SlideShare a Scribd company logo

Wireless Network Security Course Overview

H
HoangNguyenLeThai1

This document summarizes the first class of a Wireless Network Security course. The instructor provided an overview of the course logistics and content. The course will cover security issues across different types of wireless systems from a layered perspective, including applications, networks, and physical layers. Students will complete individual assignments and group projects. The first assignment involves simulations in OMNET++. Groups will be formed to work on semester-long projects related to wireless security topics. The course aims to further students' understanding of wireless vulnerabilities and considerations for secure system design.

Technology
1 of 39
Download to read offline
©2015 Patrick Tague 1 Wireless Network Security Spring 2015 Patrick Tague Class #1 – Course Introduction & Logistics
©2015 Patrick Tague 2 Class #1 • Brief overview of the course • Logistics • Course information • Talk about projects (if there's time)
©2015 Patrick Tague 3 What is this course all about?
©2015 Patrick Tague 4 What is Security? A system is secure with respect to a certain property if one can guarantee that property with a reasonably high probability
©2015 Patrick Tague 5 What is Wireless Network Security? Authenticity Secrecy ? A probabilistic guarantee that a wireless network does its job as expected, even when faced with a variety of threats
©2015 Patrick Tague 6 Focus on the Networks • In the Wireless Network Security course, we'll study: – Different network systems – Underlying technologies – Applications, systems, services, relying on them – Threats, security issues, privacy concerns, etc.
©2015 Patrick Tague 7 Wireless Internet Wireless Networks Telecommunications Enterprise Wireless Ad Hoc / Mesh Vehicular Networks Sensing / Control Systems
©2015 Patrick Tague 8 Fundamental Challenges • Wireless is open / shared – User/device/system verification is more difficult – System resource availability often cannot be guaranteed • Wireless batteries resource constraints → → – Security costs $$$, time, energy, CPU cycles, bandwidth, scalability, etc.
©2015 Patrick Tague 9 Practical Challenges • Wireless network protocols were designed around wired protocols – Higher layers were originally the same, until people realized it didn't work well • Security mechanisms were (unfortunately) treated quite similarly • Layered model doesn't translate well for all desired security properties – e.g. How to provide performance guarantees with only best-effort services?
©2015 Patrick Tague 10 Practical Challenges • Not all wireless systems follow Internet-style (client-server) models – Ad hoc networks, sensor/actuator networks, fog – We must change the way we think about security! • There are a lot of trade-offs between security, efficiency, performance, scalability, ...
©2015 Patrick Tague 11 Practical Challenges • Each different network type, context, etc. has different properties, features, goals, ... – Protocols designed for WiFi Internet access probably shouldn't be used for safety-critical systems in cars... – Best-effort data delivery probably isn't sufficient for handling distributed control system inputs – ...
©2015 Patrick Tague 12 Diverse Wireless Systems Each of these types of wireless networks has different structure, function, and purpose As such, we expect each to have different functional and security requirements
©2015 Patrick Tague 13 Course Objectives • Understanding various security and privacy issues across different types of wireless systems • Coverage includes both classical and next-generation wireless systems – WiFi networks – Mobile/telecom networks – Ad hoc & mesh networks – Distributed sensing and control systems
©2015 Patrick Tague 14 Course Roadmap Application Transport Network Link Physical I) Layer-by-layer study of general wireless threats, issues, protections, etc. II) Application-centric (“vertical”) study of security and privacy issues
©2015 Patrick Tague 15 Goals of the Course • Understand the inherent vulnerabilities of wireless networking • Know what to consider in designing wireless systems, services, and applications • Hands-on experience in vulnerability analysis and secure system/service/protocol design • Research experience w/ publishable results
©2015 Patrick Tague 16 Questions about Content? Any questions about content, focus, etc. before I start talking logistics...?
©2015 Patrick Tague 17 Logistics
©2015 Patrick Tague 18 Course Website http://wnss.sv.cmu.edu/courses/14814/s15/ also a Blackboard page
©2015 Patrick Tague 19 Prerequisites v. Assumptions • While this course has no official prereqs, we make several assumptions about you – You have taken a graduate-level Information Security course (e.g., 14-741, 18-631, 18-730) – You have taken a graduate-level Networking course (e.g., 14-740, 18-756, 15-641) – You are a decent programmer (esp. C/C++) and can pick up new programming skills easily – We will not explicitly teach you these things, so some additional work may be needed if you don't match our assumptions
©2015 Patrick Tague 20 Registration • This course has 4 concurrent sections – It's important that you register for the right one Pgh SV ECE Not ECE If your home dept is: If your location is: 18637 A 18637 SV 14814 A 14814 SV
©2015 Patrick Tague 21 Waitlists • If you're currently registered for this class, but not planning to stay: please drop • If you're currently on the waitlist: 1) Make sure you're on the correct waitlist (see the previous slide) 2) Send me an email (tague@cmu.edu) detailing: 1) What year/term of your program are you in (priority will go to students closer to graduation)? 2) What degree requirements does this course fulfill? 3) Why you want to take this course? 4) What prereqs/qualifications do you have?
