2017浙江大学网络空间安全青年科学家论坛--12月20日会议简要记录

数据安全与隐私前沿

1. When Security and AI Meet. -- Tao Xie taoxie@illinois.edu http://taoxie.cs.illinois.edu/

1.1 AI and Software Engineering 智能软件工程

(1) AI FOR Test Generation:
Microsoft Security Risk Detection : https://microsoft.com/en-us/security-risk-detection/
cloud-based-fuzz-testing

(2) 二进制码 based risk detection: Mayhem

(3) Dynamic Symbolic Execution (DART: Godefoid et.al OKDI'05)
遍历所有的路径和分支语句：

Explision of Search Space: 搜索空间太大

(4) Automated Software Testing:

• Path Explision: DSN'09: fITNEX
• Method SEQUENCE EXPLOSION oopsla'11: Seeker
  Shipped in VS 2015/2017
  Code Hunt :

(5) Android App Testing: WeChat

(6) Intelligent Software Testing?

• Learning from others working on the same things
• Learning from others working on similar things

(7) NLP for Security Policies

• Access Control Vulnerabilities
• Access Control Policies(ACP)
  • A policy rule includes four elements:
    • Subject - HCP
    • Action - edit
    • Resource - patient's account
    • Effect - deny
• Problems of ACP Practice
  • ACPs: 自然语言并没有具体处理
  • Example: A doctor can not modify the patient's account.
• Overview of Text2Policy

(8) NLP for Mobile Security

• Problems Statement:
• Is Program Analysis sufficient?
  • Caveat: what does the user expect?
    • GPS Tracker:
    • Phone-call recorder:
    • others are more subtle:
• Vision
  • 分析应用描述
  • Straw man: Keyword Search
    • Confounding effects:
      • certain keywords such as 'contact' have a confounding meaning
    • Semantic Interference:
      • Sentences often decribe a sensitive operation such as reading contact without actually refferring to the keyword 'contact', e.g., "Also you can share the yoga exercise to your friends via Email and SMS."
  • 抽取领域知识 Semantic-Graph Generator
  • Semantic Engine

(9) ML for mobile security:

• 分析APK，区分善意与恶意软件
• Context-based Mobile security
• EnMobile: Entity-based Characterization and Analysis of Mobile Malware ICSE 2018

(10) Adversarial ML
杨俊峰 哥伦比亚大学 SOSP 2017

2. 隐私保护：现状与挑战

• 差分隐私技术
• 全同态加密技术

2.1 数据云服务：安全隐私研究

实时协同编辑软件：Google Docs. ShareLatex, Etherpad等

• github上的敏感数据泄露

2.2 Encrypted Search: Advances and Beyond 王聪--香港城市大学

• 加密数据搜索
• Motivation
  • sensitive data demands Encrypted storage
  • Encrypted Search reduce risks of data breaches

2.3 大数据试验场数据安全与管控 韩伟力

2.4 图数据隐私-- 纪守领

Application-aware privacy-preserving techiques

Deep Learning or ML based privacy preservation

CCS: 图片验证码：人很好识别、机器很难识别

3. Securing the Networking Foundation for Future Internet, Cloudand 5G Infrastructures -- 顾国飞：美国德州农工大学

3.0 Problems of Legacy Network Devices

• Too Complicated:-- Control Plane
• Closed platform -- Vendor specific
• Hard to manage
• Why we care?
  • Datacenter / Cloud networking
  • Telecommunication Networking
    • SDN/NVF is a foundation in 5G
    • High cost for feature insertion for new (value=added) services
    • Complext network management
  • Enterprise networking
    • BYOD Challenges
    • too much reliance on vendors
  • Home networking
    • increased devices (IoT) and complexity
    • why my network is not working? who can help?
• SDN -- Three layer Application layer + control layer + infrastructure layer
• Openflow Infrastructure
• SDN Operation
• Going Beyond
  • The future is software defined
    • SDN
    • software defined storage
    • software defined radio
    • software defined infrastructure(VMs, NFV, Cloud, 5G)
  • A new research direction: Software defined Programmable security(SDPS)

3.1 Security in the paradigam of SDN

3.2 Security in SDN -- Case Study :ConGuard

(1). Security Problems in SDN , 新的安全问题

• SDN still in infant stage
• The security of SDN itself is another major concern:
  • Vulnerable/Malicious/buggy apps?
  • Vulnerable controller? data plane? communication bettween data/control plane.

