Readings
Paper Response Guidelines
Write a ~400 word critical response to each required paper.
- In the first paragraph:
- State the problem that the paper tries to solve; and
- Summarize the main contributions.
- In one or more additional paragraphs:
- Evaluate the paper's strengths and weaknesses;
- Discuss something you would have done differently if you had written the paper; and
- Suggest one or more interesting open problems on related topics.
Your most important task is to demonstrate that you've read the paper and thought carefully about the topic.
Paper responses are due before the start of class via the online submission system. Before you upload your work, the system will ask you to assess earlier responses written by your peers. We'll combine peer feedback and our own evaluation when determining your grade.
Reading List
This list is subject to change. Updates will be posted by the end of the day on the Friday before each lecture.
Unfortunately, some articles require paid subscriptions to journals and digital libraries. You can access these for free when connecting on campus. For off-campus access, try the U-M VPN or the MLibrary Proxy Server Bookmarklet.
Welcome / Essential Crypto
Tuesday, January 13
- Introduction. (Slides from lecture.)
- The Security Mindset. Bruce Schneier. 2008.
- Security Engineering. Ross Anderson. Wiley, 2001.
- Handbook of Applied Cryptography. Menezes, van Oorschot, and Vanstone. CRC Press, 1996.
Thursday, January 15
- Essential Cryptography. (Slides from lecture.)
- TLS and SSL. D. Koren, et al. Secure Networking Protocols Portal, 2009.
- TLS v1.2. Dierks and Rescorla. RFC 5246, 2008.
- The First Few Milliseconds of an HTTPS Connection. Jeff Moser. 2009.
- StartSSL. (CA providing free certs.)
- Let's Encrypt. (the CA Alex is building).
How Crypto Fails
Tuesday, January 20
- MD5 To Be Considered Harmful Someday. Dan Kaminsky. 2004.
- MD5 Considered Harmful Today. Sotirov, Stevens, Appelbaum, Lenstra, Molnar, Osvik, and Weger. CCC 2008.
- How to Break MD5 and Other Hash Functions. Wang and Yu. Eurocrypt 2005.
- Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate. Stevens, Sotirov, Appelbaum, Lenstra, Molnar, Osvik, and Weger. Crypto 2009.
- Chosen-prefix collisions for MD5 and applications. Stevens, Lenstra, and de Weger. Int. J. Applied Cryptography, 2(4), 2012.
- Analysis of the HTTPS Ecosystem. Durumeric, Kasten, Bailey, and Halderman. IMC 2013.
- Cryptanalysis of the Windows Random Number Generator. Dorrendorf, Gutterman, and Pinkas. CCS 2007.
Thursday, January 22
- Lessons Learned in Implementing and Deploying Crypto Software. Peter Gutmann. Usenix Security 2002.
- Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices. Heninger, Durumeric, Wustrow, and Halderman. Usenix Security 2012.
- Why Cryptosystems Fail. Ross Anderson. Commun. ACM, 37(11), Nov. 1994.
- Why Information Security is Hard: An Economic Perspective. Ross Anderson. ACSAC 2001.
- The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software. Georgiev, Iyengar, Jana, Anubhai, Boneh, and Shmatikov. CCS 2012.
- ZMap: Fast Internet-Wide Scanning and its Security Applications. Durumeric, Wustrow, and Halderman. Usenix Security 2013.
- Scans.io. (Internet scan data repository.)
Binary Exploitation
Tuesday, January 27 — Basic Exploitation
- Smashing the Stack for Fun and Profit. Aleph One. Phrack 49(14), Nov. 1996.
- StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. Cowan, Pu, Maier, Hinton, Walpole, Bakke, Beattie, Grier, Wagle, and Zhang. Usenix Security 1998.
- Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns. Pincus and Baker. IEEE Security and Privacy, July–Aug. 2004.
- On the Effectiveness of ASLR. Shacham, Page, Pfaff, Goh, Modadugu, and Boneh. CCS 2004.
