SecT Computer Security Seminar T echnische Universitt Berlin, - - PowerPoint PPT Presentation

SecT Computer Security Seminar

T echnische Universität Berlin, Security in T elecommunications seminar@sec.t-labs.tu-berlin.de

Berlin, 21st of April 2017

Introduction Find/Read papers Write Citations & Plagiarism Papers

What is this all about?

The Computer Security Seminar course addresses current ongoing research issues in the field of Internet Security, Cryptography, Foundation of Security, Hardware Security, Software Security, and T elecommunication Security. University researchers provide different research topics every semester and tutor the students. You should have profound knowledge in computer security and good English for reading scientific papers.

2 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Appointments

Every Friday 10-12am, TEL Audi2 (20th floor),

3 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Organization

15 papers Each week one presentation (Organized corresponding to attendance) Pick three papers in order of interest by Sunday, list attached to slides, slides will be available online. Paper in the end. Hint: Headstart, 3

4th a page per

week and you are on the way.

4 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Goals

Practice to work with scientific literature. Practice of professional/scientific talks. Practice of writing a scientific paper. Obtain experience in conducting literature research specific to the field. Find, read, and analyze current documents and technical reports.

5 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

The grade is based on:

Your presentation(s).

A template will be made available in time. Your presentations will be on the paper for that

• week. 45min presentation / 45min discussion in the

group led by you. Do: Present the paper, put it into context and investigate the related literature! Also do: Mail the slides to seminar@sec.t-labs.tu-berlin.de so they can be distributed to the other students. (deadline: midnight before the presentation)

Your participation during the presentations.

6 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

The grade is based on:

Your final paper.

Your paper should have min. 10 / max. 15 pages including references and appendix with the template supplied at: https://gitlab.sec.t-labs.tu- berlin.de/seminar/template It should be a “A Brief History of IT-Security”. That means: The seminar is a starting point. You should use LaT eX for the document. Hand-ins have to be performed in PDF form using the supplied template (If you can produce IEEE Conference style compliant documents with $other_software that is fine as well.) deadline: 31st July, 23:59 UTC, by mail to seminar@sec.t-labs.tu-berlin.de

Important: Being late on any deadline results in an 0.3 point reduction for your final grade per started 24h-slot you are late. If you register you get a mark.

7 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

How to pick your presentation...

From the 15 papers offered at the end of this presentation, pick three, ordered by what you would like to do most. Send this choice to: seminar@sec.t-labs.tu-berlin.de Deadline: Sun, April 28th, 23:59 UTC SHARP

8 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Finding Papers

Google scholar/Equivalent services. IEEE Explorer etc. Start with a few reference papers. While searching: Start with sorting them by title/abstract. Search from the TUB Wifi/VPN!

9 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Reading

While searching... if the title does not help. Title - Abstract - Introduction (Research question/Contribution) - Conclusion. If it is relevant: Read thoroughly.

10 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Relevance et al.

Where was it published. Conference? Workshop? Journal? What reputation does that entity have? How well is the paper cited? What is the reception in the field? You also have to cite a paper to criticize it. Or if it simply was “the first” one. Read around (the references)! Who are the authors? Well respected or some undergrad students?

11 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Content...

Is the paper well-structured? Do the methods seem sound? Are they well explained? Is the document logically contingent?

12 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

The structure of a scientific paper...

Abstract Introduction Related Work Method Results Conclusion Bibliography Appendix

13 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Abstract

Has to rise the readers appetite. Should give the reader an overview of the papers contents. Should not only be a short summary of the paper.

14 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Introduction

Invite the reader to the topic. Underline the relevance of the topic. State the initial hypothesis/research question. Summarize your contribution.

15 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Related Work

Elaborate on previous and related work in topic. Provides the context of your work. Shows that you involved yourself with the related work. For literature work like yours, this should be moved to the Results section.

16 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Method

Explain how you will solve your research question. Show why this method is valid. Not relevant for literature paper. Although you could elaborate on your literature work here, and why it will solve your research question.

17 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Results

State what you have found. Discuss it thereafter. In a literature work this is basically a big related work section.

18 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Conclusion

Based on the data you have gathered/found, draw appropriate conclusions. Make sure that your conclusion matches your research question/answers your hypothesis. State further research opportunities.

19 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Bibliography

See: How to cite later on.

20 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Appendix

Here you can provide information that is not essential to your paper, but should be published as well. Examples: Datasets, Source-code, detailed method descriptions, non-essential proofs.

21 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Style

Write formal. No don’t, can’t... Be very careful with abbreviations (etc.; i.e.;). Use either 3rd person plural or 1st person plural (There is some debate on this in the community). Try to prevent filler-words. (“weasel words”). Make sure your text is grammatically and

• rthographically correct.

Prevent repetitions. Be objective. Make sure that your work is reproducible.

22 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

First things first:

Bad paraphrasing without citing, copy-paste actions

• r “forgetting” of citations will result in failing the
• course. In the best of all cases.

Please note that this also includes any hand-ins labeled as drafts.