©2015 Patrick Tague 22 Deliverables & Grading • Individual work – 30% – Four assignments • Late submission: 10%/day penalty, up to 2 days • Group project – Four presentations (intro, statement of work, progress update, final) – 25% • Graded individually, everyone must participate – Two written reports (SoW, final paper) – 25% • No late submissions accepted • Exam – 20%
©2015 Patrick Tague 23 Individual Assignments • Four assignments – Simulation/experimentation/programming component – Research/survey component – Assignments will use OMNET++ network simulator and some additional tools – You're not expected to know anything about OMNET++ yet, but C++ and some scripting will be necessary • Assignment details and deadlines will be online • Individual each student does her/his own work → – Discussion is encouraged, but work is individual
©2015 Patrick Tague 24 Group Project • Project details: – Teams of 3-4 students – Option to work on “sponsored project” or come up with your own project – First presentation on project background and topic proposal will be in early February, so form teams and get started soon – Statement of Work due and presentation on Feb 26 – Progress report in early April – Final presentation in late April – Final report due May 7
©2015 Patrick Tague 25 What topic should I choose?
©2015 Patrick Tague 26 Project Topics • Projects must: – Relate to systems covered in class and focus on some aspect of wireless network security – Strive for new research/development contributions – plan to submit a conference paper, poster, or demo – Not be a project you're working on for your research or another course (no double-dipping) • Examples of past projects: – Attacks against location privacy in WiFi systems – Attack-resilient multi-path routing in MANETs – Localization in the presence of jammers – Detection of spoofing in VANETs – Secure dynamic address management in VANETs
©2015 Patrick Tague 27 How should I form a project team?
©2015 Patrick Tague 28 Project Teams • Forming teams and choosing topics: – These two things are not independent – Try to choose team members with common interests, different backgrounds, etc., not just your friends – Multiple teams cannot work on the same project
©2015 Patrick Tague 29 More Project Details • Each project will have an advisor/mentor – Any faculty member, researcher, or suitable PhD student can “sponsor” a project – let me know if you want to arrange an external project sponsor • Project output will include a paper, poster, and demo – Aim for conference-quality results • Some hardware may be available, if needed
©2015 Patrick Tague 30 Exam • Individual in-class exam • Closed-* exam, conceptual questions • About ¾ through semester, tentatively April 7
©2015 Patrick Tague 31 Important Dates All important dates are on the course schedule: http://wnss.sv.cmu.edu/courses/14814/s15/schedule.php
©2015 Patrick Tague 32 Contact • Instructor: Patrick Tague – Email: tague@cmu.edu – Office: B23 218 – Phone: 650-335-2827 – Skype: ptague – Office hours: Tues 1-3pm Pacific Time via Skype only, other times by appointment • Public Google calendar: http://goo.gl/FIVbRK • For an appointment, find an open time on my calendar and send an email to request a meeting (specify in person, Skype, etc.)
©2015 Patrick Tague 33 Some Syllabus-type Details • Class meetings: – Tues/Thurs 10:30-11:50am PST / 1:30-2:50pm EST – B23 212 @ SV campus, CIC 1201 @ Pgh campus • Class website – Schedule, slides, assignments, papers, projects, … – Submissions are via Blackboard • Textbooks – None, but some references are on the website • Assigned reading – Papers, blog posts, media, etc.
©2015 Patrick Tague 34 Assigned Reading • Between class readings, homework assignments, and project, you'll be reading a lot of papers! – Don't be surprised to see 100+ pages of reading/week – Reading research papers is not like reading textbooks, they're much more forgiving and can be read efficiently – Hint: read the pamphlet posted for reading material today • Seriously, print it out and read it...several times. A few minutes now could save many hours later.
©2015 Patrick Tague 35 Important Policies • Academic Integrity: all students are expected to adhere to academic integrity policies set forth by CMU, CIT, ECE, INI, etc. See • https://www.ece.cmu.edu/programs-admissions/masters/academic-integrity.html • http://www.ini.cmu.edu/current_students/handbook/index.html • http://engineering.cmu.edu/current_students/graduates/policies.html • http://www.cmu.edu/policies/documents/Academic%20Integrity.htm • My Collaboration Policy: discussion is encouraged, but assignments must be done individually • Copying in any form constitutes cheating, ask if it's unclear • Plagiarism: no copying, attribute all content sources • My Wikipedia Policy: if you cite Wikipedia (or similar) pages directly, you will fail the assignment/deliverable • Re-grading: on a case-by-case basis, contact me
©2015 Patrick Tague 36 Ethics of S&P Work • Research, development, and experimentation with sensitive information, attack protocols, misbehavior, etc. should be performed with the utmost care • You are expected to follow a strict ethical code, especially when dealing with potentially sensitive information • If anything is unclear, ask before going forward
©2015 Patrick Tague 37 Questions about Logistics? Any questions about course logistics? Feel free to email later.
©2015 Patrick Tague 38 Assignment #1 • First assignment has been posted online – Please get started as soon as possible, it's due in 2 weeks – This assignment mainly attempts to get you comfortable with OMNET++ programming and simulations • We'll do a small tutorial next week to help, but try to get started on your own – OMNET++ is available for most platforms • If you're familiar with Linux, probably best to go that route • If you're not good with Linux, Windows is a good option • If you prefer OSX, it seems to work fine – We reported some bugs last year that we believe were fixed
©2015 Patrick Tague 39 January 15: Wireless Security Basics & Threat Models

