Past Readings

Cryptography

• MD5 considered harmful today
• A. Perrig, R. Canetti, J. D. Tygar, and D. Song, “The TESLA broadcast authentication protocol,” in RSA CryptoBytes, 2005.
• Laurent Eschenauer and Virgil D. Gligor. “A key-management scheme for distributed sensor networks,” in ACM CCS, 2002.
• Egele, Manuel, et al. “An empirical study of cryptographic misuse in android applications.” Proceedings of ACM SIGSAC conference on Computer & communications security, 2013.
• M. Meli, M. R. McNiece, and B. Reaves. "How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories," in NDSS. 2019.
• Krawczyk, Hugo. "The order of encryption and authentication for protecting communications (or: How secure is SSL?)." Annual International Cryptology Conference. Springer, Berlin, Heidelberg, 2001.
• Boneh, Dan, et al. "Verifiable delay functions." Annual international cryptology conference. Springer, Cham, 2018.

PKI

• L. S. Huang, A. Rice, E. Ellingsen and C. Jackson, “Analyzing Forged SSL Certificates in the Wild,” 2014 IEEE Symposium on Security and Privacy, San Jose, CA, 2014.
• J. Aas et al., “Let’s encrypt: An automated certificate authority to encrypt the entire web,” in Proceedings of the ACM Conference on Computer and Communications Security, 2019.

Secure voting

• M. R. Clarkson, S. Chong and A. C. Myers, “Civitas: Toward a Secure Voting System,” 2008 IEEE Symposium on Security and Privacy (sp 2008), Oakland, CA, 2008.

Authentication and Password

• A. Juels and R. Rivest. “Honeywords: Making password-cracking detectable,” in ACM CCS, 2013.
• A. Das, J. Bonneau, M. Caesar, N. Borisov, and X. Wang. “The Tangled Web of Password Reuse,” in NDSS, 2014.
• K. C. Wang and M. K. Reiter, “How to End Password Reuse on the Web,” in NDSS, 2019.
• D. Silver, S. Jana, E. Chen, C. Jackson, and D. Boneh, “Password managers: Attacks and defenses,” in Proceedings of USENIX Security, 2014.
• J. Bonneau and C. Herley, “The quest to replace passwords: A framework for comparative evaluation of web authentication schemes,” in IEEE S&P, 2012.
• N. Gelernter, S. Kalma, B. Magnezi, and H. Porcilan, “The Password Reset MitM Attack,” in IEEE Symposium on Security and Privacy, 2017.
• Brainard, John, et al. “Fourth-factor authentication: somebody you know.” Proceedings of the 13th ACM conference on Computer and communications security. ACM, 2006.

Anonymity and Privacy

• R. Dingledine, N. Mathewson, and P. Syverson, “Tor: The Second-Generation Onion Router,” in USENIX Security, 2004.
• D. Fifield, C. Lan, R. Hynes, P. Wegmann, and V. Paxson, “Blocking-resistant communication through domain fronting,” in Privacy Enhancing Technologies, 2015.
• Tschantz, Michael Carl, Sadia Afroz, and Vern Paxson. “Sok: Towards grounding censorship circumvention in empiricism.” 2016 IEEE Symposium on Security and Privacy (SP). IEEE, 2016.
• Arvind Narayanan and Vitaly Shmatikov. “Robust De-anonymization of Large Sparse Datasets” (2008)
• D. Das, S. Meiser, E. Mohammadi, and A. Kate, “Anonymity Trilemma: Strong Anonymity, Low Bandwidth Overhead, Low Latency - Choose Two,” in Proceedings - IEEE Symposium on Security and Privacy, 2018.
• J. Karlin et al., “Decoy Routing: Toward Unblockable Internet Communication,” Proc. USENIX Work. Free Open Commun. Internet, 2011.
• A. Narayanan et al., “Location privacy via private proximity testing,” in NDSS, 2011.

TCP/IP

• S. Savage, D. Wetherall, A. Karlin, and T. Anderson, “Practical network support for IP traceback,” ACM SIGCOMM Comput. Commun. Rev., vol. 30, no. 4, pp. 295–306, 2000.
• Bellovin, Steven M. “A look back at” security problems in the tcp/ip protocol suite." 20th Annual Computer Security Applications Conference. IEEE, 2004.

Firewall, IDS, IPS

• V. Paxson, “Bro: A system for detecting network intruders in real-time,” Comput. Networks, vol. 31, no. 23, pp. 2435–2463, 1999.
• S. Ioannidis, A. D. Keromytis, S. M. Bellovin, and J. M. Smith, “Implementing a distributed firewall,” in Proceedings of the ACM Conference on Computer and Communications Security, 2000.
• Axelsson, Stefan. "The base-rate fallacy and its implications for the difficulty of intrusion detection." Proceedings of the 6th ACM Conference on Computer and Communications Security. 1999.

