CS590 Fall 2004: Insider Threats to Information Systems

CS 590T: Insider Threats to Information Systems

Class Information

Calendar

Projects

Additional Reading

Other Resources

Team:

Instructor: Cristina Nita-Rotaru (crisn).
Class list:CS590T@cs.purdue.edu
Class Schedule: Monday: 2:30PM - 4:00PM and Wednesday 2:30PM - 3:30PM, CERIAS Conference Room.
Office Hours

Cristina Nita-Rotaru: Wednesday 12:30PM - 2:30PM or by appointment, REC 217D.
Class description:
Internal attacks represent a serious threat today: computers can get easily compromised, laptops or other wireless devices can get stolen. Once a machine, or several of them are compromised and controlled by an attacker, they can exhibit an arbitary behavior.
In this course, we will examine the impact of insider threats to information systems operating in wired or wireless networks. In particular, we will focus on communication and data access protocols designed to be resilient to internal attacks.
Pre-requisites: Database Systems/Networking and Cryptography/Information Security
Grading
The grade will be based on:
- the activity in the class (involvement in discussing the papers) (15%)
- homework (25%)
- the quality of the project (60%): 10 % project proposal, 30% project report, 20% presentation in the class, 30% demonstration of the project.
Homework
Reading will be assigned for each lecture. Before lecture, every student must submit a one page report of one of the assigned papers (report should contain a one paragraph summary of the paper, description of three strong points of the paper and three weak points of the paper). The reports are due every Monday at 12:30PM, by email. PLEASE NO ATTACHEMENTS, TEXT ONLY.
Project

Project proposal (2-3 pages), due Sept.1, 1:30 PM.
Should include:
Problem you address.
What is your approach.
Milestones (main steps and when do you plan to address them)
References: additional reading that you intend to do
Tools: if you plan to use tools (software already written), specify if you already have experience with it or you will need first to get familiarized.
What will be the deliverable items: implementation, simulation results, etc,
What are the points that if achieved, you will consider that the project was successful

Project final report (10-12 pages), due Dec. 9, 11:59 PM.
Should include:
Problem addressed
Proposed solution; In case of a system, describe and motivate the chosen architecture, design. If any new algorithm/protocol is designed, include description of the algorithm.
In case of comparison, simulations, include results.
What was your personal lessons learnt from the project.

Academic Integrity
Academic Honesty and Ethical behavior are required in this course, as it is in all courses at Purdue University (here is the guide for academic integrity). The class will be conducted according to the policy written by Professor Gene Spafford. Please take the time to read it carefully. This will be followed unless I provide written documentation of exceptions.
As of Spring 2004, all students taking CS courses, including CS 590T, must read and "sign" the Purdue University Department of Computer Science Academic Integrity Policy. This is available on the CS Department Website. Click on the link "Student Resource Page Now Online" and from there the link to "Academic Integrity Policy". You will need your Purdue Career Account login and password to access this page. There, after reading the policy, you will indicate that you have read and understand both the policy and its consequences. There is also information there about some implementation details.
You are encouraged to talk with the professor about any questions you have about what is permitted on any particular assignment.

Calendar

Week Topic and assigned reading

Aug. 23 - Aug. 27 Course outline. State machine replication.
Reading:

F. B. Schneider. Implementing Fault-Tolerant Services Using the State Machine Approach: A Tutorial ACM Computing Surveys 22(4):299-319, December 1990. [SLIDES]

Aug. 30 - Sept. 2 Impossibility of consensus in asynchronous systems. Failure detectors.
Reading:

M.J.Fischer, N.A.Lynch and M.S. Paterson. Impossibility of Distributed Consensus with One Faulty Process. ACM SPDS 1983.
Presented by Bogdan. [SLIDES]
I. Gupta, T.D.Chandra and German S. Goldszmidt. On scalable and efficient distributed failure detectors. Proceedings of the 20th annual ACM Symposium on Principles of Distributed Computing, Newport, Rhode Island, United States.
Presented by Dan. [SLIDES] [SLIDES]

Sept. 6 - Sept. 10 State machine replication in non-byzantine models. Paxos and fast Paxos.
Reading:

L. Lamport. Paxos Made Simple Distributed Computing Column of ACM SIGACT News 32(4):51--58, December 2001. Presented by Paul [SLIDES].
L. Lamport. The Part-Time Parliament In ACM Transactions on Computer Systems, 16(2):133-169, May 1998. Presented by Bhagya [SLIDES]. .

Sept. 13 - Sept. 17 Byzantine agreement.
Reading:

L. Lamport, R. Shostak, and M. Pease. The Byzantine Generals Problem ACM Transactions on Programming Languages and Systems 4(3):382-401, July 1982.
Presented by David. [SLIDES].
D. Dolev The Byzantine generals strike again, Journal of Algorithms 3(1):14-30, 1982.
Presented by Issa. [SLlIDES].
D. Dolev and H. R. Strong, Authenticated Algorithms for Byzantine Agreement. SIAM Journal of Computing 12(4):656-666, 1983
Presented by Gunjan. [SLIDES].

Sept 20 - Sept. 24 Byzantine tolerant replication.
Reading:

M. Castro and B. Liskov. Practical Byzantine Fault Tolerance. In Proceedings of the Third Symposium on Operating Systems Design and Implementation (OSDI '99), New Orleans, USA, February 1999.
Presented by Ali. [SLIDES].
M. Castro and B. Liskov. Proactive Recovery in a Byzantine-Fault-Tolerant System. In Proceedings of the Fourth Symposium on Operating Systems Design and Implementation (OSDI '00), San Diego, USA, October 2000.
Presented by Paul. [SLIDES].
Wednesday:

Projects presentations (intro).

Sept. 27 - Oct. 1 Other approaches to Byzantine tolerance.
Reading:

J. Yin, J.P. Martin, A. Venkataramani, L. Alvisi, and M. Dahlin. Separating Agreement from Execution for Byzantine Fault-Tolerant Services. In Proceedings of the 19th ACM Symposium on Operating Systems Principles, pp. 15-28, Bolton Landing, NY, October 2003.
Presented by Gunjan. [SLIDES].
L. C. Lung, N. F. Neves, and P. Verissimo. Efficient Byzantine-Resilient Reliable Multicast on a Hybrid Failure Model. In 21st SRDS, 2002.
Presented by Dan. [SLIDES].
Wednesday: project presentation cont.

Oct. 4 - Oct. 8 Byzantine tolerant group communication systems.
Reading:

M. K. Reiter, Secure agreement protocols: reliable and atomic group multicast in Rampart, Proceedings of the 2nd ACM Conference on Computer and communications security, p.68-80, November 1994, Fairfax, Virginia, United States.
Presented by David. [SLIDES].
K. P. Kihlstrom, L.E. Moser, P.M. Melliar-Smith. The SecureRing group communication system. ACM TISSEC, Volume 4, Issue 4 (November 2001).
Presented by Bhagya. [SLIDES].
Providing Intrusion Tolerance With ITUA M. Cukier, T. Courtney, J. Lyons, H. V. Ramasamy, W. H. Sanders, M. Seri, M. Atighetchi, P. Rubel, C. Jones, F. Webber, P. Pal. R. Watro, and J. Gossett. Supplement of the 2002 International Conference on Dependable Systems and Networks, June 23-26, 2002.
Presented by Ziad.
M. Correia, P. Verissimo, N. F. Neves, The Architecture of a Secure Group Communication System based on Intrusion Tolerance, Proceedings of the IEEE International Workshop on Applied Reliable Group Communication (WARGC), Phoenix, USA, April 2001.
Presented by Ziad. [SLIDES].

Oct. 11 - Oct. 15 October break. Wednesday:

D. Malkhi. Quorum Systems. In The Encyclopedia of Distributed Computing. Joseph Urban and Partha Dasgupta Editors, Kluwer Academic Publishers.
Presented by Ziad. [SLIDES].

