Week 1 of Adv network security to be lectured by Dr Phu Dung Le provided an introduction to the topics covered in the unit:

  • Modern computing and network security
  • Ellicptic curve public key encryption
  • Design and implementation of RSA and ECC
  • Intrusion detection systems
  • Network and distributed software security
  • Advance wireless security
  • Large computer security systems
  • Security, load balancing and network performance
  • Main research in security

The lecture broke off in to some very interesting discussion over information retrieval from encrypted data sources. The example provided seems like a one of case but this problem will become increasing relevant with the rise of cloud computing.  For example, as large companies such as Sony find strong efficiency and financial motivators to outsource their data storage to cloud providers, encryption of that data is paramount. With a large, off site, encrypted data sources there are issue with the efficient retrieval of data and the point of decryption. For example:

  • If searching for similar images given and initial image, how can this be accomplished without downloading and decrypting the entire database?
  • When retrieving data, at what point does decryption occur, if at the client then all the incoming data will fly straight past firewall, intrusion detection systems and anti-virus software.

A paper proposing a solution where:

an encryption scheme where each authorised user in the system has his own keys to encrypt and decrypt data. The scheme supports keyword search which enables the server to return only the encrypted data that satisfies an encrypted query without decrypting it.

http://mchost/sourcecode/papers/Sharedandsearchableencrypteddataforuntrustedservers.pdf

The problem of like image recognition is still not easily addressable using this solution. Although it could be argued that categorization schema could work effectively. I wonder at plausibility of using unsupervised neural networks in conjunction with the hash algorithm to provide a method not dependent on designer imposed categorization. Imagine the network would need to be infinitely complex to follow hashing however…

The tutorial introduced Snort (a leading intrusion detection system) – http://www.snort.org/

Installing and making a basic configuration for snort was the task.  I am not a big fan of the red hat linux distro that we have access to in the tutorials so I complete the install of snort 2.9.0.5 along with snort report 1.3.1 on my home gateway. I used the latest dynamic rules from

The tutorial I followed loosely for the install can be view:  http://www.symmetrixtech.com/articles/001-snortinstallguide.pdf (*note that following the instructions blindly will result in disaster).

It was also mentioned in the lecture that we would be investigating the RSA in comparison to Elliptic curve cryptology [ECC]. I had no idea what ECC was, a good video I found providing a brief explanation: