Advanced Security: 2018-2019
The Advanced Security course is designed to bring students towards the research boundaries in computer security, covering contemporary topics in depth. It is split into two modules, each an area of interest to members of the Computer Security research theme. This year the modules will be:
Weeks 1–4: Threat Detection; 9 lectures, Sadie Creese (plus a return lecture in Week 8)
Attacks on computer systems and how to detect them.
Weeks 5–8: Cryptography for Privacy; 9 lectures, Michael Goldsmith
Using modern cryptography for limited release of information.
The lectures for this course are not going to be recorded in Hilary Term 2019.
To attain a deeper understanding of certain contemporary topics in computer security, bridging the gap to research.
Cryptography for Privacy
The standard uses of cryptography are intended to allow only intended recipients to extract all of some piece of information, or to give assurance of its validity as a whole; this is a rather blunt instrument for the modern world. As a vendor of age-restricted goods, for instance, you may wish to rely on government certification of your customer's majority, but you have no real business knowing anything more about their identity; so a passport or driving licence, or their certified electronic moral equivalents, are far from ideal from a privacy point of view. The course covers the concepts and definitions required for more subtle uses of cryptography and related mechanisms enabling schemes that allow a verifier to be satisfied about some attribute of a supplicant based on an unforgeable credential backed by a trusted certifier, without leaking further information about the supplicant to the verifier, nor the fact of the request to the certifier. We will also explore some of the challenges that remain, particularly at the frontier between the electronic and human worlds.
For both modules, the Computer Security course (or its equivalent) is advised.
The practicals will require programming in Python or C, but only a very basic understanding of the languages will be required.
Attack Detection (weeks 1–4; 2 classes, 4 practical sessions spanning entire term)
- The range of threats we face, and how we understand them in the context of the risk they pose to our security.
- The kinds of attack vector used, and models for understanding attacks, and the vulnerabilities exploited when conducting them.
- The general ways in which we conduct threat detection in systems today, the components used and how they fit into a wider security architecture.
- We will consider in detail intrusion detection as well as insider threat detection, the use of signatures and rules, as well as anomaly detection.
- We will cover situational awareness and how threat detection exists in the security operations of large organisations, and the research challenge of how we can analyse and predict the propagation of attacks and resulting risk across our systems.
Cryptography for Privacy (weeks 5–8; 2 classes)
Background Review of the concept of authentication and authentication protocols. Generalisation to authentication of attributes as a goal. Technical challenges and privacy goals. [1-2 lectures]
Mechanisms underlying the solution Introduction to homomorphic encryption. Zero-knowledge proofs. Secure multi-party computation. [2-3 lectures]
Cryptocurrencies [1 lecture]
Attribute-Based Credentials and their applications Use cases. Simplistic solutions. Weaknesses. Unforgeable derived credentials. [2-3 lectures]
Remaining chellenges in social contexts. Abuse cases. Forward privacy? Possible approaches towards solutions. [1-2 lectures]
Cryptography for Privacy
Authentication and authentication protocols. Authentication of attributes. Privacy goals. Elementary homomorphic encryption. Zero-knowledge proofs. Secure multi-party computation. Cryptocurrencies. Attribute-Based Credentials. Applications and use cases. Simplistic and more sophisticated solutions. Unforgeable derived credentials. Remaining chellenges in social contexts. Abuse cases. Forward privacy.
Examination: both part C undergraduate and MSc students will be examined by take-home assignment over the Easter vacation. Students must answer questions on both modules.
Security Engineering by Ross Anderson - esp. Chapter 21 “Network Attack and Defense” http://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c21.pdf
APT1, Exposing One of Chinas Espionage Units, by Mandiant, https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf
Framework for Improving Critical Infrastructure Cybersecurity, NIST 2014, https://www.nist.gov/sites/default/files/documents/cyberframework/cybersecurity-framework-021214.pdf
Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits, by Kymie M. C. Tan, Kvein S. Killourhy, Roy A. Maxion, in Proceedings of RAID 2002, LNCS 2516.
Understanding Insider Threat: A Framework for Characterising Attacks, by Jason R. C. Nurse, Oliver Buckley, Philip A. Legg, Michael Goldsmith and Sadie Creese, in Proceedings of the IEEE Security and Privacy Workshops 2014. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6957307
Automated Insider Threat Detection System Using User and Role-Based Profile Assessment, by Philip A. Legg, Oliver Buckley, Michael Goldsmith and Sadie Creese, in IEEE Systems Journal, Vol 11, Issue 2 June 2017.
