Seminar 4 CP, winter term 2012

Florian Volk florian.volk@cased.de

based on slides from Dr. Leonardo Martucci

Security, Privacy, and Trust

What? Read and analyze current scientific

publications

Topics: Security, Privacy, Trust

Florian Volk, Telekooperation 2

General Information

How? Select a topic and study it

Write a short report

Review other reports

Present your report

Who? BSc, MSc and Diploma students from Computer Science

Electrical Engineering

and related areas

Florian Volk, Telekooperation 3

General Information

Why? Introduction to a resarch area

Learn to read and analyze scientific material

Present your evaluation

When? October 16 (today) Introduction Topic Presentation Tutorial: Working with Literature

October 23 Topic Selection

December 07 First version of your report (for the review)

December 14 Deliverable of the reviews

January 25 Final version of your report

January 31 (14:00, room 4.3.01 at CASED) Presentation of your work

Meetings with your advisor (optional)

Language? English or German Also depends on advisor

1. Pick a topic, read the provided literature

and find more literature

2. Write an overview or state-of-the-art report

3. Peer-Review process

Your report will be reviewed by a colleague (and by your advisor)

You will review a colleague‘s report

4. Correct your report following the reviewer‘s

comments

5. Give a presentation on your report

Florian Volk, Telekooperation 4

5 Steps to Success

Read

Literature

Write Report

Peer review

Correct Report

Presentation

enough

Yes

No

You get 4 graded credit points for Your report: 4-5 pages (max!) IEEE transactions style paper

(find templates on the course web page)

Your participation in the review: both active and passive

Your presentation: 15 minutes + discussion

Florian Volk, Telekooperation 5

Evaluation and Grading

You need to pass all parts!

60 %

Report

15 %

Review

25 %

Presentation

4 CP Seminar with topics on Security, Privacy, and Trust

Deadlines Topic Selection: October 23

Report‘s 1st version: December 07

Review: December 14

Report‘s final version: January 25

Presentation: January 31

Florian Volk, Telekooperation 6

At a Glance

http://www.tk.informatik.tu-darmstadt.de/ de/teaching/wintersemester-201213-d/seminar-tk-security-privacy-and-trust-s3/ florian.volk@cased.de

Seminar Topics

Smart Grids: Enhancing Privacy

Smart Grids: modernization of electrical syst. enhances users’ monitor, control and prediction

BUT

raises new security & privacy concerns

Different privacy strategies are now being considered: Aggregation of consumers’ data

Battery-driven approaches

Trusted-third parties

Goal: Overview of one of the aforementioned strategies

fabio.borges@cased.de 8

9

Attacks on Intrusion Detection Systems (IDS)

IDS: a standard security mechanism nowadays Offer Automatic detection of attacks

Most corporations use them

Multitude of detection methods exist

Usually a signature-based or anomaly-based

detection mechanism is used

Attackers try to evade an IDS, mainly with two different ways: Signature Evasion (payload/shellcode mutation, packet splitting, overlapping

fragments, etc.)

Anomaly Evasion (injecting training data, mimicry attacks, etc.)

Goal: Overview of one of the aforementioned attack classes

emmanouil.vasilomanolakis@cased.de

10

Covert Channel Attacks

Covert Channel Attacks: “A means of communicating on a computer system, where both the sender and receiver collude to leak information, over a channel not intended for the communication taking

place, in violation of a mandatory access control security policy.”

Potential Uses: Bypassing security (e.g., IDS), stealing data, evading censorship mechanisms, etc.

Detection Techniques Non-interference analysis, Covert Flow Tree, etc.

Countermeasures Traffic Normalization, limiting Covert Channel capacity, etc.

Goal:

Overview of Covert Channel Attacks, detection techniques and countermeasures

emmanouil.vasilomanolakis@cased.de

Network Resilience Metrics

Network resilience as important pre-requisite of today‘s systems

E.g., resilience to the removal of nodes:

How many nodes do I have to remove to partition the network?

Which node causes the largest number of paths to be broken?

