4/30/04 Report preparation guide posted in PS and PDF
4/30/04 Presentation preparation guide posted in PS and PDF
4/1/04 Sending in a report on project progress
E-mail a half-page (up to 10 sentences) report of project progress to the instructor. Describe what you have done so far and what remains to be done to finish the project. List any problems you currently have. Deadline: 3pm on Tue, 4/6
2/10/04 Selecting a paper to present
Look over the papers that are scheduled as a required reading in the course. Choose one paper
that you would like to present and E-mail me your choice.
Requests for paper presentations will be granted on a first-come-first-served basis, and I will promptly update
the presentation schedule to reflect up-to-date availability of the papers.
|Calendar and Syllabus|
||Class 1 in PS
Class 1 in PDF
||Class 2 in PS
Class 2 in PDF
||Class 3 in PS
Class 3 in PDF
|IP spoofing overview
||Class 4 in PS
Class 4 in PDF
||How to 0wn the Internet in Your Spare Time
S. Staniford, V. Paxson. N. Weaver
||Class 5 in PS
Class 5 in PDF
|Student presentations begin|
||Smashing The Stack For Fun And Profit
||Class 6 in PS
Class 6 in PDF
|March 2 at 4pm - Deadline for E-mailing the instructor about your chosen project|
||Model Checking One Million Lines of C Code
H. Chen, D. Dean and D. Wagner
||Class 7 in PS
Class 7 in PDF
||A Practical Dynamic Buffer Overflow Detector
O. Ruwase and M. S. Lam
||Class 8 in PS
Class 8 in PDF
||A Comparison of Publicly Available
Tools for Dynamic Buffer Overflow Prevention
J. Wilander, M. Kamkar
||Class 9 in PS
Class 9 in PDF
||Practical Network Support for IP TracebackS. Savage, D. Wetherall, A. Karlin, T. Anderson
||Class 10 in PS
Class 10 in PDF
||On the Effectiveness of Route-Based
Packet Filtering for Distributed DoS Attack
Prevention in Power-Law Internets
K. Park, H. Lee
||Class 11 in PS
Class 11 in PDF
||Hop-Count Filtering: An Effective Defense
Against Spoofed Traffic C. Jin, H. Wang, K. G. Shin
||Class 12 in PS
Class 12 in PDF
A. Perrig, D. Song. A. Yaar
||Class 13 in PS
Class 13 in PDF
||Worm Propagation Modeling and Analysis
under Dynamic Quarantine Defense
C. C. Zou, W. Gong, D. Towsley
||Class 14 in PS
Class 14 in PDF
||Monitoring and Early Warning for Internet Worms
C. C. Zou, L. Gao, W. Gong and D. Towsley
||Class 15 in PS
Class 15 in PDF
||An Effective Architecture and Algorithm for
Detecting Worms with Various Scan Techniques
J. Wu, S. Vangala, L. Gao, K. Kwiat
||Class 16 in PS
Class 16 in PDF
||A Taxonomy of Computer Worms
N. Weaver, V. Paxson, S. Staniford, R. Cunningham
||Class 17 in PS
Class 17 in PDF
||Internet Quarantine: Requirements for
Containing Self-Propagating Code
D. Moore, C. Shannon, G. Voelker and S. Savage
||SOS: An Architecture for Mitigating
A. D. Keromytis, V. Misra, D. Rubenstein
||IP Easy-pass: Edge Resource Access Control
H. Wang, A. Bose, M. El-Gendy, K. G. Shin
Denial of Service Attacks
(The Shrew vs. the Mice and Elephants)
A. Kuzmanovic, E. W. Knightly
||A Framework for Classifying
Denial of Service Attacks
A. Hussain, J. Heidemann, C. Papadopoulos
||Alliance Formation for DDoS Defense
J. Mirkovic, M. Robinson, P. Reiher, and G. Kuenning
|| Paper discussion
|Project presentations begin|
|| Project presentation
Group 1: Maitreya Natu, Kireeti Valicherla and Namratha Hundigopal
Group 2: Pu Li and Songjie Wei
|| Project presentation
Group 1: Ryan Bickhart and Vikram Rajan
Group 2: Joel Lipschultz and Heather Hartman
Group 3: Aaron Brown and Amy Antonucci
|| Project presentation
Group 1: Divya Gopalakrishnan and George Oikonomou
Group 2: Lei Luo, Erinc Arikan and Xiaojin Niu
|May 25 at 4pm - Deadline for E-mailing the instructor your project report|
- J. Nazario
"Defense and Detection Strategies against Internet Worms"
- B. Schneier
"Applied Cryptography: Protocols, Algorithms,
and Source Code in C," 2nd edition
- W. Stallings
"Cryptography and Network Security: Principles
- C. Kaufman, et. al
"Network Security: Private Communication
in a Public World"
- B. Schneier
"Secrets and Lies"
- E. Skoudis
"Counter Hack: A Step-by-Step Guide to Computer
Attacks and Effective Defenses"
- W. Cheswick, et. al
"Firewalls and Internet Security:
Repelling the Wily Hacker," 2nd edition
- Will be posted in here
after each class.
|This course is heavily focused on research and emphasizes reading and
writing of technical papers, and project work. Course 659 is not a
prerequisite for 859, but it is definitely useful. 859 course covers a
variety of topics in network security field, such as denial-of-service,
worm and virus attacks, privacy, anonymization techniques, IP spoofing,
social engineering, etc. The course explores each topic through a blend of
short in-class overview followed by the discussion of the selected articles
from techical conferences and journals that address important topic-related
- Project - 60%
- Paper reports - 10%
- Paper presentation - 20%
- Class participation - 10%
- There will be one programming project in the course. The project should
be done in the groups of 2 people, although individual projects and projects in
3-people groups may be allowed after talking to the instructor.
