cs6501: Security Seminar

Read Section 1, Basic Principles Of Information Protection, for Thursday

Best paper award for 2009 S&P

http://nativeclient.googlecode.com/svn/trunk/src/native_client/documentation/nacl_paper.pdf

Your Botnet is My Botnet: Analysis of a Botnet Takeover by Stone-Gross et al. In Proceedings of CCS 2009. ACM Press, Nov. 2009. [PDF]

From the DNI’s 60 Day Cyberspace Policy Review:
http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf

Executive Summary
Section 4: Incident Response  pages 24-30
Section 5 Encouraging Innovation pages 31-36

From Securing Cyberspace for the 44th Presidency:
http://csis.org/files/media/csis/pubs/081208_securingcyberspace_44.pdf
Section 5: Identity Management in Cybersecurity pages 61-65

A Method for Obtaining Digital Signatures and Public-Key Cryptosystems by R.L. Rivest, A. Shamir, and L. Adleman, Communications of the ACM 21,2 (Feb. 1978), 120–126.

According to the original syllabus, project proposals are due Tuesday, October 13. I will accept proposal by email (without penalty) until 5pm on Friday, Oct 16. There will be no class on Thursday, October 15. On Tuesday, October 20, we will discuss the projects. Everyone should be prepared on Oct 20th to give a short (4-minute) presentation that motivates and describes your project (you may use slides for this if you want).

As a reminder from the project page, the project proposal should include:

• Clear Statement of the Problem — what question is your
  project seeking to answer? If your project is successful, what will the
  research community know after you are done that it does not already
  know.

• Motivation — why is your problem interesting and
  important?

• Related Work — this doesn’t need to be complete yet,
  but should be enough to show the problem is relevant and interesting and
  make it clear what has and has not already been solved by other
  researchers. You should make sure to relate the related work to your
  project, not just summarize a lot of papers you have read. For every
  work you describe, your related work section should explain clearly why
  it is relevant to what you want to do.

• Research Plan — concrete description of what you plan
  to do. Your research plan must include clear milestones for every week
  until the end of the project.

• Evaluation — description of how you will decide if the
  project is successful. How do you know if you have answered the problem
  question? Note that your project does not need to be a
  successful research project to satisfy the requirements for the
  course project, but you do need some way of evaluating the success of
  your project.

We expect most project proposals will be about 5 pages long, but there
is no strict length requirement or expectation.

We’ll meet as normal next Tuesday (Oct 6), even though this is a University reading day. (Consider this a “make-up” meeting for Thursday, Oct 15 when we will not meet.)

The New Casper: Query Processing for Location Services without Compromising Privacy By Mohamed F. Mokbel, Chi-Yin Chow, Walid G. Aref. In Proceedings of the 32nd International Conference on Very Large Data Bases.

CCCP: Secure Remote Storage for Computational RFIDs By Mastooreh Salajegheh, Shane Clark, Benjamin Ransford, Kevin Fu, and Ari Juels. In Proceedings of USENIX Security 2009.

Project mini-proposals are due Friday, 25 September. Your mini-proposal should describe the question you intend to answer, and why it is interesting. Submit your mini-proposal by email to evans@cs.virginia.edu as a PDF or plain text.

In next week’s classes, you will have a chance to form project teams and get feedback from the students on your project ideas. I will be out-of-town all next week, but reachable by email if you have any questions.