Goal: Survey of graph-related metrics and algorithms quantifying the resilience / survivability of networks

11 mathias.fischer@cased.de

Secure Group Communication

Trustworthy communication in ad hoc/MANET scenarios (e.g., disaster response)

TETRA as a standard with drawbacks

What is required: Confidentiality

Authentication & Integrity

Fine-grained Access Control

Secure Broadcast (e.g., geographical restricted)

Goal: Survey of methods to establish secure channels in an ad hoc manner

12 mathias.fischer@cased.de

Botnets: Hiding & Defense Mechanisms

Overview: Botnets: Infected machines/computers over the Internet (via Malwares) and

turned into Bots/Zombies/Drones.

Bots can be instructed to execute malicious activities by the Botherder/Botmaster

Difficult to detect because of the hiding & defense mechanisms

Goal: State-of-the-art survey on Botnet’s hiding-and-defense mechanisms

shankar.karuppayah@cased.de 13

Botnets: ‘Protecting’ the Communication-and-Control Mechanism

Overview: Infected Bots need to contact the Botmaster (controls the Bots) via

Command-and-Control (C&C) mechanism Seek next instruction/actions

Botmasters place high importance in protecting the C&C and its communication medium/methods

Goal: State-of-the-art survey on how the C&C’s are ‘protected’ by the Botmasters

shankar.karuppayah@cased.de 14

Trust Management in MANETs, WANETs und WSNs

Trust is a important if you want to cooperate Wireless and distributed networks are based upon

collaboration to achieve the goals of all participants

Trust and reputation mechanisms help agents to ensure the trustworthiness of others

Goals:

Survey a number of existing trust models

Discuss how they are used in the context of different Wireless scenarios

Velloso, P. B. et al. (2010). Trust management in mobile ad hoc networks using a scalable maturity-based model. IEEE Transactions on Network and Service

Management, 7(3), 172-185.

Yu, H. et al (2010). A Survey of Trust and Reputation Management Systems in Wireless Communications. Proceedings of the IEEE, 98(10), 1755-1772.

Román, R. et al (2009). Trust and Reputation Systems for Wireless Sensor Networks. In S. Gritzalis, T. Karygiannis, & C. Skianis (Eds.), Security and Privacy in Mobile and Wireless Networking (pp. 105-128). Leicester, United Kingdom: Troubadour Publishing, Ltd.

sascha.hauke@cased.de 15

Heterogeneous Wireless Networks

Heterogeneous WSNs are networks that can be made up of different device classes They are convenient to provide inclusion of citizens,

eg, through participatory sensing

Their heterogeneity poses particular challenges to securing these networks

Goals:

Provide a short survey of existing heterogeneous WSN models, highlighting their constituent parts and characteristics

Discuss their application in the real world J. Sarangapani Wireless Ad hoc and Sensor Networks: Protocols, Performance, and Control, 2007 :CRC Press

I. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci. A survey on sensor networks. IEEE Communications Magazine, 40(8):102–114, August

K. Akkaya, M. Younis. A survey on routing protocols for wireless sensor networks. Ad Hoc Networks, Volume 3, Issue 3, May 2005, Pages 325–349

sascha.hauke@cased.de 16

Differential Privacy

Statistical DB are widely used e.g. in med.

Medical research needs this Data

But it is also a threat to your privacy:

Disclosure of identity

Association of sensitive attributes

Linking of records and across DBs

DB Sanitation algorithms has been proposed

Differential Privacy shows a fundamental problem with all of them

Goal: Overview and comparison of post differential privacy DB sanitation methods

ID age gen. Medical conditions

54832 20 m

49385 69 f

34854 45 m

43024 19 f

23945 48 m

29394 30 f

stefan.schiffner@cased.de 17

Survey: Cryptography in PPDM

Data Mining is the discipline of discovering knowledge in databases

But also a threat to your privacy:

Identity disclosure

Association of sensitive attributes

Privacy-preserving Data Mining (PPDM)

Variety of cryptographic primitives exists:

Homomorphic encryption, private keyword search, order preserving encryption, garbled circuits, […]

What can be used for PPDM today?

Which problems are solved, and what are the costs?

Goal: Survey state-of-the-art PPDM cryptography. Compare goals and drawbacks.

joerg.daubert@cased.de 18

Survey: Pub/Sub Simulation Environments

Publish/Subscribe (pub/sub)

Powerful event dissemination, old but:

Building block for the Internet of Things (IoT)

Cool paradigm for distributed mobile applications

Great to play around with, but security & privacy challenge

Many prototypes and simulators exist

Reference implementations:

Source available and usable?

