--- author: Advanced Topics in Security and Privacy (CS 839) title: Lecture 01 date: September 05, 2018 --- # Security and Privacy ## It's everywhere! ## Stuff is totally insecure! ## It's really difficult! # What topics to cover? ## A really, really vast field - Things we will not be able to cover: - Real-world attacks - Computer systems security - Defenses and countermeasures - Social aspects of security - Theoretical cryptography - ... ## Theme 1: Formalizing S&P - Mathematically formalize notions of security - Rigorously prove security - Guarantee that certain breakages can't occur > Remember: definitions are tricky things! ## Theme 2: Automating S&P - Use computers to help build more secure systems - Automatically check security properties - Search for attacks and vulnerabilities ## Our focus: four modules 1. Differential privacy 2. Applied cryptography 3. Language-based security 4. Adversarial machine learning # Differential privacy ## A mathematically solid definition of privacy - Simple and clean formal property - Satisfied by many algorithms - Degrades gracefully under composition # Applied crypto ## Computing in an untrusted world - Proving you know something without revealing it - Certifying that you did a computation correctly - Computing on encrypted data, without decryption - Computing joint answer without revealing your data # Language-based security ## Ensure security by construction - Programming languages for security - Compiler checks that programs are secure - Information flow, privacy, cryptography, ... # Adversarial machine learning ## Manipulating ML systems - Crafting examples to fool ML systems - Messing with training data - Extracting training information # Tedious course details ## Class format - Three components: 1. Paper presentations 2. Final project 3. Class participation - Annoucement/schedule/materials: on [website](https://pages.cs.wisc.edu/~justhsu/teaching/current/cs839/) - Class mailing list: [compsci839-1-f18@lists.wisc.edu]() ## Paper presentations - Sign up to lead a discussion on one paper - Suggested topic, papers, and schedule on website - Before each presentation: - I will send out brief questions - Please email me brief answers > If you want advice, come talk to me! ## Final project - Work individually or in pairs - Project details and suggestions on website - Key dates: - **September 19**: Pick groups and topic - **October 15**: Milestone 1 - **November 14**: Milestone 2 - **End of class**: Final writeups and presentations > If you want advice, come talk to me! ## Todos for you 0. Complete the course survey 1. Check out the course website 2. Think about what paper you want to present 3. Brainstorm project topics # Defining privacy ## What does privacy mean? - Many meanings of privacy ## Why is privacy hard? ## Hiding private data - Remove "personally identifiable information" ## Problem: not enough ## "Blending in a crowd" ## Problem: composition ## Differential privacy ## Basic definition