Adv. Network Security

How to Conduct Research in Network Security

Background

• Infosec Fundamentals– Crypto. hash functions

• Properties

– Symmetric key crypto.• How it is used

– Public key crypto.• How it is used• Possibly: basic number theory

– General infosec requirements• Standard Attacks

Class Goals

• Research– How to find problems/ideas– How to identify good solutions– How to evaluate solutions– How to present the work

• Network Security Research– Specific Problems– Specific Tools, Technologies, Methods– Attacks

Grading

• Final Project: 50%– Pre-project report: 15%– Pre-project presentation: 5%– Final project report: 25%– Final project presentation: 5%

• Paper Presentations: 20%• Homeworks: 30%

Final Project

• Purpose– Demonstrate ability to do original research

• Stages– 1. Choosing the project– 2. Create a direction & a testable idea

• Pre-project proposal due March 10th.

– 3. Experiment/Develop– 4. Present

• Final report due on May 5th.

Final Project

• Project idea– Originality/Creativity

• is it interesting and novel?

– Value• is it a useful contribution?

• Methodology– Correctness

• does it test the right thing?

– Depth• is it a thorough investigation?

Final Project

• Experiment– Did it work?– How do you adapt?/future work

• Presentation– Highlighting key contributions– Clear presentation of results– Understanding of the related work

Paper Presentations

• Purpose– Develop Presentation Skills– Deeply understand a subset of the papers

• Paper Choice– We’ll discuss topics together as a class– I will choose most/all papers– Students can choose dates (e.g., which papers)

Paper Presentations

• Time– 40 minutes

• Grading– 50% other students– 50% me

• Criteria– Highlight key contributions

• in light of related work

– Clarity, Preparation, Depth of understanding

Homeworks

• Purpose– Directed study of the papers– Create discussion points for class

• Due– Every class– If not there in person, lose a point

• Still due within 1 week

– 3 pts. scale• 0 - no good, 1 - weak, 2 - usual, 3 - very good

Possible Topics

• BGP Security– Leap Frog– Aggregated Path Authentication

Possible Topics

• Automated Trust Negotiation– Using Cryptographic Credentials– Attribute Information Leakage

Possible Topics

• P2P Security– Redundancy is cost-ineffective– Secure Publish-Subscribe Overlay– Applications of Secure E-Voting to

Automated Privacy-Preserving Troubleshooting

– Secure Collaboration

Possible Topics

• New Attacks– Misbehaving TCP Receivers– Fast Dictionary Attacks– Exploiting Open functionality in SMS– Mapping Internet Sensors– Vuln. of Passive Internet Monitors

Possible Topics

• Worms– Deriving Unknown Vulnerabilities

• Zero-day exploits

– Effectiveness of Dist. Worm Monitoring– Polygraph: Sig. Generation– Worm Origin ID Using Random Moonwalks

Possible Topics

• DDoS Prevention– Stateless Multipath Overlays– Empirical Study of DOS attacks

Possible Topics

• Reputation– Anomaly Detection– A Framework ... History-based Access

Control

Possible Topics

• Key Management– Dynamic and Efficient ... Access

Hierarchies– Modeling Insider Attacks

Possible Topics

• Anonymity & Timing Attacks– Tracking VoIP Calls– Flooding attack on Tor– Improving Brumley and Boneh (SSH)

Possible Topics

• RFID– Untraceable RFID Tags– Security analysis of a device

Possible Topics

• e-Voting– Cryptographic Voting Protocols: Systems

Perspective– Analysis of a e-Voting System (Diebold)

Possible Topics

• NIDS & Network Defense– Fast and Automated Gen. of Attack Sigs– Gen. Semantic Aware Sigs (2)– MulVAL: Netsec analyzer– Shadow Honeypots– Language-based gen.– Automaton Inlining