128 lines
3.0 KiB
Markdown
128 lines
3.0 KiB
Markdown
---
|
|
author: Advanced Topics in Security and Privacy (CS 839)
|
|
title: Lecture 01
|
|
date: September 05, 2018
|
|
---
|
|
|
|
# Security and Privacy
|
|
|
|
## It's everywhere!
|
|
|
|
## Stuff is totally insecure!
|
|
|
|
## It's really difficult!
|
|
|
|
# What topics to cover?
|
|
|
|
## A really, really vast field
|
|
- Things we will not be able to cover:
|
|
- Real-world attacks
|
|
- Computer systems security
|
|
- Defenses and countermeasures
|
|
- Social aspects of security
|
|
- Theoretical cryptography
|
|
- ...
|
|
|
|
## Theme 1: Formalizing S&P
|
|
- Mathematically formalize notions of security
|
|
- Rigorously prove security
|
|
- Guarantee that certain breakages can't occur
|
|
|
|
> Remember: definitions are tricky things!
|
|
|
|
## Theme 2: Automating S&P
|
|
- Use computers to help build more secure systems
|
|
- Automatically check security properties
|
|
- Search for attacks and vulnerabilities
|
|
|
|
## Our focus: four modules
|
|
1. Differential privacy
|
|
2. Applied cryptography
|
|
3. Language-based security
|
|
4. Adversarial machine learning
|
|
|
|
# Differential privacy
|
|
|
|
## A mathematically solid definition of privacy
|
|
- Simple and clean formal property
|
|
- Satisfied by many algorithms
|
|
- Degrades gracefully under composition
|
|
|
|
# Applied crypto
|
|
|
|
## Computing in an untrusted world
|
|
- Proving you know something without revealing it
|
|
- Certifying that you did a computation correctly
|
|
- Computing on encrypted data, without decryption
|
|
- Computing joint answer without revealing your data
|
|
|
|
# Language-based security
|
|
|
|
## Ensure security by construction
|
|
- Programming languages for security
|
|
- Compiler checks that programs are secure
|
|
- Information flow, privacy, cryptography, ...
|
|
|
|
# Adversarial machine learning
|
|
|
|
## Manipulating ML systems
|
|
- Crafting examples to fool ML systems
|
|
- Messing with training data
|
|
- Extracting training information
|
|
|
|
# Tedious course details
|
|
|
|
## Class format
|
|
- Three components:
|
|
1. Paper presentations
|
|
2. Final project
|
|
3. Class participation
|
|
- Annoucement/schedule/materials: on [website](https://pages.cs.wisc.edu/~justhsu/teaching/current/cs839/)
|
|
- Class mailing list: [compsci839-1-f18@lists.wisc.edu]()
|
|
|
|
## Paper presentations
|
|
- Sign up to lead a discussion on one paper
|
|
- Suggested topic, papers, and schedule on website
|
|
- Before each presentation:
|
|
- I will send out brief questions
|
|
- Please email me brief answers
|
|
|
|
> If you want advice, come talk to me!
|
|
|
|
## Final project
|
|
- Work individually or in pairs
|
|
- Project details and suggestions on website
|
|
- Key dates:
|
|
- **September 19**: Pick groups and topic
|
|
- **October 15**: Milestone 1
|
|
- **November 14**: Milestone 2
|
|
- **End of class**: Final writeups and presentations
|
|
|
|
> If you want advice, come talk to me!
|
|
|
|
## Todos for you
|
|
0. Complete the course survey
|
|
1. Check out the course website
|
|
2. Think about what paper you want to present
|
|
3. Brainstorm project topics
|
|
|
|
# Defining privacy
|
|
|
|
## What does privacy mean?
|
|
- Many meanings of privacy
|
|
|
|
## Why is privacy hard?
|
|
|
|
## Hiding private data
|
|
- Remove "personally identifiable information"
|
|
|
|
## Problem: not enough
|
|
|
|
## "Blending in a crowd"
|
|
|
|
## Problem: composition
|
|
|
|
## Differential privacy
|
|
|
|
## Basic definition
|