Soma-notes - User contributions [en]

EvoSec 2025W Lecture 21

2025-03-27T21:23:05Z

Soma:

==Readings==

* [https://homeostasis.scs.carleton.ca/~soma/pubs/burgess-nspw2018.pdf Burgess, "After the BlockCloud Apocalypse." (NSPW 2018)]

==Discussion Questions==

* Which predictions were the most plausible? implausible?
* What relevant advancements/developments (technical or otherwise) were missed in the timeline that could change the envisioned trajectory?
* What can we do to avoid a blockcloud apocalypse?

==Notes==

<pre>
Lecture 21
----------

G1
- plausible: online misinformation tool, dead internet theory
- implausible: cryptocurrency takeover, AI as the silver lining?
- advancements missed: LLMs, breaking crypto
- need to trust each other more, decentralize trust, IRL interactions

G2
- implausible: separate IoT cloud services, online misinformation tools
(stuff to manipulate algorithms, generate content)
- plausible: everything on the cloud, storage->computation, apps
- not clear large govts using blockchain
- missed LLMs
- expertise gap between law/policy and AI/modern computer tech
- avoid BA through policy, but maybe not avoidable (go to the woods)
- plausible that AI will do more legal stuff

G3
- plausible: cloud providers became govts, blockchain shift
- implausible: AI worms attacking blockchains
- real trust still relies on people, not just systems
- missed advancements: improvements in security tech, improvements to privacy
preserving tech, federated learning
- no easy technological solution to these problems, solution will be
on the policy side, will be social

How plausible are widespread worms?
- social, not technical factors

How to avoid
- take evolution & trust seriously
- educate policy makers
- tell better stories about security
- we need to tell ourselves better stories

- computers allow us to process, communicate, distribute information
- allows for social connections to be scaled
(bureaucracy to be scaled)

There's a reason computers were first adopted by large businesses & govts
- had the need to process information to run their bureaucracies

what is a bureaucracy?
- infrastructure for organizing the activities of people

the constraints of distributed computation also apply to groups of people

With the introduction of computers, we've made processes for organizing society
that are more computer-focused (and org-focused) rather than socially focused
(satisfying needs of people)

online dating
- it is the way it is, because that's what maximizes engagement
- need lots of users having lots of engagement
- no incentive for short interactions that lead to satisfying outcomes

it isn't just dating
- we want scalable technical systems to maximize economic opportunity for
the companies
- not necessarily to the advantage of individuals or society

Consider search
- over what data? the right data, or all data?
- is it worth curating data?
- what data is worth indexing?

Why does Google index AI-generated slop?
- what would it take to avoid doing this?

crawling the web blindly made sense when the web was mostly legit pages
- but if it is full of crap, that isn't a good strategy

But WHY is the web filled with crap?
- because that content can be monetized
- Google created this problem!

If there was more friction in having ads on pages or in getting pages indexed,
we wouldn't have the AI generated web page problem
- would be too difficult

newspaper ads were never so easy to place
- even classifieds

when a third party can disintermediate trust, and they have few incentives to make sure parties act in trustworthy ways...you get a lot of anti-social behavior
</pre>

EvoSec 2025W Lecture 21

2025-03-27T15:26:14Z

Soma: Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/burgess-nspw2018.pdf Burgess, "After the BlockCloud Apocalypse." (NSPW 2018)] ==Discussion Questions== * Which predictions were the most plausible? implausible? * What relevant advancements/developments (technical or otherwise) were missed in the timeline that could change the envisioned trajectory? * What can we do to avoid a blockcloud apocalypse? ==Notes=="

EvoSec 2025W Lecture 20

2025-03-25T18:53:02Z

Soma:

==Readings==

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw97.pdf Somayaji, "Principles of a Computer Immune System." (NSPW 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/nspw-2007-biopanel.pdf Somayaji, "Panel: The Future of Biologically-Inspired Security: Is There Anything Left to Learn?" (NSPW 2008)]

==Discussion Questions==

* How does evolution relate to biologically-inspired security?
* How does trust relate to biologically-inspired security?
* What do you think of the panel question "Is there anything left to learn?" Is it the right question to ask about biologically-inspired security?

==Notes==

<pre>
Lecture 20
----------

G1
- biology has created working security systems, so reasonable to try replicating
- trust is the basis of everything, including bio-inspired security
- question is a bit stubborn
- hasn't been good for past scientists who have said this
- was more "what's next to learn"
- how can you replicate vaccines in computers?
- computer vaccines would also have to change over time in response
to attacker innovation
- "inactivated malware"?
- barely scratched the surface of how the brain works, so still lots to learn

G2
- evolution is a testbed for security mechanisms in biology
- biological entities don't protect secrets
- we keep learning more about biology
- what is the purpose of learning from biology?
- we've pulled in the big concepts, so we may be on the downward slope
- focus on more niche features of biology
- we've used the big ones

G3
- bio-inspired security is based on a system that evolved, so is related to evolution
- trust arises in how malicious activities can be detected and stopped while normal system functioning is allowed to proceed
- question is what is left to learn
- gap between fields seems to be growing, not much communication
- lots of crossover between other fields, why isn't it there in security?

Project presentations
- 5-10 minute presentations
- just present your project
- basic idea
- what you've done
- what you're going to do
- make sure to spend 1-2 slides explaining the research problem/area
- why are you doing this work?
- for the literature review part, give a high-level overview
of past work
- for proposals, do a brief lit review (1-2 slides) then describe
your proposed research
- have between 5-10 slides
- 5 is probably enough

- "Principles" was my first first-author publication
- the principles part holds up today in terms of "what is cool" about
immunology from a computer security perspective
- Panel came out of a rejected paper
- bit of a consolation prize

No "subsystem" in biology does exactly what you think it does
- the systems evolved, they weren't designed
- so no clear separation of concerns
- immune system is for maintaining homeostasis, not "security"
- co-existence is always an option
- immune system is also a "distributed nervous system"
- neurotransmitters are similar or are the same as the chemicals that
immune cells use to communicate

When we talk about "bio inspired security" or any cross-disciplinary work,
we are comparing models to models
- mapping models onto models is a subtle business
- can often lead to more confusion than clarity

living systems evolved, so they survived in the face of evolving threats
- neat trick to learn for computer security!
- but...do we understand how they evolved?

Rather than metaphors, I want to get at underlying principles
- solid foundations rather than shaky mappings

That foundation is clearly evolution, at least in part
- but I think we got evolution wrong

evolution (to me) is an interplay between cooperation and conflict
- cooperation is a key survival strategy
- but cooperation is only safe if it is with those you trust
- those who won't betray you for personal or short-term gain

The central problem of computer security is making sure systems cooperate
only with those who are trustworthy
- more than "authorized" as credentials can be compromised

so from this perspective, computer security IS the problem of how to evolve computers in a world where trust isn't assumed

(note we mostly assume code, systems, services are trustworthy and thus can be trusted, and when they aren't our systems just break horribly)

bio-inspired security is the process of learning from systems that don't assume trust - how can they be built, how can they work?
- but living systems are interesting just to the extent they are examples of such systems
</pre>

EvoSec 2025W Lecture 20

2025-03-25T15:30:13Z

Soma: Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw97.pdf Somayaji, "Principles of a Computer Immune System." (NSPW 1997)] * [https://homeostasis.scs.carleton.ca/~soma/pubs/nspw-2007-biopanel.pdf Somayaji, "Panel: The Future of Biologically-Inspired Security: Is There Anything Left to Learn?" (NSPW 2008)] ==Discussion Questions== * How does evolution relate to biologically-inspired security? * How does trust relate to biologically-inspired sec..."

EvoSec 2025W Lecture 19

2025-03-20T17:40:54Z

Soma: /* Notes */

==Readings==

* [https://homeostasis.scs.carleton.ca/~soma/pubs/findlay-ccsw2020.pdf Findlay, "bpfbox: Simple Precise Process Confinement with eBPF." (CCSW 2020)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/findlay-bpfcontain2021.pdf Findlay, "Bpfcontain: Fixing the soft underbelly of container security." (arXiv 2021)]

==Discussion Questions==

* Is the complexity of Linux security mechanisms due more to functional requirements or evolutionary processes?
* What is the relationship between trust and confinement?

==Notes==

<pre>
Lecture 19
----------
G1
- complexity more from evolution, not design
- open source software dev follows patterns of evolution
- confinement is a tool for trust: more confinement, less trust

G2
- complexity comes more from functional requirements
- individuals find problem with existing mechanisms and then add something
to fix things
- adding leads to complexity
- you have to trust that the confinement mechanisms work

G3
- complexity more comes from evolution not design
- you have to keep modifying what you have
- complexity arises from the need for compatibility, not change what is there
- specifying confinement is a reverse way of producing a model of behavior
- no need to understand any particular user's behavior pattern

confinement as a problem
- limiting what code can do
- limits are in part based on trustworthiness of code

confinement isn't absolute
- because that limits cooperation, integration

but it is necessary
- because otherwise errors and attacks propagate
- too difficult for developers to understand, work with
- also too complex, spaghetti code

Confinement is a fundamental property of modern operating systems
- files separate data
- processes separate code execution

process is a running program
- own virtual cpu
- own virtual memory

traditional operating systems don't do that good of a job of confining processes
- because they are often used as components in larger computations
- shared files, pipes, sockets, shared memory

but what if you want to run programs that you don't trust?
- full confinement => sandboxing (e.g., JavaScript sandbox)

Originally OS virtualization was just a way to share a kernel between multiple userlands from different individuals (e.g., web hosting)

Containers became popular as a means for deploying software
- for systems administration purposes, not security
- because a container has all the local dependencies for any app

devops is enabled by containers
- developers make the containers, and those containers can be directly deployed

virtual machines became the unit of resource allocation and security
- mimicking the boundaries of a physical computer

Why do we need a hypervisor to multiplex kernels for security, can't we just
have a kernel multiplex and confine containers securely?

so why didn't we push bpfcontain more?
</pre>

EvoSec 2025W Lecture 19

2025-03-20T15:35:07Z

Soma: Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/findlay-ccsw2020.pdf Findlay, "bpfbox: Simple Precise Process Confinement with eBPF." (CCSW 2020)] * [https://homeostasis.scs.carleton.ca/~soma/pubs/findlay-bpfcontain2021.pdf Findlay, "Bpfcontain: Fixing the soft underbelly of container security." (arXiv 2021)] ==Discussion Questions== * Is the complexity of Linux security mechanisms due more to functional requirements or evolutionary processes? * What is..."

EvoSec 2025W Lecture 18

2025-03-18T18:36:34Z

Soma: Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/dabbour-nspw2020.pdf Dabbour, "Towards In-Band Non-Cryptographic Authentication." (NSPW 2020)] * [https://homeostasis.scs.carleton.ca/~soma/pubs/bfoster-gecco-2010.pdf Foster, "Object-Level Recombination of Commodity Applications." (GECCO 2010)] ==Notes== <pre> Lecture 18 ---------- G1 - can be more complex to detect imposters in practice because to do so because 1) you won't consider it a possibility, and..."

==Readings==
* [https://homeostasis.scs.carleton.ca/~soma/pubs/dabbour-nspw2020.pdf Dabbour, "Towards In-Band Non-Cryptographic Authentication." (NSPW 2020)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/bfoster-gecco-2010.pdf Foster, "Object-Level Recombination of Commodity Applications." (GECCO 2010)]

==Notes==
<pre>
Lecture 18
----------
G1
- can be more complex to detect imposters in practice because to do so because 1) you won't consider it a possibility, and 2) you'd have to act weird
- AI chatbots can immitate people given chat history, that could defeat detection attempts
- shared history may be the strongest authenticator but isn't practical (like narrative auth)

G2
- What's the connection between these two? Seemed obscure
- create new and identifiable contexts for security
- security context from code diversity vs shared knowledge/observations
- computer-to-computer is not like people-to-people communication, is it even feasible to distinguish them?
- similar to encryption, shared secret, but secret is shared context
- how complex of models would be required for authentication between computers?

G4
- doesn't computer behavior boil down to protocols, so not so much opportunity for unknown shared context?
- if one host is compromised, it can be immitated using stolen data
- compromised communication allows models to be built up over time
- how does the link resolver work?!
- is genetic recombination practical?
- can you really get more complexity over many generations?
- what is the similarity between the papers?

