ECE 498 KL - eCrime and Internet Service Abuse

Lecture: Tue and Thu 2:00 P.M. to 3:20 P.M. in ECEB 2015
Final exam: December 14 at 8 A.M. in ECEB 2015

Instructor: Kirill Levchenko
Office hours: Mondays at 2:00 P.M. in CSL 468

TA: Joshua Reynolds
Office hours: Thursdays at 1:00 P.M. in CSL 221


Course Syllabus


See the syllabus for late policies, dropped quizzes, etc.

1A October 30 at 10 P.M. Assignment 1A
1B November 13 at 5 P.M. Assignment 1B
2A November 16 at 5 P.M. Assignment 2A
2B December 4 at 5 P.M. Assignment 2B
1C December 7 at 5 P.M. Assignment 1C (rev. 2)
2C December 11 at 5 P.M. Assignment 2C

Lectures and Reading Assignments

DateTopicReading Assignment
Oct 25 Introduction No assigned reading
Oct 30 Bitcoin (special lecture)
Nov 1 Computer Fraud and Abuse Act (CFAA) Required: 18 U.S. Code § 1030 – Fraud and related activity in connection with computers
Optional: C. Doyle. “Cybercrime: A Sketch of 18 U.S.C. 1030 and Related Federal Criminal Laws”
Reading questions:
  • What kind of computer access does the CFAA prohibit?
  • Which computers are protected by the CFAA?
  • What other acts does the CFAA prohibit?
Nov 6 Electronic Communications Privacy Act (ECPA)
and Stored Communications Act (SCA)
Required: 18 U.S. Code § 2511, 2701, 2702, 2703, 2707
Optional: G. Stevens and C. Doyle. “Privacy: An Overview of Federal Statutes Governing Wiretapping and Electronic Eavesdropping”
Reading questions:
  • What kind of communication does ECPA protect?
  • What acts does ECPA prohibit?
  • What kind of communication does SCA protect?
  • What kind of acts does SCA prohibit?
Nov 8 Web search Required: A. N. Langville and C. D. Meyer. Google's PageRank and Beyond: The Science of Search Engine Rankings,
Ch. 1, Sec. 1.3.2; Ch. 2, Sec. 2.1 and 2.2, skip pp. 17–18; Ch. 3, skip 3.2.2.
Reading questions:
  • How does a search engine know what is on your site?
  • How does a search engine determine which sites to show in response to a query?
  • How does a search engine determine a site’s position on a result page?
Nov 13 Basic password attacks and defenses
Location: ECEB 3002
Required: P. Ducklin. “Serious Security: How to store your users‘ passwords safely
Reading questions:
  • What is the problem with storing user passwords in the clear?
  • What is wrong with encrypting each password?
  • What is the purpose of the salt?
  • What properties should the password hash function have?
  • What is the purpose of hash stretching?
Nov 15 Advanced password attacks and defenses
Location: ECEB 3002
Required: P. Oechslin. “Making a Faster Cryptanalytic Time-Memory Trade-Off
Nov 27 Web Cloaking Required: D. Y. Wang et al.Cloak and Dagger: Dynamics of Web Search Cloaking
Reading questions:
  • What is cloaking?
  • Why do some sites use cloaking?
  • How does a cloaked site determine which page to return?
  • What happened to visitors when they visited a cloaked page?
Nov 29 Traffic Monetization Required: D. Samosseiko. “The Partnerka—What is it, and why should you care
Reading questions:
  • What is an affiliate program (partnerka)?
  • What are some popular products sold by affiliate programs?
  • Why do affiliate programs exist?
Dec 4 CAPTCHAs Required: M. Motoyama et al.Re: CAPTCHAs — Understanding CAPTCHA-Solving Services in an Economic Context
Reading questions:
  • What were the design goals of CAPTCHAs?
  • What were the assumptions made in the design of CAPTCHAs?
  • How do CAPTCHA-solving services work?
  • What kinds of CAPTCHAs can CAPTCHA-solving services solve?
Dec 6 Ransomware Required: K. Liao et al.Behind Closed Doors: Measurement and Analysis of CryptoLocker Ransoms in Bitcoin
Reading questions:
  • What is ransomware?
  • Why does ransomware use Bitcoin?
  • How do you estimate amount of ransom paid?
Dec 11 Remote Access Trojans Required: B. Farinholt et al.To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild
Reading questions:
  • What is a RAT?
  • What does a RAT allow an attacker to do?
  • What can we learn about RAT operators?
Dec 14 Final Exam Time: 8 A.M.
Location: ECEB 2015

These important Web sites are part of Assignment 1: Trimpuny Student Pages