Συστήματα και Τεχνολογίες του Διαδικτύου HY558
Βαγγέλης Μαρκάτος
Άνοιξη 2010
Το
μάθημα θα ασχοληθεί με τις τεχνολογίες
και τα συστήματα που στηρίζουν το
διαδίκτυο και κάνουν τον παγκόσμιο ιστό
πραγματικότητα.
Θα ασχοληθούμε με
peer-to-peer
systems, network
monitoring, intrusion
detection, DoS
attacks, honeypots, botnets, SPAM,
exploits και security
γενικότερα.
|
Ημερομηνία |
Υλη |
|
Παρατηρήσεις |
|
8/2 |
|
Εισαγωγή |
|
|
10/2 |
Deployment |
Jerome H. Saltzer, David P. Reed, and David D. Clark. End-to-End Arguments in System Design. ACM Transactions on Computer Systems 2(4), Nov. 1984, pp. 277-288. |
|
|
M. S. Blumenthal, D. D. Clark, ``Rethinking the design of the Internet: The end-to-end arguments vs. the brave new world", ACM Trans. on Internet Technology |
|
||
|
15/2 |
|
Καθαρά Δευτέρα |
|
|
17/2 |
|
Invited Lecture: M. Polychronakis: Real-time Detection of Malicious Attacks |
|
|
22/2 |
Monitoring |
M. Polychronakis, K. G. Anagnostakis, E. P. Markatos, Arne Øslebø. Design of an Application Programming Interface for IP Network Monitoring. Proceedings of the 9th IEEE/IFIP Network Operations and Management Symposium (NOMS2004), 19-23 April 2004, Seoul, Korea. |
|
|
N. C. Duffield and M. Grossglauser. Trajectory Sampling for Direct Traffic Observation. IEEE/ACM Transactions on Networking, June 2001 |
|||
|
24/2 |
Monitoring |
Constantinos Dovrolis, Parameswaran Ramanathan, David Moore: What do packet dispersion techniques measure? In INFOCOM 01. |
|
|
Stefan Savage, David Wetherall, Anna Karlin, and Tom Anderson. Practical Network Support for IP Traceback. In Proceedings of the 2000 ACM SIGCOMM Conference, pages 295--306, Stockholm, Sweden, August 2000 |
|
||
|
1/3 |
Social nets |
"On the Evolution of User Interaction in Facebook" - WOSN 2009 |
|
|
"Understanding online social network usage from a network perspective" - IMC 2009 |
|
||
|
3/3 |
|
Invited Lecture: S. Antonatos: PuppetNets |
|
|
8/3 |
Phishing |
A Pretty Kettle of Phish, ESET Whitepaper, June 2007. report presentation |
George Kontaxis |
|
Tyler Moore and Richard Clayton, Examining the Impact of Website Take-down on Phishing, APWG eCrime Researchers Summit, October 2007. report presentation |
|||
|
10/3 |
Phishing and Privacy |
Rachna Dhamija, Doug Tygar and Marti Hearst, Why Phishing Works, Conference on Human Factors in Computing Systems (CHI), 2006. |
|
|
Janice Tsai, Serge Egelman, Lorrie Cranor, Alessandro Acquisti, The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study, Workshop on the Economics of Information Security (WEIS), June 2007. |
|||
|
15/3 |
|
||
|
|
|||
|
17/3 |
SPAM |
Yinglian Xie, Fang Yu, Kannan Achan, Rina Panigrahy, Geoff Hulten, and Ivan Osipkov, Spamming Botnets: Signatures and Characteristics, ACM SIGCOMM, Aug 2008.report presentation |
Sofia Loutou |
|
Wang, Ma, Niu and Chen Spam Double-Funnel: Connecting Web Spammers with Advertisers, WWW 2007.report presentation |
Sofia Loutou |
||
|
22/3 |
Web technologies |
All Your iFRAMEs Point to Us - Sec '08 report presentation |
Ftylitakis |
|
Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis - NDSS'07 report presentation |
Ftylitakis |
||
|
24/3 |
Intrusion Detection |
Somayaji, A., and S. Forrest. Automated Response Using System-Call Delays." In Usenix Security Symposium 2000. report presentation |
Spyros Ligouras |
|
S. Staniford, V. Paxson and N. Weaver, How to 0wn the Internet in Your Spare Time, Proc. USENIX Security Symposium 2002. report presentation |
Spyros Ligouras |
||
|
12/4 |
P2P |