G3
- knowing the attacker could be there biases the conversation
- if you did a more "real world" experiment, would people detect impersonation if not primed? suspect they won't
- in the real world users, if someone knows they've been hacked they have other ways of communicating this fact
- if defender can train model, attacker can also, and your behavior is harder to change than a password
- no mutation of object files, so is this evolution?
- how can we do mutation here that would generate novelty?
- don't we still need people? How can this be fully automated?

I don't see these papers as practical, but evocative
- how do people recognize each other when limited to text?
- can we have programs sexually reproduce like biological organisms, without
being designed for this?

don't mistake the abstraction for the implementation
- computer-to-computer "conversational" auth would have models of implementation & context-specific details
- precise program versions
- communication details
</pre>

EvoSec 2025W Lecture 17

2025-03-13T18:45:36Z

Soma: /* Notes */

==Readings==

* [https://homeostasis.scs.carleton.ca/~soma/pubs/amatrawy-acns-05.pdf Matrawy, "Mitigating Network Denial-of-Service Through Diversity-Based Traffic Management." (ACNS 2005)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/inoue-lisa2007.pdf Inoue, "NetADHICT: A Tool for Understanding Network Traffic." (LISA 2007)]

==Discussion Questions==

* What does it mean for an attacker to "defeat" (p,n)-gram based traffic clustering?
* What do high frequency (p,n)-grams reveal about network traffic? Does this include anything that might compromise user privacy?
* Is ADHIC an anomaly detection algorithm? Can it be used to detect anomalies?
* How fast is ADHIC compared to other standard clustering algorithms?
* Is diversity-based traffic management feasible today given that so much traffic is encrypted?

==Notes==

<pre>
Lecture 17
----------

* Internet protocols
* clustering vs classification
* p,n-grams

best-effort packet delivery
- rather than guaranteed delivery

IP - best effort
TCP - guaranteed delivery

best effort allows for denial of service
- can always eliminate DoS with reservations, but only for the chosen few

Unless you make deliberate choices about who gets service, EVERYONE gets poor service when there is too much demand

So how do we deal with denial of service on the Internet today?

Today we mostly manage DoS through content distribution networks (CDNs) of some kind.

A CDN is its own network of servers (an "overlay network" or entirely separate) that distributes & serves data

How do CDNs route traffic?
- a form of load balancing, but also prioritization
(how much did you pay?)
- tends to be on a per-server basis, not per-client

What is normal for the network?
- constant level of weirdness!

Internet telescope
- reserve a large block of IP addresses that aren't being used
- watch what traffic comes to it

naive anomaly detection on network traffic will have huge false positives
- or, your model will be way too general

Today we mostly do the exact opposite
- deep packet inspection systems
- in the cloud, will analyze decrypted packets
- really try to understand traffic using lots of rules, reconstructing flows

Normally traffic is managed using source IP address, source port, destination IP address, destination port, protocol
- but is that all we can look at?
- can we use this data in a more generic way, without parsing out flows?

So why p,n-grams?

n-grams is a common way to analyze large amounts of data
- n in n-gram is just a length, so a set of fixed-length strings

One idea is to do n-gram analysis on packets (whole packets or just packet headers)
- n-gram analysis is relatively slow, have to search entire packet for a match

network routers go through a lot of effort to not look at every byte in a packet

What do routers look at?
- source and destination IP addresses

Notice that these are 4 byte (or 16 byte) patterns at fixed offsets in a packet header
- p,n-grams are a generalization of source and destination IP addresses

What is the frequency distribution of p,n-grams?

What does it mean for an attacker to "defeat" (p,n)-gram based traffic clustering?
- attacker wants to get maximum bandwidth
- so, have to get their packets into all the queues, or as many as possible
- in order to do that, they have to create packets that have p,n-grams that are being used by every queue (every leaf node in ADHIC)

What do high frequency (p,n)-grams reveal about network traffic? Does this include anything that might compromise user privacy?
- inherently privacy preserving, except for bad actors

Is ADHIC an anomaly detection algorithm? Can it be used to detect anomalies?

How fast is ADHIC compared to other standard clustering algorithms?

Is diversity-based traffic management feasible today given that so much traffic is encrypted?

How does this relate to trust?
</pre>

EvoSec 2025W Lecture 17

2025-03-13T14:58:47Z

Soma: /* Discussion Questions */

EvoSec 2025W Lecture 17

2025-03-13T14:57:12Z

Soma: /* Discussion Questions */

EvoSec 2025W Lecture 17

2025-03-13T14:25:39Z

Soma: Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/amatrawy-acns-05.pdf Matrawy, "Mitigating Network Denial-of-Service Through Diversity-Based Traffic Management." (ACNS 2005)] * [https://homeostasis.scs.carleton.ca/~soma/pubs/inoue-lisa2007.pdf Inoue, "NetADHICT: A Tool for Understanding Network Traffic." (LISA 2007)] ==Discussion Questions== ==Notes=="

EvoSec 2025W Lecture 16

2025-03-11T18:20:33Z

Soma: /* Notes */

==Readings==

* [https://homeostasis.scs.carleton.ca/~soma/pubs/yli-acsac-05.pdf Li, "Securing Email Archives through User Modeling." (ACSAC 2005)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/li-catx2013.pdf Li, "Fine-grained Access Control using Email Social Networks." (CATX 2013)]

==Discussion Questions==

Feel free to only address a subset or none of the following questions in your discussion!

* What does it take to define "normal"? In what contexts is it easier to define normal, and where is it harder?
* To what extent does improved technology make it easier to distinguish between normal and abnormal behavior in an adversarial context?
* When are false alarms okay, and when are they bad? (How often do you get alerts today from security systems and how often are these irrelevant?)
* In general, is it better to look at data or metadata when doing anomaly detection?
* How does the metadata for modern communication platforms differ from email? How is it similar?

==Notes==

<pre>
Lecture 16
----------

G1
- defining normal: long term, consistent data collected
- hard to define normal if there isn't enough data (not enough interaction)
or consistency
- don't need too much consistency, just need lots of data so the patterns
can be extracted
- false alarms
- notifications from google regarding logins is mostly false alarms but is still useful for maintaining security
- but too many notifications for regular activity will lead to users to ignore, so frequency matters
- severity also matters, can stress out users for no reason

G2
- "window length" idea, how to apply generally?
- harder to define normal with smaller & smaller window lengths
- larger behavior space, more possible actions makes it harder to define normal
- false alarms: intensity of alarms matters, how easy to ignore/how concerning
- data vs metadata: generally metadata is the way to go
- context matters, hard to get context from data
(but not always, e.g., topics)

G3
- LLM/AI could help with looking at data for determining normal/classification
- is it good to get all of this data? could be used for impersonation
- false alarms
- geographic change-based alerts can be reasonable, for example
- but could dissuade users from trying new things
- 2FA on Carleton email, how useful when done on same device?
- not good when it is hard to access important information quickly, interferes with normal tasks
- modern platforms track more: typing, geographic info
- more invasive
- gets confused - IP address is in Toronto but still in Ottawa
- assigning tasks/roles - using just email can be too limited
- but modern platforms are controlled by large companies, so can see
info across apps

G4
- does better tech make defining normal easier?
- not really!
- newer tech, newer kinds of abnormalities
- still an open problem in machine learning 20 years later!
- still not getting great accuracy
- machine learning black boxes don't help so much for anomaly detection
- people need to go deeper to derive mathematical relationships
- have to look at the metadata to determine attacks, don't have ground truth
(don't know what is really an attack) most of the time
- if attacker has information (e.g., emails), can mask their attacks, hide from detection

Easy to do anomaly detection wrong
- focus on modeling everything, rather than what you must model
- no clear idea of what "normal" will be

machine learning is best used first as a tool for data exploration
- can use in production, but ONLY after you really understand what it does
- machine learning isn't always the best at identifying features!
- because it lacks context

to do security well, you need "normal" to be very consistent
- which means humans should be able to do the classification relatively easily

So the art of this is to figure out what will be consistent
- use domain knowledge & machine learning exploration of data

email archive detection
- attacker evasion is either noticable to automated system or user

Work backwards from attacks!
- why are they weird?
</pre>

EvoSec 2025W Lecture 16

2025-03-11T15:31:29Z

Soma: Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/yli-acsac-05.pdf Li, "Securing Email Archives through User Modeling." (ACSAC 2005)] * [https://homeostasis.scs.carleton.ca/~soma/pubs/li-catx2013.pdf Li, "Fine-grained Access Control using Email Social Networks." (CATX 2013)] ==Discussion Questions== Feel free to only address a subset or none of the following questions in your discussion! * What does it take to define "normal"? In what contexts is it easi..."

EvoSec 2025W Lecture 15

2025-03-06T19:21:06Z

Soma:

==Readings==

* [https://homeostasis.scs.carleton.ca/~soma/pubs/obada-usec2017.pdf Obada-Obieh, "“Don’t Break My Heart!”: User Security Strategies for Online Dating." (USEC 2017)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/obada-nspw2017.pdf Obada-Obieh, "Can I believe you?: Establishing Trust in Computer Mediated Introductions." (NSPW 2017)]

==Discussion Questions==

* How different is dating from other introduction problems today?
* How central is reputation to the problem of CMI? To what extent is reputation scalable?
* How generalizable is the concept of computer-mediated introductions? Could a search engine be a form of CMI, but for websites, not people? What about advertisements, such as political advertisements?

==Notes==

<pre>
Lecture 15
----------

G1
- dating is long term, but other introductions are more short term
- could star ratings work for dating? probably not...unless looking for hookups
- could penalize new daters who have a bad first date
- reputation is the primary factor in CMIs
- record of many positive interactions -> increased trust
- human->website intro, goes back to narrative auth
- website->website, could use star rep system

G2
- uber closest to online dating, but time duration is very different
- amount of trust in dating is much higher than every other CMI
- stars definitely influence interactions
- behavior depends on context (kid at school vs at home)
- search engine is a form of CMI
- no matching in the actual ad, but ad targeting is a kind of CMI

G3
- dating differs in how much info you have to reveal versus other CMI
- reputation is central to CMI - uber, ebay, etc
- ratings are not so objective in dating
- reputation exists all over the place - e.g., online search
- CMI is definitely part of online advertisements

G4
- dating is a game problem: incentives for honesty, minimal communication, and deception depending on the party
- what are acceptable lies in an online profile?
- applies to other CMI problems
- advertisers are willing to fudge the truth!
- reputation is the most important factor in CMI
- how you calculate trust is very important, flaws will be exploited by adversaries
- search engines & advertisements, both CMIs
Dating: put out info to get a good match, limit info to maintain safety
search engines have different incentives but still there are opposing goals
- web sites don't need to make trust judgements of search engines, different from dating and other CMIs

Question: how could you game dating app reputation systems?
- get your friends to join <- difficult to stop
- sock puppet accounts <- only if auth can be gamed

Why do we care about reputation? When is it important?
- we use it to mitigate risk
(placing ourselves in a vulnerable situation)
- risk & relative power

Reputation is problematic with the Internet today, I think.
- AI
- fraudulent reputation signals (e.g., paid reviews, sock puppets)
- bots, automated attacks on reputation systems

If reputation doesn't scale in an evolutionarily stable way
- efforts to scale reputation will be attacked and circumvented over time
</pre>

EvoSec 2025W Lecture 15

2025-03-06T16:23:49Z

Soma: Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/obada-usec2017.pdf Obada-Obieh, "“Don’t Break My Heart!”: User Security Strategies for Online Dating." (USEC 2017)] * [https://homeostasis.scs.carleton.ca/~soma/pubs/obada-nspw2017.pdf Obada-Obieh, "Can I believe you?: Establishing Trust in Computer Mediated Introductions." (NSPW 2017)] ==Discussion Questions== * How different is dating from other introduction problems today? * How central is reputat..."

EvoSec 2025W Lecture 14

2025-03-04T18:48:46Z

Soma: /* Notes */

==Readings==

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)]

==Discussion Questions==

* How quickly can you verify that another person knows the same story that you do? Can someone who doesn't know the story fool you easily?
* Are there stories that are known to friends and family but that are not written down anywhere?
* Could any social media or financial site "tell a story" about your interaction with them that isn't generally known?

==Notes==

<pre>
Lecture 14
----------

If you haven't finished your early lit review yet, please get it to me by the end of the week
- for those who have submitted, I will get you feed back soon!

