aka Hacking the Math in Surveillance Dr Gerald Kruse PhD John 54 and Irene 58 Dale Professor of MA CS and IT Assistant Provost Juniata College krusejuniataedu http facultyjuniataedukruse ID: 729350
Download Presentation The PPT/PDF document "Math, Math, Everywhere …" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Math, Math, Everywhere…aka,Hacking the Math inSurveillance
Dr. Gerald Kruse, Ph.D.
John ‘54 and Irene ‘58 Dale
Professor
of MA, CS,
and
IT
Assistant Provost
Juniata College
kruse@juniata.edu
http://
faculty.juniata.edu/kruseSlide2
First, a little about JuniataSlide3
First, a little about Juniata
William Phillips, Class of 1971!Slide4
The “Hemi” Engine‘57 Chrysler pictured belowSlide5
The “Hemi” Engine‘57 Chrysler pictured below
Designer Thomas Hoover, ‘53Slide6
What movie should we pick?$1,000,000 to the first algorithm that was 10% better than Netflix’s original algorithmSlide7
The first 8% improvement was easy…Slide8
The first 8% improvement was easy…
“Just A Guy In A Garage”
Psychiatrist father and “hacker” daughter teamSlide9
The first 8% improvement was easy…
Team from Bell Labs ended up winningSlide10
Here’s an interesting billboard, from a few years ago in Silicon ValleySlide11
First 70 digits of e2.718281828459045235360287471352662497757247093699959574966967627724077Slide12
What happened for those who found the answer?The answer is 7427466391Those who typed in the URL, http://7427466391.com , ended up getting another puzzle. Solving that lead them to a page with a job application for…
Google!Slide13
Juniata’s 2015 Summer Read – Little BrotherAuthor Cory Doctorow’s books can be downloaded for free at his website: http://craphound.com/ . Cory Doctorow is an activist on the issues of intellectual access and intellectual property.Little Brother “takes
place in the future (near future) and explores what types of compromises our society and government are willing to make in the aftermath of a terrorist attack.”
(from the email announcing Juniata’s summer read)Slide14
Juniata’s 2015 Summer Read – Little BrotherProtagonist is Marcus, high school hacker, nickname: w1n5t0n (“winston
” in
leet
).
Likes to confound his school’s surveillance technology.
Marcus is in the wrong place, at the wrong time, and gets detained by Homeland Security.
Marcus is warned that he will be “under surveillance” when released after several daysMarcus revolts by setting up technological attacks on the DHS in order “to [thwart] further efforts to restrict personal liberty.” https://en.wikipedia.org/wiki/Little_Brother_(Doctorow_novel)Slide15
Surveillance Techniques in Little BrotherGait recognition- “not mature yet” http
://globalseci.com/?
page_id=44
Cracking the “
SchoolBook
” laptops
- Yes. https://en.wikipedia.org/wiki/Rootkit- via a Rootkit, a collection of computer software, which enables access by an unauthorized user, to restricted areas of its software that would not otherwise be allowed, while at the same time masking its existence or the existence of other software.
$sys$ filename - mobile devices in K-12 used to change TV channels…https://www.youtube.com/watch?v=tuqo6YSd50g
The
presence of these two
elements
helped set the context, this “near future” surveillance state…Slide16
Surveillance Techniques in Little BrotherParanoid Linux / Paranoid XBOX- not mature as characterized in the book- questionable plot twist:
who has an unopened Xbox laying around in their closet?
RFID
tags, aka “
arphid
”
- Nuking: https://www.youtube.com/watch?v=GZPRjFxc504
- Reprogramming RFID? It depends… not for low frequency, probably for high frequencySlide17
Surveillance Techniques in Little BrotherIMParanoid and TOR – The Onion Router- YES!
https://www.torproject.org/about/overview.html.en
-
a network of volunteer-operated servers that are connected through a series of virtual tunnels rather than making a direct connection (web-surfing, email, instant messaging
)Slide18
Steganography – Hiding in Plain SightWhisper a message…
Did you want to get in on the “secret message?”
If no one knows that you are sending a message, then they are less likely to pay attention to your communications.
