Adaptive Security (Fall 2020): Difference between revisions

From Soma-notes
 
(One intermediate revision by the same user not shown)
Line 97: Line 97:
* [https://homeostasis.scs.carleton.ca/~soma/id-2007w/readings/lippmann-raid00.pdf Lippmann et al., Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation for Detecting Network Intruders in Real-Time.] (RAID 2000)
* [https://homeostasis.scs.carleton.ca/~soma/id-2007w/readings/lippmann-raid00.pdf Lippmann et al., Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation for Detecting Network Intruders in Real-Time.] (RAID 2000)
* [https://homeostasis.scs.carleton.ca/~soma/id-2007w/readings/mchugh-darpa.pdf McHugh, Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory.] (ACM TISSEC 2000)
* [https://homeostasis.scs.carleton.ca/~soma/id-2007w/readings/mchugh-darpa.pdf McHugh, Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory.] (ACM TISSEC 2000)
* [https://homeostasis.scs.carleton.ca/~soma/id-2007w/readings/axelsson-base-rate.pdf Axelsson, The Base-Rate Fallacy and the Difficulty of Intrusion Detection.] (2000)
* [https://homeostasis.scs.carleton.ca/~soma/id-2007w/readings/axelsson-base-rate.pdf Axelsson, The Base-Rate Fallacy and the Difficulty of Intrusion Detection.] (ACM TISSEC 2000)
* [https://homeostasis.scs.carleton.ca/~soma/id-2007w/readings/mahoney-darpa.pdf Mahoney & Chan, An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection.] (2003)
* [https://homeostasis.scs.carleton.ca/~soma/id-2007w/readings/mahoney-darpa.pdf Mahoney & Chan, An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection.] (RAID 2003)
* [https://homeostasis.scs.carleton.ca/~soma/pubs/brown-cisda2009.pdf Brown, "Analysis of the 1999 DARPA/Lincoln Laboratory IDS Evaluation Data with NetADHICT."] (CISDA 2009)
* [https://homeostasis.scs.carleton.ca/~soma/pubs/brown-cisda2009.pdf Brown, "Analysis of the 1999 DARPA/Lincoln Laboratory IDS Evaluation Data with NetADHICT."] (CISDA 2009)



Latest revision as of 02:58, 24 November 2020

Course Outline

The outline for the Fall 2020 run of Adaptive Security is available here.

Zoom link info is in cuLearn. If you can't access it, please email anilsomayaji at cunet.carleton.ca!

Research Journal

Your research journal is due by 9 PM the night before class. If you need more time please message me (on Teams) that you are running late. Entries are graded out of 4. Make sure to date stamp your entries. You may have multiple entries between classes; I will look at all entries since the last class.

For instructions on reviewing papers, see here.

Literature Review

To help you write a literature review or the background of a research paper, read the following:

Class Schedule

September 10, 2020

Introduction

September 15, 2020

Adaptive Security 2020F Lecture 3|September 17, 2020

September 22, 2020

September 24, 2020

September 29, 2020

October 1, 2020

October 6, 2020

October 8, 2020

October 13, 15, & 20, 2020

Review two papers per class following this template. Post your reviews on the Readings Wiki on Teams (in the Readings channel).

October 22, 2020

November 3, 2020

Look at the papers in the USENIX Security 2000 and USENIX Security 2010 as compared to the papers in USENIX Security 2020.

  • How have the kinds of papers changed over the years?
  • How has the ratio of attack to defence papers changed?
  • Has the "practicality" of papers changed?

November 17, 2020

November 19, 2020

November 24, 2020

November 26, 2020

December 1, 2020

December 3, 2020

December 8, 2020

Presentations 1

December 10, 2020

Presentations 2

Project Milestones

  • September 18, 2020: Areas of interest
  • September 29, 2020: Elevator Pitch
  • November 2, 2020: Literature Review
  • December 1, 2020: Tests/Preliminary Work
  • December 23, 2020: Final Project Report

Other Readings

Here are some optional readings, most with a more biological bent:


Note that some of the content of this course came from a previous course, Biological Approaches to Computer Security:

The focus of this class will be on designing and building actual defenses so we won't cover many of these readings. However, you may want to take a look at them for inspiration.