G1
- protects against non-targeted attacks but may be more vulnerable to targeted attacks, with LLMs
- if the story's generic may be easy to guess, needs to be different
- sibling stories!
- your social media feed tells a lot about you, as does your record of financial transactions, can even know you're pregnant before you do!
- narrative authentication allows for better two-way trust, potentially
- "sharing a story" could actually involve lots of differences in how the story went

G2
- making up details (and waiting for the "wait a minute" remark) can help you figure out whether someone shares the same story
- oral traditions in aboriginal societies
- "mandela effect" - misremembering stories collectively
- meaningful interactions with a site can lead to interesting stories

G3
- LLM internal model would be probability based, could be hacked
- social engineer details out of people
- easiest attacks target people
- new security issue, hacking LLMs to bypass authentication!
- more complex narratives are more secure but harder to remember
- if it's too much work to create authentication credentials users won't do it

G4
- could LLMs guess based on context clues?
- 12 year old male with an interest in baseball -> probably a predictable birthday cake
- but made-up details could help you catch impersonators but could fool legit people
- would need details that people wouldn't forget
- instagram knows who you are creeping
- link history can tell a lot, e.g., tell e-commerce site what you are interested in

How do we recognize and trust each other?
- and what would it mean for the same approach to apply to computational systems

good narratives implicitly are based on a model of their audience
- biased towards "interesting" bits with an "interesting" structure
- interesting => high information content, not knowable just from priors
</pre>

EvoSec 2025W Lecture 14

2025-03-04T16:32:37Z

Soma: Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)] ==Discussion Questions== * How quickly can you verify that another person knows the same story that you do? Can someone who doesn't know the story fool you easily? * Are there stories that are known to friends and family but that are not written down anywhere? * Could any social media or fina..."

Evolutionary Security: Winter 2025

2025-03-01T19:39:02Z

Soma: /* Class Schedule (Readings & Notes) */

==Course Outline==

[[EvoSec 2025W: Course Outline|Course outline for Evolutionary Security]].

==Literature Review==

To help you write a literature review or the background of a research paper, read the following:
* Harvey, "What Is a Literature Review?" [https://www.cs.cmu.edu/~missy/WritingaLiteratureReview.doc (DOC)] [https://www.cs.cmu.edu/~missy/Writing_a_Literature_Review.ppt (PPT)]
* [https://www.writing.utoronto.ca/advice/specific-types-of-writing/literature-review Taylor, "The Literature Review: A Few Tips On Conducting It"]

==Class Schedule (Readings & Notes)==

===[[EvoSec 2025W Lecture 1|January 7, 2025]]===

Introduction

===[[EvoSec 2025W Lecture 2|January 9, 2025]]===

Introduction to Trust

===[[EvoSec 2025W Lecture 3|January 14, 2025]]===

Computational Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/marsh1994-formalising-trust.pdf Marsh, "Formalising Trust as a Computational Concept."] (Chapters 1 & 3)

===[[EvoSec 2025W Lecture 4|January 16, 2025]]===

Biological Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/bateson1998-trust.pdf Bateson, "The Biological Evolution of Cooperation and Trust."] (1988)
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/michod2001-multicellularity.pdf Michod & Roze, "Cooperation and conflict in the evolution of multicellularity."] (2001)

===[[EvoSec 2025W Lecture 5|January 21, 2025]]===

OceanStore & BOINC
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/oceanstore-sigplan.pdf John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/fast2003-pond.pdf Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/anderson-boinc.pdf Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)]

===[[EvoSec 2025W Lecture 6|January 23, 2025]]===

Chubby & GFS
* [https://www.usenix.org/legacy/events/osdi06/tech/burrows.html Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)]
* [https://research.google.com/archive/gfs-sosp2003.pdf Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)]

===[[EvoSec 2025W Lecture 7|January 28, 2025]]===

Symbiosis
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/margulis1971-sciam.pdf Margulis, Symbiosis and Evolution (Scientific American 1971)]

===[[EvoSec 2025W Lecture 8|January 30, 2025]]===

Tierra
* Tom Ray, Tierra (1992): [https://homeostasis.scs.carleton.ca/~soma/adapsec/readings/tierra-92-08-042.pdf Pixelated but with Figures], [https://homeostasis.scs.carleton.ca/~soma/biosec/readings/tierra.pdf Clearer Text]

===[[EvoSec 2025W Lecture 9|February 4, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/neti-hotsec2012.pdf Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-asia2024.pdf Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)]

====Discussion Questions====
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

===[[EvoSec 2025W Lecture 10|February 6, 2025]]===

====Readings====
* [https://people.scs.carleton.ca/~soma/biosec/readings/forrest-diverse.pdf Forrest, "Building Diverse Computer Systems." (HotOS 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-nspw2024.pdf Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)]

====Discussion Questions====
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

===[[EvoSec 2025W Lecture 11|February 11, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-ieeesp96.pdf Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-acsac2008.pdf Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)]

===February 13, 2025===

Project elevator pitches (presentations in class)

===[[EvoSec 2025W Lecture 12|February 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

===[[EvoSec 2025W Lecture 13|February 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

===[[EvoSec 2025W Lecture 14|March 4, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)]

'''Early Literature Review due'''

===[[EvoSec 2025W Lecture 15|March 6, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/obada-usec2017.pdf Obada-Obieh, "“Don’t Break My Heart!”: User Security Strategies for Online Dating." (USEC 2017)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/obada-nspw2017.pdf Obada-Obieh, "Can I believe you?: Establishing Trust in Computer Mediated Introductions." (NSPW 2017)]

===[[EvoSec 2025W Lecture 16|March 11, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/yli-acsac-05.pdf Li, "Securing Email Archives through User Modeling." (ACSAC 2005)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/li-catx2013.pdf Li, "Fine-grained Access Control using Email Social Networks." (CATX 2013)]

===[[EvoSec 2025W Lecture 17|March 13, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/amatrawy-acns-05.pdf Matrawy, "Mitigating Network Denial-of-Service Through Diversity-Based Traffic Management." (ACNS 2005)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/inoue-lisa2007.pdf Inoue, "NetADHICT: A Tool for Understanding Network Traffic." (LISA 2007)]

===[[EvoSec 2025W Lecture 18|March 18, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/dabbour-nspw2020.pdf Dabbour, "Towards In-Band Non-Cryptographic Authentication." (NSPW 2020)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/bfoster-gecco-2010.pdf Foster, "Object-Level Recombination of Commodity Applications." (GECCO 2010)]

===[[EvoSec 2025W Lecture 19|March 20, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/findlay-ccsw2020.pdf Findlay, "bpfbox: Simple Precise Process Confinement with eBPF." (CCSW 2020)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/findlay-bpfcontain2021.pdf Findlay, "Bpfcontain: Fixing the soft underbelly of container security." (arXiv 2021)]

===[[EvoSec 2025W Lecture 20|March 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw97.pdf Somayaji, "Principles of a Computer Immune System." (NSPW 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/nspw-2007-biopanel.pdf Somayaji, "Panel: The Future of Biologically-Inspired Security: Is There Anything Left to Learn?" (NSPW 2008)]

===[[EvoSec 2025W Lecture 21|March 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/burgess-nspw2018.pdf Burgess, "After the BlockCloud Apocalypse." (NSPW 2018)]

===[[EvoSec 2025W Lecture 22|April 1, 2025]]===

Presentations, Day 1

===[[EvoSec 2025W Lecture 23|April 3, 2025]]===

Presentations, Day 2

===[[EvoSec 2025W Lecture 24|April 8, 2025]]===

Presentations, Day 3

Evolutionary Security: Winter 2025

2025-03-01T19:38:25Z

Soma: /* Class Schedule (Readings & Notes) */

Evolutionary Security: Winter 2025

2025-03-01T19:20:44Z

Soma: /* Class Schedule (Readings & Notes) */

==Course Outline==

[[EvoSec 2025W: Course Outline|Course outline for Evolutionary Security]].

==Literature Review==

To help you write a literature review or the background of a research paper, read the following:
* Harvey, "What Is a Literature Review?" [https://www.cs.cmu.edu/~missy/WritingaLiteratureReview.doc (DOC)] [https://www.cs.cmu.edu/~missy/Writing_a_Literature_Review.ppt (PPT)]
* [https://www.writing.utoronto.ca/advice/specific-types-of-writing/literature-review Taylor, "The Literature Review: A Few Tips On Conducting It"]

==Class Schedule (Readings & Notes)==

===[[EvoSec 2025W Lecture 1|January 7, 2025]]===

Introduction

===[[EvoSec 2025W Lecture 2|January 9, 2025]]===

Introduction to Trust

===[[EvoSec 2025W Lecture 3|January 14, 2025]]===

Computational Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/marsh1994-formalising-trust.pdf Marsh, "Formalising Trust as a Computational Concept."] (Chapters 1 & 3)

===[[EvoSec 2025W Lecture 4|January 16, 2025]]===

Biological Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/bateson1998-trust.pdf Bateson, "The Biological Evolution of Cooperation and Trust."] (1988)
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/michod2001-multicellularity.pdf Michod & Roze, "Cooperation and conflict in the evolution of multicellularity."] (2001)

===[[EvoSec 2025W Lecture 5|January 21, 2025]]===

OceanStore & BOINC
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/oceanstore-sigplan.pdf John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/fast2003-pond.pdf Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/anderson-boinc.pdf Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)]

===[[EvoSec 2025W Lecture 6|January 23, 2025]]===

Chubby & GFS
* [https://www.usenix.org/legacy/events/osdi06/tech/burrows.html Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)]
* [https://research.google.com/archive/gfs-sosp2003.pdf Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)]

===[[EvoSec 2025W Lecture 7|January 28, 2025]]===

Symbiosis
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/margulis1971-sciam.pdf Margulis, Symbiosis and Evolution (Scientific American 1971)]

===[[EvoSec 2025W Lecture 8|January 30, 2025]]===

Tierra
* Tom Ray, Tierra (1992): [https://homeostasis.scs.carleton.ca/~soma/adapsec/readings/tierra-92-08-042.pdf Pixelated but with Figures], [https://homeostasis.scs.carleton.ca/~soma/biosec/readings/tierra.pdf Clearer Text]

===[[EvoSec 2025W Lecture 9|February 4, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/neti-hotsec2012.pdf Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-asia2024.pdf Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)]

====Discussion Questions====
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

===[[EvoSec 2025W Lecture 10|February 6, 2025]]===

====Readings====
* [https://people.scs.carleton.ca/~soma/biosec/readings/forrest-diverse.pdf Forrest, "Building Diverse Computer Systems." (HotOS 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-nspw2024.pdf Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)]

====Discussion Questions====
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

===[[EvoSec 2025W Lecture 11|February 11, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-ieeesp96.pdf Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-acsac2008.pdf Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)]

===February 13, 2025===

Project elevator pitches (presentations in class)

===[[EvoSec 2025W Lecture 12|February 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

===[[EvoSec 2025W Lecture 13|February 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

===[[EvoSec 2025W Lecture 14|March 4, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)]

'''Early Literature Review due'''

===[[EvoSec 2025W Lecture 15|March 6, 2025]]===

UPDATES IN PROGRESS

* [https://homeostasis.scs.carleton.ca/~soma/pubs/yli-acsac-05.pdf Li, "Securing Email Archives through User Modeling." (ACSAC 2005)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/dabbour-nspw2020.pdf Dabbour, "Towards In-Band Non-Cryptographic Authentication." (NSPW 2020)]

* [https://homeostasis.scs.carleton.ca/~soma/pubs/amatrawy-acns-05.pdf Matrawy, "Mitigating Network Denial-of-Service Through Diversity-Based Traffic Management." (ACNS 2005)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/inoue-lisa2007.pdf Inoue, "NetADHICT: A Tool for Understanding Network Traffic." (LISA 2007)]

* [https://homeostasis.scs.carleton.ca/~soma/pubs/obada-usec2017.pdf Obada-Obieh, "“Don’t Break My Heart!”: User Security Strategies for Online Dating." (USEC 2017)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/obada-nspw2017.pdf Obada-Obieh, "Can I believe you?: Establishing Trust in Computer Mediated Introductions." (NSPW 2017)]

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw97.pdf Somayaji, "Principles of a Computer Immune System." (NSPW 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/nspw-2007-biopanel.pdf Somayaji, "Panel: The Future of Biologically-Inspired Security: Is There Anything Left to Learn?" (NSPW 2008)]

===[[EvoSec 2025W Lecture 16|March 11, 2025]]===

===[[EvoSec 2025W Lecture 17|March 13, 2025]]===

===[[EvoSec 2025W Lecture 18|March 18, 2025]]===

===[[EvoSec 2025W Lecture 19|March 20, 2025]]===

===[[EvoSec 2025W Lecture 20|March 25, 2025]]===

===[[EvoSec 2025W Lecture 21|March 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/burgess-nspw2018.pdf Burgess, "After the BlockCloud Apocalypse." (NSPW 2018)]

===[[EvoSec 2025W Lecture 22|April 1, 2025]]===

Presentations, Day 1

===[[EvoSec 2025W Lecture 23|April 3, 2025]]===

Presentations, Day 2

===[[EvoSec 2025W Lecture 24|April 8, 2025]]===

Presentations, Day 3

Evolutionary Security: Winter 2025

2025-03-01T19:15:58Z

Soma: /* Class Schedule (Readings & Notes) */

==Course Outline==

[[EvoSec 2025W: Course Outline|Course outline for Evolutionary Security]].

