CS249i is an advanced networking course that covers how the Internet has evolved and operates today. Topics include modern Internet topology and routing practices, recently introduced network protocols, popular content delivery strategies, and pressing privacy, security, and abuse challenges. The course consists of a mixture of lectures, guest talks, and investigative projects where students analyze how the Internet operates in practice.
Lecture: Mon/Wed 4:30–5:50 PM. NVIDIA Auditorium. Lectures are not recorded; in-person attendance expected.
Instructor: Zakir Durumeric
Office Hours: Tuesday 4:00–5:00 PM, or by appointment. Gates 432 CoDa W346 starting the week of 1/27.
Course Assistants: Kimberly
Ruth and Catherine
Han.
Office Hours: Wednesday 3:00–4:00 PM (Catherine), Thursday 4:00–5:00 PM
(Kimberly), or by appointment. Gates 434 CoDa W338 starting the week of 1/27.
Prerequisites: This is an advanced networking course and we assume that students have a basic understanding of networking, including protocols like Ethernet, IP, and TCP, as well as routing concepts and socket programming. Students should first take Stanford CS 144, EE 284, or equivalent. For a refresher, consider "Computer Networking: A Top-Down Approach" by J. Kurose and K. Ross or "Computer Networks: A Systems Approach" by L. Peterson and B. Davie.
Communication: We use Ed for announcements and discussion. Students can submit anonymous feedback at any time.
Submissions: All course assignments should be submitted through Gradescope. Enrollment code: PY4B68.
The tentative schedule and readings for the class are below:
Course introduction. IPv4, Subnetting, and BGP Refresher.
IP Transit and Peering. Tier 1 Definition. Peering Policies. Transit costs.
Internet Topology Evolution, Content Centralization, and Peering Disputes. Real-World BGP Oddities.
MPLS, Remote Peerings, BGP hijacking, RPKI, BGP Communities, Traffic Shaping
No class.
IANA, RIRs, ICANN. IPv4 Open Market, Pricing, and Sales. .org dispute.
Mechanics of CDNs: multicast, anycast, POPs, protocols
[Gautam Akiwate] DNS, DNSSEC, Load Balancing, DNS Failure Modes. EDNS. Problems.
[Gautam Akiwate] Ecosytem Players (Registrars, Registrant, Registry). Security. Attacks.
HTTP/1.x, HTTP/2, QUIC, HTTP/3
[Catherine Han] Third-party content, Ads, Privacy, Regulation (GDPR)
[Tommy Pauly] RFC 9614: Partitioning as an Architecture for Privacy
No class.
[Kimberly Ruth] What Internet security problems still plague us? Where do attacks originate?
HTTPS: Lessons from TLS 1.0–1.2, TLS 1.3, HPKP, and HSTS. WebPKI: Certificates, Certificate Transparency, ACME Protocol
[David Adrian] ⚠️ Remote Zoom Lecture! Details TBA.
Middleboxes, Carrier Grade NAT, HTTPS Interception
[Liz Izhikevich] Guest Lecture on LEO Connectivity and Challenges.
[Riana Pfefferkorn] Topics to be announced.
[Guest Lecture] What does global censorship look like? How is content censored?
This course is composed of lecture and discussion, several empirical projects, and a final exam. Please start on projects as soon as possible after assignment. Several projects require running long-running processes to collect data and simply cannot be run at the last minute. Grading will be based on the following components.
Project 1: Routing and Internet Topology [pdf] (25%)
Students will BGP peer onto the public-Internet using a
software-router (GoBGP). From there, students will analyze the
routing table they receive to understand real-world peering
relationships, determine the Tier-1 providers on the Internet, and
understand where BGP/MPLS is used.
Assigned 1/13. Parts 1-2 due 1/26, Part 3 due 2/2.
Project 2: Web and Content Delivery [pdf] (25%)
Students will orchestrate a headless web browser to visit the top
websites on the Internet. From there, students will document the
services and resources that make up popular websites, ultimately
uncovering the technology providers that make up the modern web.
Assigned 2/10. Parts 1-3 due 2/18, Parts 4-5 due 2/23.
Project 3: Internet Security [pdf to come] (25%)
The third project will consist of three parts: (1) analyzing data
from a series of honeypots to uncover real-world scanning behavior, (2) analyze
Censys Internet scan data to understand real-world service
deployment, and (3) analyze certificate authorities found in
Public Certificate Transparency servers to understand what
organizations we trust to sign certificates for websites.
Assigned 2/24. Parts 1-2 due 3/8, Part 3 due 3/15.
Final Exam (25%)
There will be a final exam that covers material taught in the class, guest speakers, and techniques from the course projects. The exam will take place via Gradescope during the Registrar assigned slot (TBD), The exam will be open-note, no Internet. An alternative exam will be available only for students who have a conflicting exam, time and date TBD.
Course projects should be completed in pairs (two students) that submit a single write up. Students should submit all assignments through Gradescope by 11:59PM on the day of each deadline. Project grades will be reduced by 10% every 24 hours late after the project deadline (e.g., max score is 90% for project submitted 1 hour late, 80% 25 hours late). Regrade requests must be submitted at most three days after grades are released. It is an honor code violation to consult solutions from previous offerings of the course.
All submitted work for this course must by directly written by the submitting student(s). Using generative AI tools to complete assignments, projects, or exams (e.g. generating text) is prohibited.
Stanford as an institution is committed to the highest quality education, and as your teaching team, our first priority is to uphold your educational experience. To that end we are committed to following the syllabus as written here, including through short- or long-term disruptions, such as public health emergencies, natural disasters, or protests and demonstrations. However, there may be extenuating circumstances that necessitate some changes. Should adjustments be necessary, we will communicate clearly and promptly to ensure you understand the expectations and are positioned for successful learning.
Stanford is committed to providing equal educational opportunities for disabled students. Disabled students are a valued and essential part of the Stanford community. We welcome you to our class. If you experience disability, please register with the Office of Accessible Education (OAE). Professional staff will evaluate your needs, support appropriate and reasonable accommodations, and prepare an Academic Accommodation Letter for faculty. To get started, or to re-initiate services, please visit oae.stanford.edu.
If you already have an Academic Accommodation Letter, we invite you to share your letter with us. Academic Accommodation Letters should be shared at the earliest possible opportunity so we may partner with you and OAE to identify any barriers to access and inclusion that might be encountered in your experience of this course.
Students who are immunocompromised should register with the OAE as soon as possible.
Student athletes who anticipate challenges in being able to participate in class or submit assignments on time should speak to a course instructor or teaching assistant as soon as possible about available alternatives or allowances.