Students should choose one of the network security topics and
make an original research contribution with their project.
This means that a project should pursue some original idea, not
found in the current research, and should contain its implementation
and experimental performance results or
a theoretical proof.
While it is hard to do a significant research work during one
semester, the project should at least demonstrate that the idea
is feasible and promising. For example, a project could take an existing
defense approach against the problem X, and augment it to work better.
Or, a project could combine ideas found in existing approaches Y and Z into
an integrated solution, or apply an approach known to work against problem A to problem B.
Of course, a completely new idea could also form the
core of a project. Students should survey the current research on their chosen
topic before deciding on the project, to further their understanding of the problem,
and to make sure that similar ideas have not been tried before.
Below are some questions to help you choose a suitable project. You should
carefully consider them before you decide what you want to do.
Feel free to contact the instructor to discuss possible project ideas or
get recommendations of papers related to your project.
- Is the problem important?
- What are the existing approaches to solving the problem? Why don't they work?
- Is my idea likely to work? Will it be practical? Will it be expensive?
- Can I define a segment of this idea that can be done in one semester and
that will provide results to show if this idea is worth pursuing further?
Projects will likely
involve a significant programing load for implementation of the proposed idea.
Students can perform experiments required for their project work in Emulab, a testbed at University of
Utah where users can request access to multiple machines, organize
them in a topology and perform experiments. Machines can run Linux or
FreeBSD. Users get clean machines, only an operating system is
installed. They also get sudoer access and can
do anything that a root can. Any malicious and harmfull activity is
contained, nothing bad will happen if a user crashes the machine.
After running the experiments users should release the machines.
Alternatively, Emulab staff will reclaim the machines if they have
been idle for a while. Detailed instructions on how to use Emulab will
follow later in the course.
If you have difficulties deciding on a project, programming or dividing the
load fairly with your group members, talk to the instructor.
- As a part of the course requirement you will need to prepare a 30-min presentation and
a report about your project. A project grade will be based on the three criteria - quality of the
project (60% of the project grade), presentation (20% of the project grade) and report (20% of the project grade).
- Students are required to read each paper before its scheduled presentation and E-mail the instructor a brief report
(in plain text) containing answers to the following questions:
Paper reports should be received at least an hour before the class in which the paper will be discussed.
No extensions will be granted.
- What does the paper propose? (3-4 sentences)
- What is the value of this paper? (1-2 sentences)
- In your opinion, is the idea discussed in the paper good or not, and why? (3-4 sentences)
- State any suggestions you have that could improve this paper? (3-4 sentences)
- Students should choose one paper from the required course reading,
prepare a presentation explaining this
paper and present it in the class. The presentation should be in PowerPoint, StarOffice or Latex. It
should contain 30-40 slides and run about 40 minutes. Students should E-mail the presentation to the
instructor by the morning of the presentation day. They can use personal laptops or an instructor's laptop
- I personally understand that there will be times when you can't
make it. The alarm clock didn't ring, you are tired, you have another
midterm to study for ... I will not take attendance or hold it against
you if you don't sit in the class. However you are responsible for
studying all the material covered in the class, and sending in the
paper report. I would also advise you to obtain class notes from one of your
However, the University Seat Claim Policy, states that:
Unless excused by the faculty member, students holding a
confirmed assigned seat in a class will have relinquished their seat
if they have not personally appeared in class to claim the seat by
... the second meeting for a class scheduled to meet twice a
week ... If the student does not claim the seat within the time
limit specified above, and does not drop the course, the instructor
has the option of assigning the student a grade of "Z" at the end of
the term. It is the responsibility of the student to drop each
course that he/she does not plan no attend, even when the student's
registration is canceled for non-payment of fees. Failure to drop a
course will result in a grade of "Z".Therefore, attendance
will be taken for the first two class meetings. To accomodate the
latecomers, the attendance sheet will be distributed at the end of the
- When you come in late you are disturbing both me and your
classmates. Please make every effort to come on time. However, if you
do happen to be late, come in and join the class (even if you are 30+
min late). Just don't make it a habit.
- You may exchange ideas for projects and discuss papers with your
all the work you submit must be your own. Students should get
acquainted with their rights and responsibilities as explained in the
Student Guide to University Policies (http://www.udel.edu/stuguide/03-04/code.html#honesty).
Asking for help
- If you have any problem with the class (difficulties understanding
the material or doing the project, excused absence, emergency that
prevents you from meeting a report deadline, need a special
accomodation, etc.) don't hesitate to ask for help. E-mail the
instructor, come to office hours, or simply find the instructor
in the office. You can also call by phone if there is an emergency and
you have no access to E-mail.
- I would like to receive your comments with regard to the class
organization and teaching quality. If there is ever something you
would like me to improve or change, cover in another manner, etc.
please write me an anonymous note and slip it into the envelope on the
right side of my office door. Please try to provide constructive
comments, e.g. instead of saying "I didn't understand anything you
just taught" try saying "I didn't understand your explanation of
worms, you went too fast over that."