Network Architectures: Internet Security (Seminar)

News / Aktuelles

Overview / Überblick

lecturer / Dozentin: Prof. Anja Feldmann, Ph.D.
Contact Person / Ansprechpartner: Thomas Hühn, Gregor Maier
Supervisors / Betreuer:

All supervisors / Alle Betreuer:
seminar@lists.net.t-labs.tu-berlin.de

event type / Veranstaltungstyp: advanced seminar / Hauptseminar
area / Gebiet: Operating and Communication Systems / Betriebs- und Kommunikationssysteme (BKS)
SWS: 2
ECTS / LP: 3
Time / Zeit: 24 July 2008
10 AM – 6 PM
Room / Raum: Auditorium 2
Course ID / Veranstaltungsnr.: 0432 L 822
Audience / Hörerkreis main course students / Hauptstudium
Prerequisites / Voraussetzungen: intermediate diplom, profound knowledge in computer networks and cryptology, good english for reading scientific papers /
Vordiplom, tiefgehendes Wissen in Rechnernetzen und Kryptologie, gutes Englisch, um wissenschaftliche Artikel zu lesen
Exam / Prüfung: talk and paper / Vortrag und Ausarbeitung

Content / Inhalt

The Internet influences our life more and more: Many of us use electronic mail instead of writing with pen and paper; homebanking and ordering books over the web are in everyday life; and elections via Internet are in field tests. Furthermore, the interconnectedness gets denser and the day is near that every coffee maker is programmable through the internet and every car connects to its manufacturer for diagnosis.

But this implies many Security risks as well: spying and manipulating data, spam, intrusions, or denial-of-service attacs. This seminar deals with some major threats and possible counter-measures.

Das Internet gewinnt mehr und mehr Einfluss in unserem Leben: Für viele von uns haben E-Mails Briefe aus Papier ersetzt; Homebanking und der Kauf von Büchern übers Web gehört zum Alltag; und bereits werden erste Versuche mit Wahlen über das Internet vorgenommen. Zudem wird die Vernetzung immer dichter und der Tag ist nah, an dem jede Kaffeemachine übers Internet programierbar ist und jedes Auto sich übers Netz zu Diagnosezwecken mit dem Hersteller in Verbindung setzt.

Damit verbunden sind aber auch viele Sicherheitsrisiken, z.B., das Ausspähen und gezielte Manipulation von Daten, Spam, Intrusions oder Denial-of-service. In diesem Seminar werden wir uns mit einigen wichtigen Risiken und möglichen Gegenmassnahmen beschäftigen.

Organisation

Intention of the seminar

Zweck des Seminars

General Guidelines

Please have a look into general guidelines which are only available in german at the moment.

Allgemeine Richtlinien

Seminar Certificate

To receive the Seminar Certificate we require:

The seminar certificate will have a grade, which will be made from above mentioned Criteria.

Seminar Schein

Zum Seminar wird ein Schein vergeben. Wir erwarten dafür konkret:

Es werden benotete Scheine ausgestellt, wobei die Note sich aus den obigen Komponenten zusammensetzt.