A
technique Julius Caesar used to send messages. Slide19
Steganography – Hiding in Plain SightSlide20
Steganography – Hiding in Plain Sight
Consider this representation of an image
1
1
0
1
1
100001
1
1
0
0
0
1
0
0
1
0
1
1
0
1
0
1Slide21
Steganography – Hiding in Plain Sight
Consider this representation of an image
1
1
0
1
1
100001
1
1
0
0
0
1
0
0
Each “column” is one pixel
1
0
1
1
0
1
0
1Slide22
Steganography – Hiding in Plain Sight
Consider this representation of an image
1
1
0
1
1
100001
1
1
0
0
0
1
0
0
Each “column” is one pixel
If each color is 8 bits, then there would be 8 “layers”
1
0
1
1
0
1
0
1Slide23
If you remove the least significant “layer” of each pixel, and replace it with a message, the image doesn’t change muchOriginal image
Image with embedded textSlide24
faculty.juniata.edu/krusehttp://jcsites.juniata.edu/faculty/kruse/Slide25
Source code for faculty.juniata.edu/kruse<p><a
href
="http://www.juniata.edu"><
img
src
="junback2.jpg" border="0" height="55" width="151">
</a></p> <!-- HI THERE. HOW DO YOU LIKE THIS BIT OF STEGANOGRAPHY? --> <
p
><
a
href
="
misc
/TheseAreAFewOfMyFavoriteLinks.html">
These Are A Few of My Favorite Links
</
a
></
p
>
<
p
>
If I have agreed to write you a letter of recommendation:
<
br
>
<
a
href
="recommendations.htm">
Instructions for Recommendations
</
a
></
p
>
<
p
>
Helpful advice on summer research and graduate school in Computer Science:
<
br
><
a
href
="http://www.cra.org/ccc/csgs.php">
Computing Community Consortium
</
a
></
p
>
<
hr
>Slide26
HistogramsThose “columns” in the image are just numbers, right? 10011001 in binary is
1*2
7
+1*2
4
+1*2
3+1*20 = 128+16+8+1 = 153
Create a histogram (bar chart created from a single column of quantitative values) of all these pixel valuesSlide27
Histograms
If you have many black and white photographs with histograms like thisSlide28
Histograms
If you have many black and white photographs with histograms like this
But you encounter a histogram like this, an outlier, then you would probably investigateSlide29
Histograms – hunting for outliersIn normal web-traffic, a small percentage is encrypted. Marcus communicated with his friends using the operating system “
ParanoidLinux
.”
Their web-traffic had a much higher percentage of encryption.
A histogram characterizing the form of their traffic would be an outlier, prompting further surveillance, even if the traffic could not be decrypted.
In the book, Marcus also points out that histograms from tracking movements with RFID chips could identify abnormal life patterns, and many innocent people with secrets were harassed.Slide30
The False Positive ParadoxDo you react when you hear a car alarm?
Why not?
Approximately 250,000,000 motor vehicles are registered in the U.S.
Approximately
700,000 cars are stolen each year, which is 0.3%.Slide31
The False Positive Paradox – Page 47
Car Stolen
Car NOT Stolen
ROW TOTAL
COLUMN TOTAL
3
997
1000Slide32
The False Positive Paradox – Page 47
Car Stolen
Car NOT Stolen
ROW TOTAL
Car Alarm Sounds
(Test is Positive)
Car Alarm Does NOT Sound (Test is Negative)
COLUMN TOTAL
3
997
1000Slide33
The False Positive Paradox – Page 47
Car Stolen
Car NOT Stolen
ROW TOTAL
Car Alarm Sounds
(Test is Positive)
Car Alarm Does NOT Sound (Test is Negative)
COLUMN TOTAL
3
997
1000
Sensitivity
refers to the
True Positives
, the proportion of cars being stolen that the car alarm detects accurately
.
Specificity
refers to the
True Negatives
, the proportion of cars NOT being stolen whose alarms don’t sound
.Slide34
The False Positive Paradox – Page 47
Car Stolen
Car NOT Stolen
ROW TOTAL
Car Alarm Sounds
(Test is Positive)
3 ~=
99% of 3
“True Positive”
Car Alarm Does NOT Sound (Test is Negative)
987 ~=
99% of 997
“True Negative”
COLUMN TOTAL
3
997
1000
Sensitivity
refers to the
True Positives
, the proportion of cars being stolen that the car alarm detects accurately
.
Specificity
refers to the
True Negatives
, the proportion of cars NOT being stolen whose alarms don’t sound
.
For our example, let’s make the Sensitivity and Specificity both 99
%.Slide35
The False Positive Paradox – Page 47
Car Stolen
Car NOT Stolen
ROW TOTAL
Car Alarm Sounds
(Test is Positive)
3
“True Positive”
10 ~=
1% of 997
“False Positive”
13
Car Alarm Does NOT Sound (Test is Negative)
0
~=
1% of 3
“False Negative”
987
“True Negative”
987
COLUMN TOTAL
3
997
1000
Sensitivity
refers to the
True Positives
, the proportion of cars being stolen that the car alarm detects accurately
.
