Go to Current Semester

CS 7936 — Computer Security & Privacy Seminar, Fall 2018

Wednesdays, 12:00–1:00 PM, MEB 3485/3490 (NE / Flux Conference Room)

Navigation Links: Schedule | Overview | Credit | Tips on Reading Papers | How to Access Papers

Past offerings: Spring 2018 | Fall 2017 | Summer 2017 (Unofficial) | Fall 2016 | Spring 2016 | Fall 2015 | Spring 2015

Date Presenter Topic
James Mickens' USENIX Security 2018 Keynote: Q: Why Do Keynote Speakers Keep Suggesting That Improving Security Is Possible? A: Because Keynote Speakers Make Bad Life Decisions and Are Poor Role Models
More info For fun (and possibly education), in the last security seminar of the semester we will watch the USENIX Security 2018 keynote talk.

Some people enter the technology industry to build newer, more exciting kinds of technology as quickly as possible. My keynote will savage these people and will burn important professional bridges, likely forcing me to join a monastery or another penance-focused organization. In my keynote, I will explain why the proliferation of ubiquitous technology is good in the same sense that ubiquitous Venus weather would be good, i.e., not good at all. Using case studies involving machine learning and other hastily-executed figments of Silicon Valley’s imagination, I will explain why computer security (and larger notions of ethical computing) are difficult to achieve if developers insist on literally not questioning anything that they do since even brief introspection would reduce the frequency of git commits. At some point, my microphone will be cut off, possibly by hotel management, but possibly by myself, because microphones are technology and we need to reclaim the stark purity that emerges from amplifying our voices using rams’ horns and sheets of papyrus rolled into cone shapes. I will explain why papyrus cones are not vulnerable to buffer overflow attacks, and then I will conclude by observing that my new start-up is looking for talented full-stack developers who are comfortable executing computational tasks on an abacus or several nearby sticks.
11/28 Aarushi Sarbhai
Would a Privacy Fundamentalist Sell Their DNA for $1000...If Nothing Bad Happened as a Result? The Westin Categories, Behavioral Intentions, and Consequences
More info Westin’s Privacy Segmentation Index has been widely used to measure privacy attitudes and categorize individuals into three privacy groups: fundamentalists, pragmatists, and unconcerned. Previous research has failed to establish a robust correlation between the Westin categories and actual or intended behaviors. Unexplored however is the connection between the Westin categories and individuals’ responses to the consequences of privacy behaviors. We use a survey of 884 Amazon Mechanical Turk participants to investigate the relationship between the Westin Privacy Segmentation Index and attitudes and behavioral intentions for both privacy sensitive scenarios and privacy-sensitive consequences. Our results indicate a lack of correlation between the Westin categories and behavioral intent, as well as a lack of correlation between the Westin categories and consequences. We discuss potential implications of this attitude-consequence gap.
11/21 Russell Kennington
Discovering Smart Home Internet of Things Privacy Norms Using Contextual Integrity
More info The proliferation of Internet of Things (IoT) devices for consumer "smart" homes raises concerns about user privacy. We present a survey method based on the Contextual Integrity (CI) privacy framework that can quickly and efficiently discover privacy norms at scale. We apply the method to discover privacy norms in the smart home context, surveying 1,731 American adults on Amazon Mechanical Turk. For $2,800 and in less than six hours, we measured the acceptability of 3,840 information flows representing a combinatorial space of smart home devices sending consumer information to first and third-party recipients under various conditions. Our results provide actionable recommendations for IoT device manufacturers, including design best practices and instructions for adopting our method for further research.
RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response (Erlingsson et al)
More info NOTE:

The seminar will begin with a short presentation on what topics are covered in Dwork's survey paper (

Following that will be a discussion of RAPPOR.