Schedule / Zeitplan

When/Wann? What? Was? Time
Need /
Aufwand?
17. April 2008, 14:00–16:00 Preparatory Meeting: Presentation of the supervisors, topic groups and topics Vorbesprechung: Vorstellung der Betreuer, Themengruppen und Einzelthemen 2h
until/bis
21. April 2008 (12:00)
Registration for the seminar via web form. At least three topic wishes and the Matrikelnummer are required. The topics are allocated by lot! Anmeldung zum Seminar per Webformular. Es müssen mindestens drei Themenwünsche und die Matrikelnummer angegeben werden. Die Themenvergabe wird ausgelost!
until/bis
25.04.2008
Announcement of participant ↔ topic correlation in the web or per email Bekanntgabe der Zuordnung der Themen auf die Teilnehmer/innen im Web oder per E-Mail
until / bis
09.05.2008
elaborate the topic (search literature, sort it, read it – and if possible – understand it) Thema ausarbeiten (Literatur suchen, sortieren, lesen und – soweit es geht – verstehen) 20h
susequently / anschließend Meeting of every participant with his supervisor Treffen jedes/r Teilnehmers/in mit seinem/ihrem Betreuer 1h
until / bis
06.06.2008
summarize literature in a seminar paper (about 10 pages) Literatur in Form einer Seminarausarbeitung (ca. 10 Seiten) zusammenfassen. 20h
until / bin
06.06.2008
send seminar paper to supervisor Seminarausarbeitung an Betreuer mailen
until / bis
27.06.2008
read and correct seminar paper of the other participants of the group Korrekturlesen der Seminarausarbeitungen der anderen Gruppenteilnehmer 5h
susequently / anschließend Group meeting: exchange comments and helpful hints with each other. Attendance is mandatory! Gruppentreffen: Dabei werden die gegenseitigen Kommentare besprochen. Anwesenheit ist verpflichtend! 2h
until / bis
11.07.2008
incorporate results of the group meeting in seminar paper and send the revised version to supervisor Ergebnisse des Gruppentreffens in Seminarausarbeitung einarbeiten und überarbeitete Fassung an Betreuer mailen 5h
until / bis
22 July 2008
Prepare slides and send them to supervisor Vortragsfolien vorbereiten und an Betreuer mailen 10h
until / bis
22 July 2008
Meeting with supervisor: discuss slides Treffen mit Betreuer zur Besprechung der Folien 1h
until / bis
22 July 2008
incoporate comments of supervisor in slides and send final version to supervisor Treffen mit Betreuer zur Besprechung der Folien 5h
until / bis
22 July 2008, 23:59 CEST
Prepare the talk Vorbereitung des Vortrags 5h
Th/Do, 24 July 2008
10:00 – 18:00
Talks
Attendance to all talks is mandatory!
Vorträge
Anwesenheit zu allen Vorträgen ist verpflichtend!
45min incl. Discussion per talk

Topics / Themen

Block A: Attacks and Intrusion Detection

(Hide all abstracts & references / alle Zusammenfassungen und Referenzen ausblenden)

(Unhide all abstracts & references / alle Zusammenfassungen und Referenzen einblenden)

A.1 — Extensible Web Browser Security

Student/Bearbeiter: Andreas Holzammer; Supervisor/Betreuer: Vlad Manilici;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

In this paper we examine the security issues in functionality extension mechanisms supported by web browsers. Extensions (or plug-ins) in modern web browsers enjoy unlimited power without restraint and thus are attractive vectors for malware. To solidify the claim, we take on the role of malware writers looking to assume control of a users browser space. We have taken advantage of the lack of security mechanisms for browser extensions and have implemented a piece of malware for the popular Firefox web browser, which we call BROWSERSPY, that requires no special privileges to be installed. Once installed, BROWSERSPY takes complete control of a users browser space and can observe all the activity performed through the browser while being undetectable.We then adopt the role of defenders to discuss defense strategies against such malware. Our primary contribution is a mechanism that uses code integrity checking techniques to control the extension installation and loading process.We also discuss techniques for runtime monitoring of extension behavior that provide a foundation for defending threats due to installed extensions.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

A.2 — Shunting: A Hardware/Software Architecture for Flexible, HighPerformance Network Intrusion Prevention

Student/Bearbeiter: –; Supervisor/Betreuer: –;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

Stateful, in-depth, inline traffic analysis for intrusion detection and prevention is growing increasingly more difficult as the data rates of modern networks rise. Yet it remains the case that in many environments, much of the traffic comprising a high-volume stream can, after some initial analysis, be qualified as of likely uninteresting. We present a combined hardware/software architecture, Shunting, that provides a lightweight mechanism for an intrusion prevention system (IPS) to take advantage of the heavy-tailed nature of network traffic to offload work from software to hardware.

The primary innovation of Shunting is the introduction of a simple in-line hardware element that caches rules for IP addresses and connection 5-tuples, as well as fixed rules for IP/TCP flags. The caches, using a highest-priority match, yield a per-packet decision: forward the packet; drop it; or divert it through the IPS. By manipulating cache entries, the IPS can specify what traffic it no longer wishes to examine, including directly blocking malicious sources or cutting through portions of a single flow once the it has had an opportunity to vet them, all on a fine-grained basis.

