Wireless Networks Security and Privacy

Semester: 2024 Autumn
Time: 13:25-17:00 (6.7.8.9)
Location: Yuquan Campus, #7 Teaching Building, Rm408
TA : Yu Wang, wy_chaser@zju.edu.cn

Schedule (Update: 2024.10.23)

Week Course/Presentation Topic Reading References Presenter
Week 1
11, Sep
1. Course introduction & logistics
2. Wireless security basics & threat models
Online Lecturer
Week 2
18, Sep
3. Information security and crypto basics
4. Physical layer: physical layer threats; jamming
Online Lecturer
Week 3
25 ,Sep
5. Link layer, Wi-Fi security, and mac misbehavior
6. Network layer: threats, routing and forwarding security
Online Lecturer
Week 5
9, Oct
7. Wireless transport layer: TCP/UDP security
8. Location service security
Online Lecturer
Week 6
16, Oct
New wireless topics 1: Telecom Security & Privacy
New wireless topics 2: IoT Security & Privacy
New wireless topics 3: Satellite security
New wireless topics 4: Bluetooth security
Attachment Lecturer & Student
Week 7
23, Oct
New wireless topics 5: 5G/60G and its security
New wireless topics 6: Low power wireless network and security
New wireless topics 7: VANET Security & Privacy
Attachment Lecturer & Student
Week 8
30, Oct
Project Presentation Attachment Student


Group: each group has 2 students. Send your group information to TA according to the following format:

Format: the order you wish to present + group members + paper name, e.g.,
“1 + Alice, Bob + Beauty and the Burst: Remote Identification of Encrypted Video Streams”

Student presentation:
1. 2 students as a group
2. chooses paper from the list I provide or from other relevant conferences/ journals
3. Presentations last for 13 mins + Q&A + Discussion(2mins)
4. Make slides yourself

Paper source:
1. Big 4: USENIXS Security/ NDSS/ ACM CCS/ IEEE Oakland (S&P)

References for projects (Update: 2024.10.23):
1. Wireless communication security
- https://github.com/5GSEC/5G-Spector (5G协议漏洞检测_论文1)
- https://github.com/francozappa/bluffs (六种蓝牙攻击_论文5)
2. AI security
- https://github.com/lijunxian111/DEMASQ-Pytorch-Version/tree/main (ai生成文本检测_论文16)
- https://github.com/SPIN-UMass/Stealing-the-Decoding-Algorithms-of-Language-Models (大模型窃取_论文17)
- https://huggingface.co/phishbot/ScamLLM (LLM钓鱼漏洞及其检测_论文19)
- https://github.com/ZhangZhuoSJTU/LINT (LLM越狱攻击_论文20)

Candidate papers from me (Update: 2024.10.23):
Session 1: Wireless Communication Security
1. 5G-Spector: An O-RAN Compliant Layer-3 Cellular Attack Detection Service, NDSS 2024
2. Exploiting Sequence Number Leakage: TCP Hijacking in NAT-Enabled Wi-Fi Networks, NDSS 2024
3. Password-Stealing without Hacking: Wi-Fi Enabled Practical Keystroke Eavesdropping, CCS 2023
4. When Free Tier Becomes Free to Enter: A Non-Intrusive Way to Identify Security Cameras with no Cloud Subscription, CCS 2023
5. Bluetooth Forward and Future Secrecy Attacks and Defenses, CCS 2023
6. Finding Traceability Attacks in the Bluetooth Low Energy Specification and Its Implementations, USENIX 2024
7. Fake It till You Make It: Enhancing Security of Bluetooth Secure Connections via Deferrable Authentication, CCS 2024

Session 2: Side Channel
8. Eavesdropping on Controller Acoustic Emanation for Keystroke Inference Attack in Virtual Reality, NDSS 2024
9. The Danger of Minimum Exposures: Understanding Cross-App Information Leaks on iOS through Multi-Side-Channel Learning, CCS 2023
10. EM Eye: Electromagnetic Side-channel Eavesdropping on Embedded Cameras, NDSS 2024
11. Video-Based Cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device's Power LED Captured by Standard Video Cameras, S&P2024
12. VibSpeech: Exploring Practical Wideband Eavesdropping via Bandlimited Signal of Vibration-based Side Channel, USENIX 2024
13. PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound, NDSS 2024
14. IdleLeak: Exploiting Idle State Side Effects for Information Leakage, NDSS 2024
15. Can Virtual Reality Protect Users from Keystroke Inference Attacks?, USENIX 2024

Session 3: AI Security
16. DEMASQ: Unmasking the ChatGPT Wordsmith, NDSS 2024
17. Stealing the Decoding Algorithms of Language Models, CCS 2023
18. LLMIF: Augmented Large Language Model for Fuzzing IoT Devices, S&P2024
19. From Chatbots to Phishbots?: Phishing Scam Generation in Commercial Large Language Models, S&P2024
20. On Large Language Models'Resilience to Coercive Interrogation, S&P2024
21. SafeGen: Mitigating Sexually Explicit Content Generation in Text-to-Image Models, CCS2024
22. Prompt Leaking Attacks against Large Language Model Applications, CCS2024
23. SurrogatePrompt: Bypassing the Safety Filter of Text-To-Image Models via Substitution, CCS2024
24. GenderCARE: A Comprehensive Framework for Assessing and Reducing Gender Bias in Large Language Models, CCS2024
25. DeGPT: Optimizing Decompiler Output with LLM, NDSS2024

Session 4: Sensor Security
26. LiDAR Spoofing Meets the New-Gen: Capability Improvements, Broken Assumptions, and New Attack Strategies, NDSS2024
27. Invisible Reflections: Leveraging Infrared Laser Reflections to Target Traffic Sign Perception, NDSS2024
28. VoltSchemer: Use Voltage Noise to Manipulate Your Wireless Charger, USENIX 2024
29. TileMask: A Passive-Reflection-based Attack against mmWave Radar Object Detection in Autonomous Driving, CCS 2023
30. CamPro: Camera-based Anti-Facial Recognition, NDSS2024
31. AE-Morpher: Improve Physical Robustness of Adversarial Objects against LiDAR-based Detectors via Object Reconstruction, USENIX 2024
32. That Doesn't Go There: Attacks on Shared State in Multi-User Augmented Reality Applications, USENIX 2024


Presentation and Project Schedule(Update: 2024.10.23):
Please find your (gourp's) presentation order in the attchment: Presentation Schedule
Course slides(Update: 2024.10.23):
Lecture 1
Lecture 2
Lecture 3
Lecture 4
Lecture 5
Lecture 6
Lecture 7
Lecture 8
Lecture 9
Lecture 10
Lecture 11
Lecture 12