COSC755 - Topics in Network Security (Spring 2014)
Surveillance and Censorship

Georgetown University
Prof. Micah Sherr
Course Description

The Internet began as a decentralized "network of networks" that permitted efficient and unfiltered communication between connected machines. In recent years, the Internet has become more fractured as nations have used traffic analysis and filtering techniques to restrict the content that their citizenries can access. Additionally, technological advances and changes in the architecture of the Internet -- in particular, its increasing centralization -- have made large-scale monitoring of traffic feasible. This special topics class examines (1) the tools and techniques of state-sponsored surveillance and censorship, (2) methods of counter-surveillance, and (3) recent research in censorship circumvention. Topics covered include private web browsing, traffic analysis, censorship systems, unblockability, usable security, weaknesses in the public key infrastructure, covert channels, traffic shaping, and censorship detection.

Prerequisites: None.

Jump to course syllabus/schedule.

Who, What, and Where

Instructor: Prof. Micah Sherr
Email: click here
Office: St. Mary's Hall, Room 337
Office Hours: Mondays 5-6pm, and by appointment

Classes are held every Monday and Wednesday from 3:30pm until 4:45pm in STM, room 326

Readings

There is no required textbook for this class.

Reading assignments are listed below and should be completed before the class that covers the material.

Important: Twenty-four hours before each class, students should email answers to the following questions:
  • "What problem does this paper address?"
  • "What is the contribution of this work?"
  • "What are the shortcomings of the proposed approach?" Or, alternatively, "How could the paper be improved?"
  • "Was this a good paper to assign?" (not graded)

Your reading responses will be graded. Separate reading responses are required for each reading assignment.

Warning: Responses that merely summarize the paper, show little depth or understanding of the material, or simply reiterate the paper's abstract or conclusion will receive very little credit.

Course Resources / Listserv

Students should take advantage of two critical course resources.

Most importantly, students should regularly attend class. Not only is attendance mandatory (and a significant part of the students' grades), classroom discussion will hone in on the particular subject matter that I think is most important (and consequently, significantly more likely to appear on exams).

Second, we will make extensive use of the class listserv:
    cosc755-spring2014@security.cs.georgetown.edu
Students are expected to read every post to the listserv and to contribute to the discussion. Be prepared to receive a lot of email -- in my previous classes, several thousand listserv messages were posted in a single semester.

Grading and Other Class Policies
Reading responses 20%
Course project 30%
Discussion lead 20%
Discussion summaries 10%
Class participation 20%

Other miscellaneous (but hopefully not arbitrary) policies:
  • Please turn off cell phones during class.
  • I will do my best to respond to emails within 24 hours. Please also consider posting your questions to the class listserv.
  • Behave civilly: don't be late for class; don't read newspapers/blogs/etc. during class; don't solve Sudoku puzzles during class; don't struggle with crossword puzzles during class; respect others' opinions, even if they are clearly wrong.
  • Adhere to good scientific principles and practices, and uphold the Georgetown Honor System.

Project

Students must participate in a novel research project related to surveillance and/or censorship. Projects may, for example, propose and experimentally evaluate a new counter-surveillance (or surveillance) system. Students who wish to avoid programming may instead write a detailed, analytic report that investigates a course topic in far greater depth than is covered in class. Such reports must include detailed analyses and must cite the appropriate sources.

Projects that merely implement existing protocols or that attempt to solve problems that have existing, well-understood, and widely-accepted solutions will not be accepted. The topic and scope of the project must be approved by the instructor, and the project itself will be graded based on its novelty, student effort, technical depth and correctness (for programming-oriented projects), and the clarity of the project presentation. For programming projects, the output of the project should be a workshop-length paper that addresses a novel computer security research topic. Students who elect to write a report must submit a 20-30 page (2 column, 11-point font) document.

With the instructor's permission, students may work in groups for the programming project, so long as the scope of the project is proportional to the size of the group. All students in a group will receive the same grade. Students who elect to write a report must do the research and writing individually.

The project proposal is now available.

A Note about Academic (Dis)Honesty

Please do not cheat. Dealing with cheating is by far the worst part of a professor's responsibilities, and it's one that I'd greatly like to avoid. If you are caught cheating, you will be referred to the Honor Council, without exception. It doesn't matter if you plagiarized one part of one answer in a homework assignment or outsourced your entire semester project to www.willdoyourprojectforcupcakes.com. Telling me that I'm ruining your future/career/life will make me feel wicked bad, but won't stop me from referring you to the Honor Council.

The following -- taken from the Graduate Bulletin -- is a partial list of the things you cannot do: plagiarism; unacknowledged paraphrase; cheating, fabrication of data; fabrication, alteration, or misrepresentation of academic records; facilitating academic dishonesty; unauthorized collaboration; misuse of otherwise valid academic work; misuse of academic resources; depriving others of equal access to academic resources.

Please see Georgetown's Academic Regulations regarding the University's Honor System, as well as all the nasty things that will happen to you if you are caught cheating.

Bottom Line: If you are unsure whether or not something is permissible, ask me beforehand.

Syllabus and Schedule

This syllabus is subject to change. Some readings are borrowed from Ed Felten's Surveillance and Countermeasures course.

The syllabus is also available as an iCalendar feed, which you may use to import into Apple Calendar, Google Calendar, and similar calendar applications. To do so, subscribe to (don't import) the feed at https://security.cs.georgetown.edu/courses/cosc755-spring2014/cosc755-spring2014.ics.

The syllabus is available here.