We have implemented a prototype Shunt hardware design using the NetFPGA 2 platform, capable of Gigabit Ethernet operation. In addition, we have adapted the Bro intrusion detection system to utilize the Shunt framework to offload less-interesting traffic. We evaluate the effectiveness of the resulting system using traces from three sites, finding that the IDS can use this mechanism to offload 55%-90% of the traffic, as well as gaining intrusion prevention functionality.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

A.3 — The Index Poisoning Attack in P2P File Sharing Systems

Student/Bearbeiter: Andrea Petrosino; Supervisor/Betreuer: Wolfgang Mühlbauer;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

Abstract-P2P file-sharing systems have indexes, which users search to find locations of desired titles. In the index poisoning attack, the attacker inserts massive numbers of bogus records into the index for a set of targeted titles. As a result, when a user searches for a targeted title, the index returns bogus results, such as bogus file identifers, bogus IP addresses, or bogus port numbers. In this paper we first show that both structured and unstructured P2P file-sharing systems are highly vulnerable to the index poisoning attack. We then develop a novel and efficient methodology for estimating index poisoning levels and pollution levels in file-sharing systems. The methodology is efficient in that involves neither the downloading nor the analysis of binary content files. We deploy data-harvesting platforms for FastTrack, an unstructured file-sharing system, and Overnet, a DHT-based file-sharing system. Applying our methodology to harvested data, we find that index poisoning is pervasive in both systems. We also outline a distributed blacklisting procedure for countering the index poisoning and pollution attacks.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

A.4 — A BitTorrent-Driven Distributed Denial-of-Service Attack

Student/Bearbeiter: Giovanni Branca; Supervisor/Betreuer: Thomas Hühn;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

BitTorrent is a popular peer-to-peer file-sharing protocol that utilizes a central server, known as a ?tracker?, to coordinate connections between peers in a ?swarm?, a term used to describe a BitTorrent ad-hoc file sharing network. The tracker of a swarm is specified by the original file distributor and trusted unconditionally by peers in the swarm. This central point of control provides an opportunity for a file distributor to deploy a modified tracker to provide peers in a swarm with malicious coordination data, directing peer connection traffic toward an arbitrary target machine on an arbitrary service port. Although such an attack does not generate huge amount of attack traffic, it would set up many connections with the victim server successfully and hold these connections until time out, which could cause serious denial-of-service by exhausting a server?s connection resource. In this paper, we present such an attack that is entirely tracker-based, requiring no modifications to BitTorrent client software and could be deployed by an attacker right now. The results from both simulation and real-world experiments show the applicability of this attack. Due to the skyrocketing popularity of BitTorrent and numerous large-scale swarms existed in the Internet, BitTorrent swarms provide an intriguing platform for launching distributed denial-of-service attacks based on connection exhaustion.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

Block B: Trust and Authentication

(Hide all abstracts & references / alle Zusammenfassungen und Referenzen ausblenden)

(Unhide all abstracts & references / alle Zusammenfassungen und Referenzen einblenden)

B.1 — On Data-Centric Trust Establishment in Ephemeral Ad Hoc Networks

Student/Bearbeiter: –; Supervisor/Betreuer: –;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

We argue that the traditional notion of trust as a relation among entities, while useful, becomes insuficient in ephemeral ad hoc networks. In this paper, we address the challenge of extending the traditional notion of trust to data-centric trust, that is, trustworthiness attributed to node-reported data per se. We propose a framework for data-centric trust establishment: First, trust in each individual piece of data is computed; then multiple, related but possibly contradictory, data are combined; Finally, their validity is inferred by a decision component based on the Dempster-Shafer Theory. We are especially interested in, yet not restricted to, ephemeral ad hoc networks, i.e., highly volatile systems with short-lived node encounters. We consider and evaluate an instantiation of our framework in vehicular networks as a case study. Our simulation results show that our scheme is highly resilient to attackers and converges fast to the correct decision.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

B.2 — A Feedback Reputation Mechanism to Secure the Optimized Link State Routing Protocol

