Table of Contents
Reading Group
We meet every Friday from 4pm-ish until 5pm in AM411. Theme is "security" with "sdn" thrown into the mix. We usually watch videos of paper presentations or interesting talks. Suggestions are welcome.Source of Papers or Videos
Hacker events- https://www.ccc.de/en/ held every four years in Germany (most recent 2015)
- ACM CCS (Conference October, papers due May)
- USENIX Security (Conference August, papers are due February)
- ESORICS (Conference September, papers are due March)
- IEEE Symposium on Security and Privacy (Conference May, papers are due November)
- NDSS (Conference early February, papers are due August)
- Australasian Conference on Information Security and Privacy (ACISP) (Conference July, papers are due February)
- Australasian Information Security Conference (AISC) 2012 (Conference 30 Jan, papers are due August 15)
Schedule
Date | Expert | Paper title and DOI |
---|---|---|
15/9/15 | Abigail | Science DMZ , firewalls and a little perspective about SDN by Michael Sinatra at CENIC 2015 https://www.youtube.com/watch?v=4i5NYMJ5fy4 DMZ adopts best practices for security, we are not not blocking traffic. Don't have a dedicated firewall but you are going protect your DMZ against insiders and outsiders. Protect the network from the Science DMZ (don't allow access from the Science DMZ to finance networks). Use best practice host firewalls. Central management (ansible, chef, puppet) still used. Suggest using mandatory access control (SElinux). Use of host IDS as well. Interesting point that patching has to work in the presence of inegrity checking at the host and mandatory access control. Log aggreggation. They use BRO, opensource IDS that is still currently under development (nice tutorial at the same conference). Discussed blackhole routing. SDN-open flow whitebox environement (switch plus controller -- IDS determines if elephant flow or good flow and puts this into the fast lane) -- or have fast lane embeddeded into the swich and controller, have special source method for fast lanes. There are working implementations. But which flows go into the fast path -- perform well and are reliable. Which is a good flow and which is a bad flow. Could assume some people are trusted and let them onto the fast flow. What about people making an elephant flow look like a mouse flow? One of the issues around having to accommodate legacy instruments is somewhat similar to the upgrade problem introduced by IoT. Good discussion of different functional infrastrctures to protect compute and data resources. |
8/9/14 | Ian | Main-in-the-middle on mobile networks https://www.youtube.com/watch?v=2oCOdGpXvZY https://events.ccc.de/camp/2015/wiki/Projects:Capture_the_Catcher |
14/03/12 | Johansen | WebPatrol: automated collection and replay of web-based malware scenarios. DOI --> 10.1145/1966913.1966938 |
9/8 | Lam | Usenix Security'11: ZOZZLE: Fast and Precise In-Browser JavaScript Malware Detection |
16/8 | - | Snow day |
23/8 | Daniel | Trust Management and Security in the Future Communication-Based "Smart" Electric Power Grid --> Digital Object Identifier: 10.1109/HICSS.2011.459 |
30/8 | AJ | "On the Practical and Security Issues of Batch Content Distribution Via Network Coding." DOI: 10.1109/ICNP.2006.32020. This paper appears in Proceedings of the 14th IEEE International Conference on Network Protocol, 2006. ICNP '06 |
6/9 | Pach | International Symposium on Recent Advances in Intrusion Detection (RAID 2011): Detecting Environment-Sensitive Malware |
13/9 | Zak | Object replication strategies in content distribution networks |
20/9 | Lam | Prophiler: A Fast Filter For The Large-Scale Detection Of Malicious Web Pages - WWW2011 |
27/9 | Daniel | Malicious Data Attacks on Smart Grid State Estimation: Attack Strategies and Countermeasures. DOI--> http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5622045 |
4/10 | AJ | "A Hybrid Scheme against Pollution Attack to Network Coding." DOI:10.1109/ISNETCOD.2011.5979070 |
11/10 | Pach | CCS '10 Proceedings of the 17th ACM conference on Computer and communications security - A methodology for empirical analysis of permission-based security models and its application to android |
18/10 | Lam | BrowserGuard: A Behavior-Based Solution to Drive-by-Download Attacks |
25/10 | Daniel | Secure Lossless Aggregation for Smart Grid M2M Networks. DOI --> http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5622063 |
15/11 | Pach | MobiSys '08 Proceeding of the 6th international conference on Mobile systems, applications, and services - Behavioral detection of malware on mobile handsets |
22/11 | Daniel | SEDAN: Secure and Efficient protocol for Data Aggregation in wireless sensor Networks. DOI --> 10.1109/LCN.2007.81 |
26/1/2012 | Lam | ARROW: Generating Signatures to Detect Drive-By Downloads |
9/2/2012 | Pach | Location based power analysis to detect malicious code in smartphones |
16/02/2012 | Daniel | A Secure Data Aggregation and Dispatch Scheme for Home Area Networks in Smart Grid. DOI --> 10.1109/GLOCOM.2011.6133655 |
12/09/2012 | Pach | Automated Static Code Analysis for Classifying Android Applications Using Machine Learning. |