Slide 1

Kickoff ColloquiumSeptember 1, 2010

1Brain Teaser 1

Brain Teaser 2

1. Alice chooses two reals by an unknown processx0< x12. Bob chooses a uniformly random bit b3. You get only xb

xbxbYour goal: guess b with probability better than 50%Whats the Problem?Wallpaper apps on Android Market are found to be gathering phone numbers, subscriber ID, etc, and transmitting to an unknown server registered in ChinaThieves steal your car and GPS and use it to find your home, stealing your other carHackers plant malware in Windows Mobile games that make expensive calls to Somalia

SoftphoneMini laptop/netbook +.Powerful sensors

Location (GPS)Motion (Accelerometer)CompassMicrophoneCamera

How bad could it get?Bring down 911 systems?Blind air traffic control?Facilitate espionage?

Friend or Foe?Whats the good news?We have an opportunity for clean-slate development of softphone securitySoftphone platforms are nascent and relatively fluid architecturallyNew modalities to leverage in support of securityPhysical proximityMobilityRich sensor data stream

OverviewUser Security and PrivacySystem SecurityAttacks on the HardwareAuthenticationProtecting User PrivacyAttack DetectionIncentives

User Security and PrivacyAttacks on the HardwareSecuring the HardwareAvoid creating side channels, design of hardware with built-in attack detection M. KarpovskyHardware Hardened ModulesPreventing side channel leakage L. ReyzinManaging LeakageExposure-resistant cryptography L. ReyzinProtecting User PrivacySecure, distributed sensing N. Triandopoulos

User Security and PrivacyLeveraging Sensing to AuthenticateSensor-BasedSensor-generated secrets L. ReyzinProximity-BasedSensor-based proximity verification L. Reyzin, D. Starobinski, and A. Trachtenberg

System SecurityAttack DetectionPhysical Layer, esp SDRAnalyzing SDR threats M. Crovella, D. Starobinski, G. TroxelStatistical Attack DetectionCrowd-sourced attack detection M. CrovellaAdvanced AuthenticationCode authenticationResilient over-the-air programming A. Trachtenberg and D. StarobinskiData authenticationDistributed data authentication N. Triandopoulos

System SecurityEconomicsEconomics and security impact of spectrum managementD. StarobinskiIncentive-compatible traffic controlProtocol design S. GoldbergEconomic approach to unwanted trafficAttention bonds for spam suppression S. Homer

A Unique TeamAll nine of the principal investigators are faculty members at Boston UniversityVery rare to have such a broad and deep collection of expertise under one roofCross-cutting collaboration betweenComputer Science,Electrical and Computer Engineering, andMetropolitan College Computer Science

CollaboratorsRaytheon BBN TechnologiesExperts in software defined radioUniversity of WarwickDigital forensics, malware propagation, formal modelingDeutsche TelekomMajor handset vendor (T-Mobile) and network service providerExtensive security experience

Mark CrovellaProfessorComputer Science DepartmentCollege of Arts and Scienceshttp://www.cs.bu.edu/fac/crovella

Research InterestPerformance evaluation Parallel and networked computer systems Internet measurement and modeling Self-similarity and heavy-tailed distributions in network traffic

Steven HomerProfessorComputer Science DepartmentCollege of Arts and Scienceshttp://www.cs.bu.edu/fac/homer

Research InterestTheoretical computer science Complexity theory Quantum computing Learning theoryParallel and probabilistic algorithms

Sharon Goldberg

Assistant ProfessorComputer Science DepartmentCollege of Arts and Scienceshttp://www.cs.bu.edu/fac/goldbeResearch InterestNetwork Security Mark Karpovsky

ProfessorElectrical and Computer EngineeringCollege of Engineeringhttp://mark.bu.eduResearch InterestDesign of secure cryptographic devices and smart cards Routing in interconnection networks design and protection of cryptographic devices Fault-tolerant computing Error correcting codes Testing and diagnosis of computer hardware

Leonid Reyzin

Associate ProfessorComputer Science DepartmentCollege of Arts and Scienceshttp://www.cs.bu.edu/fac/reyzinResearch InterestCryptography

David StarobinskiResearch InterestWireless networking and security Network economics StochasticProcesses Algorithms

Associate ProfessorElectrical and Computer EngineeringCollege of Engineeringhttp://people.bu.edu/staroAri Trachtenberg

Associate ProfessorElectrical and Computer EngineeringCollege of Engineeringhttp://people.bu.edu/trachtenResearch InterestError correcting codes Security and algorithmsData synchronizationLocation detection Sensors, PDAs, smartphonesNikos Triandopoulos

Research Assistant Professor RISCS Center and Computer Science http://www.cs.bu.edu/~nikosResearch InterestInformation Security & Privacy Network Security Distributed System Security Secure Protocol Design Tanya Zlateva

Associate ProfessorComputer Science DepartmentMetropolitan Collegehttp://people.bu.edu/zlatevaResearch InterestComputational Modeling of Visual Perception, Recognition, Three Dimensional Representations of Object Shape, Parallel and Distributed Processing

Integrated SecurityEconomicsMetadata (MC)Cost for inconvenience (DS)HardwareHigh costs for security (MK)Can sensor mitigate costs? (AT)Network and System LevelCrowdsourcing anomaly detection (MC)Smartphone as a sensor network (DS)Software-defined radios (GT)

Economics: metadata and cost for inconvenienceHardware: costs are very high $100k certification + high power consumption how can we reduce them? Maybe using sensors.Network: Smart phone as DTN Relationship to social nets

26The Promise of UbiquitousCommunication and ComputationUnrestrained collaboration in groups large and smallExamples:Crime-reporting with protection from corruptible authorities (when police are potentially corrupt)Political organizing without (state-owned?) media filtersReal-time traffic monitoringDisaster reliefProblems:How do you get valid information In a way that preserves individual privacyIn a way that gives people a reason to participate(no privacy no participation)(no validity data pollution no participation)Privacy - more than confidentialitya general concern, decomposable intoconfidentiality of contents of communication (TLS)freedom from traffic analysis (Tor for IP, ?)freedom from query analysis (private information retrieval)confidentiality of location (?)? (?)

softphone-related particular challengeslocation, location, location!always-with-human and multifaceted (entertaintment/payment/work/play/love): surveillance like never beforeAlso a general concern with various aspects:

Validity of reports or shared informationreputation-based, ground-truth checkable,User authenticationusing password, sensors, proximity, anonymous credentials,Reliable distributed data managementp2p-based, best-effort vs. 100% accuracy,Dynamic group formationbased on user registration/revocation, access controlled,

Non-solution for any of the above:Register every cell phone to a name, punish for bad communicationInformation Reliability & IntegrityWhats different (given all this prior work)Promises (not available on PCs):High mobilityOpportunistic networkingRich sensingAlways-onPeer-to-peer (wifi/bluetooth) and infrastructure mode

Challenges (not the same as PCs):Computing constraints (e.g., for evaluation of sensory data or running heavy protocols): memory, speed, powerFixed protocols at the phone network layer that areboth privacy unfriendly and insecureCentral control (large companies/government regulation) that may be unaligned with user incentives