Student/Bearbeiter: Julius Schulz-Zander; Supervisor/Betreuer: Thomas Hühn;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

We consider the problem of securing routing information in Mobile Ad-hoc Networks (MANETs). Focusing on the Optimized Link State Routing protocol, we devise a feedback reputation mechanism which assesses the integrity of routing control traffic by correlating local routing data with feedback messages sent by the receivers of control traffic. Based on this assessment, misbehaving nodes are shown to be reliably detected and can be adequately punished in terms of their ability to communicate through the network. To the best of our knowledge, this is the first practical implementation of a reputation mechanism in a standardized proactive routing protocol for MANETs.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

B.3 — Integrity Regions: Authentication Through Presence in Wireless Networks

Student/Bearbeiter: Matthias Hensel; Supervisor/Betreuer: Harald Schiöberg;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

We introduce Integrity (I) regions, a novel security primitive that enables message authentication in wireless networks without the use of pre-established or pre-certified keys. Integrity regions are based on the verification of entity proximity through time-of-arrival ranging techniques. We demonstrate how I-regions can be efficiently implemented with ultrasonic ranging, in spite of the fact that ultrasound ranging techniques are vulnerable to distance enlargement and reduction attacks. We further discuss how I-regions can be used in key establishment applications in peer-to-peer wireless networks.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

B.4 — BAP: Broadcast Authentication Using Cryptographic Puzzles

Student/Bearbeiter: –; Supervisor/Betreuer: –;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

We present two broadcast authentication protocols based on delayed key disclosure. Our protocols rely on symmetric-key cryptographic primitives and use cryptographic puzzles to provide efficient broadcast authentication in different application scenarios, including those with resource-constrained wireless devices such as sensor nodes. The strong points of the protocols proposed are that one allows instantaneous message origin authentication, whereas the other has low communication overhead. In addition to formalizing and analyzing these specific protocols, we carry out a general analysis of broadcast authentication protocols based on delayed key disclosure. This analysis uncovers fundamental limitations of this class of protocols in terms of the required accuracy of message propagation time estimations and of time synchronization, if the protocols are to guarantee security and run efficiently.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

B.5 — Wireless Client Puzzles in IEEE 802.11 Networks

Student/Bearbeiter: –; Supervisor/Betreuer: –;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

Resource-depletion attacks against IEEE 802.11 access points (APs) are commonly executed by flooding APs with fake authentication requests. Such attacks may exhaust an AP?s memory resources and result in denied association service, thus enabling more sophisticated impersonation attacks accomplished by rogue APs. This work introduces the concept of wireless client puzzles, a protection method which assists an AP to preserve its resources by discarding fake requests, while allowing legitimate clients to successfully join the network. Rather than conditioning a puzzle?s solution on computational resources of highly heterogeneous clients, the puzzles utilize peculiarities of a wireless environment such as broadcast communication and signal propagation which provide more invariant properties. Using an implementation of the proposed scheme, we demonstrate its effectiveness within a realistic scenario. Based on the insights from the implementation a simulation is used to extend the threat model and to scale up the scenario. Simulations verify our implementation results and show that the impact of flooding rate is decreased by 75% even if an attacker changes its position or manipulates its signal strength, while approx. 90% of the legitimate stations are still able to successfully associate during an attack.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

Block C: Society

(Hide all abstracts & references / alle Zusammenfassungen und Referenzen ausblenden)

(Unhide all abstracts & references / alle Zusammenfassungen und Referenzen einblenden)

C.1 — Why Johnny Can't Encrypt: A Usability Study of PGP 5.0

Student/Bearbeiter: Jan Sousedek; Supervisor/Betreuer: Gregor Maier;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

User errors cause or contribute to most computer security failures, yet user interfaces for security still tend to be clumsy, confusing, or near-nonexistent. Is this simply due to a failure to apply standard user interface design techniques to security? We argue that, on the contrary, effective security requires a different usability standard, and that it will not be achieved through the user interface design techniques appropriate to other types of consumer software.