Intrusion detection system: a comprehensive review, by Hung-Jen Liao, Chun-Hung Richard Lin, Ying-Chih Lin and Kuang-Yuan Tung, in Journal of Network and Computer Applications Vol 36 Issue 1 2013.
Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains, by Eric M. Hutchins, Michael J. Cloppert, Rohan M. Amin, Lockheed Martin Corporation.
Attack Trees, Bruce Schneier, SANS Network Security 1999, http://tnlandforms.us/cs594-cns96/attacktrees.pdf.
Foundations of Attack-Defense Trees, by Barbara Kordy, Sjouke Mauw, Sasa Radomirovic and Patrick Schweitzer, in Proceedings of FAST2010, LNCS 6561.
Managing the Risks of Cyber-Physical Systems, by C. Warren Axelrod, 2013 IEEE. https://pdfs.semanticscholar.org/5ed2/822de8f87dd862c81cae2ceea8036186ab15.pdf
An Formalised Approach to Designing Signification Systems for Network-Security Monitoring, by Louise Axon, Jason R. C. Nurse, Michael Goldsmith and Sadie Creese, in International Journal on Advances in Security 2017.
Attacker-Parametrised Attack Graphs, by Alastair Janse van Rensburg, Jason R. C. Nurse and Michael Goldsmith, in 10th International conference on Emerging Security Information, Systems and Technologies 2016.
Intrusion detection: a brief history and overview, by R. A. Kemmerer and G. Vigna, in Computer Vol 35, Issue 4 2002.
An Overview of IP FLow-Based Intrusion Detection by Anna Sperotto, Gregor Schaffrath, Ramin Sadre, Cristian Morariu, Aiko Pras and Burchard Stiller, in IEEE Communications Surveys and Tutorials Vol 12, Issue 3 2010.
An Intrusion-Detection Model, by D. Denning, in IEEE Transactions on Software Engineering Vol SE-13, Issue 2 1987.
Anomaly-based network intrusion detection: Techniques, systems and challenges, by P. Garcia-Teodoro, J. Diaz-Verdejo, G. Macib-Fernandez and E. Vazquez in Computers and Security Vol 28, Issues 1-2 2009.
Books worth a read:
Enterprise Cybersecurity - How to BUild a Successful Cyberdefense Program Against Advanced Threats, by Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams and Abdul Aslam, 2015.
Network Security Metrics, by Lingyu Wang, Sushi Jajodia and Anoop Singhal, 2017.
Blue Team Field Manual, by Alan J White and Ben Clark, 2017.
Blue Team Handbook: Incident Response Edition, by Don Murdoch 2014.
Inside Network Perimeter Security, by Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Kent and Ronald W. Ritchey, 2005.
Hacking the Human - Social Engineering Techniques and Security Countermeasures, by Ian Mann, 2010.
Cyber Situational Awareness - Issues and Research, by S. Jajodia, P. Liu, V. Swarup and C. Wang 2010.
Threat Modelling: Designing for Security, by Adam Shostack 2014.
Managing the Insider Threat, by Nick Catrantzos, 2012.
Information Warfare and Security, by D. Denning, 1999.
Network Security Assessment, by Chris McNab, 2017.
The Tao of Network Security Monitoring: Beyond Intrusion Detection, by Richard Bejtlich 2004.
