CSE 610

Special Topic: Security in Emerging Cyber Physical Systems

Spring 2022

General Information


Dr. Hongxin Hu
E-mail: hongxinh@buffalo.edu
Homepage: https://cse.buffalo.edu/~hongxinh/

Dr. Chunming Qiao
E-mail: qiao@buffalo.edu
Homepage: https://cse.buffalo.edu/~qiao/

Office Hours: By Appointment
Time: Tuesday & Thursday 12:00PM - 1:20PM
Location: Davis 113A


A cyber physical system (CPS) typically includes a cyber subsystem with both hardware and software for sensing, computing, communications/networking, and control, and a physical subsystem used at home, and in the industries for manufacturing, medical, transportation, energy, environment, and others. Examples of CPS include but are not limited to smart appliances, smart grids, robots, and autonomous vehicles. A CPS is considered emerging if it recently started getting deployed in the real-world or is deemed promising for wide-scale deployment in the near future. The security issues surrounding such emerging systems, however, may prevent end-users from utilizing their full potential, or, even worse, may rule out the chances of their deployment in the future. Currently, these emerging systems are built based on technologies ranging from Internet of Things (IoT) and deep-learning systems to edge and 5G/Next-G systems. In this seminar course, we will discuss some of the latest work in the area of securing emerging CPS, including emerging network technologies and security (NFV, SDN, Edge, 5G/Next-G, etc.), IoT security and privacy (smart home, connected and autonomous vehicles, voice assistant platforms - Amazon Alexa and Google Assistant, etc.), and machine learning for security and privacy (adversarial attacks and defenses on deep learning, backdoor attacks and defenses on deep learning, etc.).

The main goal of the special topic course is to help students understand the state of the art in a variety of security topics in emerging CPS. As a secondary goal, students will learn how to read research papers and how to communicate technical material effectively.

The special topic course is suitable for students who have a strong interest in network and system security and intent to pursue a career in the area, e.g., Ph.D. students already working in cybersecurity or MS students interested in pursuing a Ph.D. or doing research in the field (in the form of independent studies and/or MS Thesis). One of the goals of this seminar is to identify, by the end of the semester, a set of open research problems on which students can work during the next semester, e.g., in the form of independent studies.