To test this hypothesis, we performed a case study of a security program which does have a good user interface by general standards: PGP 5.0. Our case study used a cognitive walkthrough analysis together with a laboratory user test to evaluate whether PGP 5.0 can be successfully used by cryptography novices to achieve effective electronic mail security. The analysis found a number of user interface design flaws that may contribute to security failures, and the user test demonstrated that when our test participants were given 90 minutes in which to sign and encrypt a message using PGP 5.0, the majority of them were unable to do so successfully.

We conclude that PGP 5.0 is not usable enough to provide effective security for most computer users, despite its attractive graphical user interface, supporting our hypothesis that user interface design for effective security remains an open problem. We close with a brief description of our continuing work on the development and application of user interface design principles and techniques for security.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

C.2 — An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants

Student/Bearbeiter: Ralf Stange; Supervisor/Betreuer: Gregor Maier;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

This paper studies an active underground economy which specializes in the commoditization of activities such as credit card fraud, identity theft, spamming, phishing, online credential theft, and the sale of compromised hosts. Using a seven month trace of logs collected from an active underground market operating on public Internet chat networks, we measure how the shift from hacking for fun to hacking for profit has given birth to a societal substrate mature enough to steal wealth into the millions of dollars in less than one year.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

C.3 — Cryptographic Voting Protocols: A Systems Perspective

Student/Bearbeiter: Björn Breitmeyer; Supervisor/Betreuer: Bernhard Ager;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

Cryptographic voting protocols offer the promise of verifiable voting without needing to trust the integrity of any software in the system. However, these cryptographic protocols are only one part of a larger system composed of voting machines, software implementations, and election procedures, and we must analyze their security by considering the system in its entirety. In this paper, we analyze the security properties of two different cryptographic protocols, one proposed by Andrew Neff and another by David Chaum. We discovered several potential weaknesses in these voting protocols which only became apparent when considered in the context of an entire voting system. These weaknesses include: subliminal channels in the encrypted ballots, problems resulting from human unreliability in cryptographic protocols, and denial of service. These attacks could compromise election integrity, erode voter privacy, and enable vote coercion. Whether our attacks succeed or not will depend on how these ambiguities are resolved in a full implementation of a voting system, but we expect that a well designed implementation and deployment may be able to mitigate or even eliminate the impact of these weaknesses. However, these protocols must be analyzed in the context of a complete specification of the system and surrounding procedures before they are deployed in any large-scale public election.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

C.4 — Keyboards and Covert Channels

Student/Bearbeiter: –; Supervisor/Betreuer: –;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

This paper introduces JitterBugs, a class of inline interception mechanisms that covertly transmit data by perturbing the timing of input events likely to affect externally observable network traffic. JitterBugs positioned at input devices deep within the trusted environment (e.g., hidden in cables or connectors) can leak sensitive data without compromising the host or its software. In particular, we show a practical Keyboard JitterBug that solves the data exfiltration problem for keystroke loggers by leaking captured passwords through small variations in the precise times at which keyboard events are delivered to the host. Whenever an interactive communication application (such as SSH, Telnet, instant messaging, etc) is running, a receiver monitoring the host's network traffic can recover the leaked data, even when the session or link is encrypted. Our experiments suggest that simple Keyboard JitterBugs can be a practical technique for capturing and exfiltrating typed secrets under conventional OSes and interactive network applications, even when the receiver is many hops away on the Internet.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

Block D: Misc

(Hide all abstracts & references / alle Zusammenfassungen und Referenzen ausblenden)

(Unhide all abstracts & references / alle Zusammenfassungen und Referenzen einblenden)

D.1 — Implications of Radio Fingerprinting on the Security of Sensor Networks

Student/Bearbeiter: –; Supervisor/Betreuer: –;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

We demonstrate the feasibility of finger- printing the radio of wireless sensor nodes (Chipcon 1000 radio, 433MHz). We show that, with this type of devices, a receiver can create device radio finger- prints and subsequently identify origins of messages ex- changed between the devices, even if message contents and device identifiers are hidden. We further analyze the implications of device fingerprinting on the security of sensor networking protocols, specifically, we propose two new mechanisms for the detection of wormholes in sensor networks.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

D.2 — Secure Crash Reporting in Vehicular Ad hoc Networks

Student/Bearbeiter: –; Supervisor/Betreuer: –;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

