Reading List

This is a tentative list of research papers that we plan to read this semester. Please find a partner, pick a paper that you two are responsible to present, and register with me in person or by email no later than September 21, 2006. First come first serve. If the paper you have in mind has been chosen by other people, please pick another one that is still open. Schedule will be set up after every group has chosen a paper.

Denial-of-Service Attacks

DDoS Defense by Offense, Michael Walsh, Mythili Vutukuru, Hari Balakrishnan, David Karger, Scott Shenker, Proceedings of SIGCOMM 2006, September 2006. -- to be presented by Kimberly Yonce and Boris Kurktchiev

Countering DoS Attacks With Stateless Multipath Overlays, Angelos Stavrou, Angelos D. Keromytis, Proceedings of CCS 2005, November 2005.

A DoS-limiting Network Architecture, Xiaowei Yang, David Wetherall, Thomas Anderson, Proceedings of SIGCOMM 2005, August 2005. -- to be presented by Shantnu Chaturvedi and Amit Jain

Roaming Honeypots for Mitigating Service-Level Denial-of-Service Attacks, Sherif M. Khattab, Chatree Sangpachatanaruk, Daniel Mossé, Rami Melhem, Taieb Znati, Proceedings of 24th International Conference on Distributed Computing Systems, March 2004. -- to be presented by Nikhil Mahajan and Sriharsha Hammika

802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions, John Bellardo and Stefan Savage, Proceedings of 12th USENIX Security Symposium, August 2003. -- to be presented by Michael Kroll and Jian Shi

Instrusion Detection

A DoS Resilient Flow-level Intrusion Detection Approach for High-speed Networks, Yan Gao, Zhichun Li, Yan Chen, Proceedings of 26th International Conference on Distributed Computing Systems, June 2006. -- to be presented by Sudarsan Vinay Maddi and Brandon Barkley

Polygraph: Automatically Generating Signatures for Polymorphic Worms, James Newsome, Brad Karp, Dawn Song, Proceedings of 2005 IEEE Symposium on Security and Privacy, May 2005.

Detecting Unknown Massive Mailing Viruses Using Proactive Methods, Ruiqi Hu, Aloysius K. Mok, Proceedings of 7th International Symposium on Recent Advances in Intrusion Detection (RAID 2004), September 2004.

Detecting Network Intrusions via Sampling: A Game Theoretic Approach, Murari Kodialam, T. V. Lakshman, Proceedings of IEEE INFOCOM 2003.

Very Fast Containment of Scanning Worms, Nicholas Weaver, Stuart Staniford, and Vern Paxson, Proceedings of 13th USENIX Security Symposium, August 2004. -- to be presented by Chuan Qin and Yi Xian

Privacy and Anonymity

M2: Multicasting Mixes for Efficient and Anonymous Communication, Ginger Perng, Michael K. Reiter, Chenxi Wang, Proceedings of 26th International Conference on Distributed Computing Systems, June 2006.

Anonymous Communications in Mobile Ad Hoc Networks, Yanchao Zhang, Wei Liu, Wenjing Lou, Proceedings of IEEE INFOCOM 2005, March 2005-- to be presented by Vishal Patel

Security and Privacy Issues in E-passports, Ari Juels, David Molnar, David Wagner, Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05), September 2005. -- to be presented by Pano Elenis and Vivian Bates

Tor: The Second-Generation Onion Router, Roger Dingledine, Nick Mathewson, Paul Syverson, Proceedings of 13th USENIX Security Symposium, August 2004. -- to be presented by Maryam Jafari-Lafti and Enrico Chandler

Buses for Anonymous Message Delivery, Amos Beimel, Shlomi Dolev, Journal of Cryptology, Vol. 16, No. 1, January 20, 2003.

Key Management

Key Regression: Enabling Efficient Key Distribution for Secure Distributed Storage, Kevin Fu, Seny Kamara, Tadayoshi Kohno, Proceedings of 13th Annual Network and Distributed System Security Symposium, February 2006.

Key Infection: Smart Trust for Smart Dust, Ross Anderson, Haowen Chan, Adrian Perrig, Proceedings of 12th IEEE International Conference on Network Protocols, October 2004.

Just Fast Keying: Key Agreement in a Hostile Internet, William Aiello, Steven M. Bellovin, Matt Blaze, Ran Canetti, John Ioannidis, Angelos D. Keromytis, Omer Reingold, ACM Transactions on Information and System Security (TISSEC), Vol. 7, No. 2, May 2004.

Tree-Based Group Key Management, Yongdae Kim, Adrian Perrig, Gene Tsudik, ACM Transactions on Information and System Security (TISSEC), Vol. 7, No. 1, February 2004.

Secret Handshakes from Pairing-Based Key Agreements, D. Balfanz, G. Durfee, N. Shankar, D.K. Smetters, J. Staddon, H.C. Wong, Proceedings of 2003 IEEE Symposium on Security and Privacy, May 2003.

Random Key Predistribution Schemes for Sensor Networks, Haowen Chan, Adrian Perrig, Dawn Song, Proceedings of 2003 IEEE Symposium on Security and Privacy, May 2003.  

Authentication

New Approaches for Deniable Authentication, Mario Di Raimondo, Rosario Gennaro, Proceedings of CCS 2005, November 2005. -- to be presented by Alexander Abrashkin and Sombuddha Poddar

A Modular Correctness Proof of IEEE 802.11i and TLS, Changhua He, Mukund Sundararajan, Anupam Datta, Ante Derek, John C. Mitchell, Proceedings of CCS 2005, November 2005.

The Logic of Authentication Protocols, Paul Syverson and Iliano Cervesato, in Foundations of Security Analysis and Design, Springer Verlag LNCS 2171.

A System for Authenticated Policy-Complaint Routing, Barath Raghavan, Alex C. Snoeren, Proceedings of SIGCOMM 2004, August 2004.

Access Control

Comparing the Expressive Power of Access Control Models, Mahesh V. Tripunitara, Ninghui Li, Proceedings of CCS 2004, October 2004.

Firewall Design: Consistency, Completeness, and Compactness, Mohamed G. Gouda, Xiang-Yang Alex Liu, Proceedings of 24th International Conference on Distributed Computing Systems, March 2004. -- to be presented by Matthew Ginley and Jonathan Fomby

Safety in Automated Trust Negotiation, William H. Winsborough, Ninghui Li, Proceedings of 2004 IEEE Symposium on Security and Privacy, May 2004.

dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments, Eric Freudenthal, Tracy Pesin, Lawrence Port, Edward Keenan, Vijay Karamcheti, Proceedings of 22nd International Conference on Distributed Computing Systems, July 2002.