Browse Source

Draft website for CS 839.

Justin Hsu 4 years ago
  1. 16
  2. 5
  3. 36
  4. 31
  5. 18
  6. 52
  7. 3
  8. 57
  9. 5
  10. 15
  11. 14
  12. 37
  13. 35
  14. 32


@ -0,0 +1,16 @@
mkdocs build
mkdocs serve
pip install mkdocs mkdocs-material pymdown-extensions
make build
find . -type d -exec chmod a+rx {} \;
find . -type f -exec chmod a+r {} \;
rsync -avzp --delete -e ssh ./site/ $(DEPLOY)


@ -0,0 +1,5 @@
# Communications
## Mailing list
## Course staff


@ -0,0 +1,36 @@
# Course Format
Lectures will be loosely organized around four modules: differential privacy,
cryptography, language-based security, and adversarial machine learning. The
instructor will give most of the lectures for the first module, on differential
privacy. For each of the remaining modules, the instructor will give the first
lecture introducing the topic and background material. Then, each student will
lead one lecture, presenting a paper and guiding the discussion.
The topics we will be reading and thinking about are from the recent research
literature---polished enough to be peer-reviewed and published, but not always
completely refined. Given that this is a graduate course, not all lectures are
set in stone and there is some flexibility in the choice of topics. Students
with interested in specific topics not covered in the syllabus should feel free
to contact the instructor.
## Readings and Homework
The bulk of this course consists of reading research papers. Before every
lecture presenting a paper, students are expected to read the paper closely and
understand its significance, including (a) the problem addressed by the paper,
(b) the main contributions of the paper, and (c) how the authors solve the
problem in some technical detail.
The instructor will also send out 2-3 questions before every paper presentation.
Students will submit brief answers---no more than 1-2 paragraphs per
question---before the lecture. These questions are meant to make sure you have
understood the paper at a high level and prepare for the discussion in class,
they are not meant to be very difficult or time-consuming.
## Course Project
Students will work individually or in pairs on a topic of their choice,
producing a conference-style write-up and presenting their project at the end of
the semester. This project should have the potential to turn into a research
paper or survey. Details can be found [here](projects/


@ -0,0 +1,31 @@
# Welcome to CS 839!
This is a graduate-level course covering advanced topics in security and
privacy. We will focus on four areas at the current research frontier: (1)
differential privacy, (2) applied cryptography, (3) language-based security, and
(4) adversarial machine learning. Students will read, present, and discuss
papers from the research literature (i.e., conference and journal papers), and
complete a final project.
## Logistics
- **Course**: CS 839, Fall 2018
- **Location**: TBD
- **Time**: Mondays and Wednesdays, 4:00-5:15
## Course Staff
- **Instructor**: Justin Hsu
- **Email**:
- **Location**: TBD
- **Office hours**: TBD
- **TA**: TBD
## FAQ
- Who should take this course?
- What are the pre-requisites of this course?
- How flexible are the topics?
- Will this course be more theoretical or applied?


@ -0,0 +1,18 @@
# Course Policies
Paper discussions are a core component of this course. Students are expected to
read papers before lecture, attend lectures, and participate in discussions.
## Grading and Evaluation
Grades will be assigned as follows:
- **Discussions: 15%** (Pre-lecture questions and class participation)
- **Paper presentation: 25%**
- **Final project: 60%** (First and second milestones, and final writeup)
## Academic Integrity
Pre-lecture questions should be done individually. The final project may be done
individually or in groups of two students. Collaboration projects with people
outside the class may be allowed, but must be approved by the instructor.


@ -0,0 +1,52 @@
# Course Project
This course covers a wide range of topics in security and privacy. The goal of
the course project is to dive more deeply into a particular topic individually
or in groups of two. This project could take different forms:
- **Theoretical**: Extend a technique, explore a new application, or develop
some other kind of conceptual contribution.
- **Experience report**: Experiment with an existing implementation, trying out
different examples and describing the overall experience. Or make a new
- **Literature survey**: Select a couple (3-5) of related papers in a recent
research area. Summarize the significance, then compare and contrast.
- **Other**: Feel free to propose other kinds of projects.
A good project will be the start of a potentially publishable result.
## Deliverables
In order to keep projects on track, each group will turn in two short (**1-2
pages**) milestone reports along the way. At one-third of the way through, you
should have settled on a project goal and made some exploratory steps.
- **Milestone 1**. Describe the project goal concretely, summarize what
preliminary things have been tried, and plan out which directions to explore
At two-thirds of the way through, the project should be progressing and it
should be clear what remains to be done.
- **Milestone 2**. Clarify the project goal if it has changed, summarize current
progress, and plan out how to finish remaining items.
Besides the milestones, the main deliverable of the project will be a final
report, around **15-20 pages** in length. Reports should be written in a
research paper style, covering the following broad areas in some order:
- **Introduce** the problem and the motivation.
- **Review** background and preliminary material.
- **Develop** the main technical core of the project.
- **Survey** related work.
- **Summarize** and evaluate the results.
At the end of the course, each group will present their project in class.
## Deadlines
The most immediate task is to form groups (if desired) and select a preliminary
project topic. Discuss with the instructor or send an email with the project
topic and group members (less ideal) by **???**.
Deadlines for the deliverables are [here](../schedule/


@ -0,0 +1,3 @@
# Final Projects
To come!