- English Shellcode. Mason, Small, Monrose, and MacManus. CCS 2009.
- AEG: Automatic Exploit Generation. Avgerinos, Cha, Hao, and Brumley. NDSS 2011.
Thursday, January 29 — Modern Attacks
- The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). Hovav Shacham. CCS 2007.
- Eternal War in Memory. Szekeres, Payer, Wei, and Song. Oakland 2013.
- VUPEN Vulnerability Research Blog. (Details of advanced modern exploitation.)
- Markets for Zero-Day Exploits: Ethics and Implications. Egelman, Herley, and van Oorschot. NSPW 2013.
- An Empirical Study of Vulnerability Rewards Programs. Finifter, Akhawe, and Wagner. Usenix Security 2013.
- Nozzle: A Defense Against Heap-spraying Code Injection Attacks. Ratanaworabhan, Livshits, and Zorn. Usenix Security 2009.
Malicious Software
Tuesday, February 3 — Malware
- Reflections on Trusting Trust. Ken Thompson. Communications of the ACM, 27(8), Aug. 1984.
- CloudAV: N-Version Antivirus in the Network Cloud. Oberheide, Cooke, and Jahanian. Usenix Security 2008.
- Towards Automatic Generation of Vulnerability-Based Signatures. Brumley, Newsome, Song, Wang, and Jha. Oakland 2006.
- Control Flow Integrity for COTS Binaries. Zhang and Sekar. Usenix Security 2013.
- Inside the Slammer Worm. Moore, Paxson, Savage, Shannon, Staniford, and Weaver. IEEE Security and Privacy, July/August 2003.
- The Morris Worm: A Fifteen-Year Perspective. Orman. IEEE Security and Privacy, Sept./Oct. 2003.
Thursday, February 5 — Isolation
- Capsicum: Practical Capabilities for UNIX. Watson, Anderson, Laurie, and Kennaway. Usenix Security 2010.
- Native Client: A Sandbox for Portable, Untrusted x86 Native Code. Yee, Sehr, Dardyk, Chen, Muth, Ormandy, Okasaka, Narula, and Fullagar. Oakland 2009.
- Leveraging Legacy Code to Deploy Desktop Applications on the Web. Douceur, Elson, Howell, and Lorch. OSDI 2008.
- Safe Kernel Extensions Without Run-Time Checking. Necula and Lee. OSDI 1996.
- The Security Architecture of the Chromium Browser. Barth, Jackson, Reis, and The Google Chrome Team. 2008.
- The Ten-Page Introduction to Trusted Computing. Martin. 2008.
Web Security
Tuesday, February 10 — Web Attacks
- Blueprint: Robust Prevention of Cross-site Scripting Attacks for Existing Browsers. Louw and Venkatakrishnan. Oakland 2009.
- Robust Defenses for Cross-Site Request Forgery. Barth, Jackson, and Mitchell. CSS 2008.
- deDacota: Toward Preventing Server-Side XSS via Automatic Code and Data Separation. Doupé, Cui, Jakubowski, Peinado, Kruegel, and Vigna. CCS 2013.
- Protection and Communication Abstractions for Web Browsers in MashupOS. Wang, Fan, Howell, and Jackson. SOSP 2007.
- Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner. Doupe, Cavedon, Kruegel, and Vigna. Usenix Security 2012.
- OWASP Cheat Sheet Series. Open Web Application Security Project.
Thursday, February 12 — Web Isolation
- Securing Browser Frame Communication. Barth, Jackson, and Mitchell. Usenix Security 2008.
- Reining in the Web with Content Security Policy. Stamm, Sterne, and Markham. WWW 2010.
- Beware of Finer-Grained Origins. Jackson and Barth. Web 2.0 Security and Privacy 2008.
- Protecting Browsers from DNS Rebinding Attacks. Jackson, Barth, Bortz, Shao, And Boneh. CCS 2007.
- Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense. Barth, Weinberger, and Song. Usenix Security 2009.
- Eradicating DNS Rebinding with the Extended Same-Origin Policy. Johns, Lekies, and Stock. Usenix Security 2013.
