--- title: Lab Meeting Minutes 2023/11/08 tags: lab_meeting --- > Outline > [TOC] --- # PERAL Lab Meeting - 時間:112 年 11 月 08 日 20:00 - 地點:線上 - 線上會議連結 : [Online](https://meet.google.com/zfi-zmnc-qfw) - 出席者:吳坤熹老師、謝萬霖、劉怡君、田蕙瑜、沈家正、梁宇騰、紀見如、劉冠伶、林大智、繆亭霄、蘇翊荃、陳嘉璐、陳品妤、陳姿綾、陳姿澖 - 會議主題:ICICE Rehearsal - 主講者: 繆亭霄、陳品妤 - 主記: 劉怡君 ## 會議內容 ### 陳品妤: TIME-BASED SECURE KEY MANAGEMENT AND ROTATION OF HEALTHCARE DATABASES #### Introduction - PCH(Puli Christian Hospital) uses unchanged key to encrypt database. - Security consideration : - unauthorized access by former employee - the user accidentally mistyped some keystrokes - cyberattacks : brute force - Solution : Key rotation #### Technical background - OTP (One-time password) - Time-based One-time Password - XOR encryption #### Challenges #### TOTP Alogorithm ![image.png](https://hackmd.io/_uploads/SJCZkgFXp.png) #### Implementation #### Performance #### Conclusions and Future Work --- ### 繆亭霄: NetFlow-Based Operating System Identification using Machine Learning #### Introduction ![image.png](https://hackmd.io/_uploads/Bkoz_eYQa.png) #### Motivation * OS detection * To quickly know the information about OS type ratio in a network * Detecting unauthorized and dangerous devices * Administrators can plan network resources for different OS * Disadvantage of previous research * The research that rely solely on three critical features (Syn, Win, TTL) to identify OS, perform poorly when these parameters closely resemble each other * The research with higher accuracy focusing on more features in the TCP header or application layer #### Datasets - Primary Dataset (Dataset A) - M. Laštovička, T. Jirsik, P. Čeleda, S. Špaček and D. Filakovsky, "Passive OS Fingerprinting Methods in the Jungle of Wireless Networks," 2018, doi: 10.1109/NOMS.2018.8406262 - 2017-05-01 00:00 - 2017-05-7 23:59 - Secondary Dataset (Dataset B) - M. Laštovička, S. Špaček, P. Velan, and P.l Čeleda, "Using TLS Fingerprints for OS Identification in Encrypted Traffic," 2020, doi.org/10.1109/NOMS47738.2020.9110319 - 2019-07-12 00:00 - 2019-07-16 23:59 #### Methodology #### Experiment Result #### Summary --- ### 建議&問題 :::info **若來不及記錄會進行字幕截圖,稍後會進行語法修正** ::: #### 陳品妤 part 1. [name=Louise] p.3、p.4 大小寫沒有統一 Ans: 2. [name=Lawrence] p.14 Why use 650 as count in this example? Ans: It's only an example. 3. [name=Lawrence] p.8 notion => notation 4. [name=Selena] 每個加密方式都會跟資料庫成正比? Ans: ![image.png](https://hackmd.io/_uploads/HJObRltQa.png) 5. [name=Ryan] p.9 What arguments does the hash function take, and how does it work in your implementation of this algorithm? 6. [name=Ryan] p.9 This hash function takes two arguments. How do you combine them? Ans: ![image.png](https://hackmd.io/_uploads/H1F4JZYm6.png) 7. [name=Yukino] Why did you choose the best time to implement OTP? Ans: ![image.png](https://hackmd.io/_uploads/SJW91bKmT.png) 8. [name=Ashley] p.14 以你的測試來說有沒有比較建議的值? Ans: ![image.png](https://hackmd.io/_uploads/BJk4e-KQa.png) 9. [name=Cooper] I noticed that you include the current Unix time in your encryption formula. However, why do you claim that you don't need to encrypt the contents of the database when the time has changed? Ans: ![image.png](https://hackmd.io/_uploads/rJ0qe-KmT.png) ![image.png](https://hackmd.io/_uploads/HkHTgZYX6.png) 10. [name=Miller] p.13 建議使用更需要加密的資料,譬如身份證字號 Ans: ![image.png](https://hackmd.io/_uploads/S1VZ--Fmp.png) 11. [name=Angela] "Healthcare" 一詞會讓人誤會這是跟疾病相關的應用, 有沒有考慮換掉 p.13 Database 的範例 12. [name=Angela] p.3 In the 3rd point of Security consideration, listing all the mentioned examples will be better. 13. [name=Angela] p.5 the abbr. should be noted with thier full name 14. [name=Phoebe] I have a suggestion regarding your tone. It seems like you might be a little hesitant while explaining your performance. Try to be more confident when presenting. 15. [name=Edgar] p.15 Why can you crack 160-bit strings in just 58 minutes? ![image.png](https://hackmd.io/_uploads/r1SSmWYXa.png) ![image.png](https://hackmd.io/_uploads/ryu5mWtQT.png) Ans: ![image.png](https://hackmd.io/_uploads/SkPnmbKQa.png) 16. [name=Edgar] In research, avoid using inclusive language such as "decide to do" when referring to completed work. Instead, state that the task has "**already been done**." 17. [name=Edgar] p.11 The third sub-bullet has a misuse of the adjective 'longer'; you should use 'lengthen' here. 18. [name=Angela] The other words for begging a pradon * "Could you repeat that, please?" * "I'm afraid I don't follow you." * "I'm not sure I understand the context of your question." #### 繆亭霄 part 1. [name=Louise] Why you choose 10% for datasize? Ans: 2. [name=Lawrance] p.13 I would like to know these feature is your own idea or the rederence from other papers and why you choose it as your feature? 3. [name=Ashley] How the data are collected? Why dataset A & B 的分部有落差? Ans: ![image.png](https://hackmd.io/_uploads/rySidZFQ6.png) 4. [name=Ashley] Why not two datasets train together? 5. [name=Ashley] 建議:P.8 在第一眼看到這張投影片時會有一個疑惑是,dataset A & B 到底有幾筆資料,或許可以斟酌一下需不需要增加這個資訊。 6. [name=Jiazheng] Suggestion: P.19-21 Explicitly mention the difference between these pages is Test 1, 2, 3 on P.16. 8. [name=Angela] 隨機捕捉的封包?是否有先進行篩選? 9. [name=Phoebe] On page 16, why do you believe that repeating the process 20 times is sufficient to obtain the good average value? Have you tested and observed this beforehand? Ans: ![image.png](https://hackmd.io/_uploads/rJur9-YQ6.png) 10. [name=Edgar] Is XXX a random number? Ans: Yes. 11. [name=Edgar] The font size is too small for me to see from a distance. Please consider regenerating your chart with a larger font size. ## 待追蹤事項 ## 臨時動議 --- 散會結束時間:
Last changed by  
lab409
162
Published on HackMD