CHAWATHE, Y., RATNASAMY, S., BRESLAU, L., AND SHENKER, S. Making Gnutella-like P2P Systems Scalable. In Proc. ACM SIGCOMM (Aug. 2003). report presentation |
Saloustros |
|
I. Stoica, R. Morris, D. Karger, M. F. Kaashoek, and H. Balakrishnan. Chord: A scalable peer-to-peer lookup service for Internet applications. SIGCOMM 2001. report presentation |
Saloustros |
||
|
14/4 |
Security |
NOZZLE: A Defense Against Heap-spraying Code Injection Attacks - Sec'09 report presentation |
hatzivas |
|
Shield: Vulnerability-Driven Network Filters for Preventing Known Vulnerability Exploits - SIGCOMM'04 report presentation |
Hatzivas |
||
|
19/4
|
P2P |
The Bittorrent P2P File-sharing System: Measurements and Analysis, Johan Pouwelse, Pawel Garbacki, Dick Epema, Henk Sips, IPTPS 2005 report presentation |
Giorgos Mathioudakis |
|
An Experimental Study of the Skype Peer-to-Peer VoIP System. Saikat Guha, et al. IPTPS 2006 report presentation |
Giorgos Mathioudakis |
||
|
26/4 |
Anonymity Attacks |
Low-Resource Routing Attacks Against Tor by Kevin Bauer, Damon McCoy, Dirk Grunwald, Tadayoshi Kohno, and Douglas Sicker. In the Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2007), Washington, DC, USA, October 2007. report presentation |
Roman Cizek |
|
Denial of Service or Denial of Security? How Attacks on Reliability can Compromise Anonymity by Nikita Borisov, George Danezis, Prateek Mittal, and Parisa Tabriz. In the Proceedings of CCS 2007, October 2007. report presentation |
Roman Cizek |
||
|
3/5 |
Security |
K. G. Anagnostakis, S. Sidiroglou, P. Akritidis, K. Xinidis, E. Markatos, and A. D. Keromytis. Detecting Targeted Attacks Using Shadow Honeypots. USENIX Security 2005. report presentation |
Kesapid |
|
P. Akritidis, Evangelos P. Markatos, M. Polychronakis, and Kostas D. Anagnostakis: STRIDE: Polymorphic Sled Detection through Instruction Sequence Analysis. In Proceedings of the 20th IFIP International Information Security Conference (IFIP/SEC 2005) report presentation |
Kesapid |
||
|
10/5 |
Botnets |
All Your Contacts Are Belong to Us. Automated Identity Theft - WWW'09 report presentation |
Thanasis Petsas |
|
Your Botnet is My Botnet: Analysis of a Botnet Takeover - CCS'09 report presentation |
Thanasis Petsas |
||
|
17/5 |
DoS attacks |
David Moore, Geoffrey M. Voelker, and Stefan Savage, "Inferring Internet Denial-of-Service Activity," Usenix Security Symposium, 2001 report presentation |
Klonatos |
|
A. Keromytis, V. Misra, and D. Rubenstein, "SOS: Secure Overlay Services," in Proceedings of ACM SIGCOMM'02, (Pittsburgh, PA), August 2002 report presentation |
Klonatos |
||
|
19/5 |
SPAM |
Anirudh Ramachandran and Nick Feamster, Understanding the Network Behavior of Spammers, ACM SIGCOMM, Sept 2006. report presentation |
Eleni Gessiou |
|
David S. Anderson, Chris Fleizach, Stefan Savage, Geoffrey M. Voelker, Spamscatter: Characterizing Internet Scam Hosting Infrastructure, USENIX Security, Aug 2007. report presentation |
Eleni Gessiou |
||
|
21/5 |
Anonymity Systems |
Michael Reiter and Aviel Rubin. Crowds: Anonymity for Web Transactions. In ACM Transactions on Information and System Security 1(1), June 1998. report |
Niki Grigoraki |
|
Roger Dingledine, Nick Mathewson, and Paul Syverson. Tor: The Second-Generation Onion Router. In the Proceedings of the 13th USENIX Security Symposium, August 2004. report |
|
Απαιτήσεις: κάθε φοιτητής/φοιτήτρια θα πρέπει να κάνει δύο διαλέξεις (4 papers) και να παραδώσει γραπτή αναφορά.
Βαθμολογία: Tελικό διαγώνισμα:80%, αναφορά 10%, διάλεξη:10%. Εξεταστέα είναι όλη η παραπάνω ύλη (εκτός των fallback).
Βοηθοί: hy558@csd.uoc.gr Προαπαιτούμενα: ΗΥ-345