Human Factors
Tuesday, February 17 — Authentication
- reCAPTCHA: Human-Based Character Recognition via Web Security Measures. von Ahn, Maurer, McMillen, Abraham, and Blum. Science, September 2008.
- The Tangled Web of Password Reuse. Das, Bonneau, Caesar, Borisov, and Wang. NDSS 2014.
- Games with a Purpose. Luis von Ahn. CACM, August 2008.
- Sketcha: A Captcha Based on Line Drawings of 3D Models. Ross, Halderman, and Finkelstein. WWW 2010.
- The Robustness of Hollow CAPTCHAs. Gao, Wang, Qi, Wang, Liu, and Yan. CCS 2013.
- How Good are Humans at Solving CAPTCHAs? Bursztein, Bethard, Fabry, Mitchell, and Jurafsky. Oakland 2010.
- The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords. Joseph Bonneau. Oakland 2012.
- A Usability Study and Critique of Two Password Managers. Chiasson, van Oorschot, and Biddle. Usenix Security 2006.
- Honeywords: Making Password-Cracking Detectable. Juels and Rivest. CCS 2013.
- Designing Crypto Primitives Secure Against Rubber Hose Attacks. Bojinov, Sanchez, Reber, Boneh, and Lincoln. Usenix Security 2012.
Thursday, February 19 — Usable Security
- Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0. Whitten and Tygar. Usenix Security 1999.
- The Psychology of Security for the Home Computer User. Howe, Ray, Roberts, Urbanska, and Byrne. Oakland 2012.
- So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users. Cormac Herley. NSPW 2009.
- Secrecy, Flagging, and Paranoia: Adoption Criteria in Encrypted Email. Gaw, Felten, and Fernandez-Kelly. CHI 2006.
- In Search of Usable Security: Five Lessons from the Field. Balfanz, Durfee, Grinter, and Smetters. IEEE Security and Privacy, September/October 2004.
- Folk Models of Home Computer Security. Rick Wash. SOUPS 2010.
- Your Attention Please: Designing Security-Decision UIs. Bravo-Lillo, Cranor, Downs, Komanduri, Reeder, Schechter, and Sleeper. SOUPS 2013.
- Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness. Akhawe and Felt. Usenix Security 2013.
- Why (Special Agent) Johnny (Still) Can't Encrypt. Clark, Goodspeed, Metzger, Wasserman, Xu, and Blaze. Usenix Security 2011.
Mobile Security
Tuesday, February 24 — Mobile Security
- Dissecting Android Malware: Characterization and Evolution. Zhou and Jiang. Oakland 2012.
- You Can Run, but You Can’t Hide: Exposing Network Location for Targeted DoS Attacks in Cellular Networks. Qian, Wang, Xu, Mao, Zhang, and Wang. NDSS 2012.
- Smart-Phone Attacks and Defenses. Guo, Wang, and Zhu. HotNets 2004.
- Android Permissions: User Attention, Comprehension, and Behavior. Felt, Ha, Egelman, Haney, Chin, and Wagner. SOUPS 2012.
- Android Permissions Demystified. Felt, Chin, Hanna, Song, and Wagner. CCS 2011.
- User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems. Roesner, Kohno, Moshchuk, Parno, Wang, and Cowan. Oakland 2012.
- Predictability of Android OpenSSL's Pseudorandom Number Generator. Kim, Han, and Lee. CCS 2013.
Thursday, February 26 — Pre-proposal presentations No written response required for today.
Network Security
Tuesday, March 10 — Network Attacks
- A Look Back at “Security Problems in the TCP/IP Protocol Suite.” Steve Bellovin. ACSAC 2004.
- The Crossfire Attack. Kang, Lee, and Gligor. Oakland 2013.
- Blind TCP/IP Hijacking is Still Alive. lkm. Phrack 64, 2007.
- A Survey of BGP Security Issues and Solutions. Butler, Farley, McDaniel, and Rexford. 2008.