@ -0,0 +1,57 @@
# Paper Suggestions
### Differential Privacy
- Frank McSherry and Kunal Talwar. *Mechanism Design via Differential Privacy*. FOCS 2007.
- Cynthia Dwork, Moni Naor, Toniann Pitassi, and Guy Rothblum. *Differential
Privacy under Continual Observation*. STOC 2010.
- T.-H. Hubert Chan, Elaine Shi, and Dawn Song. *Private and Continual Release
of Statistics*. ICALP 2010.
- Moritz Hardt, Katrina Ligett, and Frank McSherry. *A Simple and Practical
Algorithm for Differentially Private Data Release*. NIPS 2012.
- Daniel Kifer and Ashwin Machanavajjhala. *A Rigorous and Customizable
Framework for Privacy*. PODS 2012.
### Applied Cryptography
- Benjamin Braun, Ariel J. Feldman Zuocheng Ren, Srinath Setty, Andrew J.
Blumberg, and Michael Walfish. *Verifying Computations with State*. SOSP 2013.
- Aseem Rastogi, Matthew A. Hammer and Michael Hicks. *Wysteria: A Programming
Language for Generic, Mixed-Mode Multiparty Computations*. S&P 2014.
- Shai Halevi and Victor Shoup. *Algorithms in HElib*. CRYPTO 2014.
- Shai Halevi and Victor Shoup. *Bootstrapping for HElib*. EUROCRYPT 2015.
- Léo Ducas and Daniele Micciancio. *FHEW: Bootstrapping Homomorphic Encryption
in Less than a Second*. EUROCRYPT 2015.
- Peter Kairouz, Sewoong Oh, and Pramod Viswanath. *Secure Multi-party
Differential Privacy*. NIPS 2015.
- Arjun Narayan, Ariel Feldman, Antonis Papadimitriou, Andreas Haeberlen,
*Verifiable Differential Privacy*. EUROSYS 2015.
### Language-Based Security
- Frank McSherry. *Privacy Integrated Queries*. SIGMOD 2009.
- Jason Reed and Benjamin C. Pierce: *Distance Makes the Types Grow Stronger: A
Calculus for Differential Privacy*. ICFP 2010.
- Daniel B. Griffin, Amit Levy, Deian Stefan, David Terei, David Mazières, John
C.Mitchell, and Alejandro Russo. *Hails: Protecting Data Privacy in Untrusted
Web Applications*. OSDI 2012.
- Andrew Ferraiuolo, Rui Xu, Danfeng Zhang, Andrew C. Myers, G. Edward Suh.
*Verification of a Practical Hardware Security Architecture Through Static
Information Flow Analysis*. ASPLOS 2017.
- Danfeng Zhang, Aslan Askarov, and Andrew C. Myers. *Language-Based Control and
Mitigation of Timing Channels*. PLDI 2012.
- Samee Zahur and David Evans. *Obliv-C: A Language for Extensible
Data-Oblivious Computation*. 2015.
- Andrew Miller, Michael Hicks, Jonathan Katz, and Elaine Shi. *Authenticated
Data Structures, Generically*. POPL 2014.
- Martín Abadi and Andrew D. Gordon. *A Calculus for Cryptographic Protocols:
The Spi Calculus*. Information and Computation, 1999.
### Adversarial Machine Learning
# Supplemental Material
- Cynthia Dwork and Aaron Roth. *Algorithmic Foundations of Data Privacy*.
- Gilles Barthe, Marco Gaboardi, Justin Hsu, and Benjamin C. Pierce. *Programming
Language Techniques for Differential Privacy*.
- Michael Walfish and Andrew J. Blumberg. *Verifying Computations without
Reexecuting Them*.
- Véronique Cortier, Steve Kremer, and Bogdan Warinschi. *A Survey of Symbolic
Methods in Computational Analysis of Cryptographic Systems*.
- Dan Boneh and Victor Shoup. *A Graduate Course in Applied Cryptography*.


