Hauptseminar Technical Privacy
Current news:
- Any updates related to the seminar will be announced via OPAL. Please enroll in the respective OPAL course. If you experience any difficulties, please contact Paul Walther.
Description
This seminar aims to convey the skills that are needed to perform a thorough literature research in the area of privacy and security and to communicate its results in a manner suitable to a scientic audience. For the latter, the seminar mimics the process of a scientific conference, where authors first submit papers for review and upon a positive review, afterwards present their work in a short presentation to the other attendants.
In contrast to a real scientific conference, the reviews are done by the participants of the seminar, and each student will receive at least one review by their supervisor.
The seminar will proceed in the following phases:
- Literature research & writing: Each participant will choose a topic (topic suggestions can be found below) and perform a scientific literature research to assess the current state of the art with regards to that topic. Furthermore, each participant will write a report that summarizes, compares and discusses the discovered literature. At the end of the phase, every participant will submit its written report for peer review.
- Peer Review: Depending on the number of participants, 1 or 2 papers will be assigned to every participant for peer review. "Reviewing" means that the report is read in depth and, if necessary, suggestions for improvement are made. The reviews will be double-blinded: the authors will not know who reviewed their report, and the reviewers will not know who wrote the report they review.
- Revision: Each participant will receive the reviews to their report and improve the report accordingly.
- Presentation: Every participant will give a talk about the results from its literature research.
The precise deadlines for each phase can be found further down the page under "Important Dates".
INFORMATION
Master Informatik (INF-AQUA)
Diplom Informatik (INF-D-940)
Hauptseminar
5th semester or later
Basic knowledge of IT-Security / Cryptography, learned for instance through attending the course "Security and Cryptography I" or "Kryptographie und Kryptoanalyse"
Seminar: 2 SWS
Leistungsnachweis in Form einer Ausarbeitung und eines Vortrags
Tuesday, 4. DS, 13:00 - 14:30, online
Links & Resources
Important dates
| Date | Time | Event |
|---|---|---|
| 05.04.22 | 13:00 | Welcome meeting (slides) |
| 11.04.22 | 23:59 | Deadline for sending topic preferences |
| 12.04.22 | 13:00 |
Annoucment of topic assignments Presentation Gregor Garten "Privacy Preserving Smart Metering Using DC-Nets" ⇒ this session will be in presence in APB/E006 |
| 18.04.22 | 23:59 |
Deadline for contacting your supervisor |
| 19.04.22 | 13:00 | Introduction to literature research (slides) (BBL recording of last semester) |
| 03.05.22 | 13:00 | Presentation Jeannine Born " Enhancing the privacy of IoT networks by introducing a microsegmentation strategy adapted from user privacy preferences." |
| 10.05.22 | 13:00 | Introduction to scientific writing (slides) (BBL recording of last semester) |
|
17.05.22 |
13:00 | Stippvisite des Schreibzentrums |
| 24.05.22 | ||
| 31.05.22 | ||
| 07.06.22 | 13:00 |
Defenes Diploma thesis ⇒ this session will be in presence in APB/E006 |
| 14.06.22 | ||
| 20.06.22 | 23:59 | Deadline for submission of written report |
| 21.06.22 | 13:00 | Introduction to peer review (slides) (BBL recording of last semester) |
| 27.06.22 | 23:59 | Deadline for submission of reviews |
| 28.06.22 | Reviews are sent to the authors | |
| 05.07.22 | 23:59 | Deadline revised version of report |
| 12.07.22 | 13:00 | Presentations |
TOPICS
Each student is encouraged to propose own topics of interest from the area of security and privacy. If you would like to work on a topic not included in the following list, please send an email to Paul Walther
Security Automation
Supervisor: Sebastian Rehms
Security operations and controls on company scale are complex and several standards like the ISO 27001 have been put foreward in order to reduce and systematize this complexity.
Additonally, integrated security event management systems have become widley used and information sharing and cooperation has been identified as a requirement for security automation.
Subsequently ongoing attempts exist to research the potential and enable automation of security controls based on standards, monitoring infrastructure and community knowledge.
The work should review and categorize the literature on security automation for different security controls like vulnerability management, configuration management and security policies.
The aim is to get a clearer picture on the requirements, available technologies and protocols for security automation, the potential areas for such objectives as well as the possible problems and obstacles.
Literature:
* Montesino, Raydel, and Stefan Fenz. "Information security automation: how far can we go?." 2011 Sixth International Conference on Availability, Reliability and Security. IEEE, 2011.
* Montesino, Raydel, Stefan Fenz, and Walter Baluja. "SIEM‐based framework for security controls automation." Information Management & Computer Security (2012).
* Edwards, W. Keith, Erika Shehan Poole, and Jennifer Stoll. "Security automation considered harmful?." Proceedings of the 2007 Workshop on New Security Paradigms. 2008.