23 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Example Bib-Item: Paper

[23]T. Fischer, A.-R. Sadeghi, and M. Winandy. A pattern for secure graphical user interface systems. In 20th International Workshop on Database and Expert Systems Application, 2009. DEXA’09, pages 186–190. IEEE, 2009. Index Authors Title Conference/Journal, Pages, Publisher, Year Only cite the base-work. No single chapters/page

• numbers. Give page numbers via in-text

references: [23, p. 42ff] Tipp: Google Scholar has an “import into bibtex feature”.

24 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Example Bib-Item: URLs

OpenOCD User’s Guide 0.8.0-dev, Section 11.3. (online) http://openocd.sourceforge.net/doc/html/ CPU-Configuration.html, accessed: T ue Jun 25 19:17:33 CEST 2013 Title (of the page) URL When was it accessed by the authors?

25 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Citing & Paraphrasing

If you make a claim that is not common knowledge, you have to prove it. (Reference or Data). If you pick up/follow an idea, cite those who had it! If you provide a reference, you have to briefly describe what is in there. And if you do that, you have to provide a reference. Also: Note the author by name. However: Do not simply paraphrase. The same applies to pictures!

26 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Examples

Examples taken from: Hornyack, Peter, et al. ”These aren’t the droids you’re looking for: retrofitting android to protect data from imperious applications.” Proceedings of the 18th ACM conference on Computer and communications

• security. ACM, 2011.

Good and bad citations are self-created.

27 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Example: Summarizing other peoples work.

Original: From the set of 1100 applications, we then selected a sub-sample of 110 applications for deeper analysis. Bad: A sub-sample of 110 applications was selected for deeper analysis from the set of 1100 applications [2]. Better: In their 2011 paper, Honrnyack et. al. selected a sample of 110 applications out of 1100 applications for deeper analysis [2].

28 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Example: Direct Quote

Example: From the set of 1100 applications, we then selected a sub-sample of 110 applications for deeper analysis. Bad: From the set of 1100 applications, we then selected a sub-sample of 110 applications for deeper analysis. [2]. Good: “From the set of 1100 applications, we then selected a sub-sample of 110 applications for deeper analysis.” [2, p. 640]

29 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Plagiarism

Simple: Bad paraphrasing without citing, copy-paste actions or “forgetting” of citations in ANY hand-in will result in failing the course. In the best of all cases.

30 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Resources

http://www.scitext.com/writing.php « rather elaborate http://tim.thorpeallen.net/Courses/Reference/ Citations.html « example http://abacus.bates.edu/~ganderso/biology/ resources/writing/HTWcitations.html « also quiet usable

31 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Closing note.

Practice... writing is something that can not be taught... but something you have to learn. Service note: Remember the upcoming deadline! Send hand-ins to seminar@sec.t-labs.tu-berlin.de AND to your supervisor!

32 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Bishop, M. (2003). What is computer security? Security & Privacy, IEEE, 1(1):67–69.

33 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Diffie, W. and Hellman, M. E. (1976). New directions in cryptography. Information Theory, IEEE Transactions on, 22(6):644–654.

34 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Rivest, R. L., Shamir, A., and Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126.

35 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Thompson, K. (1984). Reflections on trusting trust. Communications of the ACM, 27(8):761–763.

36 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Hardy, N. (1988). The confused deputy:(or why capabilities might have been invented). ACM SIGOPS Operating Systems Review, 22(4):36–38.

37 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Neuman, B. C. and T s’o, T. (1994). Kerberos: An authentication service for computer networks. Communications Magazine, IEEE, 32(9):33–38.

38 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Kocher, P . C. (1996). Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In Advances in Cryptology—CRYPTO’96, pages 104–113. Springer.

39 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. (1996). Role-based access control models. Computer, 29(2):38–47.

40 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Biryukov, A., Shamir, A., and Wagner, D. (2001). Real time cryptanalysis of a5/1 on a pc. In Fast Software Encryption, pages 1–18. Springer.

41 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Canetti, R. (2001). Universally composable security: A new paradigm for cryptographic protocols. In Foundations of Computer Science, 2001.

• Proceedings. 42nd IEEE Symposium on, pages

136–145. IEEE.

42 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Gassend, B., Clarke, D., Van Dijk, M., and Devadas,

• S. (2002).

Silicon physical random functions. In Proceedings of the 9th ACM conference on Computer and communications security, pages 148–160. ACM.

43 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., and Boneh, D. (2003). T erra: A virtual machine-based platform for trusted computing. In ACM SIGOPS Operating Systems Review, volume 37, pages 193–206. ACM.

44 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Dhamija, R., T ygar, J. D., and Hearst, M. (2006). Why phishing works. In Proceedings of the SIGCHI conference on Human Factors in computing systems, pages 581–590. ACM.

45 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Shacham, H. (2007). The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In Proceedings of the 14th ACM conference on Computer and communications security, pages 552–561. ACM.

46 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Subashini, S. and Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1):1–11.

47 / 48

Introduction Find/Read papers Write Citations & Plagiarism Papers

Questions?

Questions... ?

48 / 48