Dr. Gerald Kruse, Ph.D. John ‘54 and Irene ‘58 Dale Professor of MA, CS, and IT Assistant Provost Juniata College

First, a little about Juniata

William Phillips, Class of 1971!

The “Hemi” Engine ‘57 Chrysler pictured below

Designer Thomas Hoover, ‘53

$1,000,000 to the first algorithm that was 10% better than Netflix’s original algorithm What movie should we pick? $1,000,000 to the first algorithm that was 10% better than Netflix’s original algorithm

The first 8% improvement was easy…

“Just A Guy In A Garage” Psychiatrist father and “hacker” daughter team

The first 8% improvement was easy… Team from Bell Labs ended up winning

Here’s an interesting billboard, from a few years ago in Silicon Valley

First 70 digits of e

What happened for those who found the answer? The answer is Those who typed in the URL, ended up getting another puzzle. Solving that lead them to a page with a job application for… Google!

Juniata’s 2015 Summer Read – Little Brother Author Cory Doctorow’s books can be downloaded for free at his website: Cory Doctorow is an activist on the issues of intellectual access and intellectual property. Little Brother “takes place in the future (near future) and explores what types of compromises our society and government are willing to make in the aftermath of a terrorist attack.” (from the announcing Juniata’s summer read)

Juniata’s 2015 Summer Read – Little Brother Protagonist is Marcus, high school hacker, nickname: w1n5t0n (“winston” in leet). Likes to confound his school’s surveillance technology. Marcus is in the wrong place, at the wrong time, and gets detained by Homeland Security. Marcus is warned that he will be “under surveillance” when released after several days Marcus revolts by setting up technological attacks on the DHS in order “to [thwart] further efforts to restrict personal liberty.”

Surveillance Techniques in Little Brother 1) Gait recognition - “not mature yet” 2) Cracking the “SchoolBook” laptops - Yes. - via a Rootkit, a collection of computer software, which enables access by an unauthorized user, to restricted areas of its software that would not otherwise be allowed, while at the same time masking its existence or the existence of other software. $sys$ filename - mobile devices in K-12 used to change TV channels… The presence of these two elements helped set the context, this “near future” surveillance state…

Surveillance Techniques in Little Brother 3) Paranoid Linux / Paranoid XBOX - not mature as characterized in the book - questionable plot twist: who has an unopened Xbox laying around in their closet? 4) RFID tags, aka “arphid” - Nuking: - Reprogramming RFID? It depends… not for low frequency, probably for high frequency

Surveillance Techniques in Little Brother 5) IMParanoid and TOR – The Onion Router - YES! - a network of volunteer-operated servers that are connected through a series of virtual tunnels rather than making a direct connection (web- surfing, , instant messaging)

Steganography – Hiding in Plain Sight 1) Whisper a message… 2) Did you want to get in on the “secret message?” 3) If no one knows that you are sending a message, then they are less likely to pay attention to your communications. 4) A technique Julius Caesar used to send messages.

Steganography – Hiding in Plain Sight

Consider this representation of an image

Steganography – Hiding in Plain Sight Consider this representation of an image Each “column” is one pixel

Steganography – Hiding in Plain Sight Consider this representation of an image Each “column” is one pixel If each color is 8 bits, then there would be 8 “layers”

If you remove the least significant “layer” of each pixel, and replace it with a message, the image doesn’t change much Original image Image with embedded text

faculty.juniata.edu/kruse

Source code for faculty.juniata.edu/kruse <img src="junback2.jpg" border="0" height="55" width="151"> These Are A Few of My Favorite Links If I have agreed to write you a letter of recommendation: Instructions for Recommendations Helpful advice on summer research and graduate school in Computer Science: Computing Community Consortium

Histograms 1) Those “columns” in the image are just numbers, right? 2) in binary is 1*2 7 +1*2 4 +1*2 3 +1*2 0 = = 153 3) Create a histogram (bar chart created from a single column of quantitative values) of all these pixel values

Histograms If you have many black and white photographs with histograms like this

Histograms If you have many black and white photographs with histograms like this But you encounter a histogram like this, an outlier, then you would probably investigate

Histograms – hunting for outliers 1) In normal web-traffic, a small percentage is encrypted. 2) Marcus communicated with his friends using the operating system “ParanoidLinux.” 3) Their web-traffic had a much higher percentage of encryption. 4) A histogram characterizing the form of their traffic would be an outlier, prompting further surveillance, even if the traffic could not be decrypted. 5) In the book, Marcus also points out that histograms from tracking movements with RFID chips could identify abnormal life patterns, and many innocent people with secrets were harassed.

The False Positive Paradox 1) Do you react when you hear a car alarm? 2) Why not? 3) Approximately 250,000,000 motor vehicles are registered in the U.S. 4) Approximately 700,000 cars are stolen each year, which is 0.3%.

The False Positive Paradox – Page 47 Car StolenCar NOT StolenROW TOTAL COLUMN TOTAL

The False Positive Paradox – Page 47 Car StolenCar NOT StolenROW TOTAL Car Alarm Sounds (Test is Positive) Car Alarm Does NOT Sound (Test is Negative) COLUMN TOTAL

The False Positive Paradox – Page 47 Car StolenCar NOT StolenROW TOTAL Car Alarm Sounds (Test is Positive) Car Alarm Does NOT Sound (Test is Negative) COLUMN TOTAL Sensitivity refers to the True Positives, the proportion of cars being stolen that the car alarm detects accurately. Specificity refers to the True Negatives, the proportion of cars NOT being stolen whose alarms don’t sound.

