I populate this table from this Google Doc, in case you are interested.
The basic idea this quarter is that you're going to watch videos of research research projects before lecture, then during lecture we'll talk about the basics and try to help you understand the key concepts in the paper.
During lecture we will meet via Zoom and periodically discuss ideas in addition to listening to me explain the basics. These discussions will help solidify your understanding of the material.
| Date | Lecture media | Topic | Required video and optional paper |
|---|---|---|---|
| 3/30/2020 | [Slides] [Video] | Welcome | |
| 4/1/2020 | [Slides] [Video] Note: this video is on canvas beause it shows pictures of students. For future videos students will have been warned about this before we post to youtube | Big idea: privacy as a human right | |
| 4/3/2020 | [Slides] [Video] | Privacy | 50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System Joel Reardon, University of Calgary / AppCensus Inc.; Álvaro Feal, IMDEA Networks Institute / Universidad Carlos III Madrid; Primal Wijesekera, U.C. Berkeley / ICSI; Amit Elazari Bar On, U.C. Berkeley; Narseo Vallina-Rodriguez, IMDEA Networks Institute / ICSI / AppCensus Inc.; Serge Egelman, U.C. Berkeley / ICSI / AppCensus Inc. Usenix Security 2019 (Optional paper) |
| 4/6/2020 | [Slides] [Video] | Privacy | Vuvuzela: scalable private messaging resistant to traffic analysis. SOSP '15: Proceedings of the 25th Symposium on Operating Systems Principles, October 2015, Jelle Van Den Hooff, David Lazar, Matei A Zaharia, Nickolai Zeldovich (Optional paper) |
| 4/8/2020 | [Slides] [Video] | Big idea: Computers are everywhere and they aren't very secure | |
| 4/10/2020 | [Slides] [Video] Note The video is on Canvas and intended only for students enrolled in the class | Insecure computers everywhere | Comprehensive Experimental Analyses of Automotive Attack Surfaces Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage, University of California, San Diego; Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno, University of Washington (Optional paper) |
| 4/13/2020 | [Slides] [Video] | Insecure computers everywhere | Understanding the Mirai Botnet. Manos Antonakakis, Georgia Institute of Technology; Tim April, Akamai; Michael Bailey, University of Illinois, Urbana-Champaign; Matt Bernhard, University of Michigan, Ann Arbor; Elie Bursztein, Google; Jaime Cochran, Cloudflare; Zakir Durumeric and J. Alex Halderman, University of Michigan, Ann Arbor; Luca Invernizzi, Google; Michalis Kallitsis, Merit Network, Inc.; Deepak Kumar, University of Illinois, Urbana-Champaign; Chaz Lever, Georgia Institute of Technology; Zane Ma and Joshua Mason, University of Illinois, Urbana-Champaign; Damian Menscher, Google; Chad Seaman, Akamai; Nick Sullivan, Cloudflare; Kurt Thomas, Google; Yi Zhou, University of Illinois, Urbana-Champaign. (Optional paper) |
| 4/15/2020 | [Slides] [Video] | Big idea: trusted computing base | |
| 4/17/2020 | [Slides] [Video] | TCB | Notary: a device for secure transaction approval Anish Athalye, Adam Belay, M. Frans Kaashoek, Robert T Morris, Nickolai Zeldovich, SOSP 2019 (Optional paper) |
| 4/20/2020 | [Slides] [Video] | TCB | Saba Eskandarian, Jonathan Cogan, Sawyer Birnbaum, Peh Chang Wei Brandon, Dillon Franke, Forest Fraser, Gaspar Garcia Jr., Eric Gong, Hung T. Nguyen, Taresh K. Sethi, Vishal Subbiah, Michael Backes, Giancarlo Pellegrino, Dan Boneh, Fidelius: Protecting User Secrets from Compromised Browsers. IEEE Symposium on Security and Privacy 2019: 264-280 (Optional paper) |
| 4/22/2020 | No class | ||
| 4/24/2020 | No lecture media | How security thinking applies to real software | |
| 4/27/2020 | [Slides] [Video] | Big idea: Malicious computer systems | Samuel T. King, Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, Yuanyuan Zhou, "(first 30 minutes only) Designing and implementing malicious hardware. Proceedings of the First USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), April 2008. (Optional paper) |
| 4/29/2020 | [Slides] [Video] | Introduce the project | |
| 5/1/2020 | [Slides] [Video] | Big idea: Machine learning and security | Q: Why Do Keynote Speakers Keep Suggesting That Improving Security Is Possible? A: Because Keynote Speakers Make Bad Life Decisions and Are Poor Role Models James Mickens, Harvard University |
| 5/4/2020 | None, zoom and comcast glitches | ML | Towards evaluating the robustness of neural networks N Carlini, D Wagner 2017 IEEE Symposium on Security and Privacy (SP), 39-57 (Optional paper) |
| 5/6/2020 | [Slides] [Video] | Carlini and Wagner redo lecture | |
| 5/8/2020 | Ask me anything | ||
| 5/11/2020 | [Slides] [Video] | Big idea: Computers need to be able to identify humans | Detecting and Characterizing Lateral Phishing at Scale Grant Ho, UC Berkeley and Barracuda Networks; Asaf Cidon, Barracuda Networks and Columbia University; Lior Gavish and Marco Schweighauser, Barracuda Networks; Vern Paxson, UC Berkeley and ICSI; Stefan Savage and Geoffrey M. Voelker, UC San Diego; David Wagner, UC Berkeley, Usenix Security 2019 (Optional paper) |
| 5/13/2020 | [Schedule] [Video (Canvas)] | Project meetings | |
| 5/15/2020 | [Schedule] [Video (Canvas)] | Project meetings | |
| 5/18/2020 | [Slides] [Video (Canvas)] | How to present your work | |
| 5/20/2020 | Schedule | Project meetings | |
| 5/22/2020 | Schedule | Project meetings | |
| 5/25/2020 | Memorial day | ||
| 5/27/2020 | Schedule | Project meetings (only select groups) | |
| 5/29/2020 | Schedule | In class presentations | |
| 6/1/2020 | Schedule | In class presentations | |
| 6/3/2020 | Schedule | In class presentations |