Randomized Aggregatable Privacy-Preserving Ordinal Response,
or RAPPOR, is a technology for crowdsourcing statistics
from end-user client software, anonymously, with strong
privacy guarantees. In short, RAPPORs allow the forest of
client data to be studied, without permitting the possibility
of looking at individual trees. By applying randomized
response in a novel manner, RAPPOR provides the mechanisms
for such collection as well as for efficient, high-utility
analysis of the collected data. In particular, RAPPOR permits
statistics to be collected on the population of client-side
strings with strong privacy guarantees for each client, and
without linkability of their reports.
This paper describes and motivates RAPPOR, details its
differential-privacy and utility guarantees, discusses its practical
deployment and properties in the face of different attack
models, and, finally, gives results of its application to both
synthetic and real-world data.
Differential Privacy: A Primer for a Non-technical Audience (Nissim et al)
More info Abstract:
This document is a primer on differential privacy, which is a formal mathematical framework for guaranteeing privacy protection when analyzing or releasing statistical data. Recently emerging from the theoretical computer science literature, differential privacy is now in initial stages of implementation and use in various academic, industry, and government settings. Using intuitive illustrations and limited mathematical formalism, this document provides an introduction to differential privacy for non-technical practitioners, who are increasingly tasked with making decisions with respect to differential privacy as it grows more widespread in use. In particular, the examples in this document illustrate ways in which social scientists can conceptualize the guarantees provided by differential privacy with respect to the decisions they make when managing personal data about research subjects and informing them about the privacy protection they will be afforded.
10/31 Kent Seamons, BYU
Kent Seamons, BYU: Making TLS Applications Easy to Implement
More info Abstract: Recent studies demonstrate that TLS applications are error-prone, leaving systems vulnerable to attack. In this talk, I will present the new Secure Socket API (SSA) that moves TLS into the operating system and provides a simple API extension to the familiar POSIX Socket API. The result is that programmers can avoid thousands of lines of complicated TLS library code as they develop applications that communicate securely. This research was awarded the Internet Defense Prize First Runner-up Award at the recent USENIX Security Symposium.

Bio: Dr. Kent Seamons is the Director of the Internet Security Research Lab in the Computer Science Department at BYU. His research interests are in usable security, privacy, authentication, end-to-end encryption, identity management, and trust management. He has published over 80 peer-reviewed papers with 5,200+ citations. Dr. Seamons has been awarded over $6 million in funding from NSF, DHS, DARPA, and industry. He is also a co-inventor on four patents in the areas of automated trust negotiation, single sign-on, and security overlays.
10/24 Chad Brubaker (Android Platform Hardening)
Overview of Projects and General Q&A
More info (This is an old blurb, but gives an idea of Chad's work)

Why should I talk to Chad / what should I talk about with Chad?

A. He works in the Android Security group at Google, concentrating on
hardening the OS.

B. nogotofail - a tool that lets you test your network traffic for
TLS/SSL vulnerabilities and misconfigurations via client and/or a VPN

C. "there is also the Android Network Security Config I made for Android N (, its the tock to the tick-tock of the "find and understand issues"/"kill root cause of issues" that nogotofail started and allows for developers to do all the customization that we saw people trying to do but in a way that's hard to get wrong and safe."

