Information Session for Master Seminar Innovative Internet-Technologies and Mobile Communications

Transcription

1 Network Architectures and Services Department Computer Science Technische Universität München Information Session for Master Seminar Innovative Internet-Technologies and Mobile Communications WS 2012/2013 Prof. Dr.-Ing. Georg Carle and Staff Organisation: Corinna Schmitt

2 Administrative Things for all Seminars Responsibilities Grading Today: Topic Selection for Seminar Innovative Internet-Technologies and Mobile Communications Seminars WS 2012/2013 2

3 Administrative Things for all Seminars Responsibilities Grading Today: Topic Selection for Seminar Innovative Internet-Technologies and Mobile Communications Seminars WS 2012/2013 3

4 Responsibilities Seminars Organisation: Prof. Dr.-Ing. Carle, Schmitt Appointments: Seminar IITM: ~ 16 Slots weekly Lecture Mondays 14:00-16:00 in room Formality: Main Language: German Diplom: 2 SWS B.Sc./ M.Sc: 4 ECTS Attendance list exists Each participant will be session chair for one talk (moderation, discussion leader, min. 1 question concerning the talk) Successfull attendance (Talk, Paper, Review) Using department templates on our homepage Registration via Seminar homepage Seminars WS 2012/2013 4

5 Material See homepage: Slides: Talk: How to write a scientific paper? Talk: How to write a review? Talk: How to give feedback? Example: 1st paper version Advisor review 2nd paper version Questions: Send them to advisor first before inquiring schmitt@net.in.tum.de Advisors offer the opportunity of test talks (dry runs) Seminars WS 2012/2013 5

6 Hints for Topic Handling Attention: From your advisor(s) you may receive some literature. Starting from this you have to do research for papers on your own. Make scholar.google.com /acm.org /ieee.org your friend! (and your source s sources ) With all topics the task is especially not taking the literature given and presenting it. You fill the topic with life. Your goal: make it interesting for you, me, and the other participants (your audience!) Seminars WS 2012/2013 6

7 Grading for the seminars Guidelines Grading parts: 1. Personal meeting with advisor is compulsory! 2. Both of your paper submissions (6 8 pages in ACM format) 1st Version Peer review process 2nd version (final) for publication 3. Your talk (20 25min, following discussion and feedback) Content counts; personal presentation style is not counted 4. Your review of papers from other seminar participants Further things to consider: Attendance at all appointments is compulsory Observance of deadlines (upload form on homepage) Write the paper yourself! (plagiarism checks in every upload!) Session chair for one talk Plagiarism = DISQUALIFICATION. Missing deadlines = 0.3 degrading each time Seminars WS 2012/2013 7

8 You have the chance to get your talk recorded Seminar goals:,,, Improving your presentation skills. They said I did this and that no way! Have a look at yourself after the talk! Your talk was great? Now you have the chance to show it to your friends. Want to know something about a topic that was already in the seminar? Watch your fellow students explaining the topic Seminars WS 2012/2013 8

9 Seminars WS 2012/2013 9

10 Seminar Future Internet Administrative Things for all Seminars Today: Topic Selection for Seminar Innovative Internet-Technologies and Mobile Communications Challenging Topics! Sometimes previous knowledge required! Seminars WS 2012/

11 Deadlines Seminar IITM Deadline might be shifted depending on number of participants. Dates Topic Selection (14:00 p.m., room ) Pick up literature per mail or personal by advisor Advisor meeting to group topic (discussion of received literature be prepared (MUST) until until Detailed structure of paper and talk until Final slides* discussion with advisor * Slides must be presentable, otherwise -0.3 degree in grading. They can be modified until final talk. No later than 1 week before talk Upload paper (1. Version) Talks Schedule comes soon Uploads Reviews Upload paper (2. Version) and final slides Publication in Proceeding t.b.a. Seminars WS 2012/

12 Rootkits Rootkits offer data hiding techniques in context of operating systems Intrusion detection systems and malware use this technique Hide running processes, loaded modules, files... Different mechanisms: User mode and kernel mode rootkits How do rootkits work? Simple demonstration Possible detection mechanisms Simon, Lothar Seminars WS 2012/

