Outline Announcements Exercise set 4 debrief CSci 5271 Introduction to Computer Security Bitcoin experience (cont’d) Day 26: Student Project Presentations #1 Social network tracking 1:18 Stephen McCamant Evasive JavaScript malware 1:36 University of Minnesota, Computer Science & Engineering Smartphone messaging DoS 1:54 Project reports and meetings Exercise set 5 due Thursday Final individual report due 11:55pm Final exercises due 11:55pm 12/5 tonight Plan to return both it and HW2 before Meetings scheduled for this week final Turn in presentation slides Presentation logistics Main presentation/demo: 12 minutes After presentation, send copy of slides Save most questions until the end to Stephen I stand up ✦ time to finish up PDF format preferred if possible Audience Q&A: 3 minutes Evaluation comments by email Ideal: insightful but not too hostile I may have questions if no students do
Outline Seeding a PRNG Announcements Entropy required for unpredictability Exercise set 4 debrief Black-box attacks easy, reverse engineering also possible Bitcoin experience (cont’d) Bad ideas: Social network tracking 1:18 t✐♠❡✭✮ Process ID Evasive JavaScript malware 1:36 Time XOR PID Smartphone messaging DoS 1:54 How to do better? Web server false alarms ViruSniff Attack is unlikely to appear in benign traffic Can you have no FNs without solving Illegal UTF-8 rep. of path traversal the halting problem? Best way to inject false positives? Mimicry attack against ViruSniff IP spoofing not easy for TCP Countermeasures Takeaway: FP/FN rates depend on attacker DoS protection: Sly’s scheme DoS protection: Carl’s scheme Requests get delayed bit if not first in When overloaded, redirect traffic to queue from their IP previous clients Delayed requests re-queued until a Can attackers still deny service? second has passed What else can go wrong? Can an attacker still deny service?
Outline Bitcoin mining trends Announcements Exponentially increasing rates Exercise set 4 debrief CPU ✦ GPU ✦ FPGA ✦ ASIC Bitcoin experience (cont’d) Specialized hardware eclipsing general purpose Social network tracking 1:18 Including malware and botnets Evasive JavaScript malware 1:36 Recent price trends suggest continuing investment Smartphone messaging DoS 1:54 Enforcing consistency Stealing bitcoins Structure of network very resistant to Bitcoins are a very tempting target for protocol change malware Inertia of everybody else’s code Private keys stored directly on client Changes unpopular among miners will machines Theft is non-reversible not stick Much easier than PayPal or identity theft Minor crisis in March: details of Standard recommendation is to keep database lock allocation cause half of keys mostly offline network to reject large block Bitcoin (non-)anonymity Outline Announcements Bitcoin addresses are not directly tied Exercise set 4 debrief to any other identity But the block chain is public, so there’s Bitcoin experience (cont’d) lots of information Social network tracking 1:18 List of largest balances on Wikipedia, academic research Evasive JavaScript malware 1:36 ❤tt♣✿✴✴❡♣r✐♥t✳✐❛❝r✳♦r❣✴✷✵✶✸✴✼✽✷ Real unlinkability is a research topic Smartphone messaging DoS 1:54
Outline Outline Announcements Announcements Exercise set 4 debrief Exercise set 4 debrief Bitcoin experience (cont’d) Bitcoin experience (cont’d) Social network tracking 1:18 Social network tracking 1:18 Evasive JavaScript malware 1:36 Evasive JavaScript malware 1:36 Smartphone messaging DoS 1:54 Smartphone messaging DoS 1:54
Recommend
More recommend