Recommended

INF4015 2015 Course Outline v1
INF4015 2015 Course Outline v1INF4015 2015 Course Outline v1
INF4015 2015 Course Outline v1Saika Dhansay
 
Prezentare multimedia
Prezentare multimediaPrezentare multimedia
Prezentare multimediaVivianaSisu
 
[hoctap.suctremmt.com]14814s15_02.pdf
[hoctap.suctremmt.com]14814s15_02.pdf[hoctap.suctremmt.com]14814s15_02.pdf
[hoctap.suctremmt.com]14814s15_02.pdfHoangNguyenLeThai1
 
ICTICT517-2024-T1-Session-01-Unit-Intro-v1.19a.pdf
ICTICT517-2024-T1-Session-01-Unit-Intro-v1.19a.pdfICTICT517-2024-T1-Session-01-Unit-Intro-v1.19a.pdf
ICTICT517-2024-T1-Session-01-Unit-Intro-v1.19a.pdfssuser675b67
 
Presentation at the conference ecdea.org, 8 of June 2018
Presentation at the conference ecdea.org, 8 of June 2018Presentation at the conference ecdea.org, 8 of June 2018
Presentation at the conference ecdea.org, 8 of June 2018Mats Brenner
 
Learning Technologist Network - Overview and January 2015 Meeting
Learning Technologist Network - Overview and January 2015 MeetingLearning Technologist Network - Overview and January 2015 Meeting
Learning Technologist Network - Overview and January 2015 MeetingJames Little
 
Introduction to e-submission
Introduction to e-submission Introduction to e-submission
Introduction to e-submission Bunyan Nick
 
Induction Presentation.pdf
Induction Presentation.pdfInduction Presentation.pdf
Induction Presentation.pdfRahulRaj694185
 

Recommended

INF4015 2015 Course Outline v1
INF4015 2015 Course Outline v1INF4015 2015 Course Outline v1
INF4015 2015 Course Outline v1Saika Dhansay
 
Prezentare multimedia
Prezentare multimediaPrezentare multimedia
Prezentare multimediaVivianaSisu
 
[hoctap.suctremmt.com]14814s15_02.pdf
[hoctap.suctremmt.com]14814s15_02.pdf[hoctap.suctremmt.com]14814s15_02.pdf
[hoctap.suctremmt.com]14814s15_02.pdfHoangNguyenLeThai1
 
ICTICT517-2024-T1-Session-01-Unit-Intro-v1.19a.pdf
ICTICT517-2024-T1-Session-01-Unit-Intro-v1.19a.pdfICTICT517-2024-T1-Session-01-Unit-Intro-v1.19a.pdf
ICTICT517-2024-T1-Session-01-Unit-Intro-v1.19a.pdfssuser675b67
 
Presentation at the conference ecdea.org, 8 of June 2018
Presentation at the conference ecdea.org, 8 of June 2018Presentation at the conference ecdea.org, 8 of June 2018
Presentation at the conference ecdea.org, 8 of June 2018Mats Brenner
 
Learning Technologist Network - Overview and January 2015 Meeting
Learning Technologist Network - Overview and January 2015 MeetingLearning Technologist Network - Overview and January 2015 Meeting
Learning Technologist Network - Overview and January 2015 MeetingJames Little
 
Introduction to e-submission
Introduction to e-submission Introduction to e-submission
Introduction to e-submission Bunyan Nick
 
Induction Presentation.pdf
Induction Presentation.pdfInduction Presentation.pdf
Induction Presentation.pdfRahulRaj694185
 
Internet Explorer 6 is no longer supported. Please use a newer bro.docx
Internet Explorer 6 is no longer supported. Please use a newer bro.docxInternet Explorer 6 is no longer supported. Please use a newer bro.docx
Internet Explorer 6 is no longer supported. Please use a newer bro.docxmariuse18nolet
 
1 courseinfo-5g 2
1 courseinfo-5g 21 courseinfo-5g 2
1 courseinfo-5g 2Abdisalam A. Mohamed
 
Talk to Student Information Point Colleagues about Moodle
Talk to Student Information Point Colleagues about MoodleTalk to Student Information Point Colleagues about Moodle
Talk to Student Information Point Colleagues about MoodleMark Stubbs
 
Cooperation Menu for Universities and Researchers in Latvia | Accenture
Cooperation Menu for Universities and Researchers in Latvia | AccentureCooperation Menu for Universities and Researchers in Latvia | Accenture
Cooperation Menu for Universities and Researchers in Latvia | Accentureaccenture
 
Introduction to e-submission July 2016
Introduction to e-submission July 2016Introduction to e-submission July 2016
Introduction to e-submission July 2016Bunyan Nick
 
E-assessment & feedback at DMU
E-assessment & feedback at DMUE-assessment & feedback at DMU
E-assessment & feedback at DMUrvallance
 
Teaching Continuity: Supporting staff teaching online when face-to-face class...
Teaching Continuity: Supporting staff teaching online when face-to-face class...Teaching Continuity: Supporting staff teaching online when face-to-face class...
Teaching Continuity: Supporting staff teaching online when face-to-face class...Samantha Lee Pan
 
Cloud computing higdon_scott_conway
Cloud computing higdon_scott_conwayCloud computing higdon_scott_conway
Cloud computing higdon_scott_conwayPrerna Agarwal
 
Content Sharing Website PPT
Content Sharing Website PPTContent Sharing Website PPT
Content Sharing Website PPTanushkashastri
 
Social Web: (Big) Data Mining | summer 2014/2015 course syllabus
Social Web: (Big) Data Mining | summer 2014/2015 course syllabusSocial Web: (Big) Data Mining | summer 2014/2015 course syllabus
Social Web: (Big) Data Mining | summer 2014/2015 course syllabusJakub Ruzicka
 
Unit 1 industry in the profession
Unit 1 industry in the professionUnit 1 industry in the profession
Unit 1 industry in the professionPaulineTorion1
 
NUS-ISS Digital Architecture Information Session
NUS-ISS Digital Architecture Information SessionNUS-ISS Digital Architecture Information Session
NUS-ISS Digital Architecture Information Sessionengtsze
 
itns
itnsitns
itnsNoah Huotari
 
Software Security Education at Scale
Software Security Education at ScaleSoftware Security Education at Scale
Software Security Education at ScaleChris Theisen
 
Reading Book Report 3. Chapter
Reading Book Report 3. ChapterReading Book Report 3. Chapter
Reading Book Report 3. ChapterELENA GOMEZ
 
Creating Learning Nuggets on the Fly - Online Educa 2015
Creating Learning Nuggets on the Fly - Online Educa 2015Creating Learning Nuggets on the Fly - Online Educa 2015
Creating Learning Nuggets on the Fly - Online Educa 2015Knut Linke
 
Proposed framework for Gamifying Research Activities
Proposed framework for Gamifying Research ActivitiesProposed framework for Gamifying Research Activities
Proposed framework for Gamifying Research ActivitiesTechnological Ecosystems for Enhancing Multiculturality
 
KING’S OWN INSTITUTE Success in Higher Education ICT 20.docx
KING’S OWN INSTITUTE Success in Higher Education ICT 20.docxKING’S OWN INSTITUTE Success in Higher Education ICT 20.docx
KING’S OWN INSTITUTE Success in Higher Education ICT 20.docxcroysierkathey
 
Digital initiatives dr.c.thanavathi
Digital initiatives dr.c.thanavathi Digital initiatives dr.c.thanavathi
Digital initiatives dr.c.thanavathi Thanavathi C
 
Can anyone help Joshua?
Can anyone help Joshua?Can anyone help Joshua?
Can anyone help Joshua?TarranKeeys
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxnull - The Open Security Community
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 

