EE515

Topic: Course Introduction, Introduction to Security Engineering, Crypto
Presenter: Yongdae Kim
Slides: ppt
Reading List:
- "What is Security Engineering?" by Ross Anderson
- "Overview of Cryptography" in Handbook of Applied Cryptography

Topic: How to Think about Security of New (Emerging) Systems?, Software Engineering Failures and Malpractices
Presenter: Yongdae Kim
Slides: ppt
Assignment: Reading Report
Reading List:
- Yongdae Kim A. Feldman, J. Halderman, and E. Felten, "Security Analysis of the Diebold AccuVote-TS Voting Machine", EVT'07
- R1 R2 Yongdae Kim S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno, "Comprehensive Experimental Analyses of Automotive Attack Surfaces", USENIX Sec'11

Topic: Medical Devices
Assignment: Reading Report
Slides: ppt
Reading List:
- Yongdae Kim D. Halperin, T. Heydt-Benjamin, B. Ransford, S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W.Maisel, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses", IEEE SP'08
- R1 R2 Yongdae Kim D. Foo Kune, J. Backes, S. Clark, D. Kramer, M. Reynolds, K. Fu, Y. Kim, and W. Xu, "Ghost Talk: Mitigating EMI Signal Injection Attacks against Analog Sensors", IEEE SP'13
- Yongdae Kim Y. Park, Y. Son, H. Shin, D. Kim, and Y. Kim, "This Ain't Your Dose: Sensor Spoofing Attack on Medical Infusion Pump", USENIX WOOT'16

Topic: Blockchain
Assignment: Reading Report
Reading List:
- Yongdae Kim Y. Kwon, D. Kim, Y. Son, E. Y. Vasserman, and Y. Kim, "Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin", ACM CCS'17 (Slides)
- R1 Hyungchan Kim Maria Apostolaki, Aviv Zohar, Laurent Vanbever, "Hijacking Bitcoin: Routing Attacks on Cryptocurrencies", IEEE SP'17, (Slides)
- R2 Hyungseok Han@TA L. Zhou, K. Qin, A. Cully, B. Livshits, A. Gervais, "On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols", IEEE SP'21, (Sldies)

Topic: Privacy
Assignment: Reading Report
Reading List:
- Yongdae Kim R. Dingledine, N. Mathewson, P. Syverson, "Tor: The second-generation onion router", USENIX Security'04 (Slides)
- R1 Haein Lee A. Narayanan, and V. Shmatikov, "Robust De-anonymization of Large Sparse Datasets", IEEE SP'08 (Slides)
- R2 Sujin Han A. Caliskan-Islam, R. Harang, A. Liu, A. Narayanan, C. Voss, F. Yamaguchi, and R. Greenstadt, "De-anonymizing Programmers via Code Stylometry", USENIX Sec'15 (Slides)

Topic: Autonomous Driving System
Assignment: Reading Report
Reading List:
- R1 Mateo Pena Campos H. Shin, D. Kim, Y. Kwon, and Y. Kim, "Illusion and Dazzle: Adversarial Optical Channel Exploits against Lidars for Automotive Applications ", CHES'17 (Slides)
- R1 Wonyoung Jung S. Kim, T. Kim, "RoboFuzz: Fuzzing Robotic Systems over Robot Operating System (ROS) for Finding Correctness Bugs (to appear)", ACM ESEC/FSE'22 (Slides)
- R2 Weonji Choi P. Jing, Q. Tang, Y. Du, L. Xue, X. Luo, T. Wang, S. Wu, "Too good to be safe: Tricking lane detection in autonomous driving with crafted perturbations", USENIX Security'21 (Slides)

Topic: Drones
Assignment: Reading Report
Reading List:
- R1 Kyeongmook Kim Y. Son, H. Shin, D. Kim, Y. Park, J. Noh, K. Choi, J. Choi, and Y. Kim, "Rocking Drones with Intentional Sound Noise on Gyroscopic Sensors", USENIX Sec'15 (Slides)
- R2 Sangmin Woo H. Choi, S. Kate, Y. Aafer, X. Zhang, D. Xu, "Software-based realtime recovery from sensor attacks on robotic vehicles", RAID'20 (Slides)
- JoonHa Jang@SysSec T. Kim, C. H. Kim, J. Rhee, F. Fei, Z. Tu, G. Walkup, D. Xu "RVFuzzer: Finding Input Validation Bugs in Robotic Vehicles through Control-Guided Testing", USENIX Security'19 (Slides)

Topic: Machine Learning
Assignment: Reading Report
Reading List:
- R2 Dohyeon Kim@SysSec IJ Goodfellow, J Shlens, C Szegedy, "Explaining and harnessing adversarial examples", ICLR'15 (Slides)
- R1 Changhun Song@TA M. Jagielski, N. Carlini, D. Berthelot, A. Kurakin, N. Papernot, "High Accuracy and High Fidelity Extraction of Neural Networks", USENIX Security'20 (Slides)
- R2 ManGi Cho@TA K. Eykholt, I. Evtimov, E. Fernandes, B. Li, A. Rahmati, C. Xiao, A. Prakash, T. Kohno, and D. Song, "Robust Physical-World Attacks on Deep Learning Visual Classification", IEEE CVPR'18 (Slides)

Topic: Cellular Network (1)
Assignment: Reading Report
Reading List:
- R1 Yongdae Kim H. Kim, J. Lee, E. Lee, and Y. Kim, "Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane", IEEE S&P'19 (Slides)
- R2 Yongdae Kim B. Hong, S. Bae, and Y. Kim, "GUTI Reallocation Demystified: Cellular Location Tracking with Changing Temporary Identifier", NDSS'18

Topic: Cellular Network (2)
Assignment: Reading Report
Reading List:
- R1 Taesik Yoon D. Rupprecht, K. Kohls, T. Holz, and C. Popper, "Breaking LTE on Layer Two", IEEE SP'19 (Slides)
- R1 Minwoo Baek E. Kim, D. Kim, C. Park, I. Yun, Y. Kima, "BaseSpec: Comparative Analysis of Baseband Software and Cellular Specifications for L3 Protocols", NDSS'21 (Slides)
- R2 Junyeong Park G. Hernandez, M. Muench, D. Maier, A. Milburn, S. Park, T. Scharnowski, T. Tucker, P. Traynor, K. Butler, "FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware", NDSS’22 (Slides)

R2 Cheoljun Park@TA H. Yang, S. Bae, M. Son, H. Kim, S. Kim, and Y. Kim, "Hiding in Plain Signal: Physical Signal Overshadowing Attack on LTE", USENIX Sec'19 (Slides)
R1 Olav Lamberts P. Schmitt and B. Raghavan, "Pretty good phone privacy", USENIX Sec'21 (Slides)
R2 Taekyeong Oh@SysSec M. Kotuliak, S. Erni, P. Leu, M. Roeschlin, S. Čapkun, "LTrack: Stealthy Tracking of Mobile Phones in LTE", USENIX Sec’22 (Slides)

Topic: AR/VR (Metaverse)
Assignment: Reading Report
Reading List:
- R1 Soomin Cho S. Stephenson, B. Pal, S. Fan, E. Fernandes, Y. Zhao, R. Chatterjee, "SoK: Authentication in Augmented and Virtual Reality", IEEE SP'22 (Slides)
- R2 Davy Guillaume I. Martinovic, D. Davies, M. Frank, D. Perito, T. Ros, and D. Song, "On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces", USENIX Sec'12 (Slides)

EE515: Security of Emerging Systems