Readings

The readings and schedule are posted here.

Course Overview

This semester we will look at recent and cutting edge research in computer and network security. Our goal for the semester is to see many negative examples of system design and positive examples of how to improve it. Topics will include:

  • Blockchain protocols
  • Attacks and defenses in hardware.
  • Attacks and defenses in software.

This class will not only teach you the state of security in a variety of areas, but will also teach you to be part of the computer security research community. You will: learn to critique work in a constructive manner; work on your own research project; receive feedback from your peers; and present the results, as described below.

Organization

In this class, we will be reading a large number of security research papers. These are papers that each attempt to address some problem, often presenting a possible solution, backed by analysis, simulation, or experimentation.

Academic researchers write these papers to gain fame, fortune, grants, promotion, and sometimes tenure. The papers are submitted to workshops and conferences, where they are reviewed. Papers are returned with reviewer comments, and the ones that are accepted have small changes made before publication. Articles in journals go through a longer process, in which referees make comments on the articles and the authors respond, either by clarifying the paper or by doing additional work to address the referees concerns. Sometimes, work from multiple conference papers are combined into a larger journal article.

How to approach reading papers:

At first, reading papers can be intimidating. While authors usually try and provide some background for readers, space limitations often keep these sections small. Because of this, it may seem that the authors are speaking their own private language. Unfortunately, that is often the case, as the authors are generally experts in their area and assume that most of the readers are too. The best way to become an expert is to read more papers. You can also ask for explanations of concepts from people who have been exposed to them already. I am happy to support you in that, so feel free to ask me.

You initial reading of papers should be to understand the technical material. Most academics don't sit and read the paper all the way through, at first. Instead, they read the abstract, the introduction, and the conclusions. They look at any graphs or pictures and the captions to see what information is being presented. This gives the overview of the paper. In particular, it gives insight into these questions:

  • What problem are the authors trying to solve?
  • What is their approach to solving it?
  • How are they demonstrating that their approach works?
  • What do the authors claim is new in their work?

These are the large questions that you will be addressing and we will go over in class a more detailed description of how to read CS research papers.

Most academics then go back and read the entire paper. During this more thorough reading, they will be asking themselves these deeper questions:

  • What assumptions did the authors make in writing the paper (these are often not explicit, and can be difficult to find)? Are they reasonable assumptions? Is there a way to address the same problem with different assumptions?
  • Is the supporting evidence for the work strong or weak? How could it be improved?
  • What problems are introduced or left unsolved?
  • Can the techniques introduced be applied to other problems?

Presenting papers in class:

In presenting papers in class, I will expect you to address at least the questions raised above. The goal is for you to lead a discussion of the paper in class, for 25-30 minutes. I would expect the general presentation to go along these lines (though of course it depends on the paper):

  • Overview of problem.
    • Why it is an interesting/worthy topic to write about
    • Overview of the authors approach
    • Description of results

  • Critical analysis of the work
    • What assumptions did they make?
    • What if you change the assumptions, does the work stand? If not, what could you do under a different set of assumptions?
    • Does the evidence support the work? If not, why not? What would you do to make the evidence stronger?
    • What problems are left, or what problems are raised?
    • Do they introduce techniques that are applicable to other problems?

  • Impact of this paper and the area
    • What other papers have appeared in this area?
    • Where does this paper fit? Does it move the field forward?
    • What other work, if any, did this paper inspire?

For this class, we are also interested in a few other questions, as applicable. For papers about problems or attacks, these questions include:

  • What happened to make the attack possible?
  • What principles of security were violated to make the attack possible?
  • How do we prevent similar problems in the future?
  • What are the trade-offs in providing a solution?

Grading

This class has no exams. It is essentially pass/fail. It is entirely based on readings and class participation.

Pre-class reading write up

We will be reading a variety of papers over the course of the semester and discussing them in class. It is important that everyone have read the paper before class to foster discussion. Therefore, I will require that you send me a write up 24 hours before each class. This write up should address the following questions:
  • What problem are the authors trying to solve?
  • What is their approach to solving it?
  • How are they demonstrating that their approach works, and does it succeed? If not, why not?
  • What do the authors claim is new in their work?
  • What did you learn from this paper?
  • What questions do you have about this paper?

Paper presentations

Each paper we read will also have a student responsible for leading discussion on that paper. We will organize who is doing which paper for part of the semester early on. A reasonable presentation would be to describe and summarize the paper and its major ideas, then present arguments on how the ideas of the paper might be flawed or improved. For papers discussing attacks, you should also mention what made the attack possible and how it could be prevented. In addition, the leader should look through other literature to see how this differs from other work and what impact the paper had or might have.

Class participation

Participation in this class involves not only showing up, but being a thoughtful and considerate research colleague. You should be prepared to discuss any paper or reading of the day.

Policies

As this is a graduate class, my policies differ from the default on my web page.

Use of what you learn

In this class you will be learning how computer attackers probe and attack computers and networks. When necessary (which it won't be for this class), I will be providing a test network for you to experiment with these techniques. You ARE NOT to use these techniques on any other machine or network that you do not have specific written permission to do so - doing so can result in criminal penalties. If you do so and are caught, I will not allow the excuse that what you were doing was for class, and instead will tell them that you were specifically warned not to do it.

General

Class attendance is mandatory, as this is a discussion-based class, and the only way to learn is to participate. Should you need to miss class for some legitimate reason, please let me know as far in advance as possible.

Students bringing cell phones to class must either set the phone to vibrate, turn the ringer volume off, or turn the phone off completely. The instructor retains the right to answer ringing cell phones in class. If the call is for me, I get to keep the phone.

Academic Honesty

I wish to foster an open and collegial class environment. At the same time, I am vigorously opposed to academic dishonesty because it seriously detracts from the education of honest students. Because of this, I have the following standard policy on academic honesty, consistent with Georgetown University's official policy.

It is permissible to discuss a method of solution with other students, or to make use of reference materials in the library or online. If you do this, you will be expected to clearly disclose with whom you discussed the method of solution, or to cite the references used. In the case of computer code submissions, these references should be cited in the program comments. Failure to do so may constitute cheating or plagiarism.

Students who encourage others to cheat or plagiarize, or students who are aware of plagiarism or cheating and do not report it are also participating in academically dishonest behavior.

Any case of academic dishonesty will be dealt with by a referral to the Honor Council.

Having been a student myself, for a really long time, I fully understand that the pressures of academic life can be severe. There are times when students are overworked, ill, or have other reasons for being unable to complete the required assignments. If you, the student, ever feel that you are unable to complete the course work, talk to the instructor or your advisor. We want to see you succeed, and are willing to make allowances for your individual situation. If you feel that you cannot talk to any of us, you may go to the office of the Student Affairs. They can help you deal with many issues that the faculty cannot.