More Related Content

Similar to Wireless Network Security Course Overview

Internet Explorer 6 is no longer supported. Please use a newer bro.docx
Internet Explorer 6 is no longer supported. Please use a newer bro.docxInternet Explorer 6 is no longer supported. Please use a newer bro.docx
Internet Explorer 6 is no longer supported. Please use a newer bro.docxmariuse18nolet
 
Talk to Student Information Point Colleagues about Moodle
Talk to Student Information Point Colleagues about MoodleTalk to Student Information Point Colleagues about Moodle
Talk to Student Information Point Colleagues about MoodleMark Stubbs
 
Cooperation Menu for Universities and Researchers in Latvia | Accenture
Cooperation Menu for Universities and Researchers in Latvia | AccentureCooperation Menu for Universities and Researchers in Latvia | Accenture
Cooperation Menu for Universities and Researchers in Latvia | Accentureaccenture
 
Introduction to e-submission July 2016
Introduction to e-submission July 2016Introduction to e-submission July 2016
Introduction to e-submission July 2016Bunyan Nick
 
E-assessment & feedback at DMU
E-assessment & feedback at DMUE-assessment & feedback at DMU
E-assessment & feedback at DMUrvallance
 
Teaching Continuity: Supporting staff teaching online when face-to-face class...
Teaching Continuity: Supporting staff teaching online when face-to-face class...Teaching Continuity: Supporting staff teaching online when face-to-face class...
Teaching Continuity: Supporting staff teaching online when face-to-face class...Samantha Lee Pan
 
Cloud computing higdon_scott_conway
Cloud computing higdon_scott_conwayCloud computing higdon_scott_conway
Cloud computing higdon_scott_conwayPrerna Agarwal
 
Content Sharing Website PPT
Content Sharing Website PPTContent Sharing Website PPT
Content Sharing Website PPTanushkashastri
 
Social Web: (Big) Data Mining | summer 2014/2015 course syllabus
Social Web: (Big) Data Mining | summer 2014/2015 course syllabusSocial Web: (Big) Data Mining | summer 2014/2015 course syllabus
Social Web: (Big) Data Mining | summer 2014/2015 course syllabusJakub Ruzicka
 
Unit 1 industry in the profession
Unit 1 industry in the professionUnit 1 industry in the profession
Unit 1 industry in the professionPaulineTorion1
 
NUS-ISS Digital Architecture Information Session
NUS-ISS Digital Architecture Information SessionNUS-ISS Digital Architecture Information Session
NUS-ISS Digital Architecture Information Sessionengtsze
 
Software Security Education at Scale
Software Security Education at ScaleSoftware Security Education at Scale
Software Security Education at ScaleChris Theisen
 
Reading Book Report 3. Chapter
Reading Book Report 3. ChapterReading Book Report 3. Chapter
Reading Book Report 3. ChapterELENA GOMEZ
 
Creating Learning Nuggets on the Fly - Online Educa 2015
Creating Learning Nuggets on the Fly - Online Educa 2015Creating Learning Nuggets on the Fly - Online Educa 2015
Creating Learning Nuggets on the Fly - Online Educa 2015Knut Linke
 
KING’S OWN INSTITUTE Success in Higher Education ICT 20.docx
KING’S OWN INSTITUTE Success in Higher Education ICT 20.docxKING’S OWN INSTITUTE Success in Higher Education ICT 20.docx
KING’S OWN INSTITUTE Success in Higher Education ICT 20.docxcroysierkathey
 
Digital initiatives dr.c.thanavathi
Digital initiatives dr.c.thanavathi Digital initiatives dr.c.thanavathi
Digital initiatives dr.c.thanavathi Thanavathi C
 
Can anyone help Joshua?
Can anyone help Joshua?Can anyone help Joshua?
Can anyone help Joshua?TarranKeeys
 

Similar to Wireless Network Security Course Overview (20)

Internet Explorer 6 is no longer supported. Please use a newer bro.docx
Internet Explorer 6 is no longer supported. Please use a newer bro.docxInternet Explorer 6 is no longer supported. Please use a newer bro.docx
Internet Explorer 6 is no longer supported. Please use a newer bro.docx
 
1 courseinfo-5g 2
1 courseinfo-5g 21 courseinfo-5g 2
1 courseinfo-5g 2
 
Talk to Student Information Point Colleagues about Moodle
Talk to Student Information Point Colleagues about MoodleTalk to Student Information Point Colleagues about Moodle
Talk to Student Information Point Colleagues about Moodle
 