Tentative Schedule

Date Topic Notes
Tuesday, 2/1, 2022 Lecture 1 – Introduction  
Thursday, 2/3, 2022 Lecture 2 – Class Overview  
Tuesday, 2/8, 2022 Lecture 3 – Network Security
Thursday, 2/10, 2022 Lecture 4 – DNS Security
Tuesday, 2/15, 2022 Lecture 5 – Perimeter Defense & Firewall  
Thursday, 2/17, 2022 Lecture 6 – Intrusion Detection Systems Survey paper 1 due: Software-Defined Networking Security
Tuesday, 2/22, 2022 Advanced Topic 1 - SDN/NFV Secuirty 1
Thursday, 2/24, 2022 Advanced Topic 1 - SDN/NFV Secuirty 2
Tuesday, 3/1, 2022 Advanced Topic 2 - CPS and Secuirty 1  
Thursday, 3/3, 2022 Advanced Topic 2 - CPS and Secuirty 2
Tuesday, 3/8, 2022 Invited Talk 1: DEEPSECURE Dr. Chunsheng Xin
Thursday, 3/10, 2022 Advanced Topic 3 - IoT Security 1 Review 1 due
Tuesday, 3/15, 2022 Invited Talk 2: Robustness of Multimodal Learning Nishant Vishwamitra
Thursday, 3/17, 2022 Advanced Topic 3 - IoT Security 2 Survey paper 2 due: Autonomous Vehicle Security
Tuesday, 3/22, 2022 Spring Recess
Thursday, 3/24, 20220 Spring Recess
Tuesday, 3/29, 2022 Proposal Presentation Proposal Due
Thursday, 3/31, 2022 Advanced Topic 4 - Mobile Platform Secuirty 1
Tuesday, 4/5, 2022 Advanced Topic 4 - Mobile Platform Secuirty 1
Thursday, 4/7, 2022 Invited Talk 3: Lidar/Radar Spoofing Attack and Defense Yi Zhu
Review 2 due
Tuesday, 4/12, 2022 Invited Talk 4: DL Security and Privacy Dr. Hongyi Wu
Thursday, 4/14, 2022 Paper presnetation 1: IoTSafe: Enforcing Safety and Security Policy with Real IoT Physical Interaction Discovery” (NDSS'22)
Paper presnetation 2: Understanding Malicious Cross-library Data Harvesting on Android” (USENIX Security'21)
Wenbo Ding
Shreyas Kavathekar
Tuesday, 4/19, 2022 Paper presnetation 3: Programmable In-Network Security for Context-aware BYOD Policies” (USENIX Security'20)
Paper presnetation 4:IMap: Fast and Scalable In-Network Scanning with Programmable Switches” (NSDI'22)
Qiqing Huang
Varun Sudarshan
Survey paper 3 due: Smart Home Security
Thursday, 4/21, 2022 Midterm Project Presentation
Tuesday, 4/26, 2022 Paper presnetation 5: Physically Realizable Adversarial Examples for LiDAR Object Detection” (CVPR'20)
Paper presnetation 6: BRAKTOOTH: Causing Havoc on Bluetooth Link Manager
Ashwin Vinay Phadke
Peteris Paikens
Thursday, 4/28, 2022 Paper presnetation 7: Hidden Backdoors in Human-Centric language Models” (CCS'21)
Paper presnetation 8:Simple Black-box Adversarial Attacks ” (ICML '19)
Keyan Guo
Yunnan Yu
Tuesday, 5/3, 2022 Paper presnetation 9: Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection” (NDSS’18)
Paper presnetation 10: Unexpected Data Dependency Creation and Chaining: A New Attack to SDN” (S&P'20)
Jacob Springborn
Rugved Jaysing Thorve
Review 3 due
Thursday, 5/5, 2022 Paper presnetation 11: PDF Malware Detection Using Visualization and Machine Learning
Paper presnetation 12: On training Robust PDF Malware Classifiers” (USENIX Security'20)
Yeshi Paljor
Malav Vyas
Tuesday, 5/10, 2022 Final Project Presentation 1 Wenbo Ding
Keyan Guo
Qiqing Huang
Shreyas Kavathekar
Peteris Paikens
Yeshi Paljor
Thursday, 5/12, 2022 Final Project Presentation 2 Ashwin Vinay Phadke
Jacob Springborn
Varun Sudarshan
Rugved Jaysing Thorve
Malav Vyas
Yunnan Yu
Tuesday, 5/17, 2022 No Class Final project report due

Course Structure and Assignments

We will present materials during the first a couple of classes, followed by several invited talks. Students then present selected papers during the remaining classes. A list of papers from top security and networking conferences (IEEE S&P - Oakland, USENIX Security, ACM CCS, NDSS, SIGCOMM, NSDI, etc.) will be provided for each topic. One of the papers for each topic will be listed as mandatory paper and the remaining ones as related papers. All students are encouraged to read the mandatory papers, submit reviews for a subset of them, and participate in discussions in class.

The course includes the following assignments:

Please prepare your survey papers, proposal, final report using the following IEEE article template: https://www.ieee.org/conferences/publishing/templates.html

Class Project

The project in this course has two goals. The first goal is to help you learn more about doing research in general. The second goal is to give you the opportunity to study particular areas of CPS Security in greater detail. Therefore, you are expected to perform a substantial research project; this involves selecting an open problem, reading the related work, designing, implementing, and evaluating a solution, and presenting your results.

For your project, you need to read research paper(s) to identify a real security problem, understand the solution proposed by existing research paper(s), and provide a concrete implementation and extensive evaluation for the proposed solution. There will be three deliverables for this project which will count toward your final project grade: a project proposal (30%), class presentations (30%), and a final report (40%). You are encouraged to schedule periodic project status meetings with the instructors.

Grading Scheme


All work are submitted electronically and due at 11:59 PM on the due date. Late policy is as follows:

Academic Integrity

Zero tolerance on cheating!

Accessibility Resources

If you have a diagnosed disability (physical, learning, or psychological) that will make it difficult for you to carry out the course work as outlined, or that requires accommodations such as recruiting note-takers, readers, or extended time on exams or assignments, please advise the instructor during the first two weeks of the course so that we may review possible arrangements for reasonable accommodations. In addition, if you have not yet done so, contact: The Office of Accessibility Resources


Google Scholar

ACM's Computing Research Repository

IEEE Symposium on Security and Privacy


USENIX Security