13 VMI-IDS Host-based IDS resides inside the monitored host Deep view into the monitored system Disadvantage: Low resistance against attacks, e.g. by malware Possible solution: Use of virtualization Isolation between IDS and monitored system Monitoring can be done using Virtual Machine Introspection How does VMI work? Which VMI-IDS are available? Classification? Simon, Lothar Seminars WS 2012/

14 VM-based system debugging and analysis tools Slightly another focus compared to the work above. Those tools have been developed to examine system anomalies and study kernel-mode malware. This task can be difficult or sometimesimpossible with conventional appraoches. Your Task: Analyse and compare K-tracer, PoKeR and AfterSight. What is most suitable in certain circumstances? What goals they have? What is protected? It would be helpful to have some basic knowledge about VMs, Virtual Machine Introspection Win XP Linux Solaris x86 and kernel internals. Virtual Machine Monitor Operating System (Physical Host) Nadine, Stephan P. Physical Hardware Seminars WS 2012/

15 Honeypot-Architectures using VMI Techniques The honeypot has emerged as an effective tool to provide insights into new attacks and current exploitation trends. Though effective, a single honeypot or multiple independently operated honeypots only provide a limited local view of network attacks. Problem: coordinated honeypot deployment and operation require close and consistent collaboration across participating network domains Approach: Using VMI Techniques Your Task: Analyse and compare VMScope and Collapsar. Get an insight into honeypot usage in general and compare it with VMI based solutions. What is improved? Are there new problems and issues? It would be helpful to have some basic knowledge about VMs, Virtual Machine Introspection and anomaly detection. Nadine, Stephan P. Seminars WS 2012/

16 Protect Guest Kernel Integrity and monitor Guest Kernel Behavior Virtualization can be used to improve security, because an additional layer is inserted between hardware and OS. Focus in this work: Kernel Integrity and Control Flow Integrity of the Guest OS Your Task: Analyse and compare SIM, NICKLE, HookSafe and VMWatcher. What is most suitable in certain circumstances? What goals they have? What is protected? It would be helpful to have some basic knowledge about VMs, Virtual Machine Introspection and kernel internals. Guest Application Guest Application Guest Application Guest Application Guest Application Guest Application Guest OS Guest OS VMM VMM Host OS Host Hardware Host Hardware Nadine, Stephan P. Seminars WS 2012/

17 Layer 1-based Security for Wireless Sensors Stephan, Corinna Problem: Wireless sensors often lack the computational power or battery capacity to do expensive crypto-operations, such as RSA. Side-channel information of wireless communication can be used in an energy-efficient way to still get strong authentication of communication partners. Examples: direction, signal strength, noise,... To this end, nodes exchange this information with neighbors and make decisions in a decentralized fashion. Your Task: Explore which properties of wireless communication can serve strong authentication Prerequisites: Knowledge of layer 1 and wireless communication Seminars WS 2012/

18 SPKI: The forgotten standard Ralph PKI!= X.509 (or GPG) Simple PKI Local namespaces! Simple cert format Clear purposes Some reasoning about paths from name to name Your task: You get starting some directions to start with Research using above starting points there are several RFCs and papers Understand, analyse local namespaces Analyse at least one trust metric for name mappings Prerequisites: PKI and willingness to learn Seminars WS 2012/

19 Resource-Management-Tools - Corinna General: Resources of wireless sevices are limited and must be saved Most energy is consumed during data transmission Management-Tool 2 topics are possible! Student thesis is offered! Different approaches: Tiny Network Manager(TNM) (2010) Peloton (2009) Collective Intelligence (2009) Questions: What are the challenges during the development of a management-tool that must be faced? Characterization and comparision of different tools Seminars WS 2012/

20 Sensor network as a database - Corinna Current situation: The application range of wireless sensor networks rises together with the amount of collected data. In order to save the recorded data and to use the data independently of the real system for analysis purposes the data must be stored. Idea: Use the sensor network as a database TinyDB Flask devopment in Harvard Problem of storage solution: must include all needed information for the data interpretation should allow an easy way to request a subset of the data. Questions: Characterize and compare existing approaches. What challenges must be faced? What requirements to the infrastructure exist? Seminars WS 2012/