D. Using Frankencerts for Automated Adversarial Testing of Certificate
Validation in SSL/TLS Implementations

Modern network security rests on the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols. Distributed systems, mobile
and desktop applications, embedded devices, and all of secure Web rely
on SSL/TLS for protection against network attacks. This protection
critically depends on whether SSL/TLS clients correctly validate X.509
certificates presented by servers during the SSL/TLS handshake
protocol. We design, implement, and apply the first methodology for
large-scale testing of certificate validation logic in SSL/TLS
implementations. Our first ingredient is "frankencerts," synthetic
certificates that are randomly mutated from parts of real certificates
and thus include unusual combinations of extensions and constraints.
Our second ingredient is differential testing: if one SSL/TLS
implementation accepts a certificate while another rejects the same
certificate, we use the discrepancy as an oracle for finding flaws in
individual implementations. Differential testing with frankencerts
uncovered 208 discrepancies between popular SSL/TLS implementations
such as OpenSSL, NSS, CyaSSL, GnuTLS, PolarSSL, MatrixSSL, etc. Many
of them are caused by serious security vulnerabilities. For example,
any server with a valid X.509 version1 certificate can act as a rogue
certificate authority and issue fake certificates for any domain,
enabling man-in-the-middle attacks against MatrixSSL and GnuTLS.
Several implementations also accept certificate authorities created by
unauthorized issuers, as well as certificates not intended for server
authentication. We also found serious vulnerabilities in how users are
warned about certificate validation errors. When presented with an
expired, self-signed certificate, NSS, Safari, and Chrome (on Linux)
report that the certificate has expired - a low-risk, often ignored
error - but not that the connection is insecure against a
man-in-the-middle attack. These results demonstrate that automated
adversarial testing with frankencerts is a powerful methodology for
discovering security flaws in SSL/TLS implementations.
10/17 Michael McConville
OnionDNS: a seizure-resistant top-level domain
More info Abstract:
The Domain Name System (DNS) provides the critical service of mapping canonical names to IP addresses. Recognizing this, a number of parties have increasingly attempted to perform “domain seizures” on targets by having them delisted from DNS. Such operations often occur without providing due process to the owners of these domains, a practice made potentially worse by recent legislative proposals. We address this problem by creating OnionDNS, an anonymous top-level domain and resolution service for the Internet. Our solution relies on the establishment of a hidden service running DNS within Tor and uses a variety of mechanisms to ensure a high-performance architecture with strong integrity guarantees for resolved records. We then present our anonymous domain registrar and detail the protocol for securely transferring the service to another party. Finally, we also conduct both performance and legal analyses to further demonstrate the robustness of this approach. In so doing, we show that the delisting of domains from DNS can be mitigated in an efficient and secure manner.
Watch USENIX Security Invited Talk Video: Privacy for Tigers (Ross Anderson)
More info Abstract:
(Joint work with Tanya Berger-Wolf)

As mobile phone masts went up across the world’s jungles, savannas and mountains, so did poaching. Wildlife crime syndicates can not only coordinate better but can mine growing public data sets, often of geotagged images. Privacy matters for tigers, for snow leopards, for elephants and rhinos – and even for tortoises and sharks. Animal data protection laws, where they exist at all, are oblivious to these new threats, and no-one seems to have started to think about information security policy. The issues sprawl across many of the technical and policy areas of classical security and privacy. Our work is targeted at wildlife aggregation sites that enable conservationists, scientists, and citizens to upload large numbers of images and other observations, which are then analysed to discover facts about endangered species. In this talk we first set out the threat model, describing the modern wildlife crime environment. We then present a security policy framework we are evolving for the aggregation site Wildbook and others like it. At least two emerging issues may be of wider interest. The first is context: we have a small number of roles, but a large number of quite complex contexts which determine access decisions. So we describe a new kind of context-aware role-based access control, with the context based on the data rather than the system state; it has some interesting parallels with the more traditional access control models used to manage insider threats in government, corporations and healthcare. The second is situational awareness. We want to use logs not just to investigate crimes after the fact, but to forestall them. But in a sprawling heterogeneous system, how do we engineer incentives for vigilance?

Ross Anderson is Professor of Security Engineering at Cambridge University, and leads the Cambridge Cybercrime Centre. He was a pioneer of security economics, peer-to-peer systems, hardware tamper-resistance and API security, and was one of the inventors of the AES finalist encryption algorithm Serpent. He has contributed to industrial standards from prepayment metering to powerline communications, and wrote the textbook Security Engineering—A Guide to Building Dependable Distributed Systems.
9/12 Russell Kennington
"I've Got Nothing to Lose": Consumers' Risk Perceptions and Protective Actions after the Equifax Data Breach (Zou et al)
More info Abstract:

