1 / 31

Seminar TK: Security, Privacy, and Trust

Seminar TK: Security, Privacy, and Trust. 4 CP, WiSe 2014/2015 Carlos Garcia C. c arlos.garcia@cased.de based on slides by Dr. Leonardo Martucci and Florian Volk. General Information. What ? Read and analyze current scientific publications Topics: Security, Privacy, Trust. How ?

joy-short
Download Presentation

Seminar TK: Security, Privacy, and Trust

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Seminar TK: Security, Privacy, and Trust 4 CP, WiSe 2014/2015 Carlos Garcia C. carlos.garcia@cased.de based on slides by Dr. Leonardo Martucci and Florian Volk

  2. General Information What? • Read andanalyzecurrentscientificpublications • Topics: Security, Privacy, Trust How? • Select a topicandstudyit • Write a shortreport • Review otherreports • Presentyourreport Who? • BSc, MScandDiplomastudentsfrom • Computer Science • Electrical Engineering • andrelatedareas Carlos Garcia C., Telekooperation

  3. General Information Why? • Introductionto a resarcharea • Learn to readand analyze scientific material • Presentyourevaluation When? • October 14 (now) • Introduction • Topic presentation • Tutorial: Working withLiterature • October 21 (1 week) • Topic selection • November 18 (5 weeks) • First version of your report (to be reviewed) • December 02 (7 weeks) • Deliverable of the reviews of your peers • February 03 (16 weeks) • First versionofyourpresentation • Final versionofyourreport • February 10 (13:00) • Presentationofyourwork • Meetings withyouradvisor(optional) Language? • English • Even though your advisor mightspeak German, your report hasto be in English Carlos Garcia C., Telekooperation

  4. 5 StepstoSuccess • Pick a topic, readtheprovidedliteratureandfind moreliterature • Write an overvieworstate-of-the-art report • Peer-Review process • Your report will be reviewed by a colleagueand by your advisor • You will review a colleague‘sreport • Correctandimproveyourreportfollowingthereviewer‘scomments • Give a presentation on yourreport Read Literature No enough Yes Write Report Peer review Correct Report Presentation Carlos Garcia C., Telekooperation

  5. Evaluation andGrading • Youget4 gradedcreditpointsfor • Yourreport: 4-5 pagesIEEE transactions style paper(find templates on thecourse web page) • Yourparticipation in thereview: bothactiveand passive • Yourpresentation: 15 minutes + discussion Report Presentation Review 60 % 15 % 25 % Youneedto pass all parts! Carlos Garcia C., Telekooperation

  6. Seminar Topics

  7. Asymmetric DC-Nets • Scalable: In general, asymmetric DC-Nets are more efficient than symmetric DC-Nets and homomorphic encryption schemes. • Verifiable: Similarly to commitments, participants can prove their messages sent. • Goal: • The main goal is to compare the algorithms used in privacy-preserving protocols and survey the differences between them. fabio.borges@cased.de

  8. PageRank and Trust • Trust is a very important element for decisions. • Computational trust and reputation models. • PageRank is a very importantalgorithm to rank. • Widely used in the Internet. • Different trust models are now being considered. • Goal: • Overview and classify different strategies and compare them with PageRank. • Identify security and privacy issues in such strategies. 1 1.2 2.5 1.4 1.3 fabio.borges@cased.de

  9. Analyzing the Membership Management of P2P Botnets • Overview: • P2P botnets are very resilient to take downs • A botnet is organized based on the membership management (MM) • MM influencestheresultingoverlaystructureofeachbotnet • Some botnets are more resilient than others • Goal: • State-of-the-art survey on all P2P Botnet’smembershipmanagementandtheirassociatedadvantagesanddisadvantages. shankar.karuppayah@cased.de

  10. Tracing the Botmaster • Overview: • In P2P botnets (or networks), command can be issued at any node • Absence of a centralizedcomponent, makesitdifficulttotracethebotmasters • However, metadatafromothernodes, e.g., time a commandreceived, moreinformationcanbeinferredaboutthesource. • Goal: • State-of-the-art survey on techniques that can be used in identifying source node or source path in a P2P network. shankar.karuppayah@cased.de