==Literature Review==

To help you write a literature review or the background of a research paper, read the following:
* Harvey, "What Is a Literature Review?" [https://www.cs.cmu.edu/~missy/WritingaLiteratureReview.doc (DOC)] [https://www.cs.cmu.edu/~missy/Writing_a_Literature_Review.ppt (PPT)]
* [https://www.writing.utoronto.ca/advice/specific-types-of-writing/literature-review Taylor, "The Literature Review: A Few Tips On Conducting It"]

==Class Schedule (Readings & Notes)==

===[[EvoSec 2025W Lecture 1|January 7, 2025]]===

Introduction

===[[EvoSec 2025W Lecture 2|January 9, 2025]]===

Introduction to Trust

===[[EvoSec 2025W Lecture 3|January 14, 2025]]===

Computational Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/marsh1994-formalising-trust.pdf Marsh, "Formalising Trust as a Computational Concept."] (Chapters 1 & 3)

===[[EvoSec 2025W Lecture 4|January 16, 2025]]===

Biological Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/bateson1998-trust.pdf Bateson, "The Biological Evolution of Cooperation and Trust."] (1988)
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/michod2001-multicellularity.pdf Michod & Roze, "Cooperation and conflict in the evolution of multicellularity."] (2001)

===[[EvoSec 2025W Lecture 5|January 21, 2025]]===

OceanStore & BOINC
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/oceanstore-sigplan.pdf John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/fast2003-pond.pdf Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/anderson-boinc.pdf Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)]

===[[EvoSec 2025W Lecture 6|January 23, 2025]]===

Chubby & GFS
* [https://www.usenix.org/legacy/events/osdi06/tech/burrows.html Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)]
* [https://research.google.com/archive/gfs-sosp2003.pdf Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)]

===[[EvoSec 2025W Lecture 7|January 28, 2025]]===

Symbiosis
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/margulis1971-sciam.pdf Margulis, Symbiosis and Evolution (Scientific American 1971)]

===[[EvoSec 2025W Lecture 8|January 30, 2025]]===

Tierra
* Tom Ray, Tierra (1992): [https://homeostasis.scs.carleton.ca/~soma/adapsec/readings/tierra-92-08-042.pdf Pixelated but with Figures], [https://homeostasis.scs.carleton.ca/~soma/biosec/readings/tierra.pdf Clearer Text]

===[[EvoSec 2025W Lecture 9|February 4, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/neti-hotsec2012.pdf Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-asia2024.pdf Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)]

====Discussion Questions====
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

===[[EvoSec 2025W Lecture 10|February 6, 2025]]===

====Readings====
* [https://people.scs.carleton.ca/~soma/biosec/readings/forrest-diverse.pdf Forrest, "Building Diverse Computer Systems." (HotOS 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-nspw2024.pdf Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)]

====Discussion Questions====
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

===[[EvoSec 2025W Lecture 11|February 11, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-ieeesp96.pdf Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-acsac2008.pdf Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)]

===February 13, 2025===

Project elevator pitches (presentations in class)

===[[EvoSec 2025W Lecture 12|February 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

===[[EvoSec 2025W Lecture 13|February 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

===[[EvoSec 2025W Lecture 14|March 4, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)]

'''Early Literature Review due'''

===[[EvoSec 2025W Lecture 15|March 6, 2025]]===

UPDATES IN PROGRESS

* [https://homeostasis.scs.carleton.ca/~soma/pubs/yli-acsac-05.pdf Li, "Securing Email Archives through User Modeling." (ACSAC 2005)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/dabbour-nspw2020.pdf Dabbour, "Towards In-Band Non-Cryptographic Authentication." (NSPW 2020)]

* [https://homeostasis.scs.carleton.ca/~soma/pubs/amatrawy-acns-05.pdf Matrawy, "Mitigating Network Denial-of-Service Through Diversity-Based Traffic Management." (ACNS 2005)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/inoue-lisa2007.pdf Inoue, "NetADHICT: A Tool for Understanding Network Traffic." (LISA 2007)]

* [https://homeostasis.scs.carleton.ca/~soma/pubs/obada-usec2017.pdf Obada-Obieh, "“Don’t Break My Heart!”: User Security Strategies for Online Dating." (USEC 2017)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/obada-nspw2017.pdf Obada-Obieh, "Can I believe you?: Establishing Trust in Computer Mediated Introductions." (NSPW 2017)]

===[[EvoSec 2025W Lecture 16|March 11, 2025]]===

===[[EvoSec 2025W Lecture 17|March 13, 2025]]===

===[[EvoSec 2025W Lecture 18|March 18, 2025]]===

===[[EvoSec 2025W Lecture 19|March 20, 2025]]===

===[[EvoSec 2025W Lecture 20|March 25, 2025]]===

===[[EvoSec 2025W Lecture 21|March 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/burgess-nspw2018.pdf Burgess, "After the BlockCloud Apocalypse." (NSPW 2018)]

===[[EvoSec 2025W Lecture 22|April 1, 2025]]===

Presentations, Day 1

===[[EvoSec 2025W Lecture 23|April 3, 2025]]===

Presentations, Day 2

===[[EvoSec 2025W Lecture 24|April 8, 2025]]===

Presentations, Day 3

Evolutionary Security: Winter 2025

2025-03-01T19:12:12Z

Soma: /* Class Schedule (Readings & Notes) */

==Course Outline==

[[EvoSec 2025W: Course Outline|Course outline for Evolutionary Security]].

==Literature Review==

To help you write a literature review or the background of a research paper, read the following:
* Harvey, "What Is a Literature Review?" [https://www.cs.cmu.edu/~missy/WritingaLiteratureReview.doc (DOC)] [https://www.cs.cmu.edu/~missy/Writing_a_Literature_Review.ppt (PPT)]
* [https://www.writing.utoronto.ca/advice/specific-types-of-writing/literature-review Taylor, "The Literature Review: A Few Tips On Conducting It"]

==Class Schedule (Readings & Notes)==

===[[EvoSec 2025W Lecture 1|January 7, 2025]]===

Introduction

===[[EvoSec 2025W Lecture 2|January 9, 2025]]===

Introduction to Trust

===[[EvoSec 2025W Lecture 3|January 14, 2025]]===

Computational Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/marsh1994-formalising-trust.pdf Marsh, "Formalising Trust as a Computational Concept."] (Chapters 1 & 3)

===[[EvoSec 2025W Lecture 4|January 16, 2025]]===

Biological Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/bateson1998-trust.pdf Bateson, "The Biological Evolution of Cooperation and Trust."] (1988)
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/michod2001-multicellularity.pdf Michod & Roze, "Cooperation and conflict in the evolution of multicellularity."] (2001)

===[[EvoSec 2025W Lecture 5|January 21, 2025]]===

OceanStore & BOINC
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/oceanstore-sigplan.pdf John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/fast2003-pond.pdf Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/anderson-boinc.pdf Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)]

===[[EvoSec 2025W Lecture 6|January 23, 2025]]===

Chubby & GFS
* [https://www.usenix.org/legacy/events/osdi06/tech/burrows.html Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)]
* [https://research.google.com/archive/gfs-sosp2003.pdf Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)]

===[[EvoSec 2025W Lecture 7|January 28, 2025]]===

Symbiosis
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/margulis1971-sciam.pdf Margulis, Symbiosis and Evolution (Scientific American 1971)]

===[[EvoSec 2025W Lecture 8|January 30, 2025]]===

Tierra
* Tom Ray, Tierra (1992): [https://homeostasis.scs.carleton.ca/~soma/adapsec/readings/tierra-92-08-042.pdf Pixelated but with Figures], [https://homeostasis.scs.carleton.ca/~soma/biosec/readings/tierra.pdf Clearer Text]

===[[EvoSec 2025W Lecture 9|February 4, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/neti-hotsec2012.pdf Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-asia2024.pdf Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)]

====Discussion Questions====
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

===[[EvoSec 2025W Lecture 10|February 6, 2025]]===

====Readings====
* [https://people.scs.carleton.ca/~soma/biosec/readings/forrest-diverse.pdf Forrest, "Building Diverse Computer Systems." (HotOS 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-nspw2024.pdf Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)]

====Discussion Questions====
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

===[[EvoSec 2025W Lecture 11|February 11, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-ieeesp96.pdf Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-acsac2008.pdf Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)]

===February 13, 2025===

Project elevator pitches (presentations in class)

===[[EvoSec 2025W Lecture 12|February 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

===[[EvoSec 2025W Lecture 13|February 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

===[[EvoSec 2025W Lecture 14|March 4, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)]

'''Early Literature Review due'''

===[[EvoSec 2025W Lecture 15|March 6, 2025]]===

UPDATES IN PROGRESS

* [https://homeostasis.scs.carleton.ca/~soma/pubs/yli-acsac-05.pdf Li, "Securing Email Archives through User Modeling." (ACSAC 2005)]

* [https://homeostasis.scs.carleton.ca/~soma/pubs/amatrawy-acns-05.pdf Matrawy, "Mitigating Network Denial-of-Service Through Diversity-Based Traffic Management." (ACNS 2005)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/inoue-lisa2007.pdf Inoue, "NetADHICT: A Tool for Understanding Network Traffic." (LISA 2007)]

===[[EvoSec 2025W Lecture 16|March 11, 2025]]===

===[[EvoSec 2025W Lecture 17|March 13, 2025]]===

===[[EvoSec 2025W Lecture 18|March 18, 2025]]===

===[[EvoSec 2025W Lecture 19|March 20, 2025]]===

===[[EvoSec 2025W Lecture 20|March 25, 2025]]===

===[[EvoSec 2025W Lecture 21|March 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/burgess-nspw2018.pdf Burgess, "After the BlockCloud Apocalypse." (NSPW 2018)]

===[[EvoSec 2025W Lecture 22|April 1, 2025]]===

Presentations, Day 1

===[[EvoSec 2025W Lecture 23|April 3, 2025]]===

Presentations, Day 2

===[[EvoSec 2025W Lecture 24|April 8, 2025]]===

Presentations, Day 3

Evolutionary Security: Winter 2025

2025-03-01T19:11:31Z

Soma: /* Class Schedule (Readings & Notes) */

==Course Outline==

[[EvoSec 2025W: Course Outline|Course outline for Evolutionary Security]].

==Literature Review==

To help you write a literature review or the background of a research paper, read the following:
* Harvey, "What Is a Literature Review?" [https://www.cs.cmu.edu/~missy/WritingaLiteratureReview.doc (DOC)] [https://www.cs.cmu.edu/~missy/Writing_a_Literature_Review.ppt (PPT)]
* [https://www.writing.utoronto.ca/advice/specific-types-of-writing/literature-review Taylor, "The Literature Review: A Few Tips On Conducting It"]

==Class Schedule (Readings & Notes)==

===[[EvoSec 2025W Lecture 1|January 7, 2025]]===

Introduction

===[[EvoSec 2025W Lecture 2|January 9, 2025]]===

Introduction to Trust

===[[EvoSec 2025W Lecture 3|January 14, 2025]]===

Computational Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/marsh1994-formalising-trust.pdf Marsh, "Formalising Trust as a Computational Concept."] (Chapters 1 & 3)

===[[EvoSec 2025W Lecture 4|January 16, 2025]]===

Biological Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/bateson1998-trust.pdf Bateson, "The Biological Evolution of Cooperation and Trust."] (1988)
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/michod2001-multicellularity.pdf Michod & Roze, "Cooperation and conflict in the evolution of multicellularity."] (2001)

===[[EvoSec 2025W Lecture 5|January 21, 2025]]===

OceanStore & BOINC
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/oceanstore-sigplan.pdf John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/fast2003-pond.pdf Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/anderson-boinc.pdf Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)]

===[[EvoSec 2025W Lecture 6|January 23, 2025]]===

Chubby & GFS
* [https://www.usenix.org/legacy/events/osdi06/tech/burrows.html Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)]
* [https://research.google.com/archive/gfs-sosp2003.pdf Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)]

===[[EvoSec 2025W Lecture 7|January 28, 2025]]===

Symbiosis
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/margulis1971-sciam.pdf Margulis, Symbiosis and Evolution (Scientific American 1971)]

===[[EvoSec 2025W Lecture 8|January 30, 2025]]===

Tierra
* Tom Ray, Tierra (1992): [https://homeostasis.scs.carleton.ca/~soma/adapsec/readings/tierra-92-08-042.pdf Pixelated but with Figures], [https://homeostasis.scs.carleton.ca/~soma/biosec/readings/tierra.pdf Clearer Text]

===[[EvoSec 2025W Lecture 9|February 4, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/neti-hotsec2012.pdf Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-asia2024.pdf Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)]

====Discussion Questions====
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

===[[EvoSec 2025W Lecture 10|February 6, 2025]]===

====Readings====
* [https://people.scs.carleton.ca/~soma/biosec/readings/forrest-diverse.pdf Forrest, "Building Diverse Computer Systems." (HotOS 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-nspw2024.pdf Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)]

====Discussion Questions====
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

===[[EvoSec 2025W Lecture 11|February 11, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-ieeesp96.pdf Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-acsac2008.pdf Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)]

===February 13, 2025===

Project elevator pitches (presentations in class)

===[[EvoSec 2025W Lecture 12|February 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

===[[EvoSec 2025W Lecture 13|February 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

===[[EvoSec 2025W Lecture 14|March 4, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)]

'''Early Literature Review due'''

===[[EvoSec 2025W Lecture 15|March 6, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/yli-acsac-05.pdf Li, "Securing Email Archives through User Modeling." (ACSAC 2005)]

* [https://homeostasis.scs.carleton.ca/~soma/pubs/amatrawy-acns-05.pdf Matrawy, "Mitigating Network Denial-of-Service Through Diversity-Based Traffic Management." (ACNS 2005)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/inoue-lisa2007.pdf Inoue, "NetADHICT: A Tool for Understanding Network Traffic." (LISA 2007)]

===[[EvoSec 2025W Lecture 16|March 11, 2025]]===

===[[EvoSec 2025W Lecture 17|March 13, 2025]]===

===[[EvoSec 2025W Lecture 18|March 18, 2025]]===

===[[EvoSec 2025W Lecture 19|March 20, 2025]]===

===[[EvoSec 2025W Lecture 20|March 25, 2025]]===

===[[EvoSec 2025W Lecture 21|March 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/burgess-nspw2018.pdf Burgess, "After the BlockCloud Apocalypse." (NSPW 2018)]

===[[EvoSec 2025W Lecture 22|April 1, 2025]]===

Presentations, Day 1

===[[EvoSec 2025W Lecture 23|April 3, 2025]]===

Presentations, Day 2

===[[EvoSec 2025W Lecture 24|April 8, 2025]]===

Presentations, Day 3

EvoSec 2025W Lecture 13

2025-02-27T21:56:58Z

Soma: /* Notes */

==Readings==

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

==Discussion Questions==

* What is the relationship between trust in medical interventions and clinical trials versus lab experiments?
* What is the relationship between trust in security interventions and lab experiments currently?
* For a security trial to be valid, would the product being tested be allowed to have any updates? Or, would the updates themselves be part of the trial?
* Why do we trust that security technologies actually improve end user or organizational security? Is that trust earned or deserved?

==Notes==

<pre>
Lecture 13
----------

- early lit reviews due on Monday night
- you can have extra time if you talk to me first!
- I expect this to be a draft that will be revised, so I'm looking for honest effort not perfection (progress towards the final project)

G1
--
- first two questions were not too clear to us
- labs are lower trust environments
- clinical trials are higher trust in aggregate
- also more organic, more complex
- updates should not be allowed during the trial, reduces how controlled the experiment is, more confounding variables
- updates => evaluating people behind product rather than just the product
- can you separate company from the product?
- past experience with organization may increase trust separate from actual
product performance

G2
--
- clinical trials have much higher level of trust, you're doing experiments on humans vs cells or animals
- updates could be part of a trial but you'd have to restart the trial
- computer part of computer security system is more predictable than biological systems
- trust should be earned but isn't in practice

G3
--
- trials account for population variability beyond what can be done in a lab
- relying too much on standard methods can get outdated, making sure tests adapt to the changing real world
- could have a subscription module so one group could get updates while the other didn't
- people assume security, that things work, because alternative would be too hard

G4
--
- maybe updates should be part of the trial, as ability to adapt to new threats is part of what we want to evaluate
- which product is most likely to stay up to date with current threats after the trial? the one that was getting consistent updates
- products out on the market showed that they work in the past, but new ones are more risky, trust needs to be earned
- defective product costs more to run, so experience can help indicate trustworthiness of a security product
</pre>

EvoSec 2025W Lecture 13

2025-02-27T15:28:32Z

Soma: Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)] ==Discussion Questions== * What is the relationship between trust in medical interventions and clinical trials versus lab experiments? * What is the relationship between trust in security interventions and lab experiments currently? * For a security trial to be valid, would the product being tested be allowed..."

EvoSec 2025W Lecture 12

2025-02-25T18:06:19Z

Soma: /* Class Notes */

==Readings==

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

==Discussion Questions==

While these are questions to consider, '''please focus your discussion on what your group finds interesting related to the paper'''.

* How do modern security technologies like [https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS CORS], [https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP CSP], and [https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy CORP] impact the problems identified in this paper?
* How does the rise of large platforms impact content-provider conflict?
* Did this paper change how you thought about the web?

==Class Notes==

<pre>
Lecture 12
----------

Plan for the rest of the semester is to read (some) my old papers
- lots to think about trust

Remember that you can and should critique these papers!

G1
- confining JS goes against economic model of the web, maybe?
- discussed what happened with Honey
- rethinking the web as a "wild west"

G2
- new tech defends against injection
- increasing demands for ads, so increasing need for security
- large platforms must enforce this security
- browser extensions, particularly ad block, why do we trust them more than the ad itself?

G3
- new tech prevents injection but not content-provider conflict, issues is JS environment
- large providers increase risks of conflict
- increased awareness of security issues with ads

G4
- what do we do when legit businesses go bad?
- centralization out-competed regular malware, you're already being spied on!
- can't stop people being taken advantage of through tech
- risk/reward impacts willingness for bad actors to be bad

Terri later did ViSP, SOMA, and SSS (security style sheets)

The real security issue in content-provider conflict is the DOM, not JS per se.

The security solutions that get implemented on the web are the ones that serve the major platforms
- not regular users

page-level isolation mechanisms inhibit ad monitoring and ad security
- avoiding click fraud
</pre>

EvoSec 2025W Lecture 12

2025-02-25T15:29:57Z

Soma: /* Discussion Questions */

EvoSec 2025W Lecture 12

2025-02-25T15:29:43Z

Soma: Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)] ==Discussion Questions== While these are questions to consider, please focus your discussion on what your group finds interesting related to the paper. * How do modern security technologies like [https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS CORS], [https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP CSP], and [htt..."

EvoSec 2025W Lecture 11

2025-02-25T15:20:27Z

Soma:

==Discussion Questions==
* What is "sequence-based system call monitoring"?
* How did system-call monitoring "evolve"? Specifically, to what extent did its "fitness" improve?

==Notes==

<pre>
Lecture 11
----------

For Thursday
- I'll set up an assignment for submitting PDFs for slides
(1-3 slides at most), this is optional
- whatever you present is not binding, you can change it!
- this is a participation grade, so it is a grade for effort

Questions
- where is tech like that described in today's papers being used?
- how close is it?
- how about, trying to detect attackers when we don't know exactly how they will attack
- so, catching novel attacks as well as regular ones

Candidates
- anomaly-based network monitoring
- not common
- spam detection
- but you have examples of spam and ham (regular msgs)
- and still doesn't work great against novel spam
- ML applied to malware detection
- but that isn't real time and is mostly focused on classifying samples

There isn't much!

Note that this work is not obscure
- the "evolution of system call monitoring" was an invited paper
- sense of self received a "test of time" award at IEEE SSP

All of you: WHY?

- too many false positives
- takes too long to create "normal" databases?
- mimicry attacks are too easy?
- normal can change
- cost
- graduated responses are not useful in fast computers
- logistical difficulty in replacing current systems
- lacks scalability
- not enough work done to make it commercially viable
- not adaptable/robust enough to justify changes
- industry cannot sell it
- too many false positives, waste of employee time
- lacks adaptability, unable to adapt to changes over time
- frequency of re-training or learning
- experimental environment is complex, situation different for different OSs
- local, system specific means it cannot scale/extend to other systems

None of the above is true
- the basic tech works, and plenty of scope for improvement!

But what did the evolution paper say?
- different methods for monitoring system calls
- but they are all much slower, and almost no gain in accuracy
- applied to other systems
- but barely followed up on
- bit of work on use in real time, automated response
- but that's basically my work

HUGE amounts of follow-up work, almost no progress

Do you disagree?

I changed much of my focus to theory because I couldn't understand what was happening

What would you like to learn more about?

- other systems I've built
- limitations of past systems I've built
- more alife, evolutionary systems
- game theory in security
- anomaly detection evasion techniques (mimicry attacks)
- how to apply these ideas to crytography?
- more bio-inspired systems
- practical implementations of adaptive security, why aren't we doing this?
- system call monitoring using arguments
- defense mechanisms to address evolving threats
- human interactions with autonomous security systems
- programming language vuln detection
- specific attack mechanisms to be addressed
- new immune system security research
- evolution of cloud security systems - diversity, selection?
</pre>

Evolutionary Security: Winter 2025

2025-02-25T15:20:03Z

Soma: /* February 11, 2025 */

==Course Outline==

[[EvoSec 2025W: Course Outline|Course outline for Evolutionary Security]].

==Literature Review==

To help you write a literature review or the background of a research paper, read the following:
* Harvey, "What Is a Literature Review?" [https://www.cs.cmu.edu/~missy/WritingaLiteratureReview.doc (DOC)] [https://www.cs.cmu.edu/~missy/Writing_a_Literature_Review.ppt (PPT)]
* [https://www.writing.utoronto.ca/advice/specific-types-of-writing/literature-review Taylor, "The Literature Review: A Few Tips On Conducting It"]

==Class Schedule (Readings & Notes)==

===[[EvoSec 2025W Lecture 1|January 7, 2025]]===

Introduction

===[[EvoSec 2025W Lecture 2|January 9, 2025]]===

Introduction to Trust

===[[EvoSec 2025W Lecture 3|January 14, 2025]]===

Computational Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/marsh1994-formalising-trust.pdf Marsh, "Formalising Trust as a Computational Concept."] (Chapters 1 & 3)

===[[EvoSec 2025W Lecture 4|January 16, 2025]]===

Biological Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/bateson1998-trust.pdf Bateson, "The Biological Evolution of Cooperation and Trust."] (1988)
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/michod2001-multicellularity.pdf Michod & Roze, "Cooperation and conflict in the evolution of multicellularity."] (2001)

===[[EvoSec 2025W Lecture 5|January 21, 2025]]===

OceanStore & BOINC
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/oceanstore-sigplan.pdf John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/fast2003-pond.pdf Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/anderson-boinc.pdf Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)]

===[[EvoSec 2025W Lecture 6|January 23, 2025]]===

Chubby & GFS
* [https://www.usenix.org/legacy/events/osdi06/tech/burrows.html Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)]
* [https://research.google.com/archive/gfs-sosp2003.pdf Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)]

===[[EvoSec 2025W Lecture 7|January 28, 2025]]===

Symbiosis
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/margulis1971-sciam.pdf Margulis, Symbiosis and Evolution (Scientific American 1971)]