What can be measured?

Add-ons for simulators:

What are the pub/sub capabilities?

What about cryptography?

Goals: (1) List and compare open pub/sub prototypes & simulators. (2) Survey publications & extensions.

joerg.daubert@cased.de 19

Reputation Propagation

Ratings for Composed Services need to be distributed to the single services that form the composite

A paper from Nepal, Malik and Bouguettaya in 2009 offers some first solutions but leaves a lot of questions unanswered.

florian.volk@cased.de

Goals:

Understand and explain the algorithm proposed in the paper

Look for newer publications targeting the same problem and probably offering solutions to questions left open by Nepal et al.

20

Graphical Trust Representation

Trust is hard to visualize, especially when it is the outcome of a complex computational model.

Goals: Understand the basics of the trust models CertainTrust

and Beta Reputation System (it’s easier than it seems)

Select criteria for visual trust representations

Compare the Opinion Triangle, Human Trust Interface, and a third one (to be selected by you) according to your criteria

florian.volk@cased.de

Human Trust Interface Opinion Triangle

21

Suggest a topic :)

Florian Volk, Telekooperation 22

Your Song

1. Smart Grids: Enhancing Privacy (Fábio Borges)

2. Attacks on Intrusion Detection Systems (IDS) (Emmanouil Vasilomanolakis)

3. Covert Channel Attacks (Emmanouil Vasilomanolakis)

4. Network Resilience Metrics (Mathias Fischer)

5. Secure Group Communication (Mathias Fischer)

6. Botnets: Hiding & Defense Mechanisms (Shankar Karuppayah)

7. Botnets: ‘Protecting’ the Communication-and-Control Mechanism (Shankar K.)

8. Trust Management in MANETs, WANETs und WSNs (Sascha Hauke)

9. Heterogeneous Wireless Networks (Sascha Hauke)

10. Differential Privacy (Stefan Schiffner)

11. Survey: Cryptography in PPDM (Jörg Daubert)

12. Survey: Pub/Sub Simulation Environments (Jörg Daubert)

13. Reputation Propagation (Florian Volk)

14. Graphical Trust Representation (Florian Volk)

Florian Volk, Telekooperation 23

Overview on Topics

by

Leonardo A. Martucci

Sascha Hauke

proudly presented and edited by

Florian Volk

How to work with Literature and write Scientific Material

CONTENT

What’s a scientific publication?

Finding (good) references

Correct referencing

Writing your own paper

Reviewing papers

*parts of this slide set are based on material provided by Guido Rößling

Basically a message With scientific background

Offer a new insight of a scientific problem

(solution)

OR a survey of a research field

The message is a claim That needs to be evaluated

AND validated

Leonardo Martucci - Telecooperation

What’s a scientific publication?

26

Books Surveys (mostly) about a topic

Theses Doctoral dissertations and Master theses

Very focused scientific work and finding

Articles and Papers Articles appear in Journals

Papers in Conferences, Symposia, Workshops

New findings and concepts

Leonardo Martucci - Telecooperation

How does a publication looks like?

27

Standards and RFC Define the common ground

Thoroughly reviewed

Published by a standardization body

Technical Reports A focused scientific work

White papers published by vendors

Sometimes biased

Not reviewed

Leonardo Martucci - Telecooperation

How does a publication looks like?

28

Journal Articles Quality mostly depends on the Journal

Good Journal Good Article

Sometimes articles are outdated

Conferences and Symposia Quality is usually connected to the Conference

Good Conference Good Paper

The most recent research achievements

Workshops Mostly for work in progress

Good for discussing new ideas

Leonardo Martucci - Telecooperation

Articles and Papers

29

Standards relate to a given technology ITU-T standards

ITU is the UN agency for ICT standards

ITU-T defines standards for telecom

e.g. the X series

IEEE standards

Industrial standards, including ICT

e.g. IEEE 802 standard family

IETF

Internet related standards i.e. RFC

e.g. IP addressing scheme

TCP, TLS protocols, routing

Always pay attention on the RFC status

Leonardo Martucci - Telecooperation

Standards and RFC

30

Refer back to the original source of information For others to identify the foundations of your work

Giving credit, when credit is due

Not doing so is REALLY bad practice

aka plagiarism

Grundregeln der wissenschaftlichen Ethik am Fachbereich Informatik

Leonardo Martucci - Telecooperation

References and Referencing

31

Scientific publications Articles, papers, books

Standards RFC, ITU, IEEE, W3C, etc.

