Selected Topics in  Network Security/Privacy

Fall 2016

Instructor:        Claude Castelluccia (


Course Description

This course will introduce modern topics in network and data privacy. It will provide a thorough grounding in network privacy suitable for those interested in conducting research in this area, as well as students more broadly interested in real-world security. Topics will span (but not limited to):

Textbook (s): There is no required textbook. All reading will be from research papers in top security conferences and journals.


Paper presentation:     50%

Final exam:                  50%

Paper Survey presentation:

2-3 students/topic (please pick one topic).
Follow the links to the survey papers below. The objective is not only to present the paper, but also to present the related work on this topic (its a research project).
It is your duty to find other papers in the field to elaborate on the subject during your presentation. The presentation should last between 30 to 45 min.

  1. Secure messaging - Marcin Kupiec and Rodolphe Bertolini  (9 dec. 2016)

  2. Passwords and Web Authentication Schemes - Benjamin Laroux and Sinan Birbalta (9 dec. 2016)

  3. SSL and HTTPS security: Thomas Lavocat & Lucas Barallon (2 dec. 2016)

  4. Surveillance and Censorship on the Internet - SID-LAKHDAR Riyane, COUTAUD Ulysse (2 dec.)

  5. Security and Privacy of CryptoCurrencies: Tom Cornebize + ?

  6. Cybercrime and dark market analysis

  7. Tracking Mobile Web Users Through Motion Sensors:  Attacks and Defenses (NDSS2016) - Youssef Kamoun and Abdallah Aguerzame (16 dec. 2016)

  8. Measuring and Mitigating AS-level Adversaries Against Tor (NDSS2016)

  9. Online tracking: A 1-million-site measurement and analysis (CCS 2016)

  10. Lock It and Still Lose It on the (In)Security of Automotive Remote Keyless Entry Systems (Usenix Sec 2016) - Henry-Joseph and Baptiste and Timothy (16/12)

  11. Defeating IMSI Catchers, CCS 2015.

  12. Neither Snow Nor Rain Nor MITM...An Empirical Analysis of Email Delivery

  13. Ad Injection at Scale: Assessing Deceptive Advertisement Modifications

  14. A Study of Personal Information in Human-chosen Passwords and Its Security Implications

The slides have to be sent to me 2 days prior to the corresponding lecture.