COMP 790 - 185 - Reading List

Instructor: Andrew Kwong
Contact: andrew@cs.unc.edu
Class Meetings: Tue/Thurs 12:30-1:45PM, SN115
Office Hours By Appointment, in FB340
Syllabus

The goal of this course is to give students a broad overview of research topics in the field of computer security. This involves reading and discussing both foundational and recent papers, and conducting a course research project.

Course Structure

Grades will be based upon the following:

Class Participation (20%)

Students are expected to contribute to class discussions following paper presentations. Students should be able to ask insightful questions and demonstrate that they have read and understand the assigned readings.

Paper Presentations (20%)

Students will give conference style talks on assigned papers. They will prepare slides and a 15 minute presentation on the papers.

Paper Reviews (20%)

Students will submit mini-reviews on assigned papers to Canvas.

Course Project (40%)

Students will conduct original research on a topic related to computer security over the course of the semester. Students will propose a project part-way through the class, and will submit a final report (6-12 pages) by the end of the course. Students will also give a conference style talk on their results during the final week of class. Working in groups is allowed, but a more substantial product is expected when working as a group.

Reading List

Welcome

Tuesday, August 19 — Welcome/Course Overview

Thursday, August 21 — Instructor Presents

Binary Exploitation

Tuesday, August 26 — Stack Smashing

Smashing The Stack For Fun And Profit. Aleph One. Phrack 49(14), Nov. 1996.
StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. USENIX Security 1998.

Thursday, August 28 — Advanced Pwning

The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). CCS 2007
Hacking Blind. Oakland 2014

Side-Channels

Tuesday, September 2

Timing Analysis of Keystrokes and Timing Attacks on SSH. USENIX Security 2001.
FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack. USENIX Security 2014.

Thursday, September 4

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds. Ristenpart Tromer, Shacham, and Savage. CCS 2009.
Spectre attacks: Exploiting Speculative Execution. Oakland 2019.

Cyber-Physical Systems

Tuesday, September 9

Experimental Security Analysis of a Modern Automobile. Oakland 2010.
Comprehensive Experimental Analyses of Automotive Attack Surfaces. USENIX Security 2011.

Thursday, September 11

Security Analysis of a Full-Body Scanner . USENIX Security 2014.
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. Oakland 2008.

Web Security

Tuesday, September 16

Native Client: A Sandbox for Portable, Untrusted x86 Native Code. Oakland 2009.
Retrofitting Fine Grain Isolation in the Firefox Renderer. USENIX Security 2020.

Thursday, September 18

No Class-traveling

Memory Security+AI Security

Tuesday, September 23

Exploiting the DRAM rowhammer bug to gain kernel privileges. Google blog post, 2015.
SMASH: Synchronized Many-sided Rowhammer Attacks from JavaScript. Usenix Security 2021.

Thursday, September 25 — ML Sec

Extracting Training Data from Large Language Models. USENIX Security 2021.
Don't Listen To Me: Understanding and Exploring Jailbreak Prompts of Large Language Models. USENIX Security 2024.

Course Project Proposal Presentations

Tuesday, September 30 — Proposal Presentations

Thursday, October 2 — Proposal Presentations Continued

Nation State Attacks

Tuesday, October 7

No Class-well being day

Thursday, October 9

Adverserial Machine Learning

Tuesday, October 14

Robust Physical-World Attacks on Deep Learning Visual Classification. CVPR 2018
Towards Evaluating the Robustness of Neural Networks. Oakland 2017.

Thursday, October 16

-No Class-Fall Break.

Botnets/Spam

Tuesday, October 21 — Botnets

Your Botnet is My Botnet: Analysis of a Botnet Takeover. CCS 2009.
Understanding the Mirai Botnet. USENIX Security 2017.

Thursday, October 23 — Spam

Detecting and Characterizing LAteral Phishing at Scale. USENIX Security 2019.
Spamalytics: An Empirical Analysis of Spam Marketing Conversion. CCS 2008.

Crypto Fails/Privacy

Tuesday, October 28 — Real World Cryptography

Thursday, October 30 — Privacy

BlindBox: Deep Packet Inspection over Encrypted Traffic. SIGCOMM 2015.
Zerocash: Decentralized Anonymous Payments from Bitcoin. Oakland 2014.

Human Factors

Tuesday, November 4 — Usability

Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0.. USENIX Security 1999
Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness. USENIX Security 2013.

Thursday, November 6 — Passwords

Tracking

Tuesday, November 11 — Anonymous Browsing

Tor: The Second-Generation Onion Router. USENIX Security 2004.

How Unique Is Your Web Browser?. PETS 2010

Thursday, November 13 — Web/Device Tracking

Network/Election Security

Tuesday, November 18 — Disturbance Effects/Forensics

BadRAM: Practical Memory Aliasing Attacks on Trusted Execution Environments. Oakland 2025
Lest We Remember: Cold Boot Attacks on Encryption Keys. USENIX Security 2008.

Thursday, November 20

The Antrim County 2020 Election Incident: An Independent Forensic Investigation. USENIX Security 2022.
“Why wouldn’t someone think of democracy as a target?”: Security practices & challenges of people involved with U.S. political campaigns. USENIX Security 2021.

Research Topics in Computer Security

COMP 790 – 185 – Fall 2025