@ -0,0 +1,5 @@
# Previous Courses
- CSE 291: [Language-Based Security]( (Deian Stefan, UCSD)
- CSE 711: [Topics in Differential Privacy]( (Marco Gaboardi, University at Buffalo)
- CS 800: [The Algorithmic Foundations of Data Privacy]( (Aaron Roth, UPenn)
- CS 229r: [Mathematical Approaches to Data Privacy]( (Salil Vadhan, Harvard)


@ -0,0 +1,15 @@
# Software
## Differential Privacy
- [DFuzz](
- [HOARe2](
## Cryptography
- [HELib](
- [Obliv-C](
## Language-Based Security
- [Jif](
- [FlowCaml](
## Adversarial Machine Learning


@ -0,0 +1,14 @@
# Deadlines
Before class on the dates indicated.
## Course Deadlines
- **Check in with instructor**: TBD
- **Sign up to present paper**: TBD
- **Check-up questions**: Before each paper presentation.
## Project Deadlines
- **Choose topic**: TBD
- **Milestone 1**: TBD
- **Milestone 2**: TBD
- **Final writeup**: TBD


@ -0,0 +1,37 @@
# Lecture Schedule (Tentative)
Date | Topic | Presenter
9/5 | Course welcome | JH
| <center> **Differential Privacy** </center> |
9/10 | Definition and Basic Mechanisms | JH
9/12 | What does Differential Privacy mean? | JH
9/17 | Composition and closure properties | JH
9/19 | Exponential mechanism <br> **Paper:** | JH
9/24 | Streaming privacy: counters <br> **Paper:** | JH
9/26 | Advanced mechanisms: Report-noisy-max | JH
10/1 | Advanced mechanisms: Sparse Vector | JH
10/3 | Advanced mechanisms: Private multiplicative weights <br> **Paper:** | JH
10/8 | Local differential privacy (theory) | JH
10/10 | Local differential privacy (practice) <br> **Paper:** | JH
| <center> **Cryptographic Techniques** </center> |
10/15 | Crypto: overview and basics | JH
10/17 | Zero-knowledge proofs <br> **Paper:** |
10/22 | Oblivious transfer and SMC <br> **Paper:** |
10/24 | Oblivious transfer and SMC <br> **Paper:** |
10/29 | Fully homomorphic encryption and verifiable computing <br> **Paper:** |
10/31 | Fully homomorphic encryption and verifiable computing <br> **Paper:** |
| <center> **Language-Based Security** </center> |
11/5 | LangSec: overview and basics | JH
11/7 | Secure Information Flow <br> **Paper:** |
11/12 | Secure Information Flow <br> **Paper:** |
11/14 | Languages for privacy <br> **Paper:** |
11/19 | Languages for privacy <br> **Paper:** |
11/21 | Symbolic cryptography <br> **Paper:** |
| <center> **Adversarial Machine Learning** </center> |
11/26 | AML: overview and basics | JH
11/28 | Adversarial examples <br> **Paper:** |
12/3 | Adversarial examples <br> **Paper:** |
12/5 | Training-time attacks <br> **Paper:** |
12/10 | Training-time attacks <br> **Paper:** |
12/12 | Model-theft attacks <br> **Paper:** |


@ -0,0 +1,35 @@
# Syllabus
Security and Privacy are rapidly emerging as critical research areas.
Vulnerabilities in software are found and exploited almost everyday
and with increasingly serious consequences (e.g., the Equifax massive data
breach). Moreover, our private data is increasingly at risk and thus
techniques that enhance privacy of sensitive data (known as
privacy-enhancing technologies (PETS)) are becoming increasingly
important. Also, machine-learning (ML) is increasingly being utilized to
make decisions in critical sectors (e.g., health care, automation, and
finance). However, in deploying these algorithms presence of malicious
adversaries is generally ignored.
This advanced topics class will tackle techniques related to all these
themes. We will cover the following broad topics.
### Differential Privacy
- Basic properties and examples
- Advanced mechanisms
- Local differential privacy
### Cryptographic Techniques
- Zero-knowledge proofs
- Secure multi-party computation
- Verifiable computation
### Language-Based Security
- Secure information flow
- Differential privacy
- Symbolic cryptography
### Adversarial Machine Learning
- Training-time attacks
- Test-time attacks
- Model-theft attacks


@ -0,0 +1,32 @@
site_name: 'CS 839: Topics in Security and Privacy (Fall 2018)'
site_url: ''
repo_url: ''
site_description: 'Course webpage for CS 839: Topics in Security and Privacy (Fall 2018)'
site_author: 'Justin Hsu'
name: 'material'
language: 'en'
tabs: 'true'
primary: indigo
accent: indigo
- Home:
- About: ''
- Syllabus: ''
- Course Format: ''
- Communication: ''
- Policies: ''
- Schedule:
- Lectures: 'schedule/'
- Deadlines: 'schedule/'
- Resources:
- Papers: 'resources/'
- Software: 'resources/'
- Other Courses: 'resources/'
- Project:
- Details: 'projects/'
- Gallery: 'projects/'