1 / 14

Dipartimento di Informatica, Sistemistica e Comunicazione

Dipartimento di Informatica, Sistemistica e Comunicazione Università degli Studi di Milano – Bicocca. OpenIt: Open Source Tools, IT Security. {ferretti,leporati}@disco.unimib.it. Research Areas and Approaches. Open Source : Source code available ...

thisbe
Download Presentation

Dipartimento di Informatica, Sistemistica e Comunicazione

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dipartimento di Informatica, Sistemistica e Comunicazione Università degli Studi di Milano – Bicocca OpenIt: Open Source Tools, IT Security {ferretti,leporati}@disco.unimib.it DISCo WS - Milan - June 3, 2010

  2. DISCo WS - Milan - June 3, 2010 Research Areas and Approaches • Open Source: • Source code available ... • ... from Operating Systems to Applications • Computer Security: • on Networks, and in Applications • OpenIt explores these technological areas • And it establishes links to: students, colleagues, companies

  3. Activities... • ...with students: • Theses (around 20 per year) • “LUGs” • ...with our University: • Making open source tools available in shared laboratories • Training skilled technicians • ...with Companies: • Stages • Joint research DISCo WS - Milan - June 3, 2010

  4. DISCo WS - Milan - June 3, 2010 Recent Activities: examples • LUGs et sim.: • Involved in organizing in Bicocca an event of the “Digital Freedom” festival with WikiMedia Italia • Between our University and the Open Source world: • Working with Sabayon.org (renown Linux distr.): • Hosting some of their developing machines • Integrating advanced security controls in their packages building process • Companies: • Joint activity with Sourcesense, a company operating in Open Source with an innovative business model

  5. DISCo WS - Milan - June 3, 2010 Theoretical backgrounds,and technological interests • Faculty staff in OpenIt also do research in the BIMIB Lab • Research topics are strongly influenced by such scientific backgrounds (theoretical models and their properties) • In OpenIt, we link models to applications • Also, OpenIt supports technical developments required by researches in BIMIB (e.g.: simulations)

  6. DISCo WS - Milan - June 3, 2010 Research Activities: papers • Some research papers: • A. Leporati, C. Ferretti. Modeling and Analysis of Firewalls by (Tissue-like) P Systems. Brainstorming week on Membr.Sys.-submitted to journal, 2010. • M. Gutiérrez-Naranjo, A. Leporati. First Steps Towards a CPU Made of Spiking Neural P Systems. International Journal on Computers, Communication and Control, 2009 • D. Molteni, C. Ferretti, G. Mauri. Frequency Membrane Systems. Computing and Informatics, 2008. • A. Leporati, C. Ferretti, G. Mauri, M.J. Pérez-Jiménez, C. Zandron. Complexity aspects of polarizationless membrane systems. Natural Computing, 2008.

  7. DISCo WS - Milan - June 3, 2010 Results and Demonstrators • Bio-inspired computational models became, e.g.: A Java-based parallel simulator, tested on a computational cluster An adaptive and fault-tolerant (simulated) “Bio-Floor”: Someone on the floor (yellow dot) moving up, and tiles light up anticipating his movement Further computational models: An obfuscating processor, based on “register machines”

  8. Activities... DISCo WS - Milan - June 3, 2010

  9. Activities... DISCo WS - Milan - June 3, 2010

  10. DISCo WS - Milan - June 3, 2010 More specific: Security • “Obfuscating” network traffic: • a distributed system mixing false and real traffic to defeat its analisys • Assisted generation of firewalls' ACLs: • from simple checking to automatic building • with the help from traffic samples • On these topics: ongoing collaboration with “TELCO” laboratory • Obfuscating software: • Encrypting instructions • Transforming structure

  11. DISCo WS - Milan - June 3, 2010 More specific: Open Source • We are interested in making good use of source code, especially available in the open source technological arena • For instance by mixing static information (source code) and information gathered at runtime (e.g.: syscall tracing) Areas of application: • extracting Patterns • security Checks • smart debugging tools In collaboration with “ESSERE” laboratory

  12. DISCo WS - Milan - June 3, 2010 Technology, and Theory, also • Tecnology: “Take Linux and modify it”: • Loading and executing encrypted executables • Theory to Technology: “Take crypto and use it”: • Using secret shares to play poker on mobiles • Theory: • Is violating obfuscation techniques we proposed NP-Complete?

  13. Approach: integration inopen source tools • Given the availability of (open) source code: • whenever possible we develop tools as extensions to existing projects, or as plugins for them… • Example: “LXR” cross referencer on web, extended w.r.t. languages (assembly) and data (pointers), as applicable in the Linux kernel - Or: DISCo WS - Milan - June 3, 2010

  14. Approach: integration inopen source tools Security static analysis: integrated as a plugin for the Eclipse IDE DISCo WS - Milan - June 3, 2010

More Related