===[[EvoSec 2025W Lecture 8|January 30, 2025]]===

Tierra
* Tom Ray, Tierra (1992): [https://homeostasis.scs.carleton.ca/~soma/adapsec/readings/tierra-92-08-042.pdf Pixelated but with Figures], [https://homeostasis.scs.carleton.ca/~soma/biosec/readings/tierra.pdf Clearer Text]

===[[EvoSec 2025W Lecture 9|February 4, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/neti-hotsec2012.pdf Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-asia2024.pdf Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)]

====Discussion Questions====
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

===[[EvoSec 2025W Lecture 10|February 6, 2025]]===

====Readings====
* [https://people.scs.carleton.ca/~soma/biosec/readings/forrest-diverse.pdf Forrest, "Building Diverse Computer Systems." (HotOS 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-nspw2024.pdf Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)]

====Discussion Questions====
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

===[[EvoSec 2025W Lecture 11|February 11, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-ieeesp96.pdf Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-acsac2008.pdf Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)]

===February 13, 2025===

Project elevator pitches (presentations in class)

===[[EvoSec 2025W Lecture 12|February 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

===[[EvoSec 2025W Lecture 13|February 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

===[[EvoSec 2025W Lecture 14|March 4, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)]

'''Early Literature Review due'''

===[[EvoSec 2025W Lecture 15|March 6, 2025]]===

===[[EvoSec 2025W Lecture 16|March 11, 2025]]===

===[[EvoSec 2025W Lecture 17|March 13, 2025]]===

===[[EvoSec 2025W Lecture 18|March 18, 2025]]===

===[[EvoSec 2025W Lecture 19|March 20, 2025]]===

===[[EvoSec 2025W Lecture 20|March 25, 2025]]===

===[[EvoSec 2025W Lecture 21|March 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/burgess-nspw2018.pdf Burgess, "After the BlockCloud Apocalypse." (NSPW 2018)]

===[[EvoSec 2025W Lecture 22|April 1, 2025]]===

Presentations, Day 1

===[[EvoSec 2025W Lecture 23|April 3, 2025]]===

Presentations, Day 2

===[[EvoSec 2025W Lecture 24|April 8, 2025]]===

Presentations, Day 3

Evolutionary Security: Winter 2025

2025-02-23T03:51:40Z

Soma: /* March 27, 2025 */

==Course Outline==

[[EvoSec 2025W: Course Outline|Course outline for Evolutionary Security]].

==Literature Review==

To help you write a literature review or the background of a research paper, read the following:
* Harvey, "What Is a Literature Review?" [https://www.cs.cmu.edu/~missy/WritingaLiteratureReview.doc (DOC)] [https://www.cs.cmu.edu/~missy/Writing_a_Literature_Review.ppt (PPT)]
* [https://www.writing.utoronto.ca/advice/specific-types-of-writing/literature-review Taylor, "The Literature Review: A Few Tips On Conducting It"]

==Class Schedule (Readings & Notes)==

===[[EvoSec 2025W Lecture 1|January 7, 2025]]===

Introduction

===[[EvoSec 2025W Lecture 2|January 9, 2025]]===

Introduction to Trust

===[[EvoSec 2025W Lecture 3|January 14, 2025]]===

Computational Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/marsh1994-formalising-trust.pdf Marsh, "Formalising Trust as a Computational Concept."] (Chapters 1 & 3)

===[[EvoSec 2025W Lecture 4|January 16, 2025]]===

Biological Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/bateson1998-trust.pdf Bateson, "The Biological Evolution of Cooperation and Trust."] (1988)
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/michod2001-multicellularity.pdf Michod & Roze, "Cooperation and conflict in the evolution of multicellularity."] (2001)

===[[EvoSec 2025W Lecture 5|January 21, 2025]]===

OceanStore & BOINC
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/oceanstore-sigplan.pdf John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/fast2003-pond.pdf Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/anderson-boinc.pdf Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)]

===[[EvoSec 2025W Lecture 6|January 23, 2025]]===

Chubby & GFS
* [https://www.usenix.org/legacy/events/osdi06/tech/burrows.html Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)]
* [https://research.google.com/archive/gfs-sosp2003.pdf Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)]

===[[EvoSec 2025W Lecture 7|January 28, 2025]]===

Symbiosis
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/margulis1971-sciam.pdf Margulis, Symbiosis and Evolution (Scientific American 1971)]

===[[EvoSec 2025W Lecture 8|January 30, 2025]]===

Tierra
* Tom Ray, Tierra (1992): [https://homeostasis.scs.carleton.ca/~soma/adapsec/readings/tierra-92-08-042.pdf Pixelated but with Figures], [https://homeostasis.scs.carleton.ca/~soma/biosec/readings/tierra.pdf Clearer Text]

===[[EvoSec 2025W Lecture 9|February 4, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/neti-hotsec2012.pdf Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-asia2024.pdf Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)]

====Discussion Questions====
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

===[[EvoSec 2025W Lecture 10|February 6, 2025]]===

====Readings====
* [https://people.scs.carleton.ca/~soma/biosec/readings/forrest-diverse.pdf Forrest, "Building Diverse Computer Systems." (HotOS 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-nspw2024.pdf Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)]

====Discussion Questions====
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

===[[EvoSec 2025W Lecture 11|February 11, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-ieeesp96.pdf Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-acsac2008.pdf Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)]

====Discussion Questions====
* What is "sequence-based system call monitoring"?
* How did system-call monitoring "evolve"? Specifically, to what extent did its "fitness" improve?

===February 13, 2025===

Project elevator pitches (presentations in class)

===[[EvoSec 2025W Lecture 12|February 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

===[[EvoSec 2025W Lecture 13|February 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

===[[EvoSec 2025W Lecture 14|March 4, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)]

'''Early Literature Review due'''

===[[EvoSec 2025W Lecture 15|March 6, 2025]]===

===[[EvoSec 2025W Lecture 16|March 11, 2025]]===

===[[EvoSec 2025W Lecture 17|March 13, 2025]]===

===[[EvoSec 2025W Lecture 18|March 18, 2025]]===

===[[EvoSec 2025W Lecture 19|March 20, 2025]]===

===[[EvoSec 2025W Lecture 20|March 25, 2025]]===

===[[EvoSec 2025W Lecture 21|March 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/burgess-nspw2018.pdf Burgess, "After the BlockCloud Apocalypse." (NSPW 2018)]

===[[EvoSec 2025W Lecture 22|April 1, 2025]]===

Presentations, Day 1

===[[EvoSec 2025W Lecture 23|April 3, 2025]]===

Presentations, Day 2

===[[EvoSec 2025W Lecture 24|April 8, 2025]]===

Presentations, Day 3

Evolutionary Security: Winter 2025

2025-02-23T03:37:31Z

Soma: /* March 4, 2025 */

==Course Outline==

[[EvoSec 2025W: Course Outline|Course outline for Evolutionary Security]].

==Literature Review==

To help you write a literature review or the background of a research paper, read the following:
* Harvey, "What Is a Literature Review?" [https://www.cs.cmu.edu/~missy/WritingaLiteratureReview.doc (DOC)] [https://www.cs.cmu.edu/~missy/Writing_a_Literature_Review.ppt (PPT)]
* [https://www.writing.utoronto.ca/advice/specific-types-of-writing/literature-review Taylor, "The Literature Review: A Few Tips On Conducting It"]

==Class Schedule (Readings & Notes)==

===[[EvoSec 2025W Lecture 1|January 7, 2025]]===

Introduction

===[[EvoSec 2025W Lecture 2|January 9, 2025]]===

Introduction to Trust

===[[EvoSec 2025W Lecture 3|January 14, 2025]]===

Computational Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/marsh1994-formalising-trust.pdf Marsh, "Formalising Trust as a Computational Concept."] (Chapters 1 & 3)

===[[EvoSec 2025W Lecture 4|January 16, 2025]]===

Biological Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/bateson1998-trust.pdf Bateson, "The Biological Evolution of Cooperation and Trust."] (1988)
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/michod2001-multicellularity.pdf Michod & Roze, "Cooperation and conflict in the evolution of multicellularity."] (2001)

===[[EvoSec 2025W Lecture 5|January 21, 2025]]===

OceanStore & BOINC
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/oceanstore-sigplan.pdf John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/fast2003-pond.pdf Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/anderson-boinc.pdf Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)]

===[[EvoSec 2025W Lecture 6|January 23, 2025]]===

Chubby & GFS
* [https://www.usenix.org/legacy/events/osdi06/tech/burrows.html Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)]
* [https://research.google.com/archive/gfs-sosp2003.pdf Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)]

===[[EvoSec 2025W Lecture 7|January 28, 2025]]===

Symbiosis
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/margulis1971-sciam.pdf Margulis, Symbiosis and Evolution (Scientific American 1971)]

===[[EvoSec 2025W Lecture 8|January 30, 2025]]===

Tierra
* Tom Ray, Tierra (1992): [https://homeostasis.scs.carleton.ca/~soma/adapsec/readings/tierra-92-08-042.pdf Pixelated but with Figures], [https://homeostasis.scs.carleton.ca/~soma/biosec/readings/tierra.pdf Clearer Text]

===[[EvoSec 2025W Lecture 9|February 4, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/neti-hotsec2012.pdf Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-asia2024.pdf Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)]

====Discussion Questions====
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

===[[EvoSec 2025W Lecture 10|February 6, 2025]]===

====Readings====
* [https://people.scs.carleton.ca/~soma/biosec/readings/forrest-diverse.pdf Forrest, "Building Diverse Computer Systems." (HotOS 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-nspw2024.pdf Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)]

====Discussion Questions====
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

===[[EvoSec 2025W Lecture 11|February 11, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-ieeesp96.pdf Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-acsac2008.pdf Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)]

====Discussion Questions====
* What is "sequence-based system call monitoring"?
* How did system-call monitoring "evolve"? Specifically, to what extent did its "fitness" improve?

===February 13, 2025===

Project elevator pitches (presentations in class)

===[[EvoSec 2025W Lecture 12|February 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

===[[EvoSec 2025W Lecture 13|February 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

===[[EvoSec 2025W Lecture 14|March 4, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)]

'''Early Literature Review due'''

===[[EvoSec 2025W Lecture 15|March 6, 2025]]===

===[[EvoSec 2025W Lecture 16|March 11, 2025]]===

===[[EvoSec 2025W Lecture 17|March 13, 2025]]===

===[[EvoSec 2025W Lecture 18|March 18, 2025]]===

===[[EvoSec 2025W Lecture 19|March 20, 2025]]===

===[[EvoSec 2025W Lecture 20|March 25, 2025]]===

===[[EvoSec 2025W Lecture 21|March 27, 2025]]===

===[[EvoSec 2025W Lecture 22|April 1, 2025]]===

Presentations, Day 1

===[[EvoSec 2025W Lecture 23|April 3, 2025]]===

Presentations, Day 2

===[[EvoSec 2025W Lecture 24|April 8, 2025]]===

Presentations, Day 3

Evolutionary Security: Winter 2025

2025-02-23T03:26:11Z

Soma: /* March 4, 2025 */

==Course Outline==

[[EvoSec 2025W: Course Outline|Course outline for Evolutionary Security]].

