Commit and publish final and printed version of dissertation.

Author: zozs

.gitignore

@@ -0,0 +1,28 @@
+*.aux
+*.log
+*.bbl
+*.blg
+*.d
+*.fls
+*.make
+*.temp
+*.out
+*.cut
+*.toc
+*.xml
+*.cookie
+*.bcf
+
+main-blx.bib
+
+# vim
+*.swp
+
+# mac
+.DS_Store
+
+*.pdf
+!figures/*.pdf
+!linus_dissertation_final.pdf
+
+*-eps-converted-to.pdf

Makefile

@@ -0,0 +1,27 @@
+# Linus Karlsson's PhD dissertation
+
+This repository contains the TeX sources for my dissertation.
+The sources should be compiled with LuaLaTeX and Biber.
+
+To compile the dissertation from source, you also need the fonts Adobe Garamond Pro and Frutiger LT Std.
+These are the profile fonts of Lund University, so if you are affiliated with the university you can [download them here](https://www.staff.lu.se/support-and-tools/communication-and-graphic-profile/download-templates-and-communication-tools).
+Otherwise, you can change the fonts in the source of `main.tex`, near the top.
+
+Tools and packages used:
+
+* LuaLaTeX.
+* TikZ for graphics.
+* Chris Monson's [Latex Makefile](https://github.com/shiblon/latex-makefile).
+* XeLaTeX (to compile the datasheet in the `datasheet/` directory, if you wish to use it)
+
+Inspired by Jesper Öqvist's thesis which can be found at https://github.com/llbit/joqvist-thesis
+
+## Final dissertation as PDF
+
+If you just want to see the dissertation in its final form, just open the file `linus_dissertation_final.pdf` in this repo, or [click here](https://linuskarlsson.se/papers/linus_dissertation_final.pdf) to view it from my personal web page.
+
+## Compile dissertation from source
+
+Run `make` from the root of this repository. Note that for successful compilation, you will need the fonts installed as described above.
+
+To compile the datasheet, enter the `datasheet/` directory and run `xelatex datasheet.tex`

README.md

@@ -0,0 +1,14 @@
+BUILD_STRATEGY := pdflatex
+BIBTEX := biber
+PDFLATEX := lualatex
+
+onlysources.tex=main.tex
+
+.PHONY: thesis errata
+
+thesis: main.tex
+	make main.pdf
+	cp main.pdf thesis.pdf
+
+errata: errata.tex
+	make errata.pdf

Variables.ini

@@ -0,0 +1,16 @@
+Organizations and individuals maintain and use an ever increasing amount of computer systems, either deployed locally, or in the cloud.
+These systems often store and handle vast amounts of data, some of which is sensitive and should be kept private.
+Regardless of where the data is located, there is a need to prevent data from falling into the wrong hands.
+To this end, this dissertation presents contributions to preventive measures in cyber security.
+
+Trusted computing can be used to attest the integrity of code running on a remote computer, and to store data securely using secure storage, for example in a cloud setting.
+This dissertation presents contributions regarding the use of the Trusted Platform Module (TPM) in high-availability systems, both for TPM 1.2 and TPM 2.0.
+It also discusses migration of keys from TPM 1.2 to the backwards-incompatible TPM 2.0, while maintaining the same behaviour with regard to authorization mechanisms.
+Contributions also include the use of trusted computing to attest the integrity of network elements before they are enrolled into a Software Defined Network, as well as protecting important assets of such network elements by using isolated execution environments.
+
+In the field of cryptography, the dissertation contains contributions regarding the Maximum Degree Monomial (MDM) test, which is related to the construction of distinguishers and nonrandomness detectors.
+A new generalized algorithm to find subsets for the MDM test is presented, together with evaluations of the algorithm on several different stream ciphers.
+
+The dissertation also contains contributions in the field of vulnerability assessment using recommender systems.
+First, a recommender system for user-specific vulnerability scoring is presented, which scores vulnerabilities based on implicit and explicit user preferences, together with domain-based information unique to the field of vulnerability assessment.
+Finally, the dissertation also contains contributions regarding privacy of such recommender systems, by protecting the privacy of user preferences even from the provider of the recommender service.

abstract.tex

@@ -0,0 +1,35 @@
+
+% First talk about supervisors
+I want to start this section by thanking my main supervisor, Martin Hell.
+During my PhD, he has always provided great guidance -- helpful, clear, and concise.
+His door has always been open, and he has always been willing to provide help.
+After our discussions, I have always left his office feeling encouraged, hopeful, and with a clear idea of how to proceed.
+Not only does he possess the skills of a good supervisor, he is also a great friend and I have enjoyed having my office next door to him during my years at the university.
+
+I also wish to thank my assistant supervisor Paul Stankovski Wagner for his help during my research, and for being another great office neighbour.
+In addition to the perks of having friendly neighbours in general, having my office squeezed in between Martin's and Paul's offices ensured that I did not arrive \emph{too} late in the mornings -- in fear of their witty comments about my working hours.
+I also want to express my thanks to my other assistant supervisor Ben Smeets for his valuable research input, in particular related to trusted computing.
+Finally, I wish to thank Thomas Johansson for actually suggesting me to pursue a PhD.
+
+During my time at the department, I have got to know many colleagues, particularly in the Crypto and Security group.
+First of all I wish to thank Jonathan and Erik for all our geeky discussions:
+Jonathan for our random technical discussions about everything from the strict aliasing rule to thick microcontroller manuals,
+and Erik for his random math-related monologues in my office, which I have to admit I enjoy, even though he after several years still involuntarily sabotages my office door every time he visits.
+I also wish to thank Pegah for giving me a worthy competitor in bringing home-baked Thursday fika, Alexander for interesting server management discussions, Nicolae for our research collaboration both at RISE and the university, and finally Carl for significantly increasing my vitamin~D production by forcing me to eat lunch outside.
+During my time as a PhD student, the research group has grown significantly, so instead of trying to name all current and past members, I just wish to say that it has been a pleasure to get to know all of you, and sharing a great environment for research and small-talk.
+
+% tech. and admin. staff
+I also want to thank the administrative and technical staff at the department for helping me during my time at the department.
+A special thanks to Erik Jonsson for interesting discussions, and patiently handling all my requests for opening firewall ports, leaving the department's firewall with more holes than a Swiss cheese.
+
+% Finally friends and family
+Finally, I also wish to thank my friends and family, you have all helped and supported me during my PhD studies.
+In particular, I want to mention all inspiring code evenings with Alex, weekly Thursday lunches with Paul, and daily Slack competitions with Henrik.
+To my mom Carina, and my dad Håkan: thank you for all your love and support throughout my life, and for always being there when I need you.
+
+% Signature.
+\begin{flushright}
+	\emph{Linus}
+	
+	Lund, September 2019
+\end{flushright}

acknowledgements.tex

@@ -0,0 +1,110 @@
+The following papers are included in this dissertation:
+
+\begin{description}
+  \item[Paper~I]
+    \paperIref
+  \item[Paper~II]
+    \paperIIref
+  \item[Paper~III]
+    \paperIIIref
+  \item[Paper~IV]
+    \paperIVref
+    
+    This dissertation contains the full version of this paper, with extended descriptions and motivations of the recommender and its parameters.
+  \item[Paper~V]
+    \paperVref
+  \item[Paper~VI]
+    \paperVIref
+\end{description}
+
+\newpage
+\noindent
+The table below summarizes the responsibilities Linus Karlsson had in each paper:
+
+\vspace{1em}
+\begin{center}
+\begin{tabular}{lllll}
+  \toprule
+  \emph{Paper} & \emph{Writing} & \emph{Concepts} &  \emph{Implementation} & \emph{Evaluation} \\
+  \midrule
+  \textbf{I}    & yes     & yes     & YES & -- \\ 
+  \textbf{II}   & YES     & YES     & YES & -- \\
+  \textbf{III}  & yes     & partial & yes & yes \\
+  \textbf{IV}   & YES     & yes     & YES & yes \\
+  \textbf{V}    & yes     & yes     & YES & YES \\
+  \textbf{VI}   & YES     & partial & YES & YES \\
+  \bottomrule
+\end{tabular}
+\end{center}
+\vspace{1em}
+
+\noindent
+Capital letters indicate roles where Linus Karlsson took primary responsibility for the given role.
+The individual contributions of Linus are described in more detail in the following paragraphs.
+
+In Paper~I, Linus was involved in writing and concept design.
+Linus solely constructed the implementation to test the proposed concept.
+
+In Paper~II, Linus had the main responsibility for both writing and designing the proposed solution.
+He also solely constructed the implementation to verify the solution.
+
+In Paper~III, Linus was responsible for writing the sections about trust anchors in general, and everything related to the application plane.
+% Sections~\ref{subsec:trust-anchors}, \ref{subsec:application-plane-trust}, \ref{subsec:trustanchors:appplane}, \ref{subsec:application-evaluation}.
+He was partially responsible for the concepts in the paper: those related to the application plane.
+Linus was also responsible for the implementation and performance evaluation of the application plane network element enrollment.
+
+In Paper~IV, Linus was responsible for writing all of the system model and implementation sections.
+Together with the other authors, he defined the overall goals of the recommender, and was then responsible for the detailed design of the system.
+He was solely responsible for the implementation of the system.
+
+In Paper~V, Linus was responsible for writing the sections about privacy profiles, isolated execution, implementation, and evaluation.
+Together with the other authors, he defined the proposed privacy-preserving solution.
+He was solely responsible for the implementation and evaluation of the solution.
+
+In Paper~VI, Linus was the main responsible for writing of the complete paper.
+He was partially involved in the design of the proposed algorithm.
+Linus was solely responsible for the implementation of the newly proposed algorithms, as well as the evaluation of the results.
+
+A further description of the papers' contributions \emph{to the research field} is presented in Section~\ref{sec:kappa-contributions}.
+
+\newpage
+\subsection*{Other Contributions}
+
+The following peer-reviewed publications have also been published during my PhD studies, but are not included in this dissertation.
+
+\begin{itemize}
+	\item Christopher Jämthagen, Linus Karlsson, Paul Stankovski, and Martin Hell: ``eavesROP: Listening for ROP Payloads in Data Streams''. In \emph{Information Security Conference, ISC 2014, Hong Kong}, LNCS Vol. 8783, pp. 413--424, Springer.
+	\item Linus Karlsson, Martin Hell, and Paul Stankovski. ``Improved Greedy Nonrandomness Detectors for Stream Ciphers''. In \emph{3rd International Conference on Information Systems Security and Privacy, ICISSP 2017, Porto, Portugal}. pp. 225--232, SCITEPRESS.
+	\item Nicolae Paladi and Linus Karlsson. ``Safeguarding VNF Credentials with Intel SGX''. In \emph{SIGCOMM Posters and Demos '17, Los Angeles, CA, USA}. ACM.
+	\item Alexander Cobleigh, Martin Hell, Linus Karlsson, Oscar Reimer, Jonathan Sönnerup, and Daniel Wisenhoff. ``Identifying, Prioritizing and Evaluating Vulnerabilities in Third Party Code''. In \emph{2018 IEEE 22nd International Enterprise Distributed Object Computing Workshop (EDOCW), Stockholm, Sweden}. pp. 208-211, IEEE.
+\end{itemize}
+
+
+%N. Paladi, L. Karlsson, K. Elbashir: “Trust Anchors in Software Defined Networks”. ESORICS 2018, Barcelona, Spain, LNCS Vol. 11009, pp. 485–504, Springer. DOI: 10.1007/978-3-319-98989-1_24
+%[PDF]
+%
+%
+%L. Karlsson, M. Hell, P. Stankovski: “Not So Greedy: Enhanced Subset Exploration for Nonrandomness Detectors”. Information Systems Security and Privacy. ICISSP 2017, Revised Selected Papers, CCIS Vol. 867, pp. 273–294, Springer. DOI: 10.1007/978-3-319-93354-2_13
+%[PDF]
+%
+%L. Karlsson, M. Hell: “Enabling Key Migration Between Non-Compatible TPM Versions”. Trust and Trustworthy Computing, TRUST 2016, Vienna, Austria, LNCS Vol. 9824, pp. 101–118, Springer. DOI: 10.1007/978-3-319-45572-3_6
+%[PDF]
+%
+%M. Hell, L. Karlsson, B. Smeets, J. Mirosavljevic: “Using TPM Secure Storage in Trusted High Availability Systems”. The 6th International Conference on Trusted Systems, INTRUST 2014, Beijing, China, LNCS Vol. 9473, pp. 243–258, Springer. DOI: 10.1007/978-3-319-27998-5_16
+%[PDF]
+%
+
+
+
+%L. Karlsson, M. Hell, P. Stankovski: “Improved Greedy Nonrandomness Detectors for Stream Ciphers”. 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017, Porto, Portugal, pp. 225–232, SCITEPRESS. DOI: 10.5220/0006268202250232
+%[PDF]
+%
+%N. Paladi, L. Karlsson: “Safeguarding VNF Credentials with Intel SGX”. SIGCOMM Posters and Demos ’17, Los Angeles, CA, USA, ACM. DOI: 10.1145/3123878.3132016
+%
+%A. Cobleigh, M. Hell, L. Karlsson, O. Reimer, J. Sönnerup, D. Wisenhoff: “Identifying, Prioritizing and Evaluating Vulnerabilities in Third Party Code”. IEEE EDOCW 2018, Stockholm, Sweden, pp. 208–211, IEEE. DOI: 10.1109/EDOCW.2018.00038
+
+
+
+
+% C. Jämthagen, L. Karlsson, P. Stankovski, M. Hell: “eavesROP: Listening for ROP Payloads in Data Streams”. Information Security Conference, ISC 2014, Hong Kong, LNCS Vol. 8783, pp. 413–424, Springer. DOI: 10.1007/978-3-319-13257-0_25
+% [PDF]