- Black Ops 2008: It’s the End of the Cache as We Know It. Dan Kaminsky. Toorcon 2008.
- Increased DNS Forgery Resistance Through 0x20-Bit Encoding. Dagon, Antonakakis, Vixie, Jinmei, and Lee. CCS 2008.
- Bro: A System for Detecting Network Intruders in Real-Time. Vern Paxson. Computer Networks 31(23-24), 1999.
- The Security Flag in the IPv4 Header. Steve Bellovin. RFC 3514.
Thursday, March 12 — Online Crime
- Spamalytics: An Empirical Analysis of Spam Marketing Conversion. Kanich, Kreibich, Levchenko, Enright, Voelker, Paxson, and Savage. CCS 2008.
- Your Botnet is My Botnet: Analysis of a Botnet Takeover. Stone-Gross, Cova, Cavallaro, Gilbert, Szydlowski, Kemmerer, Kruegel, and Vigna. CCS 2009.
- Modeling and Evaluating the Resilience of Peer-to-Peer Botnets. Rossow, Andriesse, Werner, Stone-Gross, Plohmann, Dietrich, and Bos. Oakland 2013.
- A Multifaceted Approach to Understanding the Botnet Phenomenon. Rajab, Zarfoss, Monrose, and Terzis. ISC 2006.
- What’s Clicking What? Techniques and Innovations of Today’s Clickbots. Miller, Pearce, Grier, Kreibich, and Paxson. DIMVA 2011.
- Clickjacking: Attacks and Defenses. Huang, Moshchuk, Wang, Schechter, and Jackson. Usenix Security 2012.
- @spam: The Underground on 140 Characters or Less. Grier, Thomas, Paxson, and Zhang. CCS 2010.
- On the Mismanagement and Maliciousness of Networks. Zhang, Durumeric, Bailey, Liu, and Karir. NDSS 2014.
Advanced Threats
Tuesday, March 17 — Cyberwarfare
- W32.Stuxnet Dossier. Falliere, Murchu, and Chien. Symantec technical report, 2011.
- APT1 Report. Mandiant technical report, 2013.
- Cyberwar and Peace. Thomas Rid. Foreign Affairs, Nov./Dec. 2013.
- NSA's ANT Division Catalog of Exploits. Published by Der Spiegel, Dec. 2013.
- To Kill a Centrifuge. Ralph Langner. Nov. 2013.
- iSeeYou: Disabling the MacBook Webcam Indicator LED. Brocker and Checkoway. Dec. 2013.
- Reversing and Exploiting an Apple Firmware Update. K. Chen. BlackHat USA 2009.
- SkyNET: A Mobile Attack Drone and Stealth Botmaster. Reed, Geis, and Dietrich. WOOT 2011.
- Designing and Implementing Malicious Hardware. King, Tucek, Cozzie, Grier, Jiang, and Zhou. LEET 2008.
- Stealthy Dopant-Level Hardware Trojans. Becker, Regazzoni, Paar, and Burleson. CHES 2013.
Thursday, March 19 — Mass Surveillance
- Decoding the Summer of Snowden. Julian Sanchez. Cato Policy Report, 2013.
- Liberty and Security in a Changing World. President's review group on intelligence and communications technologies. Dec. 2013.
- Report on the Telephone Records Program Conducted under Section 215. Privacy and Civil Liberties Oversight Board. Jan. 2014.
- NSA Collecting Phone Records of Millions of Verizon Customers Daily. Glenn Greenwald. The Guardian, Jun. 2013.
- NSA Infiltrates Links to Yahoo, Google Data Centers Worldwide, Snowden Documents Say. Gellman and Soltani. Washington Post, Oct. 2013.
- NSA Collects Millions of Text Messages Daily in ‘Untargeted’ Global Sweep. James Ball. The Guardian, Jan. 2014.
- Global Surveillance Disclosures. Wikipedia.
- Catalog of the Snowden revelations. Lawfare.
