Schedule

September 8: How does the Internet work?

Agenda:

• What happens when I visit "Google.com"?

• How to capture and analyze packets with Wireshark and Pandas

• Overview of protocols: IP, DHCP, ARP, DNS, TCP/UDP, HTTP, TLS

Readings:

• Google’s Networking Class on Coursera. You can audit the class for free.

  • Watch all videos under “Week 1”, “Week 2”, “Week 3”, and “Week 4.

  • Optionally, watch all videos under “Week 5” and “Week 6”.

• Read the following chapters of the Computer Networks Textbook (5th Edition) by Larry Peterson et al.

  • Chapter 2.6 - Ethernet

  • Chapter 3 - Inter-networking

  • Chapter 4 - Internet routing

  • Chapter 5.1 and 5.2 - UDP and TCP

  • Chapter 9.1.2 - HTTP

  • Chapter 9.3.1 - DNS

• Optionally, check out the following YouTube videos from Princeton’s Networking Class

  • Videos 26-32: IP

  • Videos 33-34: Routing, autonomous systems

  • Videos 85-89: DNS

  • Videos 146-151: HTTP

  • Videos 154-159: CDNs

[Recording] [Pcaps] [Slides] [Answers to the in-class ungraded quiz]

September 22: Access to the local network

Agenda:

• Scanning with nmap

• ARP spoofing

  • Why does Bob flip back to the correct ARP table?

  • Does Bob know Alice is doing ARP spoofing?

  • Can Bob protect himself? DoH? VPN?

• DHCP starvation

• NAT

Readings:

• https://www.kali.org/tools/nmap/

• https://www.cbtnuggets.com/blog/technology/networking/what-is-a-dhcp-starvation-attack

• https://github.com/nyu-mlab/L2TP-only-VPN

[Recording]

October 6: Cryptography

Agenda:

• Lab 1 review

• Guest lecture by Vijay Prakash

• CIA

• Historical cryptography & Kerckhoffs's principle of cryptography

• Cryptographic setting

• Modern cryptographic algorithms

• Block cipher & Stream cipher

• Symmetric and Asymmetric algorithms

• DES

• Diffie-Hellman

• RSA

• Digital signature

• Hashes

• Hash chaining

• MAC

Readings:

• https://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c05.pdf

• Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices

• Fun comic: http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html

• The Code Book, by Simon Singh

[Recording] [Slides]

October 20: TLS + PKI + Authentication

Agenda:

• HTTPS: A primer on web security

• PKI

• Let's Encrypt, Certificate Transparency

• Man-in-the-middling TLS connection

Readings:

• PKI

  • How LetsEncrypt works: https://letsencrypt.org/how-it-works/

  • Introduction to PKI and TLS: https://www.youtube.com/watch?v=fuK-OAyfET4

  • PKI: https://blog.cloudflare.com/how-to-build-your-own-public-key-infrastructure/

  • Certificate transparency: https://blog.cloudflare.com/introducing-certificate-transparency-and-nimbus/

[Slides] [Mentimeter] [Recording (NYU Sign-in Needed)]

November 3: IoT security and privacy

Agenda:

• Web privacy, continued

• Smart TV privacy

Readings:

• https://dl.acm.org/doi/10.1145/2660267.2660347

• https://hdanny.org/static/ccs-19.pdf

• https://www.esat.kuleuven.be/cosic/publications/article-2556.pdf

NYU Logins Required: [Zoom recording] [Slide 1] [Slide 2] [Mentimeter]

November 17: Tunnels

Agenda:

• Zero-trust

• OAuth

• Firewall + IPTables

• Tunnels (e.g., SSH, IPSec, WireGuard, TailScale)

Readings:

• TailScale:

  • How it works: https://tailscale.com/blog/how-tailscale-works/

  • CLI: https://tailscale.com/kb/1080/cli/

• Zero-trust:

  • https://tailscale.com/blog/2019-09-10-zero-trust/

  • https://tailscale.com/kb/1123/zero-trust/

• OAuth 2.0:

  • https://darutk.medium.com/the-simplest-guide-to-oauth-2-0-8c71bd9a15bb

  • https://darutk.medium.com/diagrams-and-movies-of-all-the-oauth-2-0-flows-194f3c3ade85

• IPTables and MITMproxy

  • https://docs.mitmproxy.org/stable/howto-transparent/

  • https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules

• Bitcoin: https://docs.google.com/presentation/d/1KZPybiI9x4CA-MmO_dsOCQXVDZ5VY5D-ReRnQpUglRU/edit#slide=id.g35e71de504_0_0

NYU sign-in needed: [Zoom recording] [Slides]

December 8: Project Presentation

This session will NOT be livestreamed.

All presentations will be in person. There will be six groups of presentations. Each group will give a ten-minute talk, followed by about five minutes of Q&A. We will spend about 100 minutes on the presentations. The remaining 50 minutes will be to wrap up the lecture on ransomware and other malware, and with concluding remarks.

Danny highly encourages everyone to attend in person and provide constructive feedback to individual groups. Extra credits will be awarded; please see this form.

Agenda:

• Project presentations:

  • Project 3: “Ask app not to track” Is that a fraud?

  • Project 7: Data collected by 3rd party apps from Google Fit

  • Project 11: What happens in the public captive portal

  • Project 13: How do universities in China handle email security?

  • Project 17: Code scanning for vulnerabilities using LSTMs

  • Project 19: Disclosing IoT device traffic data without compromising privacy

• Ransomware + Malware

• Ethics: censhorship and malware takedown

• Conclusion