COS-597G: Surveillance and Countermeasures (Fall 2013)

Course description.  This course surveys research on surveillance technologies and technical countermeasures. Readings come mostly from the computer science research literature, with some legal and policy readings to establish context. Course work will include reading and discussion, a few short writing assignments, and a substantial student-chosen course project. The course is designed for students with a solid grounding in computer science. Students unsure of their suitability of the course should contact the instructor.

Instructor.  Edward W. Felten

PUBLIC VERSION:  Members of the public who want to participate are invited to join the public online quasi-course.

Meetings.  Class meets on Mondays and Wednesdays, 3:00-4:20 pm, in Sherrerd 306.

Online forum.  For general questions and discussion please use the course's Piazza group.

Grading.  Class participation and writing (50%), course project (50%).

Schedule.  The schedule and readings are subject to change.

Date Topic Readings
Wed 09/11 Course Overview
Mon 09/16 Tradecraft Spycraft. Robert Wallace, H. Keith Melton, and Henry R. Schlesinger. Penguin Books, 2008. Chapters 23-25.

Understanding the Form, Function, and Logic of Clandestine Insurgent and Terrorist Networks. Derek Jones. Joint Special Operations University Report 12-3, U.S. Special Operations Command, 2012. Chapter 3.
Wed 09/18 History Report to the President by the Commission on CIA Activities Within the United States. July 1975. Chapter 9.

9/11 Commission Report. National Commission on Terrorist Attacks upon the United States. Chapters 3, 11.3, 11.4, 13.
Mon 09/23 Law Search and Seizure: Past, Present, and Future. Orin Kerr. In Oxford Encyclopedia of Legal History. Oxford University Press, 2006.

The System of Foreign Intelligence Surveillance Law. Peter P. Swire. George Washington Law Review vol. 72, 2004.
Wed 09/25 Secure Email Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0. Alma Whitten and J.D. Tygar. USENIX Security 1999.

Secrecy, Flagging, and Paranoia: Adoption Criteria in Encrypted Email. Shirley Gaw, Edward W. Felten, and Patricia Fernandez-Kelly. ACM Conference on Computer-Human Interaction, 2006.

The Design, Implementation and Operation of an Email Pseudonym Server. David Mazieres and M. Frans Kaashoek. ACM Conference on Computer and Communications Security, 1998.
Mon 09/30 Tor Tor: The Second-Generation Onion Router. Roger Dingledine, Nick Matthewson, and Paul Syverson. USENIX Security Symposium, 2004.

Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries. Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr, and Paul Syverson. ACM Conference on Computer and Communications Security, 2013.
Wed 10/02 Traffic Analysis Chimera: A Declarative Language for Streaming Network Traffic Analysis. Kevin Borders, Jonathan Springer, and Matthew Burnside. USENIX Security Symposium, 2012.

The Parrot Is Dead: Observing Unobservable Network Communications. Amir Houmansadr, Chad Brubaker, and Vitaly Shmatikov. IEEE Symposium on Security and Privacy, 2013.
Mon 10/07 Steganography Hide and Seek: An Introduction to Steganography. Niels Provos and Peter Honeyman. IEEE Security and Privacy 1(3):32-44.

Information Hiding: A Survey. Fabien A.P. Petitcolas, Ross J. Anderson, and Markus J. Kuhn. Proceedings of the IEEE 87(7):1062-78.
Mon 10/09 Covert Channels A Survey of Covert Channels and Countermeasures in Computer Network Protocols. Sebastian Zanber and Grenville Armitage. IEEE Communication Surveys 9(3):44-57, 2007.
Mon 10/14 Guest speaker
Wed 10/16 Off-The-Record (OTR) Chat Off-the-Record Communication, or, Why Not to Use PGP. Nikita Borisov, Ian Goldberg, and Eric Brewer. Workshop on Privacy in the Electronic Society, 2004.
Mon 10/21 Guest speaker
Wed 10/23 TLS and Certificate Authorities SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements. Jeremy Clark and Paul C. van Oorschot. IEEE Symposium on Security and Privacy, 2013.

The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software. Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, and Vitaly Shmatikov. Conference on Computer and Communications Security, 2012.

Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL. Christopher Soghoian and Sid Stamm.
Mon 11/04 Emissions Security
TEMPEST: A Signal Problem. National Security Agency. Cryptologic Spectrum 2(3). Summer 1972. Partially declassified 2007.

Emissions Security. Chapter 17 in Security Engineering (2nd edition). Ross Anderson. John Wiley and Sons. 2004.
Wed 11/06 Device Fingerprinting
Remote Physical Device Fingerprinting. Tadayoshi Kohno, Andre Broido, and K.C. Claffy. IEEE Symposium on Security and Privacy, 2005.

Touching from a Distance: Website Fingerprinting Attacks and Defenses. Xiang Cai, Xin Cheng Zhang, Brijesh Joshi, and Rob Johnson. ACM Conference on Computer and Communications Security, 2012.
Mon 11/11 Course Project Planning
Wed 11/13 State-Sponsored Malware W32.Stuxnet Dossier. Nicolas Falliere, Liam O Murchu, and Eric Chien. Symantec Security Response Report, 2011.

APT1: Exposing One of China's Cyber Espionage Units. Mandiant technical report. 2013.
Mon 11/18 Side-Channel Attacks Remote Timing Attacks are Practical. David Brumley and Dan Boneh. USENIX Security Symposium 2003.

On the Importance of Eliminating Errors in Cryptographic Computations. Dan Boneh, Richard A. DeMillo, and Richard J. Lipton. J. Cryptology 14(2), 2001.
Wed 11/20 NO CLASS
Mon 11/25p Weak Keys Mining Your Ps and Qs: Widespread Weak Keys in Network Devices. Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. USENIX Security Symposium, 2012.

Factoring RSA keys from certified smart cards: Coppersmith in the wild. Daniel J. Bernstein, Yun-An Chang, Chen-Mou Cheng, Li-Ping Chou, Nadia Heninger, Tanja Lange, and Nicko van Someren. To appear, ASIACRYPT 2013.
Mon 12/02 More Attacks
Spot me if you can: Uncovering spoken phrases in encrypted VoIP conversations. Charles V. Wright, Lucas Ballard, Scott E. Coull, Fabian Monrose, and Gerald M. Masson. IEEE Symposium on Security and Privacy, 2008.

Lest We Remember: Cold Boot Attacks on Encryption Keys. J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten. USENIX Security Symposium, 2008.
Wed 12/04 Guest: Roger Dingledine (Tor Project)
Mon 12/09 Commercial Data Collection Third-Party Web Tracking: Policy and Technology. Jonathan R. Mayer and John C. Mitchell. IEEE Symposium on Security and Privacy, 2013.

Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting. Nick Nikiforakis, Alexandros Kapravelos, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna. IEEE Symposium on Security and Privacy, 2013.
Wed 12/11 Course Project Discussion
Tue 01/14 Final project report due, 5:00pm