Advanced Security- 2014/15

 Selected Topics in  Network Security/Privacy

Fall 2014

Instructor:        Claude Castelluccia (claude.castelluccia@inria.fr)

Announcements

If instead of presenting a paper, you would like to work on a proposal for the Trophees EDUCNUM  (http://www.educnum.fr/). Let me know asap! In this case, you’ll have to present your project instead of a scientific paper. Note that the deadline to submit a EDUCNUM proposal is Dec. 15th!

Course Description

This course will introduce modern topics in network security and privacy. It will provide a thorough grounding in network security suitable for those interested in conducting research in this area, as well as students more broadly interested in real-world security. Topics will span (but not limited to):

    • C1: Introduction to Wireless Security (rfid, wsn, authentication,…)
    • C2: WiFi security 
    • C3: Smart Phone Security
    • C4: Data Privacy (tracking, profiling, data anonymization, …)
    • C5: Internet Surveillance and Censorship

Textbook (s): There is no required textbook. All reading will be from research papers in top security conferences and journals.

Grading:

Paper or project presentation:     100%

There is no mid-term or final exam.

Paper presentation:

You need to present it during the class in English.
The slides have to be sent to me 2 days prior to the corresponding lecture.

  • Problem domain: background, motivation, why this problem is important/novel/interesting
  • Summary of the  paper:

    • assumption, main techniques, results
    • Possible future work/direction
    • Pros, cons of the paper (your conclusion)
  • What can we do based on this work: lesson learned from this work? stimulate new related problem? flawed assumption/technique can be improved/extended? technique can be used to other (maybe your own dedicated) domain to solve other problem? what extension can we do for further work? …

 

Paper Assignment:

LIST OF STUDENTS:

Almeida Raphael raphael.almeida@e.ujf-grenoble.fr
Awaynia Sayfeddine sayfeddine.awaynia@e.ujf-grenoble.fr
Bauchon Jocelyn jocelyn.bauchon@e.ujf-grenoble.fr
Fall Saikou saikou.fall@e.ujf-grenoble.fr
Gueye Mamadou mamadou.gueye@e.ujf-grenoble.fr
Rabeuf Lucas lucas.rabeuf@etu.esisar.grenoble-inp.fr
Sawadogo Saidou saidou.sawadogo@e.ujf-grenoble.fr
Widmer Ludovic Ludovic.Widmer@ensimag.grenoble-inp.fr
Coladon Titouan titouan.coladon-dupuis@e.ujf-grenoble.fr
Gauthier Louis-Thibault louis-thibault.gauthier@e.ujf-grenoble.fr
Mkhida Abdelali abdelali.mkhida@e.ujf-grenoble.fr
Nedelcu Adina-Ioana adina-ioana.nedelcu@e.ujf-grenoble.fr
Pouzet Jeremy jeremy.pouzet@e.ujf-grenoble.fr
Ursu Bogdan-Gabriel bogdan-gabriel.ursu@e.ujf-grenoble.fr
Zucca Vincent vincent.zucca@e.ujf-grenoble.fr

LIST OF PAPERS:

Sessions (3 dec., 10 dec, 12 dec, 17 dec, 7 jan.)

SESSION1 (3dec):

  1. The Web Never Forgets:Persistent Tracking Mechanisms in the Wild, ACM CCS 2014- student: Zucca
  2. Effective Attacks and Provable Defenses for Website FingerprintingUsenix Sec’14-  student: Ursu
  3. Exploiting Delay Patterns for User IPs Identification in Cellular Networks,  PETS 2014- student:Pouzet

 

SESSION2 (10dec):

  1. Bootstrapping Privacy Compliance in Big Data Systems, Oakland2014- student:Nedelcu
  2. Zerocash: Decentralized Anonymous Payments from Bitcoin,  Oakland 2014- student:Mkhida

 

SESSION3 (12dec):

  1. SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks, Oakland 2014-
  2. ZEBRA: Zero-Effort Bilateral Recurring Authentication,  Oakland 2014- student:Coladon
  3. Authentication Using Pulse-Response Biometrics, NDSS 2014 student:Widmer
  4. Analyzing Forged SSL Certificates in the Wild,  Oakland 2014- student:Gauthier

 

SESSION4 (17 dec.):

  1. The Tangled Web of Password Reuse, NDSS 2014- student:Rabeuf
  2. On Semantic Patterns of Passwords and their Security Impact, NDSS 2014– student:Gueye
  3. From Very Weak to Very Strong: Analyzing Password-Strength Meters, NDSS 2014– student:Fall
  4. PlaceAvoider: Steering First-Person Cameras away from Sensitive Spaces, NDSS 2014– student:Bauchon

 

SESSION5 (7jan.):

  1. xRay: Enhancing the Web’s Transparency with Differential Correlation, Usenix Sec’14 – student:Awaynia
  2. A Bayesian Approach to Privacy Enforcement in SmartphonesUsenix Sec’14- student:Almeida
  3. PatchDroid: Scalable Third-Party Security Patches for Android Devices, ACSAC ’13 
  4. Enhanced Certificate Transparency and End-to-end Encrypted Mail,  NDSS’14- student:Sawadogo