(2) Attacking the brain: races in the SDN control Plane

• SDN Control plane = new Achilles' Heel
• Research Questions
  • ConGuard -- solution
  • Detection of Harmful Race Conditions
  • Exploitation of Harmful race conditions

3.3 SDN for security -- case study: Programmable BYOD Security

• Killer applications of SDN?
  • reducing energy in data center networks
  • WAN VM Migration
  • how about security?
    • Can SDN enable new capabilities to improve network security?
• Exemplar SDN Security Apps
  • Firewall
  • DDoS Detection
  • Scan Detection
  • Reflector network
  • Tarpit
  • Dynamic quarantine
  • and more...
• App Store> Security as an Apps
  • Security as a app
  • Security as a service
• Challenges and Our Contributions
  • develop security apps is Hard
    • FRESCO: a new app development framework for modular, composable security services [NDSS'13]
  • It is not convenient to install/use security devices/services for cloud tenants
    • CloudWatcher/NetSecVisor/BYOCVisor: a new security monitoring service model [Network security virtualization] based on SDN
  • Leverage the advantages of SDN when no SDN data plane infrastructure
    • NDSS'16 work
• NDSS'16 --Towards SDN-Defined Programmable BYOD (Bring Your Own Device) Security

4. 基于灵活策略的云网络资源控制 -- 陈焰 浙江大学网络空间安全研究中心

• SDNKeeper
  • 运营商网络
  • Cloud providers
  • SDN落地部署的关键：网络资源安全
  • SDNKeeper 系统架构

4.1 林晓东-- 加拿大劳瑞尔大学副教授

4.2 Ye Wu-- Privacy Protection based SMC applications--privcy leakage(DP SMC Forensics)

• Privacy preserving correlation Analysis
  • A Toy Example
• Securing Master Key with SMC: solution Overview
• Privacy Preserving Data Query
• Privacy Preserving Maching Learning
• Privacy Preserving Challenges
• Data Security Scenario

4.3 Chunyi Peng-- Purdue University 移动网络安全 https://www.cs.purdue.edu/homes/chunyi/

• Mobile Network
  • large-sale wireless network Infrastructure
• Expected to be More Secure
  • Internet: designed without embedded security features
  • Mobile network
    • User authentication and key agreement(AKA)
    • User authorization (explicit/implicit)
    • Encryption(IPSEC)
    • Access control (from both UE and Internet)
      • Firewall, tenants
    • Closed System
• IP Spoofing [CCS'14]
  • ip assigned by the network, authentication for L2 data pipes
  • But, Spoofing on L3 is possible
• VoLTE abuse [CCS'15]
  • VoLTE: IP packets for voice data and siganling
  • But, exploited for norma data packet
• SMS Sender-ID Spoofing [CSS'16]
  • Authentication for the sender is required
  • But, SMS Sender (in SIP header) can be spoofed
• Why: Gap between security and the operations it intends to project
• Change Factors & Security Implications
  • Closed-> Open
    • Expose attack vectors to adversaries
    • E.g, IP
  • Security states: isolated user
    • But requires a full-path security (creation, storage, use, verification)
  • Missing Components
    • Monitor and detection (Security KPI)
    • Runtime traceback and mutual-authentication(not at the start only)
    • Provenance for troubleshooting (deterrence)
  • 5G opportunity: NFV (flexible & extensible)

4.4 赵志峰-- 浙大 An intelligent software defined security architecture and collaborative defense testbed [zhaozf@zju.edu.cn] OpenStack + OpenDaylight = testbed

• An Intelligent Honeynet based on Software defined security [WCSP'17]
• 利用AI与attackers对话，
• A Machine learning based Intrusion detection system. [IET Networks'17]
  • K-means进行分流、随机森林做特征分类
• Collaborative defense testbed [生成数据]

4.5 程越强 -- 百度资深安全科学家 Towards Trusted path establishment: from endpoints to cloud

• Root of Trust(RoT) Candidates
  • Trusted Hardware as RoT
  • Hard Math Problems as RoT
• Endpoint Trust establishment
  • starting from root of Trust
  • Extending trust chain in a layered system
• Trusted Path applications
  • Secure Element + trustZone
    • Fingerprint Protection
  • Trusted Processor + Enclave
    • Efficient Secure Multiparty Computation (SMC)
    • Efficient Verifiable Computation
• Trusted Path in Baidu
  • Trust chain upon Hardware RoT in layered System
    • Rust SGX Enclave - Verifiable and isolated execution environment
    • MesaLock Linux - memory safe user Space
  • MesaLink Connecting all of them
    • Post-quatum cryptographic support
    • Memory safe language - without memory corruptions
• Trusted Path Still Challenging
  • Root key previsioning and management
  • Complex hardware architecture
  • Vulnerabilities in Implementation
  • Side channel threat, e.g., for Intel SGX
• Q/A
  • 移动网络安全：3G 4G 5G安全，运营过程中的Gap，
  • SGX 的成熟、WAPI WIFI Security

12月20日下午会议PPT--下载
链接: https://pan.baidu.com/s/1bpwcm2j 密码: zb2f