Equifax, one of the three major U.S. credit bureaus, experienced a large-scale data breach in 2017. We investigated consumers' mental models of credit bureaus, how they perceive risks from this data breach, whether they took protective measures, and their reasons for inaction through 24 semi-structured interviews. We find that participants' mental models of credit bureaus are incomplete and partially inaccurate. Although many participants were aware of and concerned about the Equifax breach, few knew whether they were affected, and even fewer took protective measures after the breach. We find that this behavior is not primarily influenced by accuracy of mental models or risk awareness, but rather by costs associated with protective measures, optimism bias in estimating one's likelihood of victimization, sources of advice, and a general tendency towards delaying action until harm has occurred. We discuss legal, technical and educational implications and directions towards better protecting consumers in the credit reporting system.
9/5 Aarushi Sarbhai
Do You Feel What I Hear? Enabling Autonomous IoT Device Pairing Using Different Sensor Types (Han et al)
More info Abstract:

Context-based pairing solutions increase the usability of IoT device pairing by eliminating any human involvement in the pairing process. This is possible by utilizing on-board sensors (with same sensing modalities) to capture a common physical context (e.g., ambient sound via each device's microphone). However, in a smart home scenario, it is impractical to assume that all devices will share a common sensing modality. For example, a motion detector is only equipped with an infrared sensor while Amazon Echo only has microphones. In this paper, we develop a new context-based pairing mechanism called Perceptio that uses time as the common factor across differing sensor types. By focusing on the event timing, rather than the specific event sensor data, Perceptio creates event fingerprints that can be matched across a variety of IoT devices. We propose Perceptio based on the idea that devices co-located within a physically secure boundary (e.g., single family house) can observe more events in common over time, as opposed to devices outside. Devices make use of the observed contextual information to provide entropy for Perceptio's pairing protocol. We design and implement Perceptio, and evaluate its effectiveness as an autonomous secure pairing solution. Our implementation demonstrates the ability to sufficiently distinguish between legitimate devices (placed within the boundary) and attacker devices (placed outside) by imposing a threshold on fingerprint similarity. Perceptio demonstrates an average fingerprint similarity of 94.9% between legitimate devices while even a hypothetical impossibly well-performing attacker yields only 68.9% between itself and a valid device.
Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies (Franken et al)
More info Abstract:
Distinguished Paper Award Winner and winner of the 2018 Internet Defense Prize

Nowadays, cookies are the most prominent mechanism to identify and authenticate users on the Internet. Although protected by the Same Origin Policy, popular browsers include cookies in all requests, even when these are cross-site. Unfortunately, these third-party cookies enable both cross-site attacks and third-party tracking. As a response to these nefarious consequences, various countermeasures have been developed in the form of browser extensions or even protection mechanisms that are built directly into the browser.

In this paper, we evaluate the effectiveness of these defense mechanisms by leveraging a framework that automatically evaluates the enforcement of the policies imposed to third-party requests. By applying our framework, which generates a comprehensive set of test cases covering various web mechanisms, we identify several flaws in the policy implementations of the 7 browsers and 46 browser extensions that were evaluated. We find that even built-in protection mechanisms can be circumvented by multiple novel techniques we discover. Based on these results, we argue that our proposed framework is a much-needed tool to detect bypasses and evaluate solutions to the exposed leaks. Finally, we analyze the origin of the identified bypass techniques, and find that these are due to a variety of implementation, configuration and design flaws.


The Fall 2018 offering of CS 7936 will focus on reading and discussing recent papers in security and privacy research from conferences such as:

Class announcements are sent out on You can subscribe at


Students may enroll for one (1) credit. Although the University lists the course as “variable credit,” the two- and three-credit options are not currently available.

Students enrolled in the seminar are expected to read the papers prior to the seminar. Additionally, students are expected to sign up to lead the discussion on one or more seminar meeting. Leading the disucssion means:

  1. Choosing the paper and sending it to by 6PM Sunday before the seminar meeting;
  2. Preparing a 7-10 minute summary of the paper and its pertinent points;
  3. Familiarizing yourself enough with the paper to be able to answer questions that may come up;
  4. Preparing potential discussion points if the discussion needs prompting.

Tips on Reading Papers

Some tips that might help on reading, understanding, and analyzing papers:

How to Access Papers

Some papers are free to access, while others are behind paywalls. The university has a paid subscription to most of the libraries where those papers can be found. There are several ways to access those papers: