Adv. Network Security How to Conduct Research in Network Security
Background Infosec Fundamentals –Crypto. hash functions Properties –Symmetric key crypto. How it is used –Public key crypto. How it is used Possibly: basic number theory –General infosec requirements Standard Attacks
Class Goals Research –How to find problems/ideas –How to identify good solutions –How to evaluate solutions –How to present the work Network Security Research –Specific Problems –Specific Tools, Technologies, Methods –Attacks
Grading Final Project: 50% –Pre-project report: 15% –Pre-project presentation: 5% –Final project report: 25% –Final project presentation: 5% Paper Presentations: 20% Homeworks:30%
Final Project Purpose –Demonstrate ability to do original research Stages –1. Choosing the project –2. Create a direction & a testable idea Pre-project proposal due March 10th. –3. Experiment/Develop –4. Present Final report due on May 5th.
Final Project Project idea –Originality/Creativity is it interesting and novel? –Value is it a useful contribution? Methodology –Correctness does it test the right thing? –Depth is it a thorough investigation?
Final Project Experiment –Did it work? –How do you adapt?/future work Presentation –Highlighting key contributions –Clear presentation of results –Understanding of the related work
Paper Presentations Purpose –Develop Presentation Skills –Deeply understand a subset of the papers Paper Choice –We’ll discuss topics together as a class –I will choose most/all papers –Students can choose dates (e.g., which papers)
Paper Presentations Time –40 minutes Grading –50% other students –50% me Criteria –Highlight key contributions in light of related work –Clarity, Preparation, Depth of understanding
Homeworks Purpose –Directed study of the papers –Create discussion points for class Due –Every class –If not there in person, lose a point Still due within 1 week –3 pts. scale 0 - no good, 1 - weak, 2 - usual, 3 - very good
Possible Topics BGP Security –Leap Frog –Aggregated Path Authentication
Possible Topics Automated Trust Negotiation –Using Cryptographic Credentials –Attribute Information Leakage
Possible Topics P2P Security –Redundancy is cost-ineffective –Secure Publish-Subscribe Overlay –Applications of Secure E-Voting to Automated Privacy-Preserving Troubleshooting –Secure Collaboration
Possible Topics New Attacks –Misbehaving TCP Receivers –Fast Dictionary Attacks –Exploiting Open functionality in SMS –Mapping Internet Sensors –Vuln. of Passive Internet Monitors
Possible Topics Worms –Deriving Unknown Vulnerabilities Zero-day exploits –Effectiveness of Dist. Worm Monitoring –Polygraph: Sig. Generation –Worm Origin ID Using Random Moonwalks
Possible Topics DDoS Prevention –Stateless Multipath Overlays –Empirical Study of DOS attacks
Possible Topics Reputation –Anomaly Detection –A Framework... History-based Access Control
Possible Topics Key Management –Dynamic and Efficient... Access Hierarchies –Modeling Insider Attacks
Possible Topics Anonymity & Timing Attacks –Tracking VoIP Calls –Flooding attack on Tor –Improving Brumley and Boneh (SSH)
Possible Topics RFID –Untraceable RFID Tags –Security analysis of a device
Possible Topics e-Voting –Cryptographic Voting Protocols: Systems Perspective –Analysis of a e-Voting System (Diebold)
Possible Topics NIDS & Network Defense –Fast and Automated Gen. of Attack Sigs –Gen. Semantic Aware Sigs (2) –MulVAL: Netsec analyzer –Shadow Honeypots –Language-based gen. –Automaton Inlining