adv. network security how to conduct research in network security
TRANSCRIPT
![Page 1: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/1.jpg)
Adv. Network Security
How to Conduct Research in Network Security
![Page 2: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/2.jpg)
Background
• Infosec Fundamentals– Crypto. hash functions
• Properties
– Symmetric key crypto.• How it is used
– Public key crypto.• How it is used• Possibly: basic number theory
– General infosec requirements• Standard Attacks
![Page 3: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/3.jpg)
Class Goals
• Research– How to find problems/ideas– How to identify good solutions– How to evaluate solutions– How to present the work
• Network Security Research– Specific Problems– Specific Tools, Technologies, Methods– Attacks
![Page 4: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/4.jpg)
Grading
• Final Project: 50%– Pre-project report: 15%– Pre-project presentation: 5%– Final project report: 25%– Final project presentation: 5%
• Paper Presentations: 20%• Homeworks: 30%
![Page 5: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/5.jpg)
Final Project
• Purpose– Demonstrate ability to do original research
• Stages– 1. Choosing the project– 2. Create a direction & a testable idea
• Pre-project proposal due March 10th.
– 3. Experiment/Develop– 4. Present
• Final report due on May 5th.
![Page 6: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/6.jpg)
Final Project
• Project idea– Originality/Creativity
• is it interesting and novel?
– Value• is it a useful contribution?
• Methodology– Correctness
• does it test the right thing?
– Depth• is it a thorough investigation?
![Page 7: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/7.jpg)
Final Project
• Experiment– Did it work?– How do you adapt?/future work
• Presentation– Highlighting key contributions– Clear presentation of results– Understanding of the related work
![Page 8: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/8.jpg)
Paper Presentations
• Purpose– Develop Presentation Skills– Deeply understand a subset of the papers
• Paper Choice– We’ll discuss topics together as a class– I will choose most/all papers– Students can choose dates (e.g., which papers)
![Page 9: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/9.jpg)
Paper Presentations
• Time– 40 minutes
• Grading– 50% other students– 50% me
• Criteria– Highlight key contributions
• in light of related work
– Clarity, Preparation, Depth of understanding
![Page 10: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/10.jpg)
Homeworks
• Purpose– Directed study of the papers– Create discussion points for class
• Due– Every class– If not there in person, lose a point
• Still due within 1 week
– 3 pts. scale• 0 - no good, 1 - weak, 2 - usual, 3 - very good
![Page 11: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/11.jpg)
Possible Topics
• BGP Security– Leap Frog– Aggregated Path Authentication
![Page 12: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/12.jpg)
Possible Topics
• Automated Trust Negotiation– Using Cryptographic Credentials– Attribute Information Leakage
![Page 13: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/13.jpg)
Possible Topics
• P2P Security– Redundancy is cost-ineffective– Secure Publish-Subscribe Overlay– Applications of Secure E-Voting to
Automated Privacy-Preserving Troubleshooting
– Secure Collaboration
![Page 14: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/14.jpg)
Possible Topics
• New Attacks– Misbehaving TCP Receivers– Fast Dictionary Attacks– Exploiting Open functionality in SMS– Mapping Internet Sensors– Vuln. of Passive Internet Monitors
![Page 15: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/15.jpg)
Possible Topics
• Worms– Deriving Unknown Vulnerabilities
• Zero-day exploits
– Effectiveness of Dist. Worm Monitoring– Polygraph: Sig. Generation– Worm Origin ID Using Random Moonwalks
![Page 16: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/16.jpg)
Possible Topics
• DDoS Prevention– Stateless Multipath Overlays– Empirical Study of DOS attacks
![Page 17: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/17.jpg)
Possible Topics
• Reputation– Anomaly Detection– A Framework ... History-based Access
Control
![Page 18: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/18.jpg)
Possible Topics
• Key Management– Dynamic and Efficient ... Access
Hierarchies– Modeling Insider Attacks
![Page 19: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/19.jpg)
Possible Topics
• Anonymity & Timing Attacks– Tracking VoIP Calls– Flooding attack on Tor– Improving Brumley and Boneh (SSH)
![Page 20: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/20.jpg)
Possible Topics
• RFID– Untraceable RFID Tags– Security analysis of a device
![Page 21: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/21.jpg)
Possible Topics
• e-Voting– Cryptographic Voting Protocols: Systems
Perspective– Analysis of a e-Voting System (Diebold)
![Page 22: Adv. Network Security How to Conduct Research in Network Security](https://reader030.vdocuments.us/reader030/viewer/2022032804/56649e545503460f94b4a811/html5/thumbnails/22.jpg)
Possible Topics
• NIDS & Network Defense– Fast and Automated Gen. of Attack Sigs– Gen. Semantic Aware Sigs (2)– MulVAL: Netsec analyzer– Shadow Honeypots– Language-based gen.– Automaton Inlining