assignments.
May 21, 2003
Resilient Self-Organizing Overlay Networks for Security Update Delivery, Jun Li, Peter Reiher, Gerald Popek, to appear in an upcoming issue of JSAC. (Note: this is a preprint version of this paper, and it will be removed from the web page soon after the class. Please do not distribute it to others, since it may contain typos, other errors, and sections in need of improvement.)
May 19, 2003
Slides:
Powerpoint slides on network anonymization techniques
Infranet: Circumventing Web Censorship and Surveillance, N. Feamseter, M. Balazinska, G. Harfst, H. Balakrishna, D. Karger, Usenix Security Symposium 2002.
Anonymous Connections and Onion Routing, P. Syverson, D. Goldschlag, M. Reed, IEEE Symposium on Privacy and Security, 1997.
May 14, 2003
Active Network Security
Active Network Security Architecture, AN Security Working Group, November 2001.
Strong Security for Active Networks, S. Murphy, E. Lewis, R. Puga, R. Watson, and R. Yee. IEEE Openarch 2001.
May 12, 2003
Evaluating Network Threats and Defense Mechanisms
Observing Attacks and Evaluating Defenses on the Internet
Inferring Internet Denial-of-Service Activity, David Moore, Geoffrey Voelker, and Stefan Savage , 10th Usenex Security Symposium, 2001.
An Evening With Berferd In Which a Cracker is Lured, Endured, and Studied, Bill Cheswick, Usenex , 1992.
May 7, 2003
Defending Against Worms
Powerpoint version of worm defense slides.
How to 0wn the Internet in Your Spare Time, Stuart Staniford, Vern Paxson, Nicholas Weaver, 11th Usenex Security Symposium, 2002.
Compartive Response Strategies for Large Scale Attack Mitigation, D. Jojiri, J. Rowe, K. Levitt, DISCEX 03, 2003.
May 5, 2003
DDOS: D-WARD, Defcom, and Other Distributed Approaches
Attacking DDoS At the Source, J. Mirkovic, G. Prier, and P. Reiher, ICNP 2002.
A paper on Defcom was handed out at the last class in hard copy form. Please read that.
Cossack: Coordinated Suppresion of SImultaneous Attacks, . C. Papadopoulos, R. Lindell, J. Mehringer, A. Hussain, and R. Govindan, DANCE 2003.
April 30, 2003
DDOS: Traceback and Other Approaches
Practical Network Support for IP Traceback, S. Savage, et al, SIGCOMM 2000.
NetBouncer: Client-Legitimacy Based High Performance DDoS Filtering, R. THomas, B. Mark, T. Johnson, and J. Croall, DISCEX 2003.
Analyzing Interactions Between Distributed Denial of Service Attacks and Mitigation Strategies, W. Blackert, G. Gregg, A. Castner, E. Kyle, R. Hom, and R. Jokerst, DISCEX 2003.
April 28, 2003
DDOS: Basics and Pushback Mechanisms
Implementing Pushback: Router-Based Defense Against DDoS Attacks, J. Ioannidis and S. Bellovin In Proceedings of NDSS '02, Feb. 2002.
A Taxonomy of DDoS Attack and DDoS Defense Mechanisms, Jelena Mirkovic and Peter Reiher, UCLA CSD Technical Report No. 020018, 2002.
No slides available yet.
April 21, 2003
NO CLASS TODAY
April 23, 2003
PDF version of slides on Resurrecting Duckling paper.
Security for Ubiquitous and Pervasive Envrionments
The Resurrecting Duckling: Security Issues in Ad-hoc Wireless Networks, Frank Stajano and Ross Anderson, Proc. Seventh Security Protocols Workshop, Berlin 2000.
An Authorization Infrastructure for Nomadic Computing, Kan Zhang and Tim Kindberg, In proceedings SACMAT 2002.
The following are optional readings:
Context Authentication using constrained channels, Tim Kindberg and Kan Zhang, HP Laboratories, In Proceedings of IEEE WMCSA 2002, New York, June 2002.
Routing through the Mist: Privacy Preserving Communication in Ubiquitous Computing Environments Jalal Al-Muhtadi, Roy Campbell, Apu Kapadia, Dennis Mickunas, Seung Yi, in the International Conference of Distributed Computing Systems (ICDCS 2002).
Powerpoint version of multicast security slides.
Multicast Security
"Multicast Security: A Taxonomy and Efficient Constructions," Canetti, et al Infocom, 1999.
The Multicast Security (MSEC) Architecture, IETF Draft, Hardjono and Weis, November 2002.
April 14, 2003
Mobile ad hoc routing security
Powerpoint version of secure ad hoc routing slides.
"A Secure Routing Protocol for Ad Hoc Networks," Sanzgiri, et al ICNP, October 2002.
Powerpoint version of DNS security slides.
DNS Security
"DNS Security Introduction and Requirements," R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose, Internet Draft, February 14, 2003. This paper gives a good overview of how DNS security is proposed to work.
"Threat Analysis of the Domain Name System," R. Austein, Internet Draft, February 2002. Describes the threats that DNS security is intended to counter.
April 7, 2003
Routing protocol security
Papers:
"Secure Border Gateway Protocol (Secure BGP),", Stephen Kent, Charles Lynn, Karen Seo, IEEE Journal on Selected Areas in Communication, Vol. 18, No. 4, April 2000.
"Secure Border Gateway Protocol (S-BGP) - Real World Performance and Deployment Issues," Stephen Kent, Charles Lynn, Joanne Mikkelson, and Karen Seo.
"Efficient Security Mechanisms for Routing Protocols," Yih-Chun Hu, Adrian Perrig, David B. Johnson, NDSS 03.
Introductory material on IP spoofing.
Class structure and organizational materials.
April 2, 2003
IP Spoofing: The problem and solution approaches.
Papers:
"Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing," P. Ferguson, RFC 2827. (Available from many other sources, as well.) This RFC describes a simple form of filtering that can help limit IP spoofing.
"On the Effectiveness of Route-based Packet Filtering for Distributed DoS Attack Prevention in Power-law Internets", Kihong Park and H. Lee, Proceeding of the ACM SIGCOMM '01. This paper discusses how widely deployed network filtering capabilities would need to be to offer an effective defense against IP spoofing.
"SAVE: Source Address Validity Enforcement," Jun Li, Jelena Mirkovic, Mengqiu Wang, Peter Reiher, and Lixia Zhang, Infocom 2002. This paper describes a protocol that allows routers to determine the proper incoming interfaces for packets with particular IP source addresses. Tables of these kinds are assumed in Park's paper, above.