Cryptography for Privacy [this list will evolve over the course of the lectures]
Yehuda Lindell (2007) "Anonymous Authentication," Journal of Privacy and Confidentiality: 2(2), Article 4: PDF
Ronald L. Rivest, Adi Shamir and Yael Tauman (2001) "How to Leak a Secret," ASIACRYPT 2001, LNCS 2248, pp. 552–565: PDF
Ronald L. Rivest, Len Adleman and Michael L. Dertouzos (1978) "On data banks and privacy homomorphisms," Foundations of Secure Computations, pp. 171–182: PDF
Ronald L. Rivest, Adi Shamir and Len Adleman (1978) "A method for obtaining digital signatures and public-key cryptosystems," Communications of the ACM 21(2), pp. 120–126: PDF
Craig Gentry (2009) A fully homomorphic encryption scheme, PhD thesis, Stanford University: PDF
Craig Gentry (2009) "Fully homomorphic encryption using ideal lattices," STOC, pp. 169–178, ACM: PDF
Craig Gentry (2010) "Computing Arbitrary Functions of Encrypted Data," Communications of the ACM, 53(3), pp. 97–105: PDF available here
Nigel Smart and Frederik Vercauteren (2010) "Fully homomorphic encryption with relatively small key and ciphertext sizes," Public Key Cryprography – PKC 2010, Springer LNCS 6056, pp. 420–443: PDF available here
Jean-Sébastien Coron, Avradip Mandal, David Naccache and Mehdi Tibouchi, "Fully Homomorphic Encryption over the Integers with Shorter Public Keys," Advances in Cryptology – CRYPTO 2011, Springer LNCS 6841 pp. 487–504: PDF available here
Xiaofeng Chen, Willy Susilo, Jin Li, Duncan Wong, Jianfeng Ma, Shaohua Tang, and Qiang Tang (2015) "Efficient algorithms for secure outsourcing of bilinear pairings" Theoretical Computer Science 562, pp. 112–121: PDF available here
Zvika Brakerski and Vinod Vaikuntanathan (2011) "Efficient Fully Homomorphic Encryption from (Standard) LWE," SIAM Journal of Computing, 43(2), pp. 831–871: PDF
Craig Gentry, Shai Halevi and Nigel Smart (2012) "Fully Homomorphic Encryption with Polylog Overhead," Advances in Cryptology – EUROCRYPT 2012, Springer LNCS 7237, pp. 465–482: PDF available here
Craig Gentry, Shai Halevi and Nigel Smart (2012) "Better Bootstrapping in Fully Homomorphic Encryption," Public Key Cryptography – PKC 2012, Springer LNCS 7293, pp. 1–16: PDF available here
Zvika Brakerski, Craig Gentry and Vinod Vaikuntanathan (2011) "Fully homomorphic encryption without bootstrapping", ACM Transactions on Computation Theory (TOCT) - Special issue on innovations in theoretical computer science 2012 - Part II, 6(3), July 2014: PDF
Zvika Brakerski, Craig Gentry, and Vinod Vaikuntanathan (2012) "(Leveled) fully homomorphic encryption without bootstrapping," Innovations in Theoretical Computer Science (ITCS '12), ACM: PDF available here
Anamaria Costache and Nigel Smart (2017) "Homomorphic Encryption without Gaussian Noise," IACR Cryptology ePrint Archive: PDF
Konstantin Kogos, Kseniia Filippova and Anna V. Epishkina (2017) "Fully homomorphic encryption schemes: The state of the art," 2017 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus): LINK
Jean-Jacques Quisquater, Louis C. Guillou and Thomas A. Berson (1990) "How to Explain Zero-Knowledge Protocols to Your Children", Advances in Cryptology – CRYPTO '89, Springer LNCS 435, pp. 628–631: PDF
Shimon Even, Oded Goldreich and Abraham Lempel (1985) "A Randomized Protocol for Signing Contracts", Communications of the ACM, 28(6), pp. 637–647: PDF available here
Andrew Yao (1982) "Protocols for secure computations", FOCS 2013, pp. 160–164: PDF
Ioannis Ioannidis and Ananth Grama (2003) "An efficient protocol for Yao's Millionaires' Problem", HICCS '03: PDF
Indrajit Ray and Indrakshi Ray (2002) "Fair exchange in e-commerce", ACM SIGecom Exchange 3(2), pp. 9–17: PDF
Henning Pagnia and Felix C. Gärtner (1999) "On the impossibility of fair exchange without a trusted third party," Technische Universität Darmstadt Technical Report TUD–BS–1999–02: PDF
