Instructor: Chen Qian <cqian12 at>, Office: E2-231

Class meeting time: MWF 01:20PM-02:25PM

Office hours: Monday 2:30PM - 3:30PM or by appointment

Teaching Assistants: Huazhe Wang <hwang137 at>

Classroom: J Baskin Engr 165

Course Focus 

This course provides a basic overview to the principles and practice of network security. The key topics of this course include network security basis, Key agreement, Shamir Secret Sharing, Digital Signatures, Homomorphic Crypto, Attribute-based encryption, Internet security, Cloud security, WiFi security, and Web security. Students will complete reading reports, a midterm exam, and a course project. 

Course Prerequisites 

Undergraduate Computer Network course (CMPE150 or equivalence)

Textbook (recommended)

1. Computer Networking: A Top-Down Approach
2. Introduction to Computer Security (Matt Bishop) 

Additional research papers will be used as reading material

Academic Honesty And Integrity 

In recent years, there has been an increased number of academic integrity violation incidents in many UC campuses, and unfortunately, UCSC is no exception. The School of Engineering has a zero tolerance policy for any incident of academic dishonesty. If cheating occurs, they will result in academic sanctions in the context of the course, and in addition, every case of academic dishonesty is referred to the students' college Provost, who then sets the disciplinary sanctions. Cheating in any part of the course may lead to failing the course and suspension or dismissal from the University.

What is cheating? In short, it is presenting someone else's work as your own. Examples would include copying another student's written or electronic homework assignment, or allowing your own work to be copied. Although you may discuss problems with fellow students, when you submit an assignment with your name on it, it is assumed it is your own work. If you use ideas or text from others, you MUST cite your sources and give credit to whoever contributed to your work.

If there are any questions on what constitutes academic integrity violations, please make sure to talk to the instructor and/or the TAs for clarification. You are also referred to for additional information on UCSC's academic integrity policies.

 Disability Resource Center (DRC) Resource

UC Santa Cruz is committed to creating an academic environment that supports its diverse student body. If you are a student with a disability who requires accommodations to achieve equal access in this course, please submit your Accommodation Authorization Letter from the Disability Resource Center (DRC) to me privately during my office hours or by appointment, preferably within the first two weeks of the quarter. At this time, I would also like us to discuss ways we can ensure your full participation in the course. I encourage all students who may benefit from learning more about DRC services to contact DRC by phone at 831-459-2089, or by email at 

Grading Rubric     
Category Percent
Reading reports 15%
Midterm 25%
In-class presentation 25%
Course Project 35%


There are around 20 presentations in total and you should submit no fewer than 15 reading reports.

Each report will be graded as a check (0.5pt), or check+ (1pt). 

You may submit more but we only count the 15 reports with highest grades. 

Reading reports are submitted at the beginning of every presentation class.


Schedule (Tentative) 

Some slides are revised from the ones by Kurose/Ross and Simon Lam.

Date Topic Readings

Lecture Notes 

1.7 General class information    
1.9 -1.18

Network Security Basis

Paper preference due 1.18

 Kurose Book Chapter 8 slides


No class, Holiday

 1.23 Chen Qian  [R1] and [R3] slides R1, slides R3

Aaron C.

Challenger: Austen B.

 [5]  Path ORAM: An Extremely Simple Oblivious RAM Protocol slides

Minghao X.

Challenger: Nitesh Kumar S.

 [6] Obladi: Oblivious Serializable Transactions in the Cloud slides
 1.30 Kuo P. and Aasim K.

Challenger: Aaron Chu

 [7] MiniCrypt: Reconciling Encryption and Compression for Big Data Stores slides

De H. and Alexander W. 

Chlg: Minghao X.

 [8] OblivP2P: An Oblivious Peer-to-Peer Content Sharing System slides

Austen B.

chlg: Gaoyang W.

 [4] Protecting your right: Attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud,

  Project proposal due


Haofan C.

chlg: Qian C.

 [9] Ghostbuster: Detecting the Presence of Hidden Eavesdroppers, slides

Keerthi K. 

chlg: Kuo P.

 [10] HoMonit: Monitoring Smart Home Apps from Encrypted Traffic slides

Mariette S. and Soeren C. 

chlg: Keerthi K. and Zixuan Z.

 [11] Rethinking Access Control and Authentication for the Home Internet of Things (IoT) slides

Kyle E. and Yuchen Y.

chlg: Haofan C.

 [12] Proximity-Proof: Secure and Usable Mobile Two-Factor Authenticantion, slides

Gaoyang W. and Karthik B. 

chlg: Chris V. and Minmei Wang

 [13] Pinto: Enabling Video Privacy for Commodity IoT Cameras slides



No class


Haofan Z.

chlg: Aasim K.

[14] Clock Around the Clock: Time-Based Device Fingerprinting,  slides

 Qian C. and Pranav Y. 

chlg: Karthik B.

 [17] End-Users Get Maneuvered: Empirical Analysis of Redirection Hijacking in Content Delivery Networks  
 2.25   Midterm Exam    Network Security Basis  

 Guest Lecture by Dr. Feng Qian,

University of Minnesota

 Location E2 506  

 Nitesh S. and Liang W.

chlg: Li X.

 [25] vEPC-sec: Securing LTE Network Functions Virtualization on Public Cloud slides

Han G. and Roy S.

chlg: Pranav Y.

 [15] Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path slides

Minmei Wang

chlg: Ke Wang

[R5] Bitcoin: A Peer-to-Peer Electronic Cash System,

[20] CertChain: Public and Efficient Certificate Audit Based on Blockchain for TLS Connections


Li X. and Ke W.

chlg: Shresta

[22] Settling Payments Fast and Private: Efficient Decentralized Routing for Path-Based Transactions,  slides

Staunton S. and Chris V. 

chlg: Mariette S.

[23] I Send, Therefore I Leak: Information Leakage in Low-Power Wide Area Networks,  

Xinghang X. and Zixuan Z. 

chlg: Soeren C.

[26] Practical Evasion of a Learning-Based Classifier: A Case Study  

Xiaofeng Shi and B S

chlg: Liang W. 

[28] With Great Training Comes Great Vulnerability: Practical Attacks against Transfer Learning,  
3.22 Project final report due