ΗΥ-558 Συστηματα και
Τεχνολογιες του Διαδικτυου

Άνοιξη 2019

Date

Topic

 

Presenter

4/2

 

Introduction

 

11/2

Deployment

Jerome H. Saltzer, David P. Reed, and David D. Clark. End-to-End Arguments in System Design. ACM Transactions on Computer Systems 2(4), Nov. 1984, pp. 277-288.

 

13/2

Trust

K. Thomson: Reflections on Trusting Trust (Turing Award Lecture)

Presentation

18/2

TCP/IP Security

Steven M. Bellovin. 2004. A Look Back at "Security Problems in the TCP/IP Protocol Suite". In Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC '04).

 

20/2

Baggy bounds

Periklis Akritidis, Manuel Costa, Miguel Castro, and Steven Hand. 2009. Baggy bounds checking: an efficient and backwards-compatible defense against out-of-bounds errors. USENIX Security 2009

Presentation

25/2

Passwords

Georgios Kontaxis, Elias Athanasopoulos, Georgios Portokalidis, and Angelos D. Keromytis. SAuth: protecting user accounts from password database leaks. CCS '13.

 

4/3

Leaks

Georgios Kellaris, George Kollios, Kobbi Nissim, Adam O'Neil Generic Attacks on Secure Outsourced Databases CCS '16.

Presentation

13/3

Stack Smashing

Stack Smashing

10K students Challenge

18/3

Passwords

Ari Juels and Ronald L. Rivest, Honeywords: Making Password-Cracking Detectable. CCS 2013

Kastanakis Presentation 1

Kastanakis Presentation 2

Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Richard Shay, Timothy Vidas Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, and Julio Lopez: Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms. S&P 2012.

20/3

Mobile Security

Elias P. Papadopoulos, Michalis Diamantaris, Panagiotis Papadopoulos, Thanasis Petsas, Sotiris Ioannidis, Evangelos P. Markatos The Long-Standing Privacy Debate: Mobile Websites vs Mobile Apps WWW 2017

Presentation

27/3

Botnets

Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna. 2009. Your botnet is my botnet: analysis of a botnet takeover. In Proceedings of the 16th ACM conference on Computer and communications security (CCS '09).

Anagnopulos Pres 1
Anagnopoulos Pres 2
Anagnopoulos Report 1
Anagnopoulos Report 2

Leyla Bilge, Thorsten Strufe, Davide Balzarotti, Engin Kirda All Your Contacts Are Belong to Us: Automated IdentityTheft Attacks on Social Networks WWW 2009, April 20-24, 2009, Madrid, Spain

1/4

DoS attacks

David Moore, Geoffrey M. Voelker, and Stefan Savage, "Inferring Internet Denial-of-Service Activity," Usenix Security Symposium, 2001

Ntallaris Presentation 1
Ntallaris Report 1
Ntallaris Presentation 2
Ntallaris Report 2

Angelos D. Keromytis, Vishal Misra, and Dan Rubenstein. 2002. SOS: secure overlay services. In Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications (SIGCOMM '02).

3/4

Worms

Sumeet Singh, Cristian Estan, George Varghese, and Stefan Savage. 2004. Automated worm fingerprinting. In Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6 (OSDI'04), Vol. 6.

Rigaki report 1
Rigaki report 2
Rigaki Presentation 1
Rigaki Presentation 2

Stuart Staniford, David Moore, Vern Paxson, and Nicholas Weaver. 2004. The top speed of flash worms. In Proceedings of the 2004 ACM workshop on Rapid malcode (WORM '04).

8/4

CFI

Martin Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti. 2005. Control-flow integrity. ACM CCS 2005

Karnikis Presentation 1
Karnikis Presentation 2

Enes Goktas, Elias Athanasopoulos, Herbert Bos, and Georgios Portokalidis. 2014. Out of Control: Overcoming Control-Flow Integrity. In Proceedings of the 2014 IEEE Symposium on Security and Privacy (SP '14).

15/4

Bitcoin

S. Nakamoto: Bitcoin: A Peer-to-Peer Electronic Cash System

Loupas Presentation 1
Loupas Presentation 2
Loupas Report

Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. 2013. A fistful of bitcoins: characterizing payments among men with no names. IMC 2013.

17/4

Monitoring

Cristian Estan, George Varghese: New Directions in Traffic Measurement and Accounting. SIGCOMM, August 2002

Tsirbas

N. C. Duffield and M. Grossglauser. Trajectory Sampling for Direct Traffic Observation. IEEE/ACM Transactions on Networking, June 2001

6/5

Intrusion Detection

Anil Somayaji and Stephanie Forrest. 2000. Automated response using system-call delays. In Proceedings of the 9th conference on USENIX Security Symposium - Volume 9 (SSYM'00), Vol. 9.

Chatzimpyrros Report 1
Chatzimpyrros Report 2

S. Staniford, V. Paxson and N. Weaver, How to 0wn the Internet in Your Spare Time , Proc. USENIX Security Symposium 2002.

8/5

Monitoring

Constantinos Dovrolis, Parameswaran Ramanathan, David Moore: What do packet dispersion techniques measure? In INFOCOM 01.

Chatzivasiliou Report 1
Chatzivasiliou Report 2

Stefan Savage, David Wetherall, Anna Karlin, and Tom Anderson. Practical Network Support for IP Traceback. In Proceedings of the 2000 ACM SIGCOMM Conference, pages 295--306, Stockholm, Sweden, August 2000

10/5

Traceroute

Benoit Donnet, Philippe Raoult, Timur Friedman, and Mark Crovella. Efficient algorithms for large-scale topology discovery. In SIGMETRICS 05.

Chalkiadakis (εκτός ύλης)

Ethan Katz-Bassett, Harsha V. Madhyastha, Vijay Kumar Adhikari, Colin Scott, Justine Sherry, Peter Van Wesep, Thomas Anderson, and Arvind Krishnamurthy. Reverse traceroute. Reverse traceroute. In Proceedings of the 7th USENIX conference on Networked systems design and implementation (NSDI'10).

13/5

DNS

Mochapetris et al. Development of the Domain Name System.

Giakoumakis Pres 1
Giakoumakis Pres 2

Jaeyeon Jung, Emil Sit, Hari Balakrishnan, Robert Morris. DNS Performance and the Effectiveness of Caching, IMC 2001

15/5

Leakage

Stevens Le Blond, Chao Zhang, Arnaud Legout, Keith Ross, and Walid Dabbous. 2011. I know where you are and what you are sharing: exploiting P2P communications to invade users' privacy. In Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference (IMC '11).

Arakadakis Presentation 1
Arakadakis Presentation 2
Arakadakis Report 1
Arakadakis Report 2

Zachary Weinberg, Eric Y. Chen, Pavithra Ramesh Jayaraman, and Collin Jackson. I Still Know What You Visited Last Summer: Leaking Browsing History via User Interaction and Side Channel Attacks. In Proceedings of the 2011 IEEE Symposium on Security and Privacy (SP '11).

17/5

Forensics

Mikhail Afanasyev, Tadayoshi Kohno, Justin Ma, Nick Murphy, Stefan Savage, Alex C. Snoeren, Geoffrey M. Voelker. Privacy-preserving network forensics. Commun. ACM 54(5): 78-87 (2011)

Kalyvianakis (εκτός ύλης)

Gilbert Wondracek, Thorsten Holz, Engin Kirda, Christopher Kruegel A Practical Attack to De-anonymize Social Network Users. S&P'10