==Literature Review==

To help you write a literature review or the background of a research paper, read the following:
* Harvey, "What Is a Literature Review?" [https://www.cs.cmu.edu/~missy/WritingaLiteratureReview.doc (DOC)] [https://www.cs.cmu.edu/~missy/Writing_a_Literature_Review.ppt (PPT)]
* [https://www.writing.utoronto.ca/advice/specific-types-of-writing/literature-review Taylor, "The Literature Review: A Few Tips On Conducting It"]

==Class Schedule (Readings & Notes)==

===[[EvoSec 2025W Lecture 1|January 7, 2025]]===

Introduction

===[[EvoSec 2025W Lecture 2|January 9, 2025]]===

Introduction to Trust

===[[EvoSec 2025W Lecture 3|January 14, 2025]]===

Computational Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/marsh1994-formalising-trust.pdf Marsh, "Formalising Trust as a Computational Concept."] (Chapters 1 & 3)

===[[EvoSec 2025W Lecture 4|January 16, 2025]]===

Biological Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/bateson1998-trust.pdf Bateson, "The Biological Evolution of Cooperation and Trust."] (1988)
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/michod2001-multicellularity.pdf Michod & Roze, "Cooperation and conflict in the evolution of multicellularity."] (2001)

===[[EvoSec 2025W Lecture 5|January 21, 2025]]===

OceanStore & BOINC
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/oceanstore-sigplan.pdf John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/fast2003-pond.pdf Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/anderson-boinc.pdf Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)]

===[[EvoSec 2025W Lecture 6|January 23, 2025]]===

Chubby & GFS
* [https://www.usenix.org/legacy/events/osdi06/tech/burrows.html Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)]
* [https://research.google.com/archive/gfs-sosp2003.pdf Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)]

===[[EvoSec 2025W Lecture 7|January 28, 2025]]===

Symbiosis
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/margulis1971-sciam.pdf Margulis, Symbiosis and Evolution (Scientific American 1971)]

===[[EvoSec 2025W Lecture 8|January 30, 2025]]===

Tierra
* Tom Ray, Tierra (1992): [https://homeostasis.scs.carleton.ca/~soma/adapsec/readings/tierra-92-08-042.pdf Pixelated but with Figures], [https://homeostasis.scs.carleton.ca/~soma/biosec/readings/tierra.pdf Clearer Text]

===[[EvoSec 2025W Lecture 9|February 4, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/neti-hotsec2012.pdf Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-asia2024.pdf Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)]

====Discussion Questions====
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

===[[EvoSec 2025W Lecture 10|February 6, 2025]]===

====Readings====
* [https://people.scs.carleton.ca/~soma/biosec/readings/forrest-diverse.pdf Forrest, "Building Diverse Computer Systems." (HotOS 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-nspw2024.pdf Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)]

====Discussion Questions====
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

===[[EvoSec 2025W Lecture 11|February 11, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-ieeesp96.pdf Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-acsac2008.pdf Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)]

====Discussion Questions====
* What is "sequence-based system call monitoring"?
* How did system-call monitoring "evolve"? Specifically, to what extent did its "fitness" improve?

===February 13, 2025===

Project elevator pitches (presentations in class)

===[[EvoSec 2025W Lecture 12|February 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

===[[EvoSec 2025W Lecture 13|February 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

===[[EvoSec 2025W Lecture 14|March 4, 2025]]===

Early Literature Review due

===[[EvoSec 2025W Lecture 15|March 6, 2025]]===

===[[EvoSec 2025W Lecture 16|March 11, 2025]]===

===[[EvoSec 2025W Lecture 17|March 13, 2025]]===

===[[EvoSec 2025W Lecture 18|March 18, 2025]]===

===[[EvoSec 2025W Lecture 19|March 20, 2025]]===

===[[EvoSec 2025W Lecture 20|March 25, 2025]]===

===[[EvoSec 2025W Lecture 21|March 27, 2025]]===

===[[EvoSec 2025W Lecture 22|April 1, 2025]]===

Presentations, Day 1

===[[EvoSec 2025W Lecture 23|April 3, 2025]]===

Presentations, Day 2

===[[EvoSec 2025W Lecture 24|April 8, 2025]]===

Presentations, Day 3

Evolutionary Security: Winter 2025

2025-02-23T03:14:14Z

Soma: /* Class Schedule (Readings & Notes) */

==Course Outline==

[[EvoSec 2025W: Course Outline|Course outline for Evolutionary Security]].

==Literature Review==

To help you write a literature review or the background of a research paper, read the following:
* Harvey, "What Is a Literature Review?" [https://www.cs.cmu.edu/~missy/WritingaLiteratureReview.doc (DOC)] [https://www.cs.cmu.edu/~missy/Writing_a_Literature_Review.ppt (PPT)]
* [https://www.writing.utoronto.ca/advice/specific-types-of-writing/literature-review Taylor, "The Literature Review: A Few Tips On Conducting It"]

==Class Schedule (Readings & Notes)==

===[[EvoSec 2025W Lecture 1|January 7, 2025]]===

Introduction

===[[EvoSec 2025W Lecture 2|January 9, 2025]]===

Introduction to Trust

===[[EvoSec 2025W Lecture 3|January 14, 2025]]===

Computational Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/marsh1994-formalising-trust.pdf Marsh, "Formalising Trust as a Computational Concept."] (Chapters 1 & 3)

===[[EvoSec 2025W Lecture 4|January 16, 2025]]===

Biological Trust
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/bateson1998-trust.pdf Bateson, "The Biological Evolution of Cooperation and Trust."] (1988)
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/michod2001-multicellularity.pdf Michod & Roze, "Cooperation and conflict in the evolution of multicellularity."] (2001)

===[[EvoSec 2025W Lecture 5|January 21, 2025]]===

OceanStore & BOINC
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/oceanstore-sigplan.pdf John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/fast2003-pond.pdf Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)]
* [https://homeostasis.scs.carleton.ca/~soma/distos/fall2008/anderson-boinc.pdf Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)]

===[[EvoSec 2025W Lecture 6|January 23, 2025]]===

Chubby & GFS
* [https://www.usenix.org/legacy/events/osdi06/tech/burrows.html Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)]
* [https://research.google.com/archive/gfs-sosp2003.pdf Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)]

===[[EvoSec 2025W Lecture 7|January 28, 2025]]===

Symbiosis
* [https://homeostasis.scs.carleton.ca/~soma/evosec/readings/margulis1971-sciam.pdf Margulis, Symbiosis and Evolution (Scientific American 1971)]

===[[EvoSec 2025W Lecture 8|January 30, 2025]]===

Tierra
* Tom Ray, Tierra (1992): [https://homeostasis.scs.carleton.ca/~soma/adapsec/readings/tierra-92-08-042.pdf Pixelated but with Figures], [https://homeostasis.scs.carleton.ca/~soma/biosec/readings/tierra.pdf Clearer Text]

===[[EvoSec 2025W Lecture 9|February 4, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/neti-hotsec2012.pdf Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-asia2024.pdf Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)]

====Discussion Questions====
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

===[[EvoSec 2025W Lecture 10|February 6, 2025]]===

====Readings====
* [https://people.scs.carleton.ca/~soma/biosec/readings/forrest-diverse.pdf Forrest, "Building Diverse Computer Systems." (HotOS 1997)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/mansourzadeh-nspw2024.pdf Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)]

====Discussion Questions====
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

===[[EvoSec 2025W Lecture 11|February 11, 2025]]===

====Readings====
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-ieeesp96.pdf Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)]
* [https://homeostasis.scs.carleton.ca/~soma/pubs/forrest-acsac2008.pdf Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)]

====Discussion Questions====
* What is "sequence-based system call monitoring"?
* How did system-call monitoring "evolve"? Specifically, to what extent did its "fitness" improve?

===February 13, 2025===

Project elevator pitches (presentations in class)

===[[EvoSec 2025W Lecture 12|February 25, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/oda-asia-08.pdf Oda, "Content Provider Conflict on the Modern Web." (ASIA 2008)]

===[[EvoSec 2025W Lecture 13|February 27, 2025]]===

* [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-cset2009.pdf Somayaji, "Evaluating Security Products with Clinical Trials." (CSET 2009)]

===[[EvoSec 2025W Lecture 14|March 4, 2025]]===

===[[EvoSec 2025W Lecture 15|March 6, 2025]]===

===[[EvoSec 2025W Lecture 16|March 11, 2025]]===

===[[EvoSec 2025W Lecture 17|March 13, 2025]]===

===[[EvoSec 2025W Lecture 18|March 18, 2025]]===

===[[EvoSec 2025W Lecture 19|March 20, 2025]]===

===[[EvoSec 2025W Lecture 20|March 25, 2025]]===

===[[EvoSec 2025W Lecture 21|March 27, 2025]]===

===[[EvoSec 2025W Lecture 22|April 1, 2025]]===

Presentations, Day 1

===[[EvoSec 2025W Lecture 23|April 3, 2025]]===

Presentations, Day 2

===[[EvoSec 2025W Lecture 24|April 8, 2025]]===

Presentations, Day 3

Fundamentals of Web Applications (Fall 2024)

2025-02-17T20:01:35Z

Soma: /* Lectures and Exams */

==Course Outline==

[[Fundamentals of Web Applications: Fall 2024 Course Outline|Here]] is the course outline.

==Lectures and Exams==

<table style="width: 100%;" border="1" cellpadding="4" cellspacing="0">
<tr valign="top">
<th>
Date
</th>
<th>
Topic
</th>
</tr>
<tr>
<td>
Sept. 5

</td>
<td>
[[WebFund 2024F Lecture 1|Lecture 1]]

</td>
</tr>
<tr>
<td>
Sept. 10

</td>
<td>
[[WebFund 2024F Lecture 2|Lecture 2]]

</td>
</tr>
<tr>
<td>
Sept. 12

</td>
<td>
[[WebFund 2024F Lecture 3|Lecture 3]]

</td>
</tr>
<tr>
<td>
Sept. 17 (async)

</td>
<td>
[[WebFund 2024F Lecture 4|Lecture 4]]

</td>
</tr>
<tr>
<td>
Sept. 24

</td>
<td>
[[WebFund 2024F Lecture 5|Lecture 5]]

</td>
</tr>
<tr>
<td>
Sept. 26

</td>
<td>
[[WebFund 2024F Lecture 6|Lecture 6]]

</td>
</tr>
<tr>
<td>
Oct. 1

</td>
<td>
[[WebFund 2024F Lecture 7|Lecture 7]]

</td>
</tr>
<tr>
<td>
Oct. 3

</td>
<td>
[[WebFund 2024F Lecture 8|Lecture 8]]

</td>
</tr>
<tr>
<td>
Oct. 8

</td>
<td>
[[WebFund 2024F Lecture 9|Lecture 9]]

</td>
</tr>
<tr>
<td>
Oct. 10

</td>
<td>
[[WebFund 2024F Lecture 10|Lecture 10]]

</td>
</tr>
<tr>
<td>
Oct. 15

</td>
<td>
[[WebFund 2024F Lecture 11|Lecture 11]]

</td>
</tr>
<tr>
<td>
Oct. 17

</td>
<td>
[[WebFund 2024F Lecture 12|Lecture 12]]

</td>
</tr>
<tr>
<td>
Oct. 24, 11:35-12:55

</td>
<td>
[[WebFund 2024F Midterm QA|Midterm Q & A (opt.)]]

</td>
</tr>
<tr>
<td>
Oct. 29

</td>
<td>
Midterm Exam (in class, online) [https://homeostasis.scs.carleton.ca/~soma/webfund-2024f/solutions/comp2406-midterm-2024f-sol.pdf (solutions)]

</td>
</tr>
<tr>
<td>
Oct. 31

</td>
<td>
[[WebFund 2024F Lecture 13|Lecture 13]]

</td>
</tr>
<tr>
<td>
Nov. 5

</td>
<td>
[[WebFund 2024F Lecture 14|Lecture 14]]

</td>
</tr>
<tr>
<td>
Nov. 7

</td>
<td>
[[WebFund 2024F Lecture 15|Lecture 15]]

</td>
</tr>
<tr>
<td>
Nov. 12

</td>
<td>
[[WebFund 2024F Lecture 16|Lecture 16]]

</td>
</tr>
<tr>
<td>
Nov. 14

</td>
<td>
[[WebFund 2024F Lecture 17|Lecture 17]]

</td>
</tr>
<tr>
<td>
Nov. 19

</td>
<td>
[[WebFund 2024F Lecture 18|Lecture 18]]

</td>
</tr>
<tr>
<td>
Nov. 21

</td>
<td>
[[WebFund 2024F Lecture 19|Lecture 19]]

</td>
</tr>
<tr>
<td>
Nov. 26

</td>
<td>
[[WebFund 2024F Lecture 20|Lecture 20]]

</td>
</tr>
<tr>
<td>
Nov. 28

</td>
<td>
[[WebFund 2024F Lecture 21|Lecture 21]]

</td>
</tr>
<tr>
<td>
Dec. 3

</td>
<td>
[[WebFund 2024F Lecture 22|Lecture 22]]

</td>
</tr>
<tr>
<td>
Dec. 5

</td>
<td>
[[WebFund 2024F Lecture 23|Lecture 23]]

</td>
</tr>
<tr>
<td>
Dec 10, 11:35-12:55

</td>
<td>
[[WebFund 2024F Final Exam QA|Final Exam Q & A (opt.)]]

