justhsu
/
cs763
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
This repository has been archived on 2024-11-04. You can view files and clone it, but cannot push or open issues or pull requests.
cs763/website/docs/resources/slides/lecture01.md

3.0 KiB
Raw Blame History

author title date
Advanced Topics in Security and Privacy (CS 839) Lecture 01 September 05, 2018

Security and Privacy

It's everywhere!

Stuff is totally insecure!

It's really difficult!

What topics to cover?

A really, really vast field

  • Things we will not be able to cover:
    • Real-world attacks
    • Computer systems security
    • Defenses and countermeasures
    • Social aspects of security
    • Theoretical cryptography
    • ...

Theme 1: Formalizing S&P

  • Mathematically formalize notions of security
  • Rigorously prove security
  • Guarantee that certain breakages can't occur

Remember: definitions are tricky things!

Theme 2: Automating S&P

  • Use computers to help build more secure systems
  • Automatically check security properties
  • Search for attacks and vulnerabilities

Our focus: four modules

  1. Differential privacy
  2. Applied cryptography
  3. Language-based security
  4. Adversarial machine learning

Differential privacy

A mathematically solid definition of privacy

  • Simple and clean formal property
  • Satisfied by many algorithms
  • Degrades gracefully under composition

Applied crypto

Computing in an untrusted world

  • Proving you know something without revealing it
  • Certifying that you did a computation correctly
  • Computing on encrypted data, without decryption
  • Computing joint answer without revealing your data

Language-based security

Ensure security by construction

  • Programming languages for security
  • Compiler checks that programs are secure
  • Information flow, privacy, cryptography, ...

Adversarial machine learning

Manipulating ML systems

  • Crafting examples to fool ML systems
  • Messing with training data
  • Extracting training information

Tedious course details

Class format

  • Three components:
    1. Paper presentations
    2. Final project
    3. Class participation
  • Annoucement/schedule/materials: on website
  • Class mailing list: compsci839-1-f18@lists.wisc.edu

Paper presentations

  • Sign up to lead a discussion on one paper
  • Suggested topic, papers, and schedule on website
  • Before each presentation:
    • I will send out brief questions
    • Please email me brief answers

If you want advice, come talk to me!

Final project

  • Work individually or in pairs
  • Project details and suggestions on website
  • Key dates:
    • September 19: Pick groups and topic
    • October 15: Milestone 1
    • November 14: Milestone 2
    • End of class: Final writeups and presentations

If you want advice, come talk to me!

Todos for you

  1. Complete the course survey
  2. Check out the course website
  3. Think about what paper you want to present
  4. Brainstorm project topics

Defining privacy

What does privacy mean?

  • Many meanings of privacy

Why is privacy hard?

Hiding private data

  • Remove "personally identifiable information"

Problem: not enough

"Blending in a crowd"

Problem: composition

Differential privacy

Basic definition