+ All other non-scientific sources Surveys

Magazines

Reports

Can I reference Wikipedia?

or any other online material?

YES, but mind: not reliable (or stable) information sources

Leonardo Martucci - Telecooperation

What should I reference?

32

First, define the message Objective of your publication

define the area of research

Read the related work Define the work around your work

Finding out what has been done

Implement your idea Evaluate your idea

Validate your idea

Write your publication

Leonardo Martucci - Telecooperation

Writing a Scientific Publication

Survey the related work Evaluate differences

Identify trade-offs

33

Finding the message The most difficult part (!)

Also, the creative one

going beyond the state of the art

A message that needs science Scientific foundations + challenges

can be found in the related work

Leonardo Martucci - Telecooperation

Your Work, Your Message

!

34

Related Work? Where? For the initial literature ask a researcher in the field

it will give you a broad idea about the area

Check publication repositories

ACM Digital Lib http://portal.acm.org/portal.cfm

IEEE Xplore http://ieee.org/portal/site

Google Scholar http://scholar.google.com

Academic Search http://academic.research.microsoft.com/

Conference directories http://dblp.uni-trier.de/

Authors’ home pages

Other sources from the reference lists

REPEAT

Leonardo Martucci - Telecooperation

Related Work? Where? How?

35

Related Work ∞ Identify the relevant sources

Evaluating the importance of a publication

1. Read the abstract

2. Check the reference list

3. Read the conclusions

4. Read the rest

Related work will Compare your results against their results

Be used as input for a survey

Leonardo Martucci - Telecooperation

Related Work and Relevance

Good

Good

Good

Paper Read

Next Paper

No

Yes

Yes

Yes

36

A reference looks like this:

there are also other reference styles

Leonardo Martucci - Telecooperation

Referencing: doing it right

authors

title

how was it published (proceedings) publisher date page number

37

Complete entries using BibTeX DBLP (Uni-Trier), ACM Digital Library, etc.

In the text, you just need to use: \cite{MartucciKAP08}

Leonardo Martucci - Telecooperation

Referencing with BibTeX

@inproceedings{MartucciKAP08, author = {Leonardo A. Martucci and Markulf Kohlweiss and Christer Andersson and Andriy Panchenko}, title = {Self-certified Sybil-free pseudonyms}, booktitle = {WISEC}, year = {2008}, pages = {154-159}, ee = {http://doi.acm.org/10.1145/1352533.1352558}, crossref = {wisec/2008} } @proceedings{wisec/2008, editor = {Virgil D. Gligor and Jean-Pierre Hubaux and Radha Poovendran}, title = {Proceedings of the First ACM Conference on Wireless Network Security, WISEC 2008, Alexandria, VA, USA, March 31 - April 02, 2008}, booktitle = {WISEC}, publisher = {ACM}, year = {2008}, isbn = {978-1-59593-814-5} }

38

Write your publication

Leonardo Martucci - Telecooperation 39

Always have a good paper structure Organize your ideas

Organize your papers

Define it BEFORE starting to add text

Plan the content of each section

Writing skills No one learns without doing it

General Guidelines:

Be concise

Be precise

Leonardo Martucci - Telecooperation

Structure is the Key!

40

Reviews and Reviewing

Leonardo Martucci - Telecooperation 41

Peer-reviews Peers review your work and verify its general quality

Evaluate the work before being published

Offer suggestions to improve the work (!)

How’s quality defined in a publication?* Novelty

Soundness

Evaluation + Validation

Completeness

Readability

Leonardo Martucci - Telecooperation

Peer-reviews

* it sometimes depends on the venue

42

What to write Positive and negative aspects of the work

Constructive criticism (if possible)

Offer suggestions to improve the paper

e.g. + literature

Suggest an overall evaluation of the work

It is NOT the reviewer’s work to correct the publication!

to point typos (unless if it is one or two)

Leonardo Martucci - Telecooperation

Writing a Review

43

What’s a scientific publication?

Finding (good) references

Correct referencing

Writing your own paper

Reviewing papers

Leonardo Martucci - Telecooperation

Summary

44