CS 261 Schedule

The following schedule is tentative and subject to change.

Topic Readings Scribe
8/24 Overview, intro Stephanie
8/29 Memory safety Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns, Pincus, Baker.
Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors, Akritidis, Costa, Castro, Hand.
8/31 Fuzzing, symbolic execution EXE: Automatically Generating Inputs of Death, Cadar, Ganesh, Pawlowski, Dill, Engler. Casey
9/5 Taint tracking, static analysis PiOS: Detecting Privacy Leaks in iOS Applications, Egele et al.
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, Enck et al.
9/7 Inline reference monitors Evaluating SFI for a CISC Architecture, McCamant, Morrisett.
Adapting Software Fault Isolation to Contemporary CPU Architectures, Sehr, Muth, Biffle, Khimenko, Pasko, Schimpf, Yee, Chen.
9/12 Sandboxing A secure environment for untrusted helper applications: confining the wily hacker, Goldberg, Wagner, Thomas, Brewer.
9/14 Privilege separation The Security Architecture of the Chromium Browser, Barth, Jackson, Reis, Google Chrome Team.
Capsicum: practical capabilities for UNIX, Watson, Anderson, Laurie, Kennaway.
9/19 Privilege management Extensible security architectures for Java, Wallach, Balfanz, Dean, Felten. Rebecca
9/21 Capabilities Paradigm Regained: Abstraction Mechanisms for Access Control, Miller, Shapiro.
Joe-E: A Security-Oriented Subset of Java, Mettler, Wagner, Close.
9/26 Network security A look back at Security Problems in the TCP/IP Protocol Suite, Bellovin.
Off-Path TCP Sequence Number Inference Attack How Firewall Middleboxes Reduce Security, Qian and Mao.
9/28 Network security no readings. Sakshi
10/3 DNS security Using the Domain Name System for System Break-Ins, Bellovin.
Reliable DNS Forgery in 2008: Kaminsky's Discovery, Matasano blog.
Optional: An Illustrated Guide to the Kaminsky DNS Vulnerability, Friedl.
10/5 Web security - browsers Robust Defenses for Cross-Site Request Forgery, Barth, Jackson, Mitchell.
Optional background on cross-site request forgeries: Cross-Site Request Forgeries: Exploitation and Prevention, Zeller, Felten.
10/10 Web security - servers GuardRails: A Data-Centric Web Application Security Framework, Burket et al.
Optional background: Web Security: Are You Part Of The Problem?, Heilman.
Optional background on SQL injection attacks: SQL Injection Attacks by Example, Friedl.
10/12 Usable security Why Phishing Works, Dhamija, Tygar, Hearst.
You've Been Warned: An Empirical Study of the Effectiveness of Web Browser Phishing Warnings, Egelman, Cranor, Hong
10/17 Usable security So Long, and No Thanks for the Externalities: the Rational Rejection of Security Advice by Users, Herley. Antonio
10/19 Cybercrime The underground economy: priceless, Thomas, Martin.
Nobody Sells Gold for the Price of Silver: Dishonesty, Uncertainty and the Underground Economy, Herley, Florencio.
10/24 Cloud security A Security Analysis of Amazon's Elastic Compute Cloud Service, Balduzzi et al. Haoyuan
10/26 Cryptographic primitives Intercepting Mobile Communications: The Insecurity of 802.11, Borisov, Goldberg, Wagner.
Attack of the week: XML Encryption, Green.
If You're Typing The Letters A-E-S Into Your Code, You're Doing It Wrong, Ptacek.
Optional: BEAST Attack on TLS/SSL Encryption, Green.
10/31 Kerberos Designing an Authentication System: a Dialogue in Four Scenes, Bryant. Jethro
11/2 E-voting Security Analysis of the Diebold AccuVote-TS Voting Machine, Feldman, Halderman, Felten
11/7 Cryptographic protocols Prudent engineering practice for cryptographic protocols, Abadi, Needham. slides
11/9 Cryptography - lessons learned Why Cryptosystems Fail, Anderson.
11/14 Mobile security Android Permissions: User Attention, Comprehension, and Behavior, Felt et al.
How To Ask For Permission, Felt et al.
11/16 Chip & PIN Chip and Skim: cloning EMV cards with the pre-play attack, Bond et al.
(Optional: Chip and PIN is Broken, Murdoch et al.)
11/21 Tamper-resistance Tamper Resistance-- A cautionary note, Anderson et al.
11/28 Privacy Privacy Integrated Queries, McSherry.
Optional: Myths and Fallacies of "Personally Identifiable Information", Narayanan, Shmatikov. (blog post summary)
Optional: Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization, Ohm (summary at Ars Technica).
Optional: Privacy, economics, and price discrimination on the internet, Odlyzko.
11/30 Economics Why Information Security is Hard - An Economic Perspective, Anderson

David Wagner, daw@cs.berkeley.edu, http://www.cs.berkeley.edu/~daw/.