  11. Attacks on Anonymization Services Motivation • Anonymous services gaining popularity • Add-on: Tor, JAB, Crowds, (Firefox) • Integrated: diaspora*, GNUnet, FireChat • Attacks attempt to … • Disclose participants (Anonymity) • Disrupt service (Availability) Task • Survey and categorizeattacks • How are the attacks performed? • Which features / weaknesses are exploited? • Collaboration with “Attacks on Anonymous Communication” joerg.daubert@cased.de

  12. Anonymity Measures • Anonymous Communication Systems are trying to hide your and your communication partners identity while communicating • How is anonymity been measured? • Goal: • Survey on anonymity measures, their strength and weaknesses grube@cs.tu-darmstadt.de

  13. Attacks on Anonymous Communication • Anonymous Communication Systems are trying to hide your identity • Are the “Snowden insights” (already) represented in attacker models? • What are current attacker’s capabilities? • Goal: • State of the art survey on attacker models and capabilities grube@cs.tu-darmstadt.de

  14. Security, privacy and trust challenges in IoT platforms • IoT: The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices. • Platforms: Many IoT platforms and architectures have been proposed, e.g., IoT-A ARM, BETaaS, OpenIoT, IEEE P2413, etc. • Problem: What kind of mechanisms are utilized in the proposed platforms to ensure security, privacy, and trust? • Goal: Survey and comparison of the security features of specific IoT platforms and architectures. manolis@cased.de

  15. Security, privacy and trust challenges in IoT Machine-to-Machine (M2M) • M2M: In IoT, M2M refers to technologies that allow both wireless and wired systems to communicate with other devices of the same type. • Platforms: Many M2M platforms and architectures exist, e.g., ITU FG M2M Service Layer, IP for Smart Objects (IPSO), ETSI TC M2M, TIA TR-50 M2M, 3GPP / 3GPP2, etc. • Problem: What kind of mechanisms are utilized in the proposed platforms to ensure security, privacy, and trust? • Goal: Survey and comparison of the security features of specific M2M platforms and architectures. manolis@cased.de

  16. Machine Learning in Anomaly DetectionArtificially intelligent techniques to detect intruders Overview: • Machine Learning: Techniques for extracting knowledge from data • Anomaly Detection: Intrusion detection using machine learning tools • Are you interested in learning more about this field of Artificial Intelligence? Goal: • Explore different tools and algorithms already used by anomaly detection systems. • Review what the latest papers are talking about. • Find different and current algorithms for supervised, unsupervised, semi-supervised and reinforcement learning. carlos.garcia@cased.de

  17. Overview on Topics • Asymmetric DC-Nets (Fabio) • PageRank and Trust(Fabio) • Analyzing the Membership Management of P2P Botnets (Shankar) • Tracing the Botmaster(Shankar) • Attacks on AnonymizationServices (Jörg) • Anonymity Measures (Tim) • Attacks on Anonymous Communication (Tim) • Security, privacy and trust challenges in IoTplatforms (Manolis) • Security, privacy and trust challenges in IoT Machine-to-Machine (M2M) (Manolis) • Machine Learning in Anomaly Detection (Carlos) Florian Volk, Telekooperation

  18. How to work with Literature and write Scientific Material by Leonardo A. Martucci SaschaHauke Florian Volk proudly presented and edited by Carlos Garcia C.