We present AutoCore, an automated crash reporting application that uses VANETs (Vehicular Ad hoc NETworks) to provide authenticated digital video and telemetry data. This data is recorded by vehicles either involved in or at the scene of a crash and can be used by investigators to reconstruct the events that lead up to the crash. To secure this application, we present a security infrastructure that extends the state of the art in VANET security. In particular, the contributions of this infrastructure include (a) the concept of Road-worthiness Certificates, (b) use of these certificates in a practical scheme for the distribution of cryptographic vehicle credentials issued by regional transportation authorities, (c) a decentralized scheme for conditionally anonymous, inter-vehicle communication, (d) efficient support for the roaming of vehicles between different transportation authority jurisdictions and (e) an evaluation of our security infrastructure using AutoCore.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

D.3 — Anonymity and Security in Delay Tolerant Networks

Student/Bearbeiter: –; Supervisor/Betreuer: –;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

A delay tolerant network (DTN) is a store and forward network where end-to-end connectivity is not assumed and where opportunistic links between nodes are used to transfer data. An emerging application of DTNs are rural area DTNs, which provide Internet connectivity to rural areas in developing regions using conventional transportation mediums, like buses. Potential applications of these rural area DTNs are e-governance, telemedicine and citizen journalism. Therefore, security and privacy are critical for DTNs. Traditional cryptographic techniques based on PKI-certified public keys assume continuous network access, which makes these techniques inapplicable to DTNs. We present the first anonymous communication solution for DTNs and introduce a new anonymous authentication protocol as a part of it. Furthermore, we present a security infrastructure for DTNs to provide efficient secure communication based on identitybased cryptography. We show that our solutions have better performance than existing security infrastructures for DTNs.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

D.4 — Lessons Learned: A Security Analysis of the Internet Chess Club

Student/Bearbeiter: –; Supervisor/Betreuer: –;
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)

The Internet Chess Club (ICC) is a popular online chess server with more than 30,000 members worldwide including various celebrities and the best chess players in the world. Although the ICC website assures its users that the security protocol used between client and server provides sufficient security for sensitive information to be transmitted (such as credit card numbers), we show this is not true. In particular we show how a passive adversary can easily read all communications with a trivial amount of computation, and how an active adversary can gain virtually unlimited powers over an ICC user. We also show simple methods for defeating the timestamping mechanism used by ICC. For each problem we uncover, we suggest repairs and draw conclusions on how to best avoid repeating these types of problems in the future.


(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)

Handouts and Slides / Ausarbeitungen und Folien

Read all summaries in your group!
Lese alle Zusammenfassungen deiner Gruppe!

Group 1 / Gruppe 1

(Group meeting / Gruppentreffen: 30 June 2008 or 1 July 2008, room tba)

Group 2 / Gruppe 2

(June 24th, 10.00 am, Room Sputnik 17th floor Telefunken building)

Agenda / Ablauf

Time/Zeit Topic/Thema Resources
10:00 – 10:15 Start, Introduction, Agenda / Beginn, Einführung, Tagesprogramm
10:15 – 11:00 A.4 – A BitTorrent-Driven DDoS Attack, Giovanni Banca Slides/Folien (tba)
11:05 – 11:50 B.2 – A Feedback Reputation OLSR, Julius Schulz-Zander Slides/Folien (tba)
11:55 – 12:40 C.2 – Nature and Causes of the Wealth of Internet Miscreants, Ralf Stange Slides/Folien (tba)
Lunch / Mittagessen
13:30 – 14:15 C.1 – Why Johnny Can't Encrypt, Jan Sousedek Slides/Folien (tba)
14:20 – 15:05 A.1 – Extensible Web Browser Security, Andreas Holzammer Slides/Folien (tba)
Coffee break / Kaffepause
15:20 – 16:05 A.3 – The Index Poisoning Attack in P2P, Andrea Petrosini Slides/Folien (tba)
16:10 – 16:55 C.3 – Cryptographic Voting Protocols, Björn Breitmeyer Slides/Folien (tba)
17:00 – 17:45 concluding discussion, feedback / Abschlussbesprechung, Feedback

Literature / Literatur