seminar tk: security, privacy, and trust
DESCRIPTION
Seminar TK: Security, Privacy, and Trust. 4 CP, WiSe 2014/2015 Carlos Garcia C. c [email protected] based on slides by Dr. Leonardo Martucci and Florian Volk. General Information. What ? Read and analyze current scientific publications Topics: Security, Privacy, Trust. How ? - PowerPoint PPT PresentationTRANSCRIPT
4 CP, WiSe 2014/2015Carlos Garcia C.
based on slides by Dr. Leonardo Martucci and Florian Volk
Seminar TK: Security, Privacy, and Trust
2
What? Read and analyze current scientific
publications Topics: Security, Privacy, Trust
Carlos Garcia C., Telekooperation
General Information
How? Select a topic and study it Write a short report Review other reports Present your report
Who? BSc, MSc and Diploma students from
Computer Science Electrical Engineering and related areas
3Carlos Garcia C., Telekooperation
General Information
Why? Introduction to a resarch area Learn to read and analyze
scientific material Present your evaluation
When? October 14 (now)
Introduction Topic presentation Tutorial: Working with Literature
October 21 (1 week) Topic selection
November 18 (5 weeks) First version of your report (to be reviewed)
December 02 (7 weeks) Deliverable of the reviews of your peers
February 03 (16 weeks) First version of your presentation Final version of your report
February 10 (13:00) Presentation of your work
Meetings with your advisor (optional)
Language? English
Even though your advisor might speak German, your report hasto be in English
4
1. Pick a topic, read the provided literatureand find more literature
2. Write an overview or state-of-the-art report
3. Peer-Review process Your report will be reviewed by a colleague
and by your advisor You will review a colleague‘s report
4. Correct and improve your report following the reviewer‘s comments
5. Give a presentation on your report
Carlos Garcia C., Telekooperation
5 Steps to Success
Read Literature
Write Report
Peer review
Correct Report
Presentation
enough
Yes
No
5
You get 4 graded credit points for Your report: 4-5 pages IEEE transactions style paper
(find templates on the course web page) Your participation in the review: both active and passive
Your presentation: 15 minutes + discussion
Carlos Garcia C., Telekooperation
Evaluation and Grading
You need to pass all parts!
60 %
Report
15 %
Review
25 %
Presentation
Seminar Topics
Asymmetric DC-Nets
Scalable:In general, asymmetric DC-Nets are more efficient than symmetric DC-Nets and homomorphic encryption schemes. Verifiable:Similarly to commitments, participants can prove their messages sent.
Goal:The main goal is to compare the algorithms used in privacy-
preserving protocols and survey the differences between them.
Trust is a very important element for decisions.
Computational trust and reputation models.
PageRank is a very importantalgorithm to rank.
Widely used in the Internet.
Different trust models are now being considered.
Goal: Overview and classify different strategies and compare them with PageRank. Identify security and privacy issues in such strategies.
PageRank and Trust
12.5 1.3
1.21.4
Analyzing the Membership Management of P2P Botnets
Overview: P2P botnets are very resilient to take downs A botnet is organized based on the membership management (MM) MM influences the resulting overlay structure of each botnet Some botnets are more resilient than others
Goal: State-of-the-art survey on all P2P Botnet’s membership management and their associated
advantages and disadvantages.
Tracing the Botmaster
Overview: In P2P botnets (or networks), command can be issued at any node Absence of a centralized component, makes it difficult to trace the botmasters However, metadata from other nodes, e.g., time a command received, more information
can be inferred about the source.
Goal: State-of-the-art survey on techniques that can be used in identifying source node or
source path in a P2P network.
Anonymous services gaining popularity Add-on: Tor, JAB, Crowds, (Firefox) Integrated: diaspora*, GNUnet, FireChat
Attacks attempt to … Disclose participants (Anonymity) Disrupt service (Availability)
Attacks on Anonymization Services
Motivation
Task Survey and categorize attacks
How are the attacks performed? Which features / weaknesses are exploited?
Collaboration with “Attacks on Anonymous Communication”
Anonymity Measures
Anonymous Communication Systems are trying to hide your and your communication partners identity while communicating
How is anonymity been measured?
Goal: Survey on anonymity measures, their strength and weaknesses
Attacks on Anonymous Communication
Anonymous Communication Systems are trying to hide your identity Are the “Snowden insights” (already) represented in attacker models? What are current attacker’s capabilities?
Goal: State of the art survey on attacker models and capabilities
Security, privacy and trust challenges in IoT platforms
IoT: The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices.
Platforms: Many IoT platforms and architectures have been proposed, e.g., IoT-A ARM, BETaaS, OpenIoT, IEEE P2413, etc.
Problem: What kind of mechanisms are utilized in the proposed platforms to ensure security, privacy, and trust?
Goal: Survey and comparison of the security features of specific IoT platforms and architectures.
Security, privacy and trust challenges in IoT Machine-to-Machine (M2M)
M2M: In IoT, M2M refers to technologies that allow both wireless and wired systems to communicate with other devices of the same type.
Platforms: Many M2M platforms and architectures exist, e.g., ITU FG M2M Service Layer, IP for Smart Objects (IPSO), ETSI TC M2M, TIA TR-50 M2M, 3GPP / 3GPP2, etc.
Problem: What kind of mechanisms are utilized in the proposed platforms to ensure security, privacy, and trust?
Goal: Survey and comparison of the security features of specific M2M platforms and architectures.