DDoS attack and defense

• A. Juels and J. Brainard, “Client puzzles: A cryptographic countermeasure against connection depletion attacks,” in NDSS, 1999.
• A. Yaar, A. Perrig, and D. Song, “SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks,” in IEEE S&P, 2004.
• M. S. Kang, S. B. Lee, and V. D. Gligor, “The Crossfire Attack,” in IEEE S&P, 2013.
• C. Rossow, “Amplification Hell: Revisiting Network Protocols for DDoS Abuse,” in NDSS, 2014.
• R. Rasti, M. Murthy, and V. Paxson, “Temporal Lensing and its Application in Pulsing Denial of Service Attacks,” in IEEE S&P, 2015.
• Crosby, Scott A., and Dan S. Wallach. “Denial of Service via Algorithmic Complexity Attacks.” Usenix Security. Vol. 2. 2003.
• Your Cache Has Fallen: Cache-Poisoned Denial-of-Service Attack
• Inferring Internet Denial-of-Service Activity. David Moore, Geoffrey M. Voelker, and Stefan Savage. In USENIX Security Symposium, August 2001.

Transport Layer Security

• Jeremy Clark and Paul C. van Oorschot. SoK: SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements, in IEEE S&P, 2013.
• Adrian, David, et al. “Imperfect forward secrecy: How Diffie-Hellman fails in practice.” Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 2015.
• Cremers, Cas, et al. "A comprehensive symbolic analysis of TLS 1.3." Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. 2017.

BGP

• K. Butler, T. R. Farley, P. McDaniel, and J. Rexford, “A survey of BGP security issues and solutions,” in Proceedings of the IEEE, 2010.
• O. Nordström and C. Dovrolis, “Beware of BGP attacks,” ACM SIGCOMM Comput. Commun. Rev., vol. 34, no. 2, p. 1, 2004.
• M. Apostolaki, A. Zohar, and L. Vanbever, “Hijacking Bitcoin: Routing Attacks on Cryptocurrencies,” in IEEE Symposium on Security and Privacy, 2017.
• Lychev, Robert, Sharon Goldberg, and Michael Schapira. “BGP security in partial deployment: Is the juice worth the squeeze?.” ACM SIGCOMM Computer Communication Review. Vol. 43. No. 4. ACM, 2013.

Web security

• Barth, Adam, Collin Jackson, and John C. Mitchell. “Robust defenses for cross-site request forgery,” in ACM CCS, 2008. Jackson and A. Barth, “ForceHTTPS: Protecting High-Security Web Sites from Network Attacks,” in WWW, 2008.
• Englehardt, Steven, and Arvind Narayanan. “Online tracking: A 1-million-site measurement and analysis.” Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2016.

Software security

• C. Cowan, C. Pu, D. Maier, H. Hintony, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang, “StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks,” in USENIX Security, 1998.
• Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh. 2004. On the effectiveness of address-space randomization. In Proceedings of the 11th ACM conference on Computer and communications security (CCS'04). ACM, New York, NY, USA, 298-307.
• Smashing The Stack For Fun And Profit Smashing The Stack in 2011
• B. P. Miller, L. Fredriksen, and B. So, “An empirical study of the Reliability of UNIX Utilities,” Commun. ACM, vol. 33, no. 12, pp. 32–44, 1990.
• Sayeed, Sarwar, Hector Marco-Gisbert, and Tom Caira. "Smart contract: Attacks and protections." IEEE Access 8 (2020): 24416- 24427.

IoT security

• M. Surbatovich, J. Aljuraidan, L. Bauer, A. Das, and L. Jia, “Some Recipes Can Do More Than Spoil Your Appetite: Analyzing the Security and Privacy Risks of IFTTT Recipes,” in WWW, 2017.
• E. Fernandes, J. Jung, and A. Parkash, “Security Analysis of Emerging Smart Home Applications,” in IEEE Symposium on Security and Privacy, 2016.
• Antonakakis, Manos, et al. “Understanding the mirai botnet.” 26th {USENIX} Security Symposium ({USENIX} Security 17). 2017.
• D. Kumar et al., “All things considered: An analysis of IoT devices on home networks,” in Proceedings of the 28th USENIX Security Symposium, 2019.

Usability and security

• Whitten, Alma, and J. Doug Tygar. “Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0.” USENIX Security Symposium. Vol. 348. 1999.
• G. Wurster and P. C. van Oorschot, “The developer is the enemy,” in workshop on New security paradigms, 2008. M. Green and M. Smith, “Developers are Not the Enemy! The Need for Usable Security APIs,” IEEE Secur. Priv., vol. 14, no. 5, pp. 40–46, 2016.
• Ross J. Anderson. 1994. Why cryptosystems fail. Commun. ACM 37, 11 (November 1994), 32-40.
• Cranor, Lorrie F. "A framework for reasoning about the human in the loop." (2008)
• Sunshine, Joshua, et al. "Crying wolf: An empirical study of ssl warning effectiveness." USENIX security symposium. 2009.

