Evolutionary Security: Winter 2025: Difference between revisions
| Line 115: | Line 115: | ||
===[[EvoSec 2025W Lecture 21|March 27, 2025]]=== | ===[[EvoSec 2025W Lecture 21|March 27, 2025]]=== | ||
* [https://homeostasis.scs.carleton.ca/~soma/pubs/burgess-nspw2018.pdf Burgess, "After the BlockCloud Apocalypse." (NSPW 2018)] | |||
===[[EvoSec 2025W Lecture 22|April 1, 2025]]=== | ===[[EvoSec 2025W Lecture 22|April 1, 2025]]=== | ||
Latest revision as of 03:51, 23 February 2025
Course Outline
Course outline for Evolutionary Security.
Literature Review
To help you write a literature review or the background of a research paper, read the following:
- Harvey, "What Is a Literature Review?" (DOC) (PPT)
- Taylor, "The Literature Review: A Few Tips On Conducting It"
Class Schedule (Readings & Notes)
January 7, 2025
Introduction
January 9, 2025
Introduction to Trust
January 14, 2025
Computational Trust
- Marsh, "Formalising Trust as a Computational Concept." (Chapters 1 & 3)
January 16, 2025
Biological Trust
- Bateson, "The Biological Evolution of Cooperation and Trust." (1988)
- Michod & Roze, "Cooperation and conflict in the evolution of multicellularity." (2001)
January 21, 2025
OceanStore & BOINC
- John Kubiatowicz et al., "OceanStore: An Architecture for Global-Scale Persistent Storage" (SIGPLAN 2000)
- Sean Rhea et al., "Pond: the OceanStore Prototype" (FAST 2003)
- Anderson, "BOINC: A System for Public-Resource Computing and Storage" (Grid Computing 2004)
January 23, 2025
Chubby & GFS
- Burrows, The Chubby Lock Service for Loosely-Coupled Distributed Systems (OSDI 2006)
- Sanjay Ghemawat et al., "The Google File System" (SOSP 2003)
January 28, 2025
Symbiosis
January 30, 2025
Tierra
- Tom Ray, Tierra (1992): Pixelated but with Figures, Clearer Text
February 4, 2025
Readings
- Neti, "Software diversity: Security, Entropy, and Game Theory." (HotSec 2012)
- Mansourzadeh, "A Fragility Metric for Software Diversity." (ASIA 2024)
Discussion Questions
- What is the basic model behind both of these systems? Hint: focus on the figures!
- What aspect(s) of security are these models capturing? What are they missing?
February 6, 2025
Readings
- Forrest, "Building Diverse Computer Systems." (HotOS 1997)
- Mansourzadeh, "Towards Foundational Security Metrics." (NSPW 2024)
Discussion Questions
- What security problems does the Forrest paper address? What problems does it not address?
- How plausible/realistic is the model in Mansourzadeh's paper?
- To what degree do the strategies described in the Forrest paper impact the KOSM and DESM metrics described in Mansourzadeh's paper?
February 11, 2025
Readings
- Forrest, "A Sense of Self for Unix Processes." (IEEE SP 1996)
- Forrest, "The Evolution of System-call Monitoring." (ACSAC 2008)
Discussion Questions
- What is "sequence-based system call monitoring"?
- How did system-call monitoring "evolve"? Specifically, to what extent did its "fitness" improve?
February 13, 2025
Project elevator pitches (presentations in class)
February 25, 2025
February 27, 2025
March 4, 2025
Early Literature Review due
March 6, 2025
March 11, 2025
March 13, 2025
March 18, 2025
March 20, 2025
March 25, 2025
March 27, 2025
April 1, 2025
Presentations, Day 1
April 3, 2025
Presentations, Day 2
April 8, 2025
Presentations, Day 3