Michael J. Fischer, Nancy A. Lynch and Michael S. Paterson (1985) "Impossibility of Distributed Consensus with One Faulty Process," Journal of the ACM, 32(2), pp. 374–382: PDF
Matthew K. Franklin and Michael K. Reiter (1997) "Fair Exchange with a semi-trusted third party," CCS '97, pp 1–6: PDF
N. Asokan, Victor Shoup and Michael Waidner (1998) "Asynchronous protocols for optimistic fair exchange," IEEE Symposium on Research in Security and Privacy, pp. 86–99: PDF; Fixed by Vitaly Shmatikov and John C. Mitchell (2000) "Analysis of a Fair Exchange Protocol", NDSS 2000: PDF
Manuel Blum (1983) "How to exchange (secret) keys," ACM TOCS 1(2), pp. 175–193: PDF
Dahlia Malkhi, Noam Nisan, Benny Pinkas and Yaron Sella (2004) "Fairplay – A Secure Two-Party Computation System," 13th USENIX Security Symposium, pp. 287–302: PDF
David Chaum (1982) "Blind signatures for untraceable payments," Crypto '82, LNCS 1440, pp. 199–203: PDF
David Chaum, Amos Fiat and Moni Naor (1988) "Untraceable Electronic Cash," CRYPTO '88, LNCS 403, pp. 319–327: PDF
Stefan Brands (1993) "Untraceable Off-line Cash in Wallets with Observers," CRYPTO '93, LNCS 773, pp. 302–318: PDF
Niels Ferguson (1993) "Single Term Off-line Coins," EUROCRYPT 93, LNCS 765, pp. 318–328: PDF
Tony Eng and Tatsuaki Okamoto (1994) "Single-Term Divisible Electronic Coins," EUROCRYPT '94, LNCS 950, pp. 306–319: PDF
David Chaum and Torben Pedersen (1991) "Transferred Cash Grows in Size," EUROCRYPT '92, LNCS 658, pp. 390–407: PDF
Laurie Law, Susan Sabett and Jerry Solinas (1997) "How to Make a Mint: The Cryptography of Anonymous Electronic Cash," American University Law Review 46 (4): PDF
Marco Iansiti and Karim Lakhani (2017) "The Truth About Blockchain," Harvard Business Review, January 2017: LINK
Claus P. Schnorr (1991) "Efficient signature generation for smart cards," Journal of Cryptology, 4(3), pp. 239–252: PDF
Jan Camenisch and Ivan Damgård (2000) "Verifiable encryption, group encryption, and their applications to group signatures and signature sharing schemes," ASIACRYPT 2000, Springer LNCS 1976, pp. 331–345: PDF
Jan Camenisch and Anna Lysyanskaya (2002) "A signature scheme with efficient protocols," SCN 2002, Springer LNCS 2576: PDF
Jan Camenisch and Victor Shoup (2003) "Practical verifiable encryption and decryption of discrete logarithms," CRYPTO 2003, Springer LNCS 2729 pp. 126–144:PDF
Ivan Damgård and Eiichiro Fujisaki (2002) "An integer commitment scheme based on groups with hidden order," ASIACRYPT 2002, Springer LNCS 2501: PDF
Jan Camenisch et al (2010) Specification of the Identity Mixer Cryptographic Library (Version 2.3.0), IBM Zurich Technical Report RZ 3730: Available via this link
Hemanta Maji, Manoj Prabhakaran and Mike Rosulek (2011) "Attribute-based signatures.'' Topics in Cryptology–CT-RSA 2011, Springer Berlin Heidelberg, pp. 376–392: PDF
Ali El Kaafarani, Liqun Chen, Essam Ghadaï and James Davenport (2014) "Attribute-Based Signatures with User-Controlled Linkability," CANS 2014, Springer LNCS 8813, pp. 256–269: PDF
Xavier Boyen (2007) "Mesh signatures." Advances in Cryptology–EUROCRYPT 2007. Springer Berlin Heidelberg, pp. 210–227: PDF
Gergely Alpár and Bart Jacobs (2013) "Credential design in attribute-based identity management," 3rd TILTing Perspectives Conference, pp. 189–204: PDF
John Kubiatowicz, David Bindel, Yan Chen, Steven Czerwinski, Patrick Eaton, Dennis Geels, Ramakrishna Gummadi, Sean Rhea, Hakim Weatherspoon, Westley Weimer, Chris Wells and Ben Zhao (2000) "Oceanstore: An architecture for global-scale persistent storage." ACM Sigplan Notices 35(11), pp. 190–201: PDF
A more gentle introduction to some of the concepts...
Xun Yi, Russell Paulet and Elisa Bertino (2014) Homomorphic Encryption and Applications, Springer, ISBN 978–3–319–1228–1