Oct. 18 - Oct. 22 Quorum system.
Reading:

D. H. Gifford. Weighted voting for replicated data. In Proceedings of the 7th ACM Symposium on Operating Systems Principles. Pages 150--159, Asilomar Conference Grounds, Pacific Grove, CA USA, December 10--12, 1979. ACM.
Presented by Mohamed Ali, [SLIDES].
I. Abraham, D. Malkhi. Probabilistic quorums for dynamic systems. In 17th International Symposium on Distributed Computing (DISC 2003), Sorrento, Italy.
Presented by Gunjan, [SLIDES]. .
Monday: project presentation cont.

Oct. 25 - Oct. 29 Byzantine Quorum systems.
Reading:

D. Malkhi and M. Reiter. Byzantine quorum systems. Distributed Computing, 11(4):203--213, 1998.
D. Malkhi and M. Reiter. An architecture for survivable coordination in large distributed systems. IEEE Transactions on Knowledge and Data Engineering, 12(2):187--202, April 2000.
Presented by Mohamed Ali. [SLIDES].

Nov. 1 - Nov. 5 Distributed trust.
Reading:

F.B. Schneider and L. Zhou. Distributed Trust: Supporting Fault-Tolerance and Attack-Tolerance, January 2004.
Presented by Ben [SLIDES].
C. Cachin and A. Samar. Secure distributed DNS. DSN 2004.
Presented by Dan. [SLIDES].

Nov. 8 - Nov. 12 Proactive security as long-term defense against insiders.
Reading:

A. Herzberg, S. Jarecki, H. Krawczyk, and M. Yung. Proactive secret sharing or: How to cope with perpetual leakage. In D. Coppersmith, editor, Advances in Cryptology---Crypto'95, the 15th Annual International Cryptology Conference, Santa Barbara, CA USA, 1995.
Presented by David. [SLIDES].
R. Canetti, R. Gennaro, A. Herzberg, and D. Naor. Proactive security: Long-term protection against break-ins. CryptoBytes, 3(1):1--8, Spring 1997.
Presented by Bhagya. [SLIDES].

Nov. 15 - Nov. 19 Secure multi-party computation.
Reading:

O. Doldrecht, S. Micali and A. Wigderson. How to play any mental game. STOC 87.
Presented by Paul. [SLIDES].
D. Chaum, C. Crepeau, and I. Damgaard. Multiparty unconditionally secure protocols. In Proc. of 20th STOC, pages 11--19, 1988.
Presented by Ben. [SLIDES].

Nov. 22 - Nov. 26 Searching on encrypted data.
Reading:

Searchable public key encryption, D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G. Persiano Eurocrypt 2004.
B. R. Waters, D. Balfanz, G. Durfee, and D.K. Smetters. Building an Encrypted and Searchable Audit Log, NDSS 2004
Presented by Ben [SLIDES].
D. Song, D. Wagner and A. Perrig. Practical techniques for searches on encrypted data Security and Privacy, 2000.
Presented by Ziad [SLIDES].
Brinkman, R. and Feng, L. and Doumen, J.M. and Hartel, P. and Jonker, W. Efficient Tree Search in Encrypted Data, Proc. of the 2nd Intl. Workshop on Security in Information Systems, April, 2004.
Presented by Ziad

Nov. 29 - Dec. 3 Routing in a Byzantine model.
Reading:

I. Avramopoulos, H. Kobayashi, R. Wang, A. Krishnamurthy. Highly Secure and Efficient Routing. Proc. INFOCOM 2004. March 2004.
Presented by Issa.
B. Awerbuch, D. Holmer, C. Nita-Rotaru, and H. Rubens. An On-Demand Secure Routing Protocol Resilient to Byzantine Failures. In ACM Workshop on Wireless Security (WiSe), Atlanta, Georgia, September 28 2002.
Presented by Issa.

Dec. 6 - Dec. 10 Project presentations.