  19. Content • What’s a scientific publication? • Finding (good) references Correct referencing • Writing your own paper • Reviewing papers * parts of this slide set are based on material provided by Guido Rößling

  20. What’s a scientific publication? • Scientific Publication a message • With scientific background • Offer a new insight of a scientific problem • Solution • Problem • Criticism • ORa survey of a research field • The message is a claim • That needs to be evaluated AND validated Leonardo Martucci - Telecooperation

  21. Types of Publications • Books • Survey (mostly) about a topic • Journal Articles • Collection of related topics into one magazine (the journal) • Quality mostly depends on the Journal • Rankings: http://www.core.edu.au/index.php/ Good Journal Good Article • Conferences and Symposia • The most recent research achievements • Strict page limits • Papers followed by a presentation • Quality is usually connected to the Conference • Rankings: http://www.core.edu.au/index.php/ Good Conference Good Paper • Workshops • Mostly for work in progress • Good for discussing new ideas Leonardo Martucci - Telecooperation

  22. References and Referencing • Refer back to the original source of information • For others to identify the foundations of your work • Giving credit, when credit is due Not doing so is REALLY bad practice A.K.A. plagiarism • Grundregeln der wissenschaftlichen Ethik am Fachbereich Informatik Leonardo Martucci - Telecooperation

  23. What should I reference? • Scientific publications • Articles, papers, books • Standards • RFC, ITU, IEEE, W3C etc. + All other non-scientific sources • Surveys • Magazines • Reports • Can I reference Wikipedia? or any other online material? YES, but mind: not reliable (or stable) information sources Leonardo Martucci - Telecooperation

  24. Writing a Scientific Publication • First, define the message • Objective of your publication define the area of research • Read the related work • Define the work around your work • Finding out what has been done • Implement your idea • Evaluate your idea • Validate your idea • Write your publication • Survey the related work • Evaluate differences • Identify trade-offs Leonardo Martucci - Telecooperation

  25. 1. Your Work, Your Message • Finding the message • The most difficult part (!) • Also, the creative one • go beyond the state of the art • Find a story line. • A message that needs science • Scientific foundations + challenges can be found in related work ! Leonardo Martucci - Telecooperation

  26. 2a. Related Work? Where? How? • Related Work? Where? • For the initial literature ask your supervisor it will give you a broad idea about the area • Check publication repositories ACM Digital Lib http://portal.acm.org/portal.cfm IEEE Xplorehttp://ieee.org/portal/site Google Scholar http://scholar.google.com Academic Search http://academic.research.microsoft.com/ Conference directories http://www.dblp.org/search/ Authors’ home pages • Other sources from the reference lists REPEAT Leonardo Martucci - Telecooperation

  27. 2b. Related Work and Relevance • Related Work ∞ • Identify the relevant sources • Evaluating the importance of a publication • Read the abstract • Check the reference list • Read the conclusions • Read the rest • Related work will • Compare your results against their results • Be used as input for a survey Good Yes No Good Yes Good Next Paper Yes Paper Read Leonardo Martucci - Telecooperation

  28. Referencing: doing it right • A reference looks like this: • there are also other reference styles • if you use LaTeX to write your report, have a look at BibTeX. authors title how was it published (proceedings) page number publisher date Leonardo Martucci - Telecooperation

  29. 4. Write your Publication • Always have a good paper structure • Organize your ideas • Organize your papers Define it BEFORE starting to add text • Plan the content of each section • Writing skills • No one learns without doing it General Guidelines: • Be concise • Be precise Leonardo Martucci - Telecooperation

  30. Peer-reviews • Peer-reviews • Peers review your work and verify its general quality • Evaluate the work before being published • Offer suggestions to improve the work (!) • How’s quality definedin a publication? • Novelty • Soundness Evaluation + Validation • Completeness • Readability • What to write • Positive and negative aspects of the work • Constructive criticism (if possible) • Offer suggestions to improve the paper e.g. + literature • Suggest an overall evaluation of the work • It is NOT the reviewer’s work • to correct the publication! • to point typos (unless if it’s one or two) Leonardo Martucci - Telecooperation

  31. Summary • A scientific publication is a message; a validated claim • Refer to the original source of information, avoidplagiarism • The peer-review shouldhelp, not criticize Good Yes • Read the abstract • Check the reference list • Read the conclusions • Read the rest No Good Yes Good Next Paper Yes Paper Read Leonardo Martucci - Telecooperation

More Related