CS 261: Systems Security

Lectures: Monday 1:00pm - 2:29pm, 310 Soda; Wednesday 10:00am - 11:29am, 405 Soda

Staff:

Instructor: Raluca Ada Popa
Special guests: Alice, Bob and the adversary
GSI: Yuncong Hu

Office hours: Tuesdays 2-3pm in Soda 729 (Raluca); Fridays 4-5pm in Soda 283E (Yuncong Hu)

Piazza:

Sign up for this course's Piazza. Please don't hesitate to ask questions to the class and have discussions there. Moreover, you can use it to find course project teammates.

Contact: Got a question? Post on Piazza.

Course overview:

Graduate survey of modern topics in computer systems security, including secure messaging, blockchain and cryptocurrencies, hardware security, secure federated computation, language-based security, anonymous communication, privacy and others. (3 units)

Prerequisites: CS 162 and CS 161 or equivalent.

Assignments:

Readings: Each class will have a set of assigned readings, accompanied by questions. You are not required to read additional reading assigned to the presenter. Please summarize each reading into 1-2 paragraphs and answer the questions and submit the text at cs261.f18@gmail.com before the start of the corresponding lecture. Send these all in one email (in the body, plaintext), whose subject should be the date of the lecture they are about "Reading MM/DD". Your full name should be apparent in the from field or in the email.

Each student can choose between doing an in-class presentation or scribing 1 or 2 lectures. Quality technical writing and presentations are very important in research and graduate school.

Notes: Create a report of the lecture and of the student presentation. Produce a high-quality technical writeup. Write clearly and be thorough. You are basically creating a shorter version of the paper(s) we are discussing (based on the material we cover in lecture and in the student presentation), yet it should still be selfcontained. Here is the LaTeX template to use. Return to us the scribe notes within 7 days of the class. The students and staff will give you feedback.
Class discussions: Students are expected to engage actively in class discussions.
In-class presentations/discussions are described here.
Final project: The final project is an important component of the class. The final project is described further on the final project page.

Grading:

reading assignments 15%
midterm exam 25%
final project (presentation and writeup) 35%
in-class presentation or scribe notes 15%
in-class participation 10%

Date	Topic + Readings	Scribe notes
Wed, Aug 22, 405 Soda	Course overview Merkle trees. Read Section 8.9 , Dan Boneh and Victor Shoup and Providing Authentication and Integrity in Outsourced Databases using Merkle Hash Tree's , Mykletun et al.	No scribe. Refer to readings.
Mon, Aug 27, 310 Soda	Secure communications 1 Key Transparency. Read CONIKS, Melara et al. Optional reading: Certificate Transparency, this Google talk and the full RFC6962.	Lecture Slides Scribe Notes
Wed, Aug 29, 405 Soda	Secure communications 2 Read secure messaging, Unger et al., Sections I-V.C.4. Presenter reads V.C.5, V.C.6, V.C.7. Assignment Sample responses	No lecture slides (white board). No presentation. Scribe Notes
Mon, Sept 3, 310 Soda	Labor Day.
Wed, Sept 5, 405 Soda	Infrastructure security Read Google's infrastructure security. Presenter reads Google's BeyondCorp. Assignment Sample responses	No lecture slides (white board). Presentation Slides Scribe Notes
Mon, Sept 10, 310 Soda	Blockchains and cryptocurrency 1 Read the original Bitcoin paper, Nakamoto. Optional reading: How the Bitcoin protocol actually works, Nielsen (more detailed that the Bitcoin paper). Presenter reads: Wallets. Assignment Sample responses	Lecture Slides Presentation Slides Scribe Notes
Wed, Sept 12, 405 Soda	Blockchains and cryptocurrency 2 Read the Ethereum white paper. Optional: Ethereum yellow paper, Wood (goes in more depth). Presenter reads: A survey of attacks on Ethereum smart contracts, Atzei et al., and The history of the DAO, Jentzsch. Assignment Sample responses	Lecture Slides Presentation Slides Scribe Notes
Mon, Sept 17, 310 Soda	Blockchains and cryptocurrency 3 Read: Algorand, Gilad et al. Presenter reads the same paper. Assignment Sample responses	No lecture slides (white board). Presentation Slides Scribe Notes
Wed, Sept 19, 405 Soda	Zero-knowledge proofs and applications Read Zerocash, Ben-Sasson et al. Optional: full Zerocash paper, which explains the protocols in more detail and also provides more background on the building blocks used. Presenter reads the same material. Assignment Sample responses	No lecture slides (white board). No presentation slides (white board). Scribe Notes
Mon, Sept 24, 310 Soda	Hardware security 1 Read Meltdown, Lipp et al. Presenter reads Spectre, Kocher et al. Assignment Sample responses	No lecture slides (white board). Presentation Slides Scribe Notes
Wed, Sept 26, 405 Soda	Hardware security 2 Hardware enclaves. Read Innovative Instructions and Software Model for Isolated Execution (the Intel SGX paper), McKeen et al. This video by McKeen might be easier to follow than the paper. Presenter reads VC3, Schuster et al. Optional reading: Intel SGX Explained. Project proposals due before class. Assignment Sample responses	Lecture Slides Presentation Slides Scribe Notes
Mon, Oct 1, 310 Soda	Hardware security 3 Read Controlled-Channel Attacks, Xu et al. Presenter reads Observing and Preventing Leakage in MapReduce, Ohrimenko et al. Assignment Sample responses	Lecture Slides Presentation Slides Scribe Notes
Wed, Oct 3, 405 Soda	Oblivious computation Read: Batcher's sorting network, and Opaque (all Sections except Sec 6, which is optional), Zheng et al. Presenter reads the same papers. Assignment Sample responses	No lecture slides (white board). Presentation Slides No scribe note.
Mon, Oct 8, 310 Soda	Secure computation 1: Garbled circuits and OT Read A gentle intro to garbled circuits, Yakoubov. Presenter reads: The Simplest Protocol for Oblivious Transfer, Chou and Orlandi. Assignment Sample responses	No lecture slides (white board). No presentation slides (white board). Scribe Notes
Wed, Oct 10, 405 Soda	Secure computation 2: Applied MPC. Read Pretzel, Gupta et al. Sections 1-3. Presenter reads the same paper. Assignment Sample responses	Lecture Slides Presentation Slides No scribe note.
Mon, Oct 15, 310 Soda	Secure computation 3: Secure analytics. Read Google's federated learning blog post and Google's secure aggregation paper, Sections 1-5. Optional: Sections 6-10. Assignment Sample responses	No lecture slides (white board). No presentation slides (no presenter). Scribe Notes
Wed, Oct 17, 405 Soda	Secure computation 4 Secure learning. Read: Machine Learning Classification over Encrypted Data, Bost et al.: all sections except for VII which is optional. Presenter reads: Section VII. Assignment Sample responses	No lecture slides (white board). Presentation Slides Scribe Notes
Mon, Oct 22, 310 Soda	Attacks on ML Read Stealing Machine Learning Models via Prediction APIs, Tramer et al. (Section 6 is optional) and Towards Evaluating the Robustness of Neural Networks, Carlini and Wagner (Sections I-V, the rest are optional). Presenter 1 reads first paper in full. Presenter 2 reads second paper in full. Assignment Sample responses	No lecture slides (white board). Scribe Notes
Wed, Oct 24, 405 Soda	Software security 1: Sandboxing Read Ostia: A Delegating Architecture for Secure System Call Interposition,Garfinkel et al. Presenter reads Native Client: A Sandbox for Portable, Untrusted x86 Native Code, Yee et al. Assignment Sample responses	No lecture slides (white board). Presentation Slides Scribe Notes
Mon, Oct 29, 310 Soda	Software security 2 Read TaintDroid , Enck et al. Presenter reads the same paper. Assignment	Lecture Slides
Wed, Oct 31, 405 Soda	Exam.
Mon, Nov 5, 310 Soda	IoT Security 1: attacks. Read The Internet of Things Reference Model, CISCO Presenter 1 reads: Understanding the Mirai Botnet, Antonakakis et al. Presenter 2 reads: Dolphin attack, Zhang et al. Assignment	No lecture slides (white board). Presentation Slides1 Presentation Slides2 Scribe Notes
Wed, Nov 7, 405 Soda	IoT security 2: defense. Read AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle, Neto et al. Assignment	Scribe Notes
Mon, Nov 12	Veterans Day.
Wed, Nov 14, 405 Soda	Mobile Security:iOS Read iOS Security, pages 1-24. Presenter reads App Security (pages 25-38). Assignment	Presentation Slides Scribe Notes
Mon, Nov 19, 310 Soda	Project presentations.
Wed, Nov 21	Non-Instructional Day.	-
Mon, Nov 26, 310 Soda	Project presentations.	-
Wed, Nov 28, 405 Soda	Project presentations.	-

