本课程我们会侧重于互联网安全, 先开始学习互联网安全的概述,然后主要集中于如下几个新兴的安全挑战和攻防对策领域:移动(智能手机)安 全, 软件漏洞及挖掘,和软件自定义网 络(SDN)安全。 通过这门课,同学们将阅读和讨论一些研究论文,获取一些开放性的研究问题,然后可以选择其中有兴趣的作为课 程项目。
上课时间地点:夏 (每周)星期三6-9节 玉泉曹光彪二期-204(多)
|
Date |
Lectures Topics |
Speakers & Notes |
Reading |
| 5/3 |
智能网联汽车安全 | 科恩实验室 |
智能网联汽车安全讲课大纲 |
|
5/10 |
Class Overview, |
[static analysis part1] |
H. Xu, Y. Chen, et al., RAT Detection with Potentially Harmful Functions (PHFs) Boyuan He, Vaibhav Rastogi, Yinzhi Cao, Yan Chen, V.N. Venkatakrishnan, Runqing Yang and Zhenrui Zhang, Vetting SSL Usage in Applications with SSLINT, in the Proc. of IEEE Symposium on Security and Privacy (Oakland), 2015 (55/402=13.7%). Presentation PowerPoint in Chinese. |
| 5/15 |
Intro to SDN and NFV and their security issues | [Slides
by Shenker] Yan [Openflow] |
The Future of Networking, and the
Past of Protocols, Scott Shenker (video
of talk at Ericsson) How
SDN will Shape Networking, talk by Nick McKeown at
Open Network Summit, 2011. |
|
5/22 |
Intro to Mobile Security and Privacy |
[AppShield] |
Symantec
Internet Security Threat Report, April 2017. |
| 5/29 | by Prof. Chunming Wu |
||
|
6/7 |
by Prof. Chunming Wu |
||
| 6/14 | Survey/Paper presentations |
2,4,5,8 |
|
| 6/21 |
Survey/Paper presentations | 1,3,6,7,9 |
Notes: You may
find the brochure useful: Efficient
reading of papers in Science and Technology by Michael
J. Hanson, 1990, revised 2000 Dylan McNamee.
Paper presentation list:
I. APT/malware Detection:
1.
Brown
Farinholt, Mohammad Rezaeirad, Paul Pearce, Hitesh
Dharmdasani, Haikuo Yin, Stevens Le Blond, Damon McCoy, and
Kirill Levchenko,To
Catch a Ratter: Monitoring the Behavior of Amateur
DarkComet RAT Operators in the Wild, IEEE
Symposium on Security & Privacy (Oakland), San Jose, CA,
May 2017.
Survey: APT attack detection
(mentor: 许海涛 <haitao.wm@gmail.com>, (唐雷,唐凯宇)
6/21
2. Caillat
B, Gilbert B, Kemmerer R, et al. Prison: Tracking
Process Interactions to Contain Malware, IEEE
International Conference on High PERFORMANCE Computing and
Communications (CSS), 2015
Survey: In memory attack detection. (mentor: 杨润清
<rainkin1993@gmail.com>) (朱 梦凡, 王冠颖) 6/14
3. VUDDY: A Scalable Approach for Vulnerable Code Clone
Discovery, Seulbae Kim (Korea University), Seunghoon Woo
(Korea University), Heejo Lee (Korea University), Hakjoo Oh
(Korea University), in IEEE Symposium S&P 2017.
Survey: The industry of automatic vulnerability discovery for
large scale software (mentor: 何博远
<heboyuan@gmail.com>) ( 周寒, 诸凯丽)
6/21
II.
SDN/NFV Security and Diagnosis
4. Paper: Mahajan K, Poddar R, Dhawan M, et al. JURY:
Validating
Controller Actions in Software-Defined Networks, 2016 46th Annual IEEE/IFIP International
Conference on Dependable
Systems and Networks (DSN).
Survey: Security issues for SDN base cloud
(Openstack) (mentor: 冷雪
<lengsnow2015@qq.com>) (张淼, 汪世元) 6/14
5. Paper: Scott C, Wundsam A, Raghavan
B, et al. Troubleshooting
blackbox
SDN control software with minimal causal sequences[J].
ACM SIGCOMM Computer Communication Review, 2015, 44(4):
395-406. (mentor: 李星) (李星, 金羚)
6/14
Survey: Diagnosis
of cloud based services
III. Mobile Security
8. Kusner
M,
Sun Y, Kolkin N, et al. From
wo
rd embeddings to document distances. International
Conference on Machine Learning. 2015 (mentor: Du
Xuechao)
Survey: Knowledge based NLP techniques and its
applications. (mentor: 杜学超 <xcdu@foxmail.com>)
(余平刚, 杨荣钦) 6/14
9. Grace,
Michael C, et al. "Unsafe
exposure analysis of mobile in-app advertisements." ACM
Conference
on Security and Privacy in Wireless and Mobile Networks ACM,
2012:101-112
Survey: mobile ads economic market, fraud and attacks
(mentor: Ling Jin <ljin1995@qq.com>) (Yu
Guo, 刘皇敏) 6/21
Each team will consist of two students.
The first four teams presenting on 6/14 will have 35 minutes
each and the last five teams presenting on 6/21 will have 30
minutes each (I try to encourage people to present
earlier). The work division will be reported at the final
survey report.
Please mainly present the survey for 20-25
minutes and cover the paper in about 5-10 minutes.