Cooperation Menu for Universities and Researchers in Latvia | Accenture
Cooperation Menu for Universities and Researchers in Latvia | AccentureCooperation Menu for Universities and Researchers in Latvia | Accenture
Cooperation Menu for Universities and Researchers in Latvia | Accenture
 
Introduction to e-submission July 2016
Introduction to e-submission July 2016Introduction to e-submission July 2016
Introduction to e-submission July 2016
 
E-assessment & feedback at DMU
E-assessment & feedback at DMUE-assessment & feedback at DMU
E-assessment & feedback at DMU
 
Teaching Continuity: Supporting staff teaching online when face-to-face class...
Teaching Continuity: Supporting staff teaching online when face-to-face class...Teaching Continuity: Supporting staff teaching online when face-to-face class...
Teaching Continuity: Supporting staff teaching online when face-to-face class...
 
Cloud computing higdon_scott_conway
Cloud computing higdon_scott_conwayCloud computing higdon_scott_conway
Cloud computing higdon_scott_conway
 
Content Sharing Website PPT
Content Sharing Website PPTContent Sharing Website PPT
Content Sharing Website PPT
 
Social Web: (Big) Data Mining | summer 2014/2015 course syllabus
Social Web: (Big) Data Mining | summer 2014/2015 course syllabusSocial Web: (Big) Data Mining | summer 2014/2015 course syllabus
Social Web: (Big) Data Mining | summer 2014/2015 course syllabus
 
Unit 1 industry in the profession
Unit 1 industry in the professionUnit 1 industry in the profession
Unit 1 industry in the profession
 
NUS-ISS Digital Architecture Information Session
NUS-ISS Digital Architecture Information SessionNUS-ISS Digital Architecture Information Session
NUS-ISS Digital Architecture Information Session
 
itns
itnsitns
itns
 
Software Security Education at Scale
Software Security Education at ScaleSoftware Security Education at Scale
Software Security Education at Scale
 
Reading Book Report 3. Chapter
Reading Book Report 3. ChapterReading Book Report 3. Chapter
Reading Book Report 3. Chapter
 
Creating Learning Nuggets on the Fly - Online Educa 2015
Creating Learning Nuggets on the Fly - Online Educa 2015Creating Learning Nuggets on the Fly - Online Educa 2015
Creating Learning Nuggets on the Fly - Online Educa 2015
 
Proposed framework for Gamifying Research Activities
Proposed framework for Gamifying Research ActivitiesProposed framework for Gamifying Research Activities
Proposed framework for Gamifying Research Activities
 
KING’S OWN INSTITUTE Success in Higher Education ICT 20.docx
KING’S OWN INSTITUTE Success in Higher Education ICT 20.docxKING’S OWN INSTITUTE Success in Higher Education ICT 20.docx
KING’S OWN INSTITUTE Success in Higher Education ICT 20.docx
 
Digital initiatives dr.c.thanavathi
Digital initiatives dr.c.thanavathi Digital initiatives dr.c.thanavathi
Digital initiatives dr.c.thanavathi
 
Can anyone help Joshua?
Can anyone help Joshua?Can anyone help Joshua?
Can anyone help Joshua?
 