Related Courses

CS 261N: Internet/network security
CS 276: Cryptography
CS 294: This is a special topics class that may cover security in some semesters

Security books

Ross Anderson, Security Engineering, John Wiley & Sons, 2001. A book on security in real world systems.
Jonathan Katz and Yehuda Lindell, Introduction to Modern Cryptography, CRC Press, 2007.
Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno, Cryptography Engineering, Wiley, 2010.
Mark Stamp, Information Security: Principles and Practice, John Wiley & and Sons, 2006.
Alfred Menezes, Paul van Oorschot, Scott Vanstone, Handbook of Applied Cryptography, CRC Press, 1997. This is a very comprehensive book. You can download this book online!
Simson Garfinkel, Gene Spafford, Web Security, Privacy & Commerce, O'Reilly, 2002. It's hard to keep up with all the security software out there. But these authors do a good job documenting it all.
Charlie Kaufman, Radia Perlman, Mike Speciner, Network Security: Private Communication in a Public World, 2nd Edition, Prentice Hall, 2002. The authors discuss network security from a very applied approach. There is a lot of discussion about real systems, all the way down to the IETF RFCs and the on-the-wire bit representations.
Bruce Schneier, Applied Cryptography, 2nd Edition, John Wiley & Sons, 1996. This is the best book to read for an introduction to applied security and cryptography. There is much less math than the book by Menezes et al. The bibliography is very comprehensive too.
Eric Rescorla, SSL and TLS: Designing and Building Secure Systems, Addison-Wesley, 2001. A book about the evolution, politics, and bugs in the development of SSL.
Jakob Nielsen, Usability Engineering, Academic Press, 1993. There are a lot of non-intuitive GUIs out there for security products. Anyone making a security product for use by humans should learn about the principles of smart GUIs.
Phillip Hallam-Baker, The dotCrime Manifesto: How to Stop Internet Crime, Addison-Wesley, 2008.
Jonathan Katz, Yehuda Lindell, Introduction to Modern Cryptography, Chapman & Hall/CRC Press, 2007. This book contains a broad coverage of cryptography.

Conferences

Building secure systems involves innovating in both systems and security. Therefore, the top conferences in this field are both systems and security conferences.

Related Courses

Security books

Conferences

Systems conferences

Security conferences