* Kampanakis, Panos. "Security automation and threat information-sharing options." IEEE Security & Privacy 12.5 (2014): 42-51.
Context-Awareness and Adaptiveness for Access Control
Supervisor: Sebastian Rehms
Authentication and access control is at the core of many IT-security operations.
Through the years several mechanisms have been proposed in order to enhance resilience but also to improve usability.
In contrast to classical authentication factors context-aware and adaptive approaches leverage additional information like the patch level of a device, the location of the user or behaviour-estimated trust to arrive at decisions for granting access to restricted resources.
In this work it should be evaluated which forms of such additional information has been proposed for access control and how adaptiveness of underlying system topologies has been taken into account.
Literature:
* Hayashi, Eiji, et al. "Casa: context-aware scalable authentication." Proceedings of the Ninth Symposium on Usable Privacy and Security. 2013.
* Ward, Rory, and Betsy Beyer. "BeyondCorp: A new approach to enterprise security." (2014).
* Jung, Youngmin, and Mokdong Chung. "Adaptive security management model in the cloud computing environment." 2010 the 12th International Conference on Advanced Communication Technology (ICACT). Vol. 2. IEEE, 2010.
* Tsigkanos, Christos, et al. "Engineering topology aware adaptive security: Preventing requirements violations at runtime." 2014 IEEE 22nd International Requirements Engineering Conference (RE). IEEE, 2014.
* Pasquale, Liliana, et al. "Topology aware adaptive security." Proceedings of the 9th international symposium on software engineering for adaptive and self-managing systems. 2014.
Machine Learning based Linkability Attacks
Supervisor: Stefan Köpsell
An overview will be given of the extent to which machine learning methods can be applied to establish linkability in anonymous or pseudonymized datasets.
LIterature: tbd
Confidentiality and (Location) Privacy in V2X Communication
Supervisor: Stefan Köpsell
The current SoA regarding confidentiality and especially (location) privacy / unlinkability in the area of V2X communication is to be presented. Among other things, the use of anonymous credentials is to be discussed.
LIterature: tbd
Secure Computation based on Homomorphic Encryption
Supervisor: Stefan Köpsell
An overview of current practical applications and limitations regarding computing on encrypted data is to be given.
LIterature: tbd
Broadcast/Multicast Encryption
Supervisor: Stefan Köpsell
An overview is to be given of the current state of research in the field of broadcast/multicast encryption, i.e. when the problem is to transmit messages confidentially to a group of authorized persons. In particular, key management in the case of dynamic groups is to be considered.
LIterature: tbd
Wireless Identification using RF fingerprints
Supervisor: Paul Walther
In Physical Layer Security wireless devices can be identified using fingerprints of their radio transceivers. By combining different unique features of the wireless transmission a unique singature can be generated for different devices.
In this work the SoA of this RF fingerprinting should be analyzed and categorized, espacially regarding practically implemented schemes. A special focus should be put in techniques using Channel Impulse Responses (CIR) and on the respective features used in the signature/fingerprint creation.
The following references will provide a starting point for research:
[0] https://ieeexplore.ieee.org/document/6362771
[1] https://dl.acm.org/doi/pdf/10.1145/1409944.1409959
[2] https://ieeexplore.ieee.org/document/7878519
Practical Challenges in Quantum Key Agreements
Supervisor: Paul Walther
One of the main tasks of security is to provide future proof primitives, especially quantum secure ones. This can be acheived by building on true randomness based in physical phenomena as done in Physical Layer Security or Quantum Cryptography. Due to their similar approaches, many of their underlying principles can be transferred between these two domains.
The intended goal of this paper is to provide an overview of the current practical implementations of Quantum Key Distribution. This includes both the basic approach of the realization and the concrete protocols used. A special focus shall be on the practical challenges of the respective implementations. In this context, it shall be specifically outlined which practical questions are still open for the broad applications of QKD by end users.
The following references will provide a starting point for research:
[0] https://www.sciencedirect.com/science/article/pii/S0304397514006963
[1] https://ieeexplore.ieee.org/abstract/document/8977649/
[2] https://www.nature.com/articles/npjqi201625
[3] https://journals.aps.org/rmp/abstract/10.1103/RevModPhys.81.1301
Machine Learning in Physical Layer Security
Supervisor: Paul Walther
Physical Layer Security is an alternative to classical security which can provide lightweight security primitives with information-theoretically proven security. One of these primitive is the key generation based on wireless channel reciprocity. This approach facilitates the properties of wireless transmission between two transceivers to generate a symmetric key.
In this work it should be investigate, to which extend the powerful tools of machine learning (ML) are currently integrated into this key exchange. For this, it should be studied whether ML primitives have already been incorporated and how they perform. Additionally, adjacant topics like authentication should be reviewed regarding their application of ML and how these approaches could be transferred.
The following references will provide a starting point for research:
[0] Zenger, Christian. "Physical-layer security for the internet of things." (2017), Chapter 1-2
[1] https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=858165