SE Autonomous Security
Modul: | Special Topics in Communication Networks and Autonomous Security (MINF-KT-CNAS.W10) |
Semester: | Wintersemester 2010/11 |
Art: | SE (2 SWS / 3 LP) |
LV-Nr.: | 0435 L 781 |
Veranstalter: | Dr. Seyit Ahmet Camtepe |
Ort und Zeit: | wird in der VL CNAS organisiert (Seminar gehört zum CNAS-Modul) Themenvergabe am 22.10., 14-16 Uhr im TEL 1315 |
Description
Master degree seminer with following topics from Autonomous and Pervasive Security fields:
Topic 1: Securing Android-based Devices
Language: English / German
Trainer: Aubrey-Derrick Schmidt
Smartphones become more and more popular. As the capabilities (cpu, memory, communication, sensing) of these devices increase, they provide mobile computing power that can be used in variety of critical applications. Resulting security and privacy issues become even more series with android open-platform which permits very short innovation cycle for emerge of new smartphone applications without any proper security measures. Our aim in this seminar topic is to identify weaknesses in the Google Android platform and examine appropriate security architectures that can protect against such vulnerabilities.
Topic2: Context-aware Security for Smart Phones
Language: English / German
Trainer: Leonid Batyuk
In the modern world, everything is connected - anytime, anywhere. A mobile computing device has become our everyday companion. In many cases, it adapts to its environment and is aware of its context. Despite this development, security models stayed static and do not regard context information when making security decisions. Context aware security architecture provides a combination of context awareness and traditional access control mechanisms, aiming at a more secure and fine grained access control.
Topic 3: Collaborative Intrusion and Malware Detection
Language: English / German
Trainer: Rainer Bye
Technological improvements and wide acceptance of Internet brings in security challenges such as complex and collaborative attacks. Collaborative methods appear as a promising method for defending against such distributed and complex security threats. CIMD (Collaborative Intrusion and Malware Detection) enables participants to state their objectives and interests for joint intrusion detection. This helps in establishing groups in a distributed manner for the exchange of security-related data such as monitoring or detection results.
Topic 4: A Quantitative Methodology for Online IT Risk Management
Language: English / German
Trainer: Stephan Schmidt
Risk management and business process management play an increasingly vital role in contemporary corporate infrastructures due to a multitude of operational, technical and regulatory reasons. Increasingly complex interdependencies as well as flexibility demands in rapidly changing networked environments make this effect even more pronounced for companies which are strongly based in the IT domain. Current risk management methodologies are often static in nature and can not meet the demands of operational practices.
We focus on a quantitative framework for organizational IT risk management. The underlying risk management process splits into three phases. The risk assessment phase quantifies asset values at a high level and threats at a low level of abstraction. Augmented by interdependency analysis rooted in graph theory, these values are correlated at the hardware level where tactical risk mitigation strategies are available. Theoretically optimal and scalable risk mitigation strategies based on game and control theory are applied in risk mitigation phase which minimize the total risk over a given finite time horizon utilizing the given security budget. The risk transfer phase includes strategies for redesigning corporate IT infrastructure based on high-risk interdependencies.
Topic 5: Non-Intrusive User Behavior Analysis Using Computerized Systems
Language: English / German
Trainer: Arik Messerman
There are different ways to authenticate humans to a system. An authentication process consists of the validation of the authorization by any subset of three factors: (i) something you know (password), something you have (smartcard), and something you are (biometrics). Besides classical attacks on password and risk that smartcards can be stolen, biometric have their own disadvantages such as requirement of expensive devices, risk of stolen bio-templates. Moreover existing approaches provide authentication process usually performed only once initially. Non-intrusive and continuous monitoring of user activities emerges as promising solution in hardening authentication process.
Topic 6: User Identification via Smartphones
Language: English / German
Trainer: Arik Messerman, Aubrey-Derrick Schmidt
Smartphones come with improved capabilities in very short innovation cycles: new hardware properties, new types of sensors, improved processor and memory. Soon we will all be equipped with a smartphone; so that, a smartphone will be a trusted device where we store our private information including our money. This will require strong authentication mechanisms on the smartphones such as biometrics. Therefore, smartphones with variety of sensors will be used as biometric readers. In this seminar topic, we will exploit the opportunities to convert smartphones into biometric readers, and try to invent new combined biometric methods using the sensors available on the smartphones.
Topic 7: Human Identification in Smart Homes
Language: English / German
Trainer: Tarik Mustafic
Recent developments in Ambient Assisted Living (AAL) technologies suggest that in the near future home environment will be surrounded with networked intelligent devices and sensors bringing more comfort and safety. Technical requirements for implementation of innovative services in home environment are largely met, but these services have to be supported by non-intrusive and transparent identification systems. Our aim is to investigate object-based recognition of activities of daily life during interaction of inhabitants with the home objects in daily activities.
Topic 8: Secure Communication for Wireless Sensor Networks in Home Environment
Language: English / German
Trainer: Joel Chinnow
Ambient Assisted Living (AAL) technologies bring in variety of sensors which collect information to improve the comfort and safety in home environment. But, the information collected and shared with wireless communication introduces lots of security and privacy concerns. For some applications, existing cryptographic measures may ensure security and privacy. But, a lot other applications requires more innovative solutions. A sensor transmitting whether a window is open or close might be a simple example. Since there are only two states, encryption of the message can not conceal the information. Adversary can easily figure out that first event triggered message after sunrise should be a windows open message no matter how strong the encryption is.
Topic 9: AI Techniques in Intrusion Detection and Evaluation of Intrusion Detection Systems
Language: English / Deutsch
Trainer: Dr.-Ing. Karsten Bsufka
Current Intrusion Detection Systems (IDS) employ various AI techniques to detect intrusions. Based on conference on journal publications a comparison of these techniques shall be created. A related topic is the evaluation of such techniques in the context of intrusion detection. Again a comparison of procedures, data sets and result presentation shall be created.
Copyright TU Berlin 2007