Seminars

Prof. Elisa Bertino (Purdue University, IN, USA)

Seminar title: Security of Cellular Networks

Abstract: As the world moves to 5G cellular networks and next-generation is being envisioned, security is of paramount importance and new tools are needed to ensure it. In the talk, after discussing motivating trends in wireless communications, we present LTEInspector a model-based testing approach for cellular network protocols. LTEInspector combines a symbolic model checker and a cryptographic protocol verifier in the symbolic attacker model. Using it, we uncovered 10 new attacks along with 9 prior attacks, categorized into three abstract classes (i.e., security, user privacy, and disruption of service), in three procedures of 4G LTE. To ensure that the exposed attacks pose real threats and are indeed realizable in practice, 8 of the 10 new attacks have been validated and their accompanying adversarial assumptions have been tested in a real testbed. We then present results obtained by 5GReasoner, which extends LTEInspector to 5G protocols. We conclude with a discussion about 5G threat vectors and security pillars.

Dr. Luc Bläser (Dfinity, Switzerland)

Seminar title: Motoko - The Programming Language of the Internet Computer

Abstract: Motoko is a specialized programming language tailored to ideal support of the runtime model of the Internet Computer. With the actor model and orthogonal persistence as its foundation and by offering both functional and imperative programming concepts in a type-safe and memory-managed environment, it enables convenient, powerful, and efficient development of canisters, the components that run on the Internet Computer blockchain. This tutorial gives an overview of Motoko, explaining its various distinct programming concepts and their applicability for blockchain programmability. The tutorial is accompanied by a workshop that is a mini-hackathon where attendees get the opportunity to implement an application case in Motoko and test it on the Internet Computer.

Dr. Jan Camenisch (Dfinity, Switzerland)

Seminar title: Internet Computer - Building apps on the Internet

Abstract: The Internet Computer is a general-purpose blockchain that runs canister smart contracts. Canister smart contracts are a new form of software that is vastly superior. Running on blockchain, smart contracts are tamperproof, unstoppable, autonomous, and can process and transmit value. Canister smart contracts are an improved form of smart contracts that are far more efficient and scalable and, most importantly, can natively interact with the Internet: they can query any web resource and serve web directly into users’ browsers.

The Internet Computer runs on the Internet itself: it is formed by dedicated node machines that run the Internet Computer Protocol (ICP). Node machines are owned by independent node providers and are located in independent data centres all over the world. Anyone can request to become a node provider by submitting a proposal to the Internet Computer governance system.

In this talk we are going to present the high level concepts of the Internet Computer and argue why it will replace the traditional IT stack. The talk is accompanied by a workshop on how to program on the Internet Computer and how to build the software of the future already today.

Mr. André Catry (C-Resiliens, Sweden)

Seminar title: Trust no one

Abstract: By knowing our history, we can prevent repeating mistakes.

Prof. Alexandra Dmitrienko (Würzburg University, Germany)

Seminar title: Security and Privacy Challenges in Federated Learning Systems and Applications

Abstract: Machine Learning (ML) methods are getting more mature and increasingly deployed in all areas of our lives to assist users in various classification and decision-making tasks. This seminar will showcase, as an example, the advantages ML can bring to applications dedicated to detecting security threats on mobile platforms. On the other hand, we will also delve into the security and privacy concerns associated with the utilization of ML methods. Specifically, we will focus on Federated Learning (FL), a distributed version of ML that can provide enhanced privacy preservation when training ML models. We will thoroughly evaluate the security and privacy risks associated with FL and then delve deeper into targeted and untargeted poisoning attacks and countermeasures. We will pay special attention to open challenges, that include distinguishing poisoned and benign but unusual models, for instance models trained on datasets with different data distributions, and adaptive attackers, who, once they know the detection method, can add an additional training loss to minimize any changes in the detection metric, and, hence, evade detection. To initiate further discussions, we will outline open research directions.

Prof. Joan Feigenbaum (Yale University, CT, USA)

Seminar title: Privacy-Preserving Audience Targeting

Abstract: Various forms of audience targeting are major sources of revenue in online advertising. Often, they involve a sequence of interactions among three parties: an advertiser, a publisher, and an ad server. The advertiser has learned about its customers by communicating and transacting with them, and it has grouped them into segments. When one of its customers interacts with the publisher, the advertiser would like the customer to be shown an ad that is appropriate to the segment(s) to which the customer belongs. The role of the ad server is to facilitate the complex process of matching advertisers to publishers and selecting appropriate ads. In the interest of preserving user privacy, we have designed a two-phase protocol for audience targeting that ensures that no personal data are learned by the publisher, the ad server, or any other party. This is joint work with Eric Crockett and Gang Wang.

Prof. Jean-Pierre Hubaux (EPFL, Switzerland)

Seminar title: Secure and Privacy-Preserving Decentralized ML

Abstract: To work properly, Machine Learning requires the access to large amounts of data. Yet, access to datasets can be difficult, because of regulations or because the controller considers its own data to be too sensitive or too precious. In this case, datasets remain in siloes, thus jeopardizing the ability to properly train ML models with enough data. In this talk, we will present several techniques that show how to solve this problem, leveraging notably on recent advances of cryptography.We first address the challenge of privacy-preserving training and evaluation of neural networks in an N-party, federated learning setting. We then switch to principal component analysis (PCA), an essential algorithm for dimensionality reduction in many data science domains. We address the problem of performing a federated PCA on private data distributed among multiple data providers while ensuring data confidentiality.Next, we show how techniques of this kind can be used in medical research. Using real-world evidence in biomedical research, an indispensable complement to clinical trials, requires access to large quantities of patient data that are typically held separately by multiple healthcare institutions. We demonstrate the applicability of the proposed techniques to essential biomedical analysis tasks, including Kaplan-Meier survival analysis in oncology and genome-wide association studies in medical genetics.Finally, we briefly present Tune Insight SA, a start-up company that has industrialized the software implementing some of our results.

Dr. Fabrizio Gagliardi (ACM Europe Council)

Seminar title: ACM recent history in Europe

Abstract: The speaker will give a short summary of ACM activities in Europe especially after the establishment in 2009 of the ACM Europe Council followed by the establishment of the ACM Europe Policy Council in 2013. Both entities started by the speaker.

Prof. Keith Martin (University of London)

Seminar title: Cyber Insecurity - Bits and Bytes of Wisdom on the Challenges of Researching Cyber Security

Abstract: Cyber security (whatever that is) is a relatively recent field of research endeavour. In this talk we reflect on some of the challenges involved in researching cyber security, as well as some of the opportunities presented by engaging with such an inherently multidisciplinary field. These perspectives are inspired by ten years and 100 cyber security PhD projects worth of experience in running a multidisciplinary cyber security doctoral training research centre at Royal Holloway, University of London.

Prof. Valtteri Niemi (University of Helsinki, Helsinki, Finland)

Seminar title: Postquantum Impact and other Issues with 5G/6G Security

Abstract: Quantum computing is a serious threat for contemporary cryptography. We first briefly discuss how cryptographic mechanisms are applied for security and privacy of mobile communication systems. Then we study how postquantum cryptoalgorithms are planned to be introduced to 5G and 6G systems by 3GPP, the standards organization for mobile communications. Because data rate, latency and volume requirements are strict for 5G, and would be even stricter for 6G, introduction of new algorithms could have serious impact on performance of the system as a whole. For symmetric cryptography, the quantum threat is less severe but, on the other hand, it plays much more crucial role in current mobile systems than public-key cryptography. We discuss performance issues and standards status of postquantum symmetric algorithms. Next we look at potential replacements for elliptic curve -based cryptoalgorithms that are currently used for identity confidentiality in 5G. One promising approach is to adopt Key Encapsulation Mechanism (KEM), e.g., the post-quantum KEM CRYSTALS-Kyber, recently chosen to be standardized by NIST. The introduction of new cryptoalgorithms to security protocols opens up the possibility to address also other security and privacy vulnerabilities that still are present in mobile systems. We show how it would be possible to extend current Authentication and Key Agreement (AKA) for adding several privacy and security properties, e.g., perfect forward secrecy and resistance against linkability attacks. Related to AKA, we discuss how privacy could be enhanced in the 5G Authentication and Key Management for Applications (AKMA) service purpose of which is to strengthen security of applications by mobile system security features such as the SIM card.

