This course is offered for master students in Cyber Security. In the study project, the participants will acquire practical skills in the application of machine learning (ML) techniques in the area of IT security in adversarial settings. The field of ML is playing an ever increasing role in computer science in general and IT security in particular. The idea of the study project is to mount different attacks and/or implement and evaluate defenses against them:
DNS fingerprinting attack on encrypted DNS traffic (finding out which URLs are being resolved by observing, e.g., DNS-over-TLS traffic)
Trolling detection on the Internet (e.g., authorship attribution - detecting texts written by the same author)
Traffic analysis attack on the encrypted and anonymized connections (e.g., VPN, SSH tunnel, JonDonym, Tor)
Prediction and adversarial influencing of performance estimation for network paths in overlay networks
Wireless physical device fingerprinting (recognizing physical devices based on their physical characteristics using Software Defined Radios).
The students will develop scripts to automate the process of executing the attacks and/or defenses, e.g., fetching different websites from a web browser while applying various privacy enhancing techniques (e.g., VPN, SSH tunnel, Tor network). By doing so, they will collect traces of encrypted data that will be further used for feature engineering and extraction, training and testing of different machine learning techniques (e.g., Support Vector Machines, neural networks, k-NN, decision trees, random forests). Finally, students will analyze the results in the form of different quality metrics, and will write a report and present the results.
In the form of a self organized study project, the students get familiar and/or deepen their knowledge in machine learning and their applications to traffic analysis. The participants get deep insights in the state of the art research in traffic analysis and apply the existing knowledge to build, test, and evaluate their own fingerprinting attacks and defenses.
Please enroll here for the moodle course.