Projects

Model checking Paxos using SPINS
Scalability of byzantine agreement over wide area networks
Adding accountability to DEBIAN packages
A topology-based framework for Byzantine resilient link-state routing
Stream scheduling through efficient buffer management
SRPS: secure routing protocol for static sensor networks
A scalable wide-area intrusion-tolerant system
Detecting suspicious network activity - an Aflow extension

Additional Reading

R. Rodrigues, M. Castro, and B. Liskov. BASE: Using abstraction to improve fault tolerance. In Proceedings of the 18th ACM Symposium on Operating Systems Principles, pp. 15-28, Banff, Canada, October 2001.
R. H. Thomas. A majority consensus approach to concurrency control for multiple copy databases. ACM Transactions on Database Systems, 4(2):180--209, June 1979.
H. Garcia-Molina and D. Barbara. How to assign votes in a distributed system. Journal of the ACM, 32(4):841--860, October 1985.
D. Agrawal and A. El Abbadi. An efficient and fault-tolerant solution for distributed mutual exclusion. ACM Transactions on Computer Systems, 9(1):1-20, February 1991.
M. Herlihy. A quorum-consensus replication method for abstract data types. ACM Transactions on Computer Systems, 4(1):32-53, February 1986.
M. Naor and A. Wool. The load, capacity, and availability of quorum systems, SIAM Journal of Comput., Vol. 27, No. 2, 423-447, April 1998.
M. Maekawa. A b(n) algorithm for mutual exclusion in decentralized systems. ACM Transactions on Computer Systems, 3(2):145-159, 1985.
L. Lamport. On interprocess communications (part ii: algorithms). Distributed Computing, 1:86-101, 1986.
G. Chokler, D. Malkhi, and M. Reiter. Backoff protocols for distributed mutual exclusion and ordering. In Proceedings ICDCS 2001.
D. Malkhi, M. K. Reiter, D. Tulone and E. Ziskind. Persistent objects in the Fleet system. In Proceedings of the 2nd DARPA Information Survivability Conference and Exposition (DISCEX II), June 2001.
J.P. Martin, L. Alvisi, and M. Dahlin Minimal Byzantine Storage. In Proceedings of the 16th International Symposium on Distributed Computing (DISC 2002), Toulouse, France, October 2002, pp. 311-326.
C. Cachin, K. Kursawe, F. Petzold, and V. Shoup. Secure and Efficient Asynchronous Broadcast Protocols. In Joe Kilian, editor, Advances in Cryptology - Crypto 2001, Lecture Notes in Computer Science, vol. 2139, Springer-Verlag, 2001.
C. Cachin, K. Kursawe, and V. Shoup. Random oracles in Constantinople: Practical asynchronous Byzantine agreement using cryptography. In Proc. 19th ACM Symposium on Principles of Distributed Computing (PODC 2000), Portland, OR, pages 123-132, July 2000.
J. Algesheimer, J. Camenisch, and V. Shoup. Efficient computation modulo a shared secret with application to the generation of shared safe-prime products. In Moti Yung, editor, Advances in Cryptology - CRYPTO 2002, Lecture Notes in Computer Science. Springer Verlag, 2002.
Victor Shoup. Pratical threshold signatures. In Bart Preneel, editor, Advances in Cryptology - EUROCRYPT 2000, number 1807 in Lecture Notes in Computer Science, pages 207-220. Springer-Verlag, May 2000.
D. Malkhi, M. Reiter, and R. Wright. Probabilistic quorum systems. In Proceedings of the Annual ACM Symposium on Principles of Distributed Computing, pp. 267-273 June 1997.
C. Cachin and J. A. Poritz. Secure intrusion-tolerant replication on the Internet. In Proc. Intl. conference on dependable systems and networks (DSN-2002), Washington DC, USA, June 2002.
C. Cachin. Distributing trust on the Internet. In Proc. Intl. conference on dependable systems and networks (DSN-2001), Gothenborg, Sweden, June 2001.
L. Zhou, F.B. Schneider, R. Van Renesse. A secure distributed online certification authority. ACM Transactions on Computer Systems, 20(4):329-368, 2002.