Machine Learning in Anomaly Detection Artificially intelligent techniques to detect intruders
Overview: Machine Learning: Techniques for extracting knowledge from data Anomaly Detection: Intrusion detection using machine learning tools Are you interested in learning more about this field of Artificial Intelligence?
Goal: Explore different tools and algorithms already used by
anomaly detection systems. Review what the latest papers are talking about. Find different and current algorithms for supervised,
unsupervised, semi-supervised and reinforcement learning.
Florian Volk, Telekooperation 17
1. Asymmetric DC-Nets (Fabio)2. PageRank and Trust (Fabio)3. Analyzing the Membership Management of P2P Botnets (Shankar)4. Tracing the Botmaster (Shankar)5. Attacks on Anonymization Services (Jörg)6. Anonymity Measures (Tim)7. Attacks on Anonymous Communication (Tim)8. Security, privacy and trust challenges
in IoT platforms (Manolis)9. Security, privacy and trust challenges
in IoT Machine-to-Machine (M2M) (Manolis)10. Machine Learning in Anomaly Detection (Carlos)
Overview on Topics
by
Leonardo A. MartucciSascha HaukeFlorian Volk
proudly presented and edited by
Carlos Garcia C.
How to work with Literature and write Scientific Material
CONTENT What’s a scientific publication? Finding (good) references
Correct referencing Writing your own paper Reviewing papers
* parts of this slide set are based on material provided by Guido Rößling
Leonardo Martucci - Telecooperation
Scientific Publication a message With scientific background Offer a new insight of a scientific problem
Solution Problem Criticism
OR a survey of a research field
The message is a claim That needs to be evaluatedAND validated
What’s a scientific publication?
01
Leonardo Martucci - Telecooperation
Books Survey (mostly) about a topic
Journal Articles Collection of related topics into one magazine (the journal) Quality mostly depends on the Journal Rankings: http://www.core.edu.au/index.php/
Good Journal Good Article
Conferences and Symposia The most recent research achievements Strict page limits Papers followed by a presentation Quality is usually connected to the Conference Rankings: http://www.core.edu.au/index.php/
Good Conference Good Paper
Workshops Mostly for work in progress Good for discussing new ideas
Types of Publications
02
Leonardo Martucci - Telecooperation
Refer back to the original source of information For others to identify the foundations of your work Giving credit, when credit is due
Not doing so is REALLY bad practice A.K.A. plagiarism Grundregeln der wissenschaftlichen Ethik am Fachbereich Informatik
References and Referencing
03
Leonardo Martucci - Telecooperation
Scientific publications Articles, papers, books
Standards RFC, ITU, IEEE, W3C etc.
+ All other non-scientific sources Surveys Magazines Reports
Can I reference Wikipedia?or any other online material?
YES, but mind: not reliable (or stable) information sources
What should I reference?
04
Leonardo Martucci - Telecooperation
1. First, define the message Objective of your publication
define the area of research
2. Read the related work Define the work around your work Finding out what has been done
3. Implement your idea Evaluate your idea Validate your idea
4. Write your publication
Writing a Scientific Publication
3. Survey the related work Evaluate differences Identify trade-offs
05
Leonardo Martucci - Telecooperation
Finding the message The most difficult part (!) Also, the creative one
go beyond the state of the art Find a story line.
A message that needs science Scientific foundations + challenges
can be found in related work
1. Your Work, Your Message
!
06
Leonardo Martucci - Telecooperation
Related Work? Where? For the initial literature ask your supervisor
it will give you a broad idea about the area
Check publication repositoriesACM Digital Lib http://portal.acm.org/portal.cfm
IEEE Xplore http://ieee.org/portal/site
Google Scholar http://scholar.google.com
Academic Search http://academic.research.microsoft.com/
Conference directories http://www.dblp.org/search/Authors’ home pages
Other sources from the reference listsREPEAT
2a. Related Work? Where? How?
07
Leonardo Martucci - Telecooperation
Related Work ∞ Identify the relevant sources Evaluating the importance of a publication
1. Read the abstract
2. Check the reference list
3. Read the conclusions
4. Read the rest
Related work will Compare your results against their results Be used as input for a survey
2b. Related Work and Relevance
Good
Good
Good
Paper Read
Next Paper
No
Yes
Yes
Yes
08
Leonardo Martucci - Telecooperation
A reference looks like this:
there are also other reference styles
if you use LaTeX to write your report, have a look at BibTeX.
Referencing: doing it right
authors
title
how was it published(proceedings)publisher date page number
09
Leonardo Martucci - Telecooperation
Always have a good paper structure Organize your ideas Organize your papersDefine it BEFORE starting to add text
Plan the content of each section
Writing skills No one learns without doing itGeneral Guidelines: Be concise Be precise
4. Write your Publication
10
Leonardo Martucci - Telecooperation
Peer-reviews Peers review your work and verify its general quality Evaluate the work before being published Offer suggestions to improve the work (!)
How’s quality definedin a publication?
Novelty Soundness
Evaluation + Validation Completeness Readability
Peer-reviews
11
What to write Positive and negative aspects of the work Constructive criticism (if possible) Offer suggestions to improve the paper
e.g. + literature Suggest an overall evaluation of the work
It is NOT the reviewer’s work to correct the publication! to point typos (unless if it’s one or two)
Leonardo Martucci - Telecooperation
A scientific publication is a message; a validated claim
Refer to the original source of information, avoid plagiarism
The peer-review should help, not criticize
12
Summary
Good
Good
Good
Paper Read
Next Paper
No
Yes
Yes
Yes
1. Read the abstract
2. Check the reference list
3. Read the conclusions
4. Read the rest