Cloud Security

• Ristenpart, Thomas, et al. “Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds.” Proceedings of the 16th ACM conference on Computer and communications security. ACM, 2009.
• T. Vissers, T. Van Goethem, W. Joosen, and N. Nikiforakis, “Maneuvering Around Clouds: Bypassing Cloud-based Security Providers,” in ACM CCS 2015.

Wireless Security

• Vanhoef, Mathy, and Frank Piessens, “Key reinstallation attacks: Forcing nonce reuse in WPA2,” in ACM CCS, 2017. KRACK attack

DNS Security

• Bau, Jason, and John C. Mitchell. “A Security Evaluation of DNSSEC with NSEC3.” NDSS. 2010.
• An Illustrated Guide to the Kaminsky DNS Vulnerability
• A. Klein and B. Pinkas, “DNS Cache-Based User Tracking,” in NDSS, 2019.

System Security

• H. Chen, D. Wagner, and D. Dean, “Setuid demystified,” in Proceedings of the 11th USENIX Security Symposium, 2002.
• Yarom, Yuval, and Katrina Falkner, “FLUSH+ RELOAD: a high resolution, low noise, L3 cache side-channel attack,” in USENIX Security Symposium, 2014.
• Spectre and Meltdown
• StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. Crispin Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang, and Heather Hinton, in USENIX Security Symposium, 1998.
• Preventing Privilege Escalation. Niels Provos, Markus Friedl, and Peter Honeyman, in USENIX Security Symposium, August 2003

ML and security

• Sommer, Robin, and Vern Paxson. “Outside the closed world: On using machine learning for network intrusion detection.” 2010 IEEE symposium on security and privacy. IEEE, 2010.
• Sharif, Mahmood, et al. “Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition.” Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2016.
• Carlini, Nicholas, and David Wagner. “Towards evaluating the robustness of neural networks.” 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 2017.

Cryptocurrencies

• J. Bonneau, A. Miller, J. Clark, A. Narayanan, J. A. Kroll, and E. W. Felten, “SoK: Research perspectives and challenges for bitcoin and cryptocurrencies,” in Proceedings - IEEE Symposium on Security and Privacy, 2015.
• Bitcoin and Cryptocurrency Technologies

Science of Security

• Herley, Cormac, and Paul C. Van Oorschot. “Sok: Science, security and the elusive goal of security as a scientific pursuit.” 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 2017.
• Herley, Cormac, and Paul C. Van Oorschot. "Science of security: Combining theory and measurement to reflect the observable." IEEE Security & Privacy 16.1 (2018): 12-22.
• Stolfo, Sal, Steven M. Bellovin, and David Evans. "Measuring security." IEEE Security & Privacy 9.3 (2011): 60-65.

Introduction

• Thompson, Ken. “Reflections on trusting trust.” Commun. ACM 27.8 (1984): 761-763.
• Anderson, Ross. “Why information security is hard-an economic perspective.” Seventeenth Annual Computer Security Applications Conference. IEEE, 2001.

Ethics

• Abelson, Harold, et al. “Keys under doormats: mandating insecurity by requiring government access to all data and communications.” Journal of Cybersecurity 1.1 (2015): 69-79.
• Böhme, Rainer, et al. "Responsible vulnerability disclosure in cryptocurrencies." Communications of the ACM 63.10 (2020): 62-71.
• Bailey, Michael, et al. "The menlo report." IEEE Security & Privacy 10.2 (2012): 71-75.
• IEEE S&P’21 Program Committee Statement Regarding The “Hypocrite Commits” Paper
• Encore: Lightweight Measurement of Web Censorship with Cross-Origin Requests ‒ Public Review
• No Encore for Encore? Ethical questions for web-based censorship measurement

IEEE S&P: Test of Time Award (The First Fifteen Years)

• Ralph Merkle: Protocols for Public Key Cryptosystems, 1980
• Richard Kemmerer, A Practical Approach to Identifying Storage and Timing Channels, 1982
• Joseph Goguen and Jose Meseguer, Security Policies and Security Models, 1982
• Gustavus J. Simmons: Verification of Treaty Compliance Revisited, 1983
• Jonathan K. Millen: The Interrogator: A Tool for Cryptographic Protocol Security, 1984
• Andrew Birrell, Butler W. Lampson, Roger M. Needham, Michael D. Schroeder: A Global Authentication Service without Global Trust, 1986
• Dorothy E. Denning: An Intrusion-Detection Model, 1987
• John McLean: Reasoning About Security Models. IEEE Symposium on Security and Privacy 1987
• Steven M. Bellovin, Michael Merritt: Encrypted key exchange: password-based protocols secure against dictionary attacks, 1992
• Martín Abadi, Roger M. Needham: Prudent engineering practice for cryptographic protocols, 1994