The False Positive Paradox – Page 47 Car StolenCar NOT StolenROW TOTAL Car Alarm Sounds (Test is Positive) 3 ~= 99% of 3 “True Positive” Car Alarm Does NOT Sound (Test is Negative) 987 ~= 99% of 997 “True Negative” COLUMN TOTAL Sensitivity refers to the True Positives, the proportion of cars being stolen that the car alarm detects accurately. Specificity refers to the True Negatives, the proportion of cars NOT being stolen whose alarms don’t sound. For our example, let’s make the Sensitivity and Specificity both 99%.

The False Positive Paradox – Page 47 Car StolenCar NOT StolenROW TOTAL Car Alarm Sounds (Test is Positive) 3 “True Positive” 10 ~= 1% of 997 “False Positive” 13 Car Alarm Does NOT Sound (Test is Negative) 0 ~= 1% of 3 “False Negative” 987 “True Negative” 987 COLUMN TOTAL Sensitivity refers to the True Positives, the proportion of cars being stolen that the car alarm detects accurately. Specificity refers to the True Negatives, the proportion of cars NOT being stolen whose alarms don’t sound. For our example, let’s make the Sensitivity and Specificity both 99%. A False Positive occurs when a car alarm sounds but the car is not being stolen. A False Negative occurs when a car alarm does not sound, but the car is being stolen.

The False Positive Paradox – Page 47 Car StolenCar NOT StolenROW TOTAL Car Alarm Sounds (Test is Positive) 3 “True Positive” 10 “False Positive” 13 Car Alarm Does NOT Sound (Test is Negative) 0 “False Negative” 987 “True Negative” 987 COLUMN TOTAL Sensitivity refers to the True Positives, the proportion of cars being stolen that the car alarm detects accurately. Specificity refers to the True Negatives, the proportion of cars NOT being stolen whose alarms don’t sound. For our example, let’s make the Sensitivity and Specificity both 99%. A False Positive occurs when a car alarm sounds but the car is not being stolen. A False Negative occurs when a car alarm does not sound, but the car is being stolen.

The False Positive Paradox – Page 47 Car StolenCar NOT StolenROW TOTAL Car Alarm Sounds (Test is Positive) 3 “True Positive” 10 “False Positive” 13 Car Alarm Does NOT Sound (Test is Negative) 0 “False Negative” 987 “True Negative” 987 COLUMN TOTAL % (10 of 13) of the car alarms are incorrect! This is why medical screenings typically test a “B” sample with a more thorough test. And it is worse for things that rarely ocurr.

Public Key Cryptography

Cryptography “here's the Cliff's Notes version: Some kinds of mathematical functions are really easy to do in one direction and really hard to do in the other direction. It's easy to multiply two big prime numbers together and make a giant number. It's really, really hard to take any given giant number and figure out which primes multiply together to give you that number.” Page 36, Little Brother

Public Key Cryptography Pick 2 large primes, p and q, such that p != q Compute n = p * q Select a small odd integer, e that is relatively prime* to (p-1)*(q-1) Compute d as the multiplicative inverse of e * * Publish P = ( e, n ) as the Public Key Keep S = ( d, n ) as the Secret Key P( M ) = M^e mod nandS( C ) = C^d mod n *gcd( (p-1)*(q-1), e ) = 1 * *modulo (p-1)*(q-1)

Public Key Cryptography p = 5 p = 11 Compute n = p * q = 5 * 11 = 55 e =7 is relatively prime to 40 =(5-1)*(11-1) d =23 is the multiplicative inverse of e 23*7 = 161, 161 mod 40 = 1 Publish P = ( 7, 55 ) as the Public Key Keep S = ( 23, 55 ) as the Secret Key Simulation convert the word “CAT”  3, 1, 20  3^7 mod 55, 1^7 mod 55, 20^7 mod 55  42, 1, 15

Some other elements we didn’t address 1) Bayesian Spam Filters – also use histograms of word counts in 2) Social Engineering 3) Botnets – denial of service attack

Questions?

Attempts to Manipulate Search Results Via a “Google Bomb”

Liberals vs. Conservatives! In 2007, Google addressed Google Bombs, too many people thought the results were intentional and not merely a function of the structure of the web

Juniata’s own “Google Bomb”

CS 315 is my “Analysis and Algorithms” course

The False Positive Paradox – Page 47 Car StolenCar NOT StolenROW TOTAL Car Alarm Sounds (Test is Positive) 3 ~= 99% of 3 “True Positive” 10 ~= 1% of 997 “False Positive” 13 Car Alarm Does NOT Sound (Test is Negative) 0 ~= 1% of 3 “False Negative” 987 ~= 99% of 997 “True Negative” 987 COLUMN TOTAL Sensitivity refers to the True Positives, the proportion of cars being stolen that the car alarm detects accurately. Specificity refers to the True Negatives, the proportion of cars NOT being stolen whose alarms don’t sound. For our example, let’s make the Sensitivity and Specificity both 99%. A False Positive occurs when a car alarm sounds but the car is not being stolen. A False Negative occurs when a car alarm does not sound, but the car is being stolen.