Securing Critical Systems
Tuesday, March 24 — Health and Safety
- Experimental Security Analysis of a Modern Automobile. Koscher, Czeskis, Roesner, Patel, Kohno, Checkoway, McCoy, Kantor, Anderson, Shacham, and Savage. Oakland 2010.
- Security and Privacy for Implantable Medical Devices. Halperin, Heydt-Benjamin, Fu, Kohno, and Maisel. IEEE Pervasive Computing 7(1), 2008.
- Comprehensive Experimental Analyses of Automotive Attack Surfaces. Checkoway, McCoy, Kantor, Anderson, Shacham, Savage, Koscher, Czeskis, Roesner, and Kohno. Usenix Security 2011.
- Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. Halperin, Heydt-Benjamin, Ransford, Clark, Defend, Morgan, Fu, Kohno, and Maisel. Oakland 2008.
- Illuminating the Security Issues Surrounding Lights-Out Server Management. Bonkoski, Bielawski, and Halderman. WOOT 2013.
- Building the IBM 4758 Secure Coprocessor. Dyer, Lnidermann, Perez, Sailer, van Doorn, Smith, and Weingart. IEEE Computer, Oct. 2001.
Thursday, March 26 — Securing TLS
- SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements. Clark and van Oorschot. Oakland 2013.
- The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software. Georgiev, Iyengar, Jana, Anubhai, Boneh, and Shamatikov. CCS 2012.
- ForceHTTPS Cookies: A Defense Against Eavesdropping and Pharming. Jackson and Barth. WWW 2008.
- Null Prefix Attacks Against SSL/TLS Certificates. Moxie Marlinspike. 2009.
- Lucky 13: Breaking the TLS and DTLS Record Protocols. AlFardan and Paterson. Oakland 2013.
- On the Security of RC4 in TLS. AlFardan, Bernstein, Paterson, Schuldt, and Holloway. Usenix Security 2013.
- CAge: Taming Certificate Authorities by Inferring Restricted Scopes. Kasten, Wustrow, and Halderman. FC 2013.
- Certied Lies: Detecting and Defeating Government Interception Attacks Against SSL. Soghoian and Stamm. FC 2011.
- Lavabit Legal Proceedings. 2013.
Privacy and Confidentiality
Tuesday, March 31 — Privacy in the Cloud
- Third-Party Web Tracking: Policy and Technology. Mayer and Mitchell. Oakland 2012.
- Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider. Feldman, Blankstein, Freedman, and Felten. Usenix Security 2012.
- “You Might Also Like:” Privacy Risks of Collaborative Filtering. Calandrino, Kilzer, Narayanan, Felten, and Shmatikov. Oakland 2011.
- Remote Physical Device Fingerprinting. Kohno, Broido, and Claffy. Oakland 2005.
- Host Fingerprinting and Tracking on the Web. Yen, Xie, Yu, Yu, and Abadi. NDSS 2012.
- Selling Off Privacy at Auction. Olejnik, Tran, and Castelluccia. NDSS 2014.
- Adnostic: Privacy Preserving Targeted Advertising. Toubiana, Narayanan, Boneh, Nissenbaum, and Barocas. NDSS 2010.
- CryptDB: Protecting Confidentiality with Encrypted Query Processing. Popa, Redfield, Zeldovich, and Balakrishnan. SOSP 2011.
- Securing Web Applications by Blindfolding the Server. Popa, Stark, Valdez, Helfer, Zeldovich, Kasshoek, and Balakrishnan. NSDI 2014.
- Privacy Policy. Google, Inc.
Thursday, April 2 — Deletion and Leakage
- Lest We Remember: Cold Boot Attacks on Encryption Keys. Halderman, Schoen, Heninger, Clarkson, Paul, Calandrino, Feldman, Appelbaum, and Felten. Usenix Security 2008.
- Secure Data Deletion. Reardon, Basin, and Capkun. Oakland 2013.
- History Independence for File Systems. Bajat and Sion. CCS 2013.
- BootJacker: Compromising Computers Using Forced Restarts. Chan, Carlyle, David, Farivar, and Campbell. CCS 2008.
