1 changed files with 127 additions and 0 deletions
@ -0,0 +1,127 @@
|
||||
--- |
||||
author: Advanced Topics in Security and Privacy (CS 839) |
||||
title: Lecture 01 |
||||
date: September 05, 2018 |
||||
--- |
||||
|
||||
# Security and Privacy |
||||
|
||||
## It's everywhere! |
||||
|
||||
## Stuff is totally insecure! |
||||
|
||||
## It's really difficult! |
||||
|
||||
# What topics to cover? |
||||
|
||||
## A really, really vast field |
||||
- Things we will not be able to cover: |
||||
- Real-world attacks |
||||
- Computer systems security |
||||
- Defenses and countermeasures |
||||
- Social aspects of security |
||||
- Theoretical cryptography |
||||
- ... |
||||
|
||||
## Theme 1: Formalizing S&P |
||||
- Mathematically formalize notions of security |
||||
- Rigorously prove security |
||||
- Guarantee that certain breakages can't occur |
||||
|
||||
> Remember: definitions are tricky things! |
||||
|
||||
## Theme 2: Automating S&P |
||||
- Use computers to help build more secure systems |
||||
- Automatically check security properties |
||||
- Search for attacks and vulnerabilities |
||||
|
||||
## Our focus: four modules |
||||
1. Differential privacy |
||||
2. Applied cryptography |
||||
3. Language-based security |
||||
4. Adversarial machine learning |
||||
|
||||
# Differential privacy |
||||
|
||||
## A mathematically solid definition of privacy |
||||
- Simple and clean formal property |
||||
- Satisfied by many algorithms |
||||
- Degrades gracefully under composition |
||||
|
||||
# Applied crypto |
||||
|
||||
## Computing in an untrusted world |
||||
- Proving you know something without revealing it |
||||
- Certifying that you did a computation correctly |
||||
- Computing on encrypted data, without decryption |
||||
- Computing joint answer without revealing your data |
||||
|
||||
# Language-based security |
||||
|
||||
## Ensure security by construction |
||||
- Programming languages for security |
||||
- Compiler checks that programs are secure |
||||
- Information flow, privacy, cryptography, ... |
||||
|
||||
# Adversarial machine learning |
||||
|
||||
## Manipulating ML systems |
||||
- Crafting examples to fool ML systems |
||||
- Messing with training data |
||||
- Extracting training information |
||||
|
||||
# Tedious course details |
||||
|
||||
## Class format |
||||
- Three components: |
||||
1. Paper presentations |
||||
2. Final project |
||||
3. Class participation |
||||
- Annoucement/schedule/materials: on [website](https://pages.cs.wisc.edu/~justhsu/teaching/current/cs839/) |
||||
- Class mailing list: [compsci839-1-f18@lists.wisc.edu]() |
||||
|
||||
## Paper presentations |
||||
- Sign up to lead a discussion on one paper |
||||
- Suggested topic, papers, and schedule on website |
||||
- Before each presentation: |
||||
- I will send out brief questions |
||||
- Please email me brief answers |
||||
|
||||
> If you want advice, come talk to me! |
||||
|
||||
## Final project |
||||
- Work individually or in pairs |
||||
- Project details and suggestions on website |
||||
- Key dates: |
||||
- **September 19**: Pick groups and topic |
||||
- **October 15**: Milestone 1 |
||||
- **November 14**: Milestone 2 |
||||
- **End of class**: Final writeups and presentations |
||||
|
||||
> If you want advice, come talk to me! |
||||
|
||||
## Todos for you |
||||
0. Complete the course survey |
||||
1. Check out the course website |
||||
2. Think about what paper you want to present |
||||
3. Brainstorm project topics |
||||
|
||||
# Defining privacy |
||||
|
||||
## What does privacy mean? |
||||
- Many meanings of privacy |
||||
|
||||
## Why is privacy hard? |
||||
|
||||
## Hiding private data |
||||
- Remove "personally identifiable information" |
||||
|
||||
## Problem: not enough |
||||
|
||||
## "Blending in a crowd" |
||||
|
||||
## Problem: composition |
||||
|
||||
## Differential privacy |
||||
|
||||
## Basic definition |
||||
Loading…
Reference in new issue