</td>
</tr>
<tr>
<td>
Dec. 12, 9 AM

</td>
<td>
Final Exam [https://homeostasis.scs.carleton.ca/~soma/webfund-2024f/solutions/comp2406-final-2024f-sol.pdf (solutions)]

</td>
</tr>
</table>

==Tutorials==

For each tutorial you will get a progress grade from 0-4, given to you by a TA. If you are being diligent, you should be able to get 4's every week. The easiest way to get your grade is to come to tutorial and meet with your TA; alternately, you can meet a TA in their office hours. You may discuss with your TA in person or online, but the conversation should at least involve a voice call.

<table style="width: 100%;" border="1" cellpadding="4" cellspacing="0">
<tr valign="top">
<th>
Release Date
</th>
<th>
Show By
<th>
Tutorials
</th>
</tr>
<tr>
<td>
Sept. 12

</td>
<td><del>Oct. 7</del> '''Oct. 9'''</td>
<td>
[[WebFund 2024F: Tutorial 1|Asynchronous Code in JavaScript]]

</td>
</tr>
<tr>
<td>
Sept. 19

</td>
<td><del>Oct. 7</del> '''Oct. 9'''</td>
<td>
[[WebFund 2024F: Tutorial 2|Simple web server]]

</td>
</tr>
<tr>
<td>
Sept. 26

</td>
<td>Oct. 17</td>
<td>
[[WebFund 2024F: Tutorial 3|Form Demo]]

</td>
</tr>
<tr>
<td>
Oct. 3

</td>
<td>Oct. 17</td>
<td>
[[WebFund 2024F: Tutorial 4|Database Demo]]

</td>
</tr>
<tr>
<td>
Oct. 10

</td>
<td>Nov. 13</td>
<td>
[[WebFund 2024F: Tutorial 5|DOM Demo]]

</td>
</tr>
<tr>
<td>
Oct. 31

</td>
<td>Nov. 13</td>
<td>
[[WebFund 2024F: Tutorial 6|Tutorial Validator]]

</td>
</tr>
<tr>
<td>
Nov. 7

</td>
<td>Nov. 15</td>
<td>
[[WebFund 2024F: Tutorial 7|Submission Demo]]

</td>
</tr>
<tr>
<tr>
<td>
Nov. 14

</td>
<td>Nov. 29</td>
<td>
[[WebFund 2024F: Tutorial 8|Authentication Demo]]

</td>
</tr>
<tr>
<td>
Nov. 22

</td>
<td>Dec. 6</td>
<td>
[[WebFund 2024F: Tutorial 9|Fresh Demo]]

</td>
</tr>
</table>

==Assignments==
<table style="width: 100%;" border="1" cellpadding="4" cellspacing="0">
<tr valign="top">
<th>
Due Date
</th>
<th>
Assignments
</th>
</tr>
<tr>
<td>
<del>Oct. 7</del> '''Oct. 9'''

</td>
<td>
[[WebFund 2024F: Assignment 1|Assignment 1]]

</td>
</tr>
<tr>
<td>
Oct. 16

</td>
<td>
[[WebFund 2024F: Assignment 2|Assignment 2]]

</td>
</tr>
<tr>
<td>
Nov. 20

</td>
<td>
[[WebFund 2024F: Assignment 3|Assignment 3]]

</td>
</tr>
<tr>
<td>
Dec. 4

</td>
<td>
[[WebFund 2024F: Assignment 4|Assignment 4]]

</td>
</tr>
</table>

==Resources==

===JavaScript===

* A good book is [http://eloquentjavascript.net/ Eloquent JavaScript: A Modern Introduction to Programming] by Marijn Haverbeke. A version of this book is available online for free, but you can also purchase a copy.
* A more in-depth book series is [https://github.com/getify/You-Dont-Know-JS?tab=readme-ov-file You Don't Know JS Yet].
* A standard reference for JavaScript is [http://shop.oreilly.com/product/9780596805531.do JavaScript: The Definitive Guide] by David Flanagan. It is a big book, but it is comprehensive. (You'll probably have to buy this one.)

EvoSec 2025W Lecture 11

2025-02-12T17:20:05Z

Soma:

<pre>
Lecture 11
----------

For Thursday
- I'll set up an assignment for submitting PDFs for slides
(1-3 slides at most), this is optional
- whatever you present is not binding, you can change it!
- this is a participation grade, so it is a grade for effort

Questions
- where is tech like that described in today's papers being used?
- how close is it?
- how about, trying to detect attackers when we don't know exactly how they will attack
- so, catching novel attacks as well as regular ones

Candidates
- anomaly-based network monitoring
- not common
- spam detection
- but you have examples of spam and ham (regular msgs)
- and still doesn't work great against novel spam
- ML applied to malware detection
- but that isn't real time and is mostly focused on classifying samples

There isn't much!

Note that this work is not obscure
- the "evolution of system call monitoring" was an invited paper
- sense of self received a "test of time" award at IEEE SSP

All of you: WHY?

- too many false positives
- takes too long to create "normal" databases?
- mimicry attacks are too easy?
- normal can change
- cost
- graduated responses are not useful in fast computers
- logistical difficulty in replacing current systems
- lacks scalability
- not enough work done to make it commercially viable
- not adaptable/robust enough to justify changes
- industry cannot sell it
- too many false positives, waste of employee time
- lacks adaptability, unable to adapt to changes over time
- frequency of re-training or learning
- experimental environment is complex, situation different for different OSs
- local, system specific means it cannot scale/extend to other systems

None of the above is true
- the basic tech works, and plenty of scope for improvement!

But what did the evolution paper say?
- different methods for monitoring system calls
- but they are all much slower, and almost no gain in accuracy
- applied to other systems
- but barely followed up on
- bit of work on use in real time, automated response
- but that's basically my work

HUGE amounts of follow-up work, almost no progress

Do you disagree?

I changed much of my focus to theory because I couldn't understand what was happening

What would you like to learn more about?

- other systems I've built
- limitations of past systems I've built
- more alife, evolutionary systems
- game theory in security
- anomaly detection evasion techniques (mimicry attacks)
- how to apply these ideas to crytography?
- more bio-inspired systems
- practical implementations of adaptive security, why aren't we doing this?
- system call monitoring using arguments
- defense mechanisms to address evolving threats
- human interactions with autonomous security systems
- programming language vuln detection
- specific attack mechanisms to be addressed
- new immune system security research
- evolution of cloud security systems - diversity, selection?
</pre>

EvoSec 2025W Lecture 10

2025-02-06T18:00:40Z

Soma:

==Discussion Questions==
* What security problems does the Forrest paper address? What problems does it not address?
* How plausible/realistic is the model in Mansourzadeh's paper?
* To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?

==Notes==

<pre>
Lecture 10
----------

- areas of interest are all graded
- please read feedback and follow up as necessary
- message on Teams, we can have a call if necessary

What is the basic approach to diversity taken by the Forrest paper?
- the program source code is a "spec" <-- how it SHOULD behave
- vary how it is translated into an executing program
(as source doesn't specify this precisely)

- memory layout, instruction set, function/system call names and more could vary

So with this approach, what is not diverse?
- the source code!

If the source code is always the same, what kinds of security vulnerabilities CANNOT be addressed with Forrest's approach?
- algorithmic weaknesses (e.g. cryptography)
- higher-level code injection attacks will still work (e.g., SQL injection)
- authentication bypass because of insufficient checks

In fact, most security vulnerabilites won't be impacted by changing how the code is translated

It can really only stop attacks based on machine code injection & timing attacks (MAYBE)

What is the difference between diversity and randomization?

randomization
- uniform selection from a set of possibilities
- always has to be limited as random programs don't do anything
- in practice, can only randomize what isn't functionaly important

diversity is always about functional diversity
- variations that make the system behave differently
- but can "fit" into its role

diversity is always relative, never absolute

To understand diversity, we have to understand the problem it addresses

What is an attack search space?
</pre>

EvoSec 2025W Lecture 10

2025-02-06T18:00:01Z

Soma: /* Discussion Questions */

<pre>
Lecture 10
----------

- areas of interest are all graded
- please read feedback and follow up as necessary
- message on Teams, we can have a call if necessary

What is the basic approach to diversity taken by the Forrest paper?
- the program source code is a "spec" <-- how it SHOULD behave
- vary how it is translated into an executing program
(as source doesn't specify this precisely)

- memory layout, instruction set, function/system call names and more could vary

So with this approach, what is not diverse?
- the source code!

If the source code is always the same, what kinds of security vulnerabilities CANNOT be addressed with Forrest's approach?
- algorithmic weaknesses (e.g. cryptography)
- higher-level code injection attacks will still work (e.g., SQL injection)
- authentication bypass because of insufficient checks

In fact, most security vulnerabilites won't be impacted by changing how the code is translated

It can really only stop attacks based on machine code injection & timing attacks (MAYBE)

What is the difference between diversity and randomization?

randomization
- uniform selection from a set of possibilities
- always has to be limited as random programs don't do anything
- in practice, can only randomize what isn't functionaly important

diversity is always about functional diversity
- variations that make the system behave differently
- but can "fit" into its role

diversity is always relative, never absolute

To understand diversity, we have to understand the problem it addresses

What is an attack search space?
</pre>

EvoSec 2025W Lecture 9

2025-02-06T17:58:56Z

Soma:

==Discussion Questions==
* What is the basic model behind both of these systems? Hint: focus on the figures!
* What aspect(s) of security are these models capturing? What are they missing?

==Notes==

<pre>
Lecture 9
---------

What is entropy? (G1)
- least diverse -> least entropy

So maybe increasing entropy (disorder) would increase security?
- multiple kinds of software, hosts, etc

But that seems chaotic and thus insecure?

Entropy on a specific graph
- hosts can have some number of vulns
- edges represent the vulns a host has
- cannot remove all edges by assumption - hosts always have some
- increase entropy -> more disorder in edges

Adding new kinds of systems => increase the space of vulnerabilities
- attack surface goes up!

If diversity is the answer, what is the question?
- consider for Thursday
</pre>

EvoSec 2025W Lecture 11

2025-02-06T17:58:36Z

Soma: Blanked the page

EvoSec 2025W Lecture 11

2025-02-06T17:58:14Z

Soma: Created page with "<pre> Lecture 9 --------- What is entropy? (G1) - least diverse -> least entropy So maybe increasing entropy (disorder) would increase security? - multiple kinds of software, hosts, etc But that seems chaotic and thus insecure? Entropy on a specific graph - hosts can have some number of vulns - edges represent the vulns a host has - cannot remove all edges by assumption - hosts always have some - increase entropy -> more disorder in edges Adding new kinds of s..."

<pre>
Lecture 9
---------

What is entropy? (G1)
- least diverse -> least entropy

So maybe increasing entropy (disorder) would increase security?
- multiple kinds of software, hosts, etc

But that seems chaotic and thus insecure?

Entropy on a specific graph
- hosts can have some number of vulns
- edges represent the vulns a host has
- cannot remove all edges by assumption - hosts always have some
- increase entropy -> more disorder in edges

Adding new kinds of systems => increase the space of vulnerabilities
- attack surface goes up!

If diversity is the answer, what is the question?
- consider for Thursday
</pre>

EvoSec 2025W Lecture 10

2025-02-04T16:36:22Z

Soma: Created page with "==Discussion Questions== * What is the basic model behind both of these systems? Hint: focus on the figures! * What aspect(s) of security are these models capturing? What are they missing? Today you'll be teaching the class, i.e., I'll be asking questions as if I don't understand things."

Evolutionary Security: Winter 2025

2025-01-31T03:29:11Z

Soma: /* February 11, 2025 */

Evolutionary Security: Winter 2025

2025-01-31T03:26:39Z

Soma: /* February 11, 2025 */

Evolutionary Security: Winter 2025

2025-01-31T03:11:02Z

Soma: /* Class Schedule (Readings & Notes) */

Evolutionary Security: Winter 2025

2025-01-31T01:38:06Z

Soma: /* February 6, 2025 */

Evolutionary Security: Winter 2025

2025-01-31T01:37:57Z

Soma: /* February 4, 2025 */

Evolutionary Security: Winter 2025

2025-01-31T01:37:37Z

Soma: /* February 6, 2025 */

Evolutionary Security: Winter 2025

2025-01-31T01:37:15Z

Soma: /* February 4, 2025 */

Evolutionary Security: Winter 2025

2025-01-31T01:36:51Z

Soma: /* February 6, 2025 */