- Shredding Your Garbage: Reducing Data Lifetime Through Secure Deallocation. Chow, Pfaff, Garfinkel, and Rosenblum. Usenix Security 2005.
- Increasing Data Privacy with Self-Destructing Data. Geambasu, Kohno, Levy, and Levy. Usenix Security 2009.
- Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs. Wolchok, Hofmann, Heninger, Felten, Halderman, Rossbach, Waters, and Witchel. NDSS 2010.
- Reconstructing RSA Private Keys from Random Key Bits. Heninger and Shacham. Crypto 2009.
- Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems. Zhang and Wang. Usenix Security 2009.
Online Freedom
Tuesday, April 7
- Tor: The Second-Generation Onion Router. Dingledine, Mattewson, and Syverson. Usenix Security 2004.
- Off-the-Record Communication, or, Why Not to Use PGP. Borisov, Goldberg, and Brewer. WPES 2004.
- Collateral Freedom: A Snapshot of Chinese Internet Users Circumventing Censorship. Robinson, Yu, and An. OpenITP, 2013.
- ConceptDoppler: A Weather Tracker for Internet Censorship. Crandall, Zinn, Byrd, Barr, and East. CCS 2007.
- Chipping Away at Censorship with User-Generated Content. Burnett, Feamster, and Vempala. Usenix Security 2010.
- Internet Censorship in China: Where Does the Filtering Occur? Xu, Mao, and Halderman. PAM 2011.
- Internet Censorship in Iran: A First Look. Aryan, Aryan, and Halderman. FOCI 2013.
- Analysis of the Green Dam Censorware System. Wolchok, Yao, and Halderman. Tech Report, 2009.
- No Direction Home: The True Cost of Routing Around Decoys. Houmansadr, Wong, and Shmatikov. NDSS 2014.
- An Analysis of Private Browsing Modes in Modern Browsers. Aggarwal, Bursztein, Jackson, and Boneh. Usenix Security 2010.
Thursday, April 9
- Bitcoin: A Peer-to-Peer Electronic Cash System. Satoshi Nakamoto. 2008.
- Telex: Anticensorship in the Network Infrastructure. Wustrow, Wolchok, Goldberg, and Halderman. Usenix Security 2011.
- Trawling for Tor Hidden Services. Biryukov, Pustogarov, and Weinmann. Oakland 2013.
- Criminal Complaint, U.S. v. Ulbricht. Oct. 2013.
- Zerocoin: Anonymous Distributed E-Cash from Bitcoin. Miers, Garman, Green, and Rubin. Oakland 2013.
- Shining Light in Dark Places: Understanding the Tor Network. McCoy, Bauer, Grunwald, Kohno, and Sicker. PETS 2008.
- Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries. Johnson, Wacek, Jansen, Sherr, and Syverson. CCS 2013.
- How the NSA Attacks Tor Users with QUANTUM and FOXACID. Bruce Schneier. Oct. 2013.
- Cover Your ACKs: Pitfalls of Covert Channel Censorship Circumvention. Geddes, Schuchard, and Hopper. CCS 2013.
- Protocol Misidentification Made Easy with Format-Transforming Encryption. Dyer, Coull, Ristenpart, and Shrimpton. CSS 2013.
- Spot Me If You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations. Wright, Ballard, Coull, Monrose, and Masson. Oakland 2008.
Physical Security
Tuesday, April 21 No written response required for today.
- Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks. Matt Blaze. IEEE Security and Privacy, March/April 2003.
- Keep it Secret, Stupid! Matt Blaze. 2003.
- Picking Pin Tumbler Locks. Matt Blaze. 2003.
- Safecracking for the Computer Scientist. Matt Blaze. 2004.
- Reconsidering Physical Key Secrecy: Teleduplication via Optical Decoding. Laxton, Wang, and Savage. CCS 2008.
- Security Analysis of a Widely Deployed Locking System. Weiner, Massar, Tews, Giese, and Wieser. CCS 2013.