CS249i is an advanced networking course that covers how the Internet has evolved and operates today. Topics include modern Internet topology and routing practices, recently introduced network protocols, popular content delivery strategies, and pressing privacy, security, and abuse challenges. The course consists of a mixture of lecture, guest talks, and investigative projects where students will analyze how Internet operates in practice.
Lecture: Mon/Wed 1:30–2:50 PM. Via Zoom.
Instructor: Zakir Durumeric
Office Hours: Monday 3:00–4:00 PM, or by appointment. Gates 280.
Course Assistant: TBA. Office hours by appointment.
Prerequisites: This course assumes a basic understanding of networking topics, including protocols like Ethernet, IP, and TCP, as well as routing concepts and socket programming. This is not an introductory networking course and students should first take Stanford CS 144, EE 284, or equivalent. For a refresher, consider "Computer Networking: A Top-Down Approach" by J. Kurose and K. Ross or "Computer Networks: A Systems Approach" by L. Peterson and B. Davie. Projects will be implemented in Go.
Submissions: All course assignments should be submitted through Gradescope. Enrollment code: TBA.
The tentative schedule and readings for the class are below:
Course introduction. Quick BGP, ASN refresher. Tier 1 Definition. Who are the Tier 1s? IXPs. Transit vs. Peering. Peering Policies, transit costs.
Evolution of Internet Topology, increased role of cloud and last mile providers. Submarine links. Netflix– Comcast dispute. Content Centralization.
BGP, MPLS, Private Peerings, RPKI, BGP hijacking, Black- holing, BGP Communities, ASNs
IPv4 vs. IPv6. Deep dive on IPv6. IP Allocation Patterns, Fake MACs. MAC rotation.
IANA, RIRs, ICANN. IPv4 Open Market, Pricing, Sales
Mobile, Satellite, Last-mile Residential technology. Inter- net access/inequity.
DNS, DNSSEC, Load Balancing, DNS Failure Modes. EDNS.
Mechanics of CDN: multicast, anycast, POPs, protocols
HTTP/2, HTTP/3. (g)QUIC. Pipelining. gRPC.
GDPR, Third-party assets, Ads, Real time bidding. SPA, Server Push, WASM, WebAuthn.
HTTPS, Lessons from TLS 1.0–1.2, TLS 1.3, HPKP, HSTS, Certificate Transparency. Let’s Encrypt and ACME Protocol
Snowden Revelations. Ubiquitous Encryption. Signal + MPLS. imessage attacks.
Attendance required. No assigned reading.
This course is composed of lecture and discussion, several empirical projects, and a final exam. Grading will be based on the following components. Students should submit all reports through Gradescope by 11:59PM on the day of each deadline.
Project 1: Routing and Topology (25%)
Students will BGP peer onto the public-Internet using a software-router (GoBGP). From there, students will analyze the routing table they receive to understand real-world peering relationships, determine the Tier-1 providers on the Internet, and understand where BGP/MPLS is used. [more information]
Project 2: Web and Content Delivery (25%)
While reading a few formative papers helps demonstrate how a subfield started, it oftentimes leaves us wondering how the area has evolved. To fill this gap, pairs of students will read 3-4 more recent papers and provide a 20 minute presentation about the current state of a research area at the start of one class. [more information]
Project 3: Security, Privacy, and Abuse (25%)
The third project will consist of three parts: (1) analyzing data from a series of honeypots and a large passive network telescope to uncover DDoS attacks and real-world scanning behavior, (2) analyze Censys Internet scan data to understand real-world service deployment, and (3) analyze certificate authorities found in Public Certificate Transparency servers to understand what organizations we trust to sign certificates for websites. [more information]
Final Exam (25%)
There will be a short final exam that covers material taught in the class, guest speakers, and techniques from the three course projects.