Seminar: Security in Emerging Computing and Networking Systems

General Information

Instructor

Dr. Hongxin Hu

E-mail: hongxinh@buffalo.edu

Homepage: https://cse.buffalo.edu/~hongxinh/

Office Hours: By Appointment

Time and Location: W 3:15 PM - 5:20 PM, this class will be taught fully online.

Overview

A computing and networking system is considered emerging if it recently started getting deployed in the real-world or is deemed promising for wide-scale deployment in the near future. The security issues surrounding such emerging systems, however, may prevent end-users from utilizing their full potential, or, even worse, may rule out the chances of their deployment in the future. Currently, these emerging systems range from Internet of Things (IoT) and deep-learning systems to edge and 5G/Next-G systems. In this seminar course, we will discuss some of the latest work in the area of securing emerging computing and networking systems, including emerging network technologies and security (NFV, SDN, Edge, 5G/Next-G, etc.), IoT security and privacy (smart home, voice assistant platforms - Amazon Alexa and Google Assistant, etc.), and machine learning for security and privacy (adversarial attacks and defenses on deep learning, backdoor attacks and defenses on deep learning, etc.).

The main goal of the seminar is to help students understand the state of the art in a variety of security topics in emerging computing and networking systems. As a secondary goal, students will learn how to read research papers and how to communicate technical material effectively.

The seminar is suitable for students who have strong interest in network and system security and intent to pursue a career in the area, e.g., PhD students already working in cybersecurity or MS students interested in pursuing a PhD or doing research in the field (in the form of independent studies and/or MS Thesis). One of the goals of this seminar is to identify, by the end of the semester, a set of open research problems on which students can work during the next semester, e.g., in the form of independent studies.

Tentative Schedule

Week	Date	Topic	Papers	Notes
1	Feb 3	Class Overview	N/A
2	Feb 10	SDN/NFV Secuirty Overview	N/A
3	Feb 17	IoT Security Overview	N/A
4	Feb 24	Mobile Platform Secuirty Overview	N/A
5	March 3	IoT System Security	WaveSpy: Remote and Through-wall Screen Attack via mmWave Sensing, Oakland 2020 ThermoWave: A New Paradigm of Wireless Passive Temperature Monitoring via mmWave Sensing, MobiCom 2020	Invited Talk from Zhengxiong Li
6	March 10	Network Security Function Virtualization	On the Safety and Efficiency of Virtual Firewall Elasticity Control, NDSS 2017 vNIDS: Towards Elastic Security with Safe and Efficient Virtualization of Network Intrusion Detection Systems, CCS 2018	Invited Talk from Hongda Li
7	March 17	Smart Home Physical Interaction Control	On the Safety of IoT Device Physical Interaction Control, CCS 2018 IoTSafe: Enforcing Safety and Security Policy with Real IoT Physical Interaction Discovery, NDSS 2021	Invited Talk from Wenbo Ding
8	March 24	Image Privacy Control	Towards PII-based Multiparty Access Control for Photo Sharing in Online Social Networks Towards Understanding and Detecting Cyberbullying in Real-world Images, NDSS 2021	Invited Talk from Nishant Vishwamitra
9	March 31	Smart Home Security	Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses, Code, Oakland 2020 DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices, Oakland 2021	Md Armanuzzaman
10	April 7	Security in Voice Assistant Platforms	Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems, Demo, Oakland 2019 SkillExplorer: Understanding the Behavior of Skills in Large Scale, USENIX Security 2020	Yunnan Yu Reviews #1 and #2 Due
11	April 14	Adversarial Attacks and Defenses in Deep Neural Networks	Simple Black-box Adversarial Attacks, Code, ICML 2019 Deep Learning Models Resistant to Adversarial Attacks, Code, ICLR 2018	Nishant Vishwamitra
12	April 21	Backdoor Attacks and Defenses in Deep Neural Networks	Simple Backdoor Attack in Deep Neural Networks, Code, KDD 2020 Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks, Code, Oakland 2019	Shashank Priya
13	April 28	Deep Learning-based Network Intrusion Detection	Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection, Code, NDSS 2018 Evaluating and Improving Adversarial Robustness of Machine Learning-Based Network Intrusion Detectors	Xi Tan Review #3 Due
14	May 5	Web Security	AdGraph: A Graph-Based Approach to Ad and Tracker Blocking, Code, Oakland 2020 CV-Inspector: Towards Automating Detection of Adblock Circumvention, NDSS 2021	Shiyu Lu
15	May 12	Project Demo	N/A

Seminar Structure and Assignments

I will present material during the first 4 classes, followed by 4 invited talks. Students then present selected papers during the remaining classes. A list of papers from top security and networking conferences (IEEE S&P - Oakland, USENIX Security, ACM CCS, NDSS, SIGCOMM, NSDI, etc.) will be provided for each topic. One of the papers for each topic will be listed as mandatory paper and the remaining ones as related papers. All students are encouraged to read the mandatory papers, submit reviews for a subset of them, and participate in discussions in class.

The course includes the following assignments:

• Paper reading: if you are not familar with reading research papers, I recommend reading "How to Read a Paper" by S. Keshav.
• Paper presentation: each student will present around 2 research papers for one class. You can find a set of recommendations on how to give a good presentation here.
• Paper reviews: you will write reviews for 3 papers (you will choose which ones). The template of a review can be download here. You can find a set of recommendations on how to write a good reviews here.
• Class project: 3-credit student will finish a class project where you will reproduce the ideas of a discussed paper into practice and show your project demo at the end of the semester.

All dicussions through Piazza: http://piazza.com/buffalo/spring2021/cse707

Course Cridits

• You can take this seminar for either 1 credit or 3 credits. With 1 credit, your responsibility is to read papers, write reviews, and present papers to the class. With 3 credits, you will also finish a class project.

Tentative Grading

1 Credit

• Paper presentation: 40%
• Paper reviews (3): 30%
• Class participation: 30%

3 Credits

• Paper presentation: 30%
• Paper reviews (3): 20%
• Class Project: 30%
• Class participation: 20%

Note that the class will be (and is required to be) graded pass/fail. To receive pass, you need to score 70% or more.

Resources

Google Scholar

ACM's Computing Research Repository

IEEE Symposium on Security and Privacy

ACM CCS

USENIX Security

NDSS

ACM SIGCOMM