owasp global appsec asia 2011 ( beijing 8-11 nov 2011 )
DESCRIPTION
OWASP Global AppSec Asia 2011 ( Beijing 8-11 Nov 2011 ) . Daniel Ng, C-PISA Date/time ??. Profile - PowerPoint PPT PresentationTRANSCRIPT
OWASP GLOBAL APPSEC ASIA 2011 (BEIJING 8-11 NOV 2011)
Daniel Ng, C-PISADate/time ??
Profile
NG, CHING WA (Daniel) started the career as computer programmer in 1990, and then progressing towards ICT Security, Computer Forensics, Financial Accounting and Auditing after millennium. Recently, he starts his PhD (Security & Forensics) in a UK reputable institute and The Hong Kong Polytechnic University, after earning a good stock options as a corporate director in a listed entity. His interest is Cyber Security, Health Informatics, FaceBook investigation, Digital Evidence standard for forensics laboratory, and Network Forensics. Professionally, he is a committee member HTCIA Asia Pacifc, Chairperson of Professional Internet Security Professional (HK/China), Founder of China PIS Alliance (C-PISA), Director of ISACA China, and Expert Advisor to HKSAR Legco Councillor Samson Tam, ISC2 CSSLP evangelist and authorized trainer. Under the strong influence of knowledge intensive works, Daniel branches into the topic of e-learning, in particular, mobile learning. This research is working with Malaysia Government MIMOS, the national organization for ontology and semantic web. Academically, Daniel is strong in Knowledge Management with a master degree graduated at GPA 3.8.
Internet Article (through Google)
List of Fellows - The Hong Kong Computer Societywww.hkcs.org.hk/en_hk/intro/lofellows.asp - 頁庫存檔 2011 年 5 月 26 日 – Mr. Ng Cheung Shing. 吳長勝先生 . Mr. Ng Ching Wa, Daniel. 吳靖華先生 . Ms. Shen Shuk Ching, Susanna. 孫淑貞女士 . Mr. Sin Chung Kai, SBS, ...
NG, CHING WA (Daniel) - Overview Programhttps://www.swisscyberstorm.com/speakers/chingwa - 頁庫存檔 30 May 2011 – NG, CHING WA (Daniel) started the career as computer programmer in 1990, and then progressing towards ICT Security, Computer Forensics, ...[PDF]
Cyber Warfare Predictionmedia.hacking-lab.com/scs3/.../SCS3_2011_Weng.pdf - 翻譯這個網頁檔案類型 : PDF/Adobe Acrobat - HTML 版Daniel Ng (Ching Wa). •. PhD Researcher (KM, Forensics, Surveillance,. eHR, Textile Dying & Colorimetery). •. Corporate Director, CPA (Aust) in listed Family ...
OWASP Global AppSec Asia 2011 - OWASPhttps://www.owasp.org/.../OWASP_Global_AppSec_Asia_2... - 頁庫存檔 Daniel_ng.jpg, NG, CHING WA (Daniel) started the career as computer programmer in 1990, and then progressing towards ICT Security, Computer Forensics, ...
Daniel NG Ching Wa, PH.D | microlearning.orgwww.microlearning.org/.../daniel-ng-ching-w... - 頁庫存檔 - 翻譯這個網頁NG, CHING WA (Daniel) started the career as computer programmer in 1990, and then progressing towards ICT Security, Computer Forensics, Financial ...
Research Focus
1. Social Semantics
2. Physio Economics & Innovation
3. Store & Forward Messaging & ontology
4. Machine Leaning on EigenValues
5. Network Coding
6. Hidden Markov Chain with Genetic Programming
7. GPU Clustering & OpenCL
Encryption – Code pages in keys● Shift of alphabet
– e.g. Caesar cipher A=D, B=E, C=F– Probably never fooled anybody
(except Caesar)
● Many more sophisticated systems developed from 1500s to mid-20th century– Substitution and transposition of letters– Some essentially unbreakable by manual means
● Made obsolete by computers circa 1940
Encryption – Code pages in keys
Enigma vs. Computer – computer wins!
Turing's machine
Desch's machines – even faster
Enigma vs. Human – Enigma wins!
Weakest part of cryptosystem
Encryption – Code pages in keys
Encryption – Code pages in keys• One: hard problems in mathematics
– Breaking the system requires an efficient algorithm for solving a hard problem – e.g. Factoring large numbers, discrete logarithms
– Examples: RSA, El Gamal– Used in public key systems– Slow
• Two: information theory – Texts scrambled by repeated application of bit shifts and
permutations– Examples: DES, AES– Used in private key systems– Fast
Encryption – photon level (but complicate)
RSA vs. Quantum Computer – computer wins!
C = Me mod n
d = e-1 mod ((p-1) (q-1))
RSA vs. supercomputer: 40 Tflop/s (4 x 1012 flop/sec)– RSA wins!
RSA Cryptosystem
Encryption – photon level (but complicate)
Encryption – photon level (but complicate)
Quantum EncryptionFast, Complicate, Expensive
Network Coding??
DEFINITIONNetwork coding is a particular in-
network data processing technique that exploits the characteristics of the
medium (in particular, the broadcast
communication channel) in order to increase the capacity or the
throughput of the network
• Without network coding– Simple store and forward
– Multicast rate of 1.5 bits per time unit
• With network coding– X-OR is one of the simplest form of data coding
– Multicast rate of 2 bits per time unit– Disadvantages
• Coding/decoding scheme has to be agreed upon beforehand
Network Coding happens at optical fiber and/or OSI Layer2.
Multi-level XOR encryption*
* Engineering of Encryption, Bruce Schneider
Network Coding prototyping tool
Resilience and accuracy
through Hidden Markov Chain
Hidden Markov ChainUsed in Kinect (Microsoft) on Motion Command
A random sequence has the Markov property if its distribution is determined solely by its current state. Any random process having this property is called a Markov random process.
For observable state sequences (state is known from data), this leads to a Markov chain model.
For non-observable states, this leads to a Hidden Markov Model (HMM).
Hidden Markov ChainUsed in Kinect (Microsoft) on Motion Command
The term “hidden” - we can only access to visible symbols (observations)- drawing conclusions without knowing the hidden sequence of states
Causal: Probabilities depend on previous states
Ergodic if every state is visited in transition sequence for any given initial state
Final or absorbing state: the state which, if entered, is never left
Hidden Markov Chain
• A Hidden Markov Model (HMM) is a discrete-time finite-state Markov chain coupled with a sequence of letters emitted when the Markov chain visits its states.
States (Q): q1 q2 q3 ...
Letters (O): O1 O2 O3
Hidden Markov Chain
Hidden Markov Chain
• Modeling protein families: (1) construct multiple sequence alignments(2) determine the family of a query sequence
• Gene finding through semi-Hidden Markov Models (semiHMM)
Hidden Markov Chain[HMM for Sequence Alignment] Consider the following Markov chain underlying a HMM, with three types of states:
“match”; “insert”; “delete”
Recap• Cloud secure data
movement • Use standard
hardware• Open to common
tools, like Python
QUESTIONS?