IEEE S&P: Test of Time Award (1995-2006)

• A Sense of Self for Unix Processes. Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji, Thomas A. Longstaff, 1996
• Cryptovirology: Extortion-Based Security Threats and Countermeasures. Adam L. Young, Moti Yung, 1996
• Decentralized Trust Management. Matt Blaze, Joan Feigenbaum, Jack Lacy, 1996
• Analysis of a Denial of Service Attack on TCP. Christoph L. Schuba, Ivan Krsul, Markus G. Kuhn, Eugene H. Spafford, Aurobindo Sundaram, Diego Zamboni, 1997
• Anonymous Connections and Onion Routing. Paul F. Syverson, David M. Goldschlag, Michael G. Reed, 1997
• Efficient Authentication and Signing of Multicast Streams Over Lossy Channels Adrian Perrig, Ran Canetti, J. Doug Tygar, Dawn Xiaodong Song, 2000
• Practical Techniques for Searches on Encrypted Data. Dawn Xiaodong Song, David A. Wagner, Adrian Perrig, 2000
• Random Key Predistribution Schemes for Sensor Networks. Haowen Chan, Adrian Perrig, Dawn Xiaodong Song, 2003
• Distributed Detection of Node Replication Attacks in Sensor Networks. Bryan Parno, Adrian Perrig, Virgil D. Gligor, 2005

ACM CCS: Test of Time Award

• Design and implementation of the idemix anonymous credential system. Jan Camenisch and Els Van Herreweghen, 2002.
• Mimicry attacks on host-based intrusion detection systems. David Wagner and Paolo Soto, 2002.
• Countering Code-Injection Attacks With Instruction-Set Randomization. Gaurav S. Kc, Angelos D. Keromytis, and Vassilis Prevelakis. 2003.
• A Pairwise Key Pre-distribution Scheme for Wireless Sensor Networks. Wenliang Du, Yunghsiang S. Han, Jing Deng, and Pramod K. Varshney. 2003.
• Privacy and security in library RFID: issues, practices, and architectures. David Molnar and David Wagner. 2004.
• Direct anonymous attestation. Ernest F. Brickell, Jan Camenisch, and Liqun Chen. 2004.
• Control-flow integrity. Martín Abadi, Mihai Budiu, Úlfar Erlingsson, Jay Ligatti. 2005.
• Dynamic and efficient key management for access hierarchies. Mikhail J. Atallah, Keith B. Frikken, Marina Blanton. 2005.
• Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data. Vipul Goyal, Omkant Pandey, Amit Sahai and Brent Waters. 2006.
• EXE: Automatically Generating Inputs of Death. Cristian Cadar, Vijay Ganesh, Peter M. Pawlowski, David L. Dill and Dawson R. Engler. 2006.
• The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). Hovav Shacham. 2007.
• Ether: Malware Analysis via Hardware Virtualization Extensions. Artem Dinaburg, Paul Royal, Monirul Sharif, and Wenke Lee. 2008.
• False data injection attacks against state estimation in electric power grid. Yao Liu, Peng Ning and Michael K. Reiter. 2009.
• Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage. 2009.
• PinDr0p: using single-ended audio features to determine call provenance. Vijay A. Balasubramaniyan, Aamir Poonawalla, Mustaque Ahamad, Michael T. Hunter, Patrick Traynor. 2010.

NDSS: Test of Time Award

• SKEME: A Versatile Secure Key Exchange Mechanism for Internet. Hugo Krawczyk. 1996.
• Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks, Ari Juels and John Brainard. 1999.
• A Virtual Machine Introspection Based Architecture for Intrusion Detection. Tal Garfinkel and Mendel Rosenblum. 2003.

USENIX Security: Test of Time Award

• StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. Crispin Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang, and Heather Hinton, 1998.
• Tor: The Second-Generation Onion Router. Roger Dingledine, Nick Mathewson, and Paul Syverson, 2013.
• Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0. Alma Whitten and J. D. Tygar, 1999.
• Preventing Privilege Escalation. Niels Provos, Markus Friedl, and Peter Honeyman, 2003.
• Inferring Internet Denial-of-Service Activity. David Moore, Geoffrey M. Voelker, and Stefan Savage, 2001.
• Evaluating SFI for a CISC Architecture. Stephen McCamant and Greg Morrisett, 2006.
• A Secure Environment for Untrusted Helper Applications (Confining the Wily Hacker). Ian Goldberg, David Wagner, Randi Thomas, and Eric Brewer, 1996.