21 Intrusion Tolerant Algorithms Wormhole Heiko, Stephan P. Basic idea Multiple servers, diverse servers Detect suspicious behaviour Agreement protocol via wormhole Reset suspicious / compromised server Your task Present wormhole concept / model Relate to byzantine fault model Present an application of concept What does it achieve and what not? What does it require? Easy or difficult? Seminars WS 2012/

22 Publish-Subscribe Internet (Heiko) Push Model of IP and many services a problem DoS, Hacking, Worms, Spam, Phishing, Basic idea Use Pull Model Your task Describe concept and idea of Publish-Subscribe Internet Does it solve the problems mentioned? Is it practical? What s its current state? Literature Pursuit Project, PSIRP Project, Seminars WS 2012/

23 Software Defined Networking with OpenFlow OpenFlow Layer 2 communications protocol that gives access to the forwarding plane of a network switch or router over the network. enabler of Software Defined Networking (SDN). Daniel, Florian Frenetic as a domain-specific language for highlevel programming of SDNs Testing of new (routing-) protocols within real world networks Goals: 1. Overview to OpenFlow 2. Explain if/why it is useful 3. Give a Brief excursus to Frenetic Literature can be found easily though searching the highlighted buzzwords on Google Seminars WS 2012/

24 The Future of Software Routers There is ongoing research about using PC-Systems for packet switching as an alternative to dedicated hardware for reasons of flexibility as it is cheap.because we can ;-) Florian, Daniel Goals: 1. Compare PC-based packet switching with dedicated hardware 2. Explain motivation for using software routers 3. Brief overview of current research projects and their goals Tonns of literature on the WWW (for instance start with papers from the RouteBricks project) Seminars WS 2012/

25 Bootstrapping P2P VPN Benjamin, Lukas Look at the current n2n design What are the weaknesses? Identify the general problems of bootstrapping Learning information about a community NAT... Research solutions Evaluate solutions Security and privacy implications Deployability Applicability to n2n Seminars WS 2012/

26 What is individual-related data? Introduction: How unique is your web browser? Peter Eckersley In Proceedings of the 10th international conference on Privacy enhancing technologies (PETS'10) Result: 10 Bits of Entropy for user agent! Johann Legislation in Germany and EU: What is individual-related data? Reasons for legitimate storage Conditions for storage and analysis Sensitivity of HTTP Header and webserver logs: IP User Agent Referrer Query strings Timestamps Cookies Server-based geolocation Outlook: Privacy Extensions Seminars WS 2012/

27 DHT-based multicast Bart Seminars WS 2012/

28 Quicksilver multicast Bart Seminars WS 2012/

29 Multicast Key Management Bart Seminars WS 2012/

30 Administrative Things for all Seminars Today: Topic Selection for Seminar Innovative Internet- Technologies and Mobile Communications Challenging Topics! Sometimes previous knowledge required! Seminars WS 2012/

31 Topic assignment (I) Speaker Title Advisor(s) Sebastian Wiesner Simon Hager SPKI: The forgotten standard Layer 1-based Security for Wireless Sensors Ralph Markus Grimm Publish-Subscribe Internet Heiko Stephan P., Corinna Michael Pangerl VM-based system debugging and analysis tools Nadine, Stephan P. Anh Nguyen Resource-Management-Tools Corinna Robert Schmidpeter Josias Montag Sensor network as a database Software Defined Networking with OpenFlow Corinna Daniel, Florian Thomas Schultz The Future of Software Routers Florian, Daniel Pei Li Bootstrapping P2P VPN Lukas, Benjamin Stephan Liebald Rootkits Simon Seminars WS 2012/

32 Topic assignment (II) Speaker Title Advisor(s) Christian Eckert What is invidual-related data? Johann Alexander Kurtz Galois Fields Stephan G. Frei Honeypot-Architectures using VMI Techniques Nadine, Stephan P. Frei VMI-IDS Simon Frei DHT-based multicast Bart Frei Quicksilver multicast Bart Frei Multicast Key Management Bart Frei Intrusion Tolerant Algorithms Wormhole Heiko, Stephan P. Frei Protect Guest Kernel Integrity and monitor Guest Kernel Behavior Nadine, Stephan P. Seminars WS 2012/