CIS 610: Advanced Research Topics in Network Security
Instructor: Prof. Jun Li
Slides
Reading Assignments
Try to read papers at least several days before the discussion session starts. Also
if any broken links report to Jun.
[week 1 - Security Alert Systems ]
[week 2 - IP spoofing - Dirk Singels]
- Alex C. Snoeren (MIT), Craig Partridge, Luis A. Sanchez, Christine E. Jones, Fabrice Tchakountio, Stephen T. Kent, W. Timothy Strayer (BBN Technologies).
"Hash-Based IP Traceback,"
Sigcomm 2001.
- Jun Li, Jelena Mirkovic, Mengqiu Wang, Peter Reiher, Lixia Zhang.
"SAVE: Source Address Validity Enforcement Protocol,"
Infocom 2002.
- Stefan Savage, David Wetherall, Anna Karlin, Tom Anderson (University of Washington).
"Practical Network Support For IP Traceback ,"
Sigcomm 2000.
- Kihong Park, Heejo Lee (Purdue University).
"On the Effectiveness of Route-Based Packet Filtering for
Distributed DoS Attack Prevention in Power-Law Internets,"
Sigcomm 2001.
[week 3 - BGP security - Zhen Wu]
- Stephen Kent, Charles Lynn, and Karen Seo.
"
Secure Border Gateway Protocol (S-BGP),"
IEEE Journal on Selected Areas in Communications, vol.18, no.4, 2000. pp. 582-592.
- Stephen Kent, Charles Lynn and Karen Seo.
"
Secure Border Gateway Protocol (S-BGP) - Real World Performance and Deployment Issues,"
NDSS 2000.
Also some online slides here and
here.
- Xiaoliang Zhao, Dan Pei, Lan Wang, Dan Massey, Allison Mankin, S. Felix Wu,
and Lixia Zhang. "
Detection of Invalid Routing Announcement in the Internet."
[week 4 - Worm Defense - Dan Rao]
- Stuart Staniford, Vern Paxson, and Nicholas Weaver.
"
How to 0wn the Internet in Your Spare Time,"
Proceedings of the 11th USENIX Security Symposium.
- David Moore, Colleen Shannon, Geoffrey M. Voelker, and Stefan Savage.
"
Internet Quarantine: Requirements for Containing Self-Propagating Code,"
Infocom 2003.
- Peter Reiher, Jun Li, and Geoff Kuenning.
"
Midgard Worms: Sudden Nasty Surprises from a Large Resilient Zombie Army."
- Brent N. Chun, Jason Lee and Hakim Weatherspoon.
"
Netbait: A Distributed Worm Detection Service."
[week 5 - DDoS - Eric Anderson]
- Aleksandar Kuzmanovic and Edward W. Knightly.
"
Low-Rate TCP-Targeted Denial of Service Attacks (The Shrew vs. the Mice and Elephants),"
Sigcomm 2003.
- A. Keromytis, V. Misra and D. Rubenstein.
"
SOS: Secure Overlay Services,"
Sigcomm 2002.
- R. Mahajan, et al.
"
Controlling High Bandwidth Aggregates in the Network,"
ACM Sigcomm Computer Communication Review, vol. 32, no, 3, July 2002.
- J. Ioannidis and S. Bellovin.
"
Implementing Pushback: Router-Based Defense Against DDoS Attacks,"
Proceedings of Network and Distributed System Security Symposium, February 2002.
- J. Mirkovic, J. Martin, P. Reiher.
"
A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms,"
UCLA Technical Report 020018.
[week 6 - Distributed Intrusion Detection - Eric Purpus]
[week 7 - Multicast Security - Xun Kang]
- C. Wong, M. Gouda, and S. Lam.
"
Secure Group Communication Using Key Graphs,"
Sigcomm 98.
- Y. Yang, X. Li, X. Zhang, S. Lam.
"
Reliable Group Rekeying: A Performance Analysis,"
Sigcomm 2001.
- Y. Kim, A. Perrig, and G. Tsudik.
"
Tree-based Group Key Agreement."
- A. Eskicioglu.
"
Multimedia Security In Group Communications: Recent Progress
in Wired and Wireless Networks,"
Proceedings of the IASTED International Conference on Communications
and Computer Networks, pp. 125-133, Cambridge, MA, November 4-6, 2002.
[week 8 - Overlay and P2P Security - Shanyu Zhao]
- D. Wallach.
"
A Survey of Peer-to-Peer Security Issues,"
International Symposium on Software Security, Tokyo, Japan, November 2002.
- E. Sit and R. Morris.
"
Security Considerations for Peer-to-Peer Distributed Hash Tables,"
IPTPS'02, 2002.
- M. Castro, P. Druschel, A. Ganesh, A. Rowstron, and D. S. Wallach.
"
Secure routing for structured peer-to-peer overlay networks,"
OSDI'02, Boston, MA, December 2002.
[week 9 - Wireless Security - Max Skorodinsky]
- K. Sanzgiri, B. Dahill, B. Levine, C. Shields, and E. Belding-Royer.
"
A Secure Routing Protocol for Ad hoc Networks,"
ICNP, 2002.
- J. Sun, D. Howie, A. Koivisto, and J. Sauvola.
"
DESIGN, IMPLEMENTATION, AND EVALUATION OF BLUETOOTH SECURITY."
- A. Fasbender, D. Kesgogan, and O. Kubitz.
"
Analysis of Security and Privacy in Mobile IP,"
International Conference on Telecommunication Systems, Modeling and Analysis, 1996.
[week 10 - Project Presentation and Demonstration ]
Course Info
- CRN: 25211
- Prerequisites: CIS 532/632, CIS 410/510 Computer Security, CIS 410/510 Network Security, or instructor approval
- Time: Tuesdays & Thursdays 14:00-15:20
- Location: 200 Deschutes
- Office Hours: Wednesdays 14:00-15:00
- Web page:
http://www.cs.uoregon.edu/classes/04W/cis610netsec/
Description
Computer networks, such as the Internet, enables different entities
to exchange vast quantities of information and share remote resources.
Unfortunately, networking also poses a danger by exposing individuals
to various forms of network-based attacks, raising ever-growing
concerns as computer networks become more common and more relied upon.
This course is designed for students to learn the
state-of-art research being explored nowadays and also solve
some research problems they are interested. Topics covered
include security alert systems, worm defense, DDoS attack
detection and suppression, distributed intrusion detection,
security issues for overlay and p2p networks, IP spoofing
prevention, wireless security, etc.
Last updated: 2/18/2004