Recently uploaded

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 

Wireless Network Security Course Overview

  • 1. ©2015 Patrick Tague 1 Wireless Network Security Spring 2015 Patrick Tague Class #1 – Course Introduction & Logistics
  • 2. ©2015 Patrick Tague 2 Class #1 • Brief overview of the course • Logistics • Course information • Talk about projects (if there's time)
  • 3. ©2015 Patrick Tague 3 What is this course all about?
  • 4. ©2015 Patrick Tague 4 What is Security? A system is secure with respect to a certain property if one can guarantee that property with a reasonably high probability
  • 5. ©2015 Patrick Tague 5 What is Wireless Network Security? Authenticity Secrecy ? A probabilistic guarantee that a wireless network does its job as expected, even when faced with a variety of threats
  • 6. ©2015 Patrick Tague 6 Focus on the Networks • In the Wireless Network Security course, we'll study: – Different network systems – Underlying technologies – Applications, systems, services, relying on them – Threats, security issues, privacy concerns, etc.
  • 7. ©2015 Patrick Tague 7 Wireless Internet Wireless Networks Telecommunications Enterprise Wireless Ad Hoc / Mesh Vehicular Networks Sensing / Control Systems
  • 8. ©2015 Patrick Tague 8 Fundamental Challenges • Wireless is open / shared – User/device/system verification is more difficult – System resource availability often cannot be guaranteed • Wireless batteries resource constraints → → – Security costs $$$, time, energy, CPU cycles, bandwidth, scalability, etc.
  • 9. ©2015 Patrick Tague 9 Practical Challenges • Wireless network protocols were designed around wired protocols – Higher layers were originally the same, until people realized it didn't work well • Security mechanisms were (unfortunately) treated quite similarly • Layered model doesn't translate well for all desired security properties – e.g. How to provide performance guarantees with only best-effort services?
  • 10. ©2015 Patrick Tague 10 Practical Challenges • Not all wireless systems follow Internet-style (client-server) models – Ad hoc networks, sensor/actuator networks, fog – We must change the way we think about security! • There are a lot of trade-offs between security, efficiency, performance, scalability, ...
  • 11. ©2015 Patrick Tague 11 Practical Challenges • Each different network type, context, etc. has different properties, features, goals, ... – Protocols designed for WiFi Internet access probably shouldn't be used for safety-critical systems in cars... – Best-effort data delivery probably isn't sufficient for handling distributed control system inputs – ...
  • 12. ©2015 Patrick Tague 12 Diverse Wireless Systems Each of these types of wireless networks has different structure, function, and purpose As such, we expect each to have different functional and security requirements
  • 13. ©2015 Patrick Tague 13 Course Objectives • Understanding various security and privacy issues across different types of wireless systems • Coverage includes both classical and next-generation wireless systems – WiFi networks – Mobile/telecom networks – Ad hoc & mesh networks – Distributed sensing and control systems
  • 14. ©2015 Patrick Tague 14 Course Roadmap Application Transport Network Link Physical I) Layer-by-layer study of general wireless threats, issues, protections, etc. II) Application-centric (“vertical”) study of security and privacy issues
  • 15. ©2015 Patrick Tague 15 Goals of the Course • Understand the inherent vulnerabilities of wireless networking • Know what to consider in designing wireless systems, services, and applications • Hands-on experience in vulnerability analysis and secure system/service/protocol design • Research experience w/ publishable results
  • 16. ©2015 Patrick Tague 16 Questions about Content? Any questions about content, focus, etc. before I start talking logistics...?
  • 17. ©2015 Patrick Tague 17 Logistics
  • 18. ©2015 Patrick Tague 18 Course Website http://wnss.sv.cmu.edu/courses/14814/s15/ also a Blackboard page
  • 19. ©2015 Patrick Tague 19 Prerequisites v. Assumptions • While this course has no official prereqs, we make several assumptions about you – You have taken a graduate-level Information Security course (e.g., 14-741, 18-631, 18-730) – You have taken a graduate-level Networking course (e.g., 14-740, 18-756, 15-641) – You are a decent programmer (esp. C/C++) and can pick up new programming skills easily – We will not explicitly teach you these things, so some additional work may be needed if you don't match our assumptions
  • 20. ©2015 Patrick Tague 20 Registration • This course has 4 concurrent sections – It's important that you register for the right one Pgh SV ECE Not ECE If your home dept is: If your location is: 18637 A 18637 SV 14814 A 14814 SV
  • 21. ©2015 Patrick Tague 21 Waitlists • If you're currently registered for this class, but not planning to stay: please drop • If you're currently on the waitlist: 1) Make sure you're on the correct waitlist (see the previous slide) 2) Send me an email (tague@cmu.edu) detailing: 1) What year/term of your program are you in (priority will go to students closer to graduation)? 2) What degree requirements does this course fulfill? 3) Why you want to take this course? 4) What prereqs/qualifications do you have?
  • 22. ©2015 Patrick Tague 22 Deliverables & Grading • Individual work – 30% – Four assignments • Late submission: 10%/day penalty, up to 2 days • Group project – Four presentations (intro, statement of work, progress update, final) – 25% • Graded individually, everyone must participate – Two written reports (SoW, final paper) – 25% • No late submissions accepted • Exam – 20%