Specificity
refers to the
True Negatives
, the proportion of cars NOT being stolen whose alarms don’t sound
.
For our example, let’s make the Sensitivity and Specificity both 99
%.
A
False Positive
occurs when a car alarm sounds but the car is not being stolen
.
A
False Negative
occurs when a car alarm does not sound, but the car is being stolen.Slide36
The False Positive Paradox – Page 47
Car Stolen
Car NOT Stolen
ROW TOTAL
Car Alarm Sounds
(Test is Positive)
3
“True Positive”
10
“False Positive”
13
Car Alarm Does NOT Sound (Test is Negative)
0
“False Negative”
987
“True Negative”
987
COLUMN TOTAL
3
997
1000
Sensitivity
refers to the
True Positives
, the proportion of cars being stolen that the car alarm detects accurately
.
Specificity
refers to the
True Negatives
, the proportion of cars NOT being stolen whose alarms don’t sound
.
For our example, let’s make the Sensitivity and Specificity both 99
%.
A
False Positive
occurs when a car alarm sounds but the car is not being stolen
.
A
False Negative
occurs when a car alarm does not sound, but the car is being stolen.Slide37
The False Positive Paradox – Page 47
Car Stolen
Car NOT Stolen
ROW TOTAL
Car Alarm Sounds
(Test is Positive)
3
“True Positive”
10
“False Positive”
13
Car Alarm Does NOT Sound (Test is Negative)
0
“False Negative”
987
“True Negative”
987
COLUMN TOTAL
3
997
1000
77% (10 of 13) of the car alarms are incorrect!
This is why medical screenings typically test a “B” sample with a more thorough test.
And it is worse for things that rarely
ocurr
.Slide38
Public Key Cryptography
http://www.usna.edu/CS/si110arch/lec/l28/lec.htmlSlide39
Cryptography“here's the Cliff's Notes version: Some kinds of mathematical functions are really easy to do in one direction and really hard to do in the other direction.
It's
easy to multiply
two
big
prime numbers together and make a giant number. It's really, really hard to take any given giant number and figure out which primes multiply together to give you that number.”Page 36, Little BrotherSlide40
Public Key CryptographyPick 2 large primes, p and q, such that
p
!= q
Compute
n
=
p * q Select a small odd integer, e that is relatively prime* to
(p-1)*(q-1)Compute d as the multiplicative inverse of e * *Publish P = ( e , n ) as the Public KeyKeep S
= ( d , n )
as the Secret
Key
P( M ) =
M^e
mod
n and S
( C ) =
C^d
mod
n
*
gcd
(
(p-1)*(q-1) , e
) =
1
*
*
modulo (p-1)*(q-1
)Slide41
Public Key Cryptographyp = 5 p = 11
Compute
n
=
p
*
q = 5 * 11 = 55 e
=7 is relatively prime to 40 =(5-1)*(11-1)d =23 is the multiplicative inverse of e23*7 = 161, 161 mod 40 = 1Publish
P
= (
7
,
55 )
as the Public
Key
Keep
S
= (
23
,
55
)
as the Secret
Key
Simulation
convert the word “CAT”
3, 1, 20
3^7
mod 55, 1^7 mod 55, 20^7 mod
55
42, 1, 15Slide42
Some other elements we didn’t addressBayesian Spam Filters – also use histograms of word counts in emailSocial Engineering
Botnets – denial of service attackSlide43
Questions?Slide44Slide45Slide46Slide47Slide48
Attempts to Manipulate Search Results Via a “Google Bomb”Slide49
Liberals vs. Conservatives! In 2007, Google addressed Google Bombs, too many people thought the results were intentional and not merely a function of the structure of the webSlide50
Juniata’s own “Google Bomb”Slide51
CS 315 is my “Analysis and Algorithms” courseSlide52
The False Positive Paradox – Page 47
Car Stolen
Car NOT Stolen
ROW TOTAL
Car Alarm Sounds
(Test is Positive)
3 ~=
99% of 3
“True Positive”
10 ~=
1% of 997
“False Positive”
13
Car Alarm Does NOT Sound (Test is Negative)
0
~=
1% of 3
“False Negative”
987 ~=
99% of 997
“True Negative”
987
COLUMN TOTAL
3
997
1000
Sensitivity
refers to the
True Positives
, the proportion of cars being stolen that the car alarm detects accurately
.
Specificity
refers to the
True Negatives
, the proportion of cars NOT being stolen whose alarms don’t sound
.
For our example, let’s make the Sensitivity and Specificity both 99
%.
A
False Positive
occurs when a car alarm sounds but the car is not being stolen
.
A
False Negative
occurs when a car alarm does not sound, but the car is being stolen.