EE515/IS523

8/31/2021

Topic: Course Introduction & Introduction to Security Engineering
Presenter: Yongdae Kim
Slides: ppt
Reading List: "What is Security Engineering?" by Ross Anderson

9/2/2021

Topic: Cryptography in a Nutshell
Presenter: Yongdae Kim
Slides: ppt
Reading List: "Overview of Cryptography" in Handbook of Applied Cryptography

9/7/2021

Topic: Access Control in a Nutshell (1)
Presenter: Yongdae Kim
Slides: ppt
Reading List: "Access Control" by Ross Anderson

9/9/2021

Topic: Access Control in a Nutshell (2)
Presenter: Yongdae Kim
Slides: ppt
Reading List: "Access Control" by Ross Anderson

9/16/2021

Topic: Software Engineering Failures and Malpractices
Assignment: Reading Report
Reading List:
- Yongdae Kim A. Feldman, J. Halderman, and E. Felten, "Security Analysis of the Diebold AccuVote-TS Voting Machine", EVT'07 (Slides)
- R1 R2 Yongdae Kim S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno, "Comprehensive Experimental Analyses of Automotive Attack Surfaces", USENIX Sec'11 (Slides)

9/23/2021

Topic: Usable Security
Assignment: Reading Report
Reading List:
- Yongdae Kim A. Whitten and J. D. Tygar, "Why Johnny can't encrypt: a usability evaluation of PGP 5.0", USENIX Sec'99 (Slides)
- R1 R2 Taekkyeong Oh@SYSSEC Guoming Zhang, Chen Yan, Xiaoyu Ji, Tianchen Zhang, Taimin Zhang, Wenyuan Xu, "Dolphin Attack: Inaudible Voice Commands", ACM CCS'17 (Slides)

9/28/2021

Topic: Low Level Attacks
Assignment: Reading Report
Reading List:
- R1 R2 Yongdae Kim J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten, "Lest We Remember: Cold Boot Attacks on Encryption Keys", USENIX Sec'08 (Slides)
- Changhun Song@SYSSEC M. Seaborn and T. Dullien, "Exploiting the DRAM rowhammer bug to gain kernel privileges", Blackhat'15 (Slides)

9/30/2021

Topic: Medical Devices
Assignment: Reading Report
Reading List:
- R1 Yongdae Kim I. Martinovic, D. Davies, M. Frank, D. Perito, T. Ros, and D. Song, "On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces", USENIX Sec'12 (Slides)
- R2 YongHwa Lee D. Halperin, T. Heydt-Benjamin, B. Ransford, S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W.Maisel, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses", IEEE SP'08 (Slides)

10/5/2021

Topic: Network Security
Assignment: Reading Report
Reading List:
- R1 Yongdae Kim E. Chan-Tin, P. Wang, J. Tyra, T. Malchow, D. Foo Kune, N. Hopper, and Y. Kim, "Attacking the Kad Network - Real World Evaluation and High Fidelity Simulation using DVN", Wiley Security and Communication Networks'09, (Slides)
- R2 Yongdae Kim M. Schuchard, E. Y. Vasserman, A. Mohaisen, D. Foo Kune, N. Hopper, and Y. Kim, "Losing control of the Internet: Using the data plane to attack the control plane", NDSS'11, (Slides)

10/12/2021

Topic: Bitcoin and BlockChain (1)
Assignment: Reading Report
Reading List:
- R1 R2 Taehwa Lee Maria Apostolaki, Aviv Zohar, Laurent Vanbever, "Hijacking Bitcoin: Routing Attacks on Cryptocurrencies", IEEE SP'17, (Slides)
- Yongdae Kim Y. Kwon, D. Kim, Y. Son, E. Y. Vasserman, and Y. Kim, "Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin", ACM CCS'17 (Slides)

10/26/2021

Topic: RF Security
Assignment: Reading Report
Reading List:
- R1 Junghan Yoon N. O. Tippenhauer, L. Malisa, A. Ranganathan, and S. Capkun, "On Limitations of Friendly Jamming for Confidentiality", IEEE SP'13 (Slides)
- R2 Minkyoo Song M. Singh, P. Leu, A. Abdou, S. Capkun, "UWB-ED: Distance Enlargement Attack Detection in Ultra-Wideband", USENIX Sec'19 (Slides)

10/28/2021

Topic: Cellular Network (1)
Assignment: Reading Report

Gyuhwan Park H. Kim, D. Kim, M. Kwon, H. Han, Y. Jang, D. Han, T. Kim, and Y. Kim, "Breaking and Fixing VoLTE: Exploiting Hidden Data Channels and Mis-implementations", ACM CCS'15 (Slides)
R1 R2 Tuan Hoang Dinh B. Hong, S. Bae, and Y. Kim, "GUTI Reallocation Demystified: Cellular Location Tracking with Changing Temporary Identifier", NDSS'18 (Slides)

11/2/2021

Topic: Cellular Network (2)
Assignment: Reading Report
Reading List:
- R1 Yeongbin Hwang H. Kim, J. Lee, E. Lee, and Y. Kim, "Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane", IEEE SP'19 (Slides)
- R2 Beomseok Oh D. Rupprecht, K. Kohls, T. Holz, and C. Popper, "Breaking LTE on Layer Two", IEEE SP'19 (Slides)

11/4/2021

Topic: Cellular Network (3)
Assignment: Reading Report
Reading List:
- R1 Eunsoo Kim@SYSSEC/Dongkwan Kim@SYSSEC E. Kim, D. Kim, C. Park, I. Yun, Y. Kima, "BaseSpec: Comparative Analysis of Baseband Software and Cellular Specifications for L3 Protocols", NDSS'21 (Slides)
- R2 CheolJun Park@SYSSEC H. Yang, S. Bae, M. Son, H. Kim, S. Kim, and Y. Kim, "Hiding in Plain Signal: Physical Signal Overshadowing Attack on LTE", USENIX Sec'19 (Slides)

11/9/2021

Topic: Network + Formal/NLP
Assignment: Reading Report
Reading List:
- R1 Seong-Joong Kim S. Jero, E. Hoque, D. Choffnes, A. Mislove, C. Nita-Rotaru, "Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach", NDSS'18 (Slides)
- R2 Wooyoung Go Y. Chen, Y. Yao, X. Wang, D. Xu, C. Yue, X. Liu, K. Chen, H. Tang, B. Liu, "Bookworm Game: Automatic Discovery of LTE Vulnerabilities Through Documentation Analysis", IEEE SP'21 (Slides)

11/11/2021

Topic: Breaking Cryptography & Critical Systems
Assignment: Reading Report
Reading List:
- R1 Hyunsik Jeong N. Heninger, Z. Durumeric, E. Wustrow, and J. A. Halderman, "Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices", USENIX Sec'12 (Slides)
- R2 Kyeong Tae Kim D. Antonioli, N. O. Tippenhauer, "The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR", USENIX Sec'19 (Slides)

11/18/2021

Topic: Sensor Security (1)
Assignment: Reading Report
Reading List:
- R1 Dohyun Kim@SYSSEC D. Foo Kune, J. Backes, S. Clark, D. Kramer, M. Reynolds, K. Fu, Y. Kim, and W. Xu, "Ghost Talk: Mitigating EMI Signal Injection Attacks against Analog Sensors", IEEE S&P'13 (Slides)
- R2 Sanggu Han H. Shin, D. Kim, Y. Kwon, and Y. Kim, "Illusion and Dazzle: Adversarial Optical Channel Exploits against Lidars for Automotive Applications ", CHES'17 (Slides)

11/23/2021

Topic: Sensor Security (2)
Assignment: Reading Report
Reading List:
- R1 JoonHa Jang Y. Son, H. Shin, D. Kim, Y. Park, J. Noh, K. Choi, J. Choi, and Y. Kim, "Rocking Drones with Intentional Sound Noise on Gyroscopic Sensors", USENIX Sec'15 (Slides)
- R2 Junho Ahn T. Trippel, O. Weisse, W. Xu, P. Honeyman and K. Fu, "Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems", USENIX Sec'20 (Slides)

11/25/2021

Topic: De-anonymizing others
Assignment: Reading Report
Reading List:
- R1 Youngjin Jin A. Narayanan, and V. Shmatikov, "Robust De-anonymization of Large Sparse Datasets", IEEE SP'08 (Slides)
- R2 Tae Hyeon Lee A. Caliskan-Islam, R. Harang, A. Liu, A. Narayanan, C. Voss, F. Yamaguchi, and R. Greenstadt, "De-anonymizing Programmers via Code Stylometry", USENIX Sec'15 (Slides)

11/30/2021

Topic: Hacking and Machine Learning (1)
Assignment: Reading Report
Reading List:
- R1 R2 Dohyun Kim@SYSSEC IJ Goodfellow, J Shlens, C Szegedy, "Explaining and harnessing adversarial examples", ICLR'15 (Slides)
- ManGi Cho@SYSSEC K. Eykholt, I. Evtimov, E. Fernandes, B. Li, A. Rahmati, C. Xiao, A. Prakash, T. Kohno, and D. Song, "Robust Physical-World Attacks on Deep Learning Visual Classification", IEEE CVPR'18 (Slides)

12/2/2021

Topic: Hacking and Machine Learning (2)
Assignment: Reading Report
Reading List:
- R1 Hanna Kim N. Carlini, and D. Wagner, "Audio Adversarial Examples: Targeted Attacks on Speech-to-Text", IEEE SP Workshop'18 (Slides)
- R2 Changhun Song@SYSSEC M Fredrikson, S Jha, T Ristenpart, "Model inversion attacks that exploit confidence information and basic countermeasures", ACM CCS'15 (Slides)

EE515/IS523: Security 101: Think Like an Adversary

Calendar (subject to change depending on schdule)

8/31/2021

9/2/2021

9/7/2021

9/9/2021

9/14/2021

9/16/2021

9/21/2021

9/23/2021

9/28/2021

9/30/2021

10/5/2021

10/7/2021

10/12/2021

10/14/2021

10/19/2021 (Midterm Exam Period)

10/21/2021 (Midterm Exam Period)

10/26/2021

10/28/2021

11/2/2021

11/4/2021

11/9/2021

11/11/2021

11/16/2021

11/18/2021

11/23/2021

11/25/2021

11/30/2021

12/2/2021

12/7/2021

12/9/2021

12/14/2021 (Final Exam Period)

12/16/2021 (Final Exam Period)

Useful Links (Borrowed from Zhi-Li Zhang's 8211 web page)