  • 23. ©2015 Patrick Tague 23 Individual Assignments • Four assignments – Simulation/experimentation/programming component – Research/survey component – Assignments will use OMNET++ network simulator and some additional tools – You're not expected to know anything about OMNET++ yet, but C++ and some scripting will be necessary • Assignment details and deadlines will be online • Individual each student does her/his own work → – Discussion is encouraged, but work is individual
  • 24. ©2015 Patrick Tague 24 Group Project • Project details: – Teams of 3-4 students – Option to work on “sponsored project” or come up with your own project – First presentation on project background and topic proposal will be in early February, so form teams and get started soon – Statement of Work due and presentation on Feb 26 – Progress report in early April – Final presentation in late April – Final report due May 7
  • 25. ©2015 Patrick Tague 25 What topic should I choose?
  • 26. ©2015 Patrick Tague 26 Project Topics • Projects must: – Relate to systems covered in class and focus on some aspect of wireless network security – Strive for new research/development contributions – plan to submit a conference paper, poster, or demo – Not be a project you're working on for your research or another course (no double-dipping) • Examples of past projects: – Attacks against location privacy in WiFi systems – Attack-resilient multi-path routing in MANETs – Localization in the presence of jammers – Detection of spoofing in VANETs – Secure dynamic address management in VANETs
  • 27. ©2015 Patrick Tague 27 How should I form a project team?
  • 28. ©2015 Patrick Tague 28 Project Teams • Forming teams and choosing topics: – These two things are not independent – Try to choose team members with common interests, different backgrounds, etc., not just your friends – Multiple teams cannot work on the same project
  • 29. ©2015 Patrick Tague 29 More Project Details • Each project will have an advisor/mentor – Any faculty member, researcher, or suitable PhD student can “sponsor” a project – let me know if you want to arrange an external project sponsor • Project output will include a paper, poster, and demo – Aim for conference-quality results • Some hardware may be available, if needed
  • 30. ©2015 Patrick Tague 30 Exam • Individual in-class exam • Closed-* exam, conceptual questions • About ¾ through semester, tentatively April 7
  • 31. ©2015 Patrick Tague 31 Important Dates All important dates are on the course schedule: http://wnss.sv.cmu.edu/courses/14814/s15/schedule.php
  • 32. ©2015 Patrick Tague 32 Contact • Instructor: Patrick Tague – Email: tague@cmu.edu – Office: B23 218 – Phone: 650-335-2827 – Skype: ptague – Office hours: Tues 1-3pm Pacific Time via Skype only, other times by appointment • Public Google calendar: http://goo.gl/FIVbRK • For an appointment, find an open time on my calendar and send an email to request a meeting (specify in person, Skype, etc.)
  • 33. ©2015 Patrick Tague 33 Some Syllabus-type Details • Class meetings: – Tues/Thurs 10:30-11:50am PST / 1:30-2:50pm EST – B23 212 @ SV campus, CIC 1201 @ Pgh campus • Class website – Schedule, slides, assignments, papers, projects, … – Submissions are via Blackboard • Textbooks – None, but some references are on the website • Assigned reading – Papers, blog posts, media, etc.
  • 34. ©2015 Patrick Tague 34 Assigned Reading • Between class readings, homework assignments, and project, you'll be reading a lot of papers! – Don't be surprised to see 100+ pages of reading/week – Reading research papers is not like reading textbooks, they're much more forgiving and can be read efficiently – Hint: read the pamphlet posted for reading material today • Seriously, print it out and read it...several times. A few minutes now could save many hours later.
  • 35. ©2015 Patrick Tague 35 Important Policies • Academic Integrity: all students are expected to adhere to academic integrity policies set forth by CMU, CIT, ECE, INI, etc. See • https://www.ece.cmu.edu/programs-admissions/masters/academic-integrity.html • http://www.ini.cmu.edu/current_students/handbook/index.html • http://engineering.cmu.edu/current_students/graduates/policies.html • http://www.cmu.edu/policies/documents/Academic%20Integrity.htm • My Collaboration Policy: discussion is encouraged, but assignments must be done individually • Copying in any form constitutes cheating, ask if it's unclear • Plagiarism: no copying, attribute all content sources • My Wikipedia Policy: if you cite Wikipedia (or similar) pages directly, you will fail the assignment/deliverable • Re-grading: on a case-by-case basis, contact me
  • 36. ©2015 Patrick Tague 36 Ethics of S&P Work • Research, development, and experimentation with sensitive information, attack protocols, misbehavior, etc. should be performed with the utmost care • You are expected to follow a strict ethical code, especially when dealing with potentially sensitive information • If anything is unclear, ask before going forward
  • 37. ©2015 Patrick Tague 37 Questions about Logistics? Any questions about course logistics? Feel free to email later.
  • 38. ©2015 Patrick Tague 38 Assignment #1 • First assignment has been posted online – Please get started as soon as possible, it's due in 2 weeks – This assignment mainly attempts to get you comfortable with OMNET++ programming and simulations • We'll do a small tutorial next week to help, but try to get started on your own – OMNET++ is available for most platforms • If you're familiar with Linux, probably best to go that route • If you're not good with Linux, Windows is a good option • If you prefer OSX, it seems to work fine – We reported some bugs last year that we believe were fixed
  • 39. ©2015 Patrick Tague 39 January 15: Wireless Security Basics & Threat Models