Prof. Cristina Nita-Rotaru (Northeastern University, MA, USA)

Seminar title: The Quest for Vulnerability-Free Network Protocols

Abstract: Network protocols are the foundation of trustworthy networked communication and they enable many services that our society relies on. Such protocols are described in textual specifications, written by different organizations, For example most Internet Protocols are described in Request for Comments (RFCs) written by the Internet Engineering Task Force (IETF). How does one know that the implementation matches the specification and no vulnerabilities exist that can be exploited by an attacker? Automated attack discovery techniques, such as attacker synthesis or model-based fuzzing, provide powerful ways to ensure network protocols operate correctly and securely. Such techniques, in general, require a formal representation of the protocol, often in the form of a finite state machine (FSM). In the first part of the talk we show how to extract protocol specification in the form of FSM from RFCs. We show the generalizability of our FSM extraction by using the RFCs for six different protocols: BGPv4, DCCP, LTP, PPTP, SCTP and TCP. We demonstrate how automated extraction of an FSM from an RFC can be applied to the synthesis of attacks, with TCP and DCCP as case-studies. In the second part of the talk we present an automated method that combines the generality of implementation-agnostic fuzzing with the precision of runtime analysis to find attacks against implementations of TCP congestion control. It uses a model-guided approach to generate abstract attack strategies, by leveraging a state machine model of TCP congestion control to find vulnerable state machine paths that an attacker could exploit to increase or decrease the throughput of a connection to his advantage. We use TCP New Reno as the guiding abstract model and evaluated 5 TCP implementations from 4 Linux distributions and Windows 8.1. Overall, we found 11 classes of attacks, of which 8 are new.

Prof. Ahmad-Reza Sadeghi (TU Darmstadt, Germany)

Seminar title: The Protection Paradox - Navigating the Dilemmas of Evolving Systems Security

Abstract: The escalating complexity of computing systems and the emergence of IoT, AI, and increasingly sophisticated attacks present new and diverse challenges to designing and implementing security concepts, methods, and mechanisms. Despite software and hardware-assisted security advancements, vulnerabilities keep growing in number, type, and sophistication.
This lecture offers a concise overview of our journey through the vast landscape of system security research. We highlight valuable lessons from advancing state-of-the-art software and hardware-assisted security in academic and industry collaborations, including insights from hosting the world's largest joint academic-industry hardware security competitions since 2018. We briefly discuss dilemmas in securing large-scale heterogeneous systems such as IoT and the potential of machine learning as a partial solution while acknowledging that ML risks also offer a goldmine to hackers.
Looking ahead, we discuss our future vision and research directions in systems security, particularly in light of the severe threat posed by software-exploitable hardware vulnerabilities that imperil critical systems.

Prof. Pierangela Samarati (Università degli Studi di Milano, Italy)

Seminar title: Data Security and Privacy in Emerging Scenarios

Abstract: The rapid advancements in Information and Communication Technologies (ICTs) have been greatly changing our society, with clear societal and economic benefits. Mobile technology, Cloud, Big Data, Internet of things, services and technologies that are becoming more and more pervasive and conveniently accessible, towards to the realization of a 'smart' society’. At the heart of this evolution is the ability to collect, analyze, process, and share an ever-increasing amount of data, to extract knowledge for offering personalized and advanced services. This typically also involves data management and computation by external storage and computational providers that may be not fully trusted. In this seminar, I will illustrate some challenges related to guaranteeing confidentiality and integrity of data stored or processed by external providers.

Prof. Martina Angela Sasse (Ruhr University Bochum)

Seminar title: Why CISOs struggle with human-centred security

Abstract: In larger organisations, the security controls and policies that protect employees are typically managed by a Chief Information Security Officer (CISO). In research, industry, and policy, there are increasing efforts to relate principles of human behaviour interventions and influence to the practice of the CISO, despite these being complex disciplines in their own right. In this talk, I will present results from two studies (one a longitudinal community of 30, one an interview study with 14) that illuminate the difficulties CISOs have to accept the fundamental concepts of human-centred security (HCS), and put into practice. The conclusion is that IT security experts need to be better prepared during training, and better support from business leaders in their work.

Prof. Fred Schneider (Cornell University, NY, USA)

Seminar title: Using Hyperproperties

Abstract: Trace-properties are defined by predicates on individual execution traces; hyperproperties are defined by predicates on sets of trace-properties. We illustrate the added expressiveness of hyperproperties. And we discuss the use of TLA for verifying an important class of hyperproperties, focusing on aspects of TLA that support self-composition and make TLA particularly amenable to hyperproperty verification. We also show how such verification provides the assurance needed to allow label-declassification in programming languages having information-flow types

Prof. Moti Yung (Google and Columbia University, NY, USA)

Seminar title: Designing for an Evolving Ecosystem: the Advertisement Exchange Case

Abstract: Many times, a system is designed with a vision to grow and cover a large area of increasing importance. Typically, however, a system starts small and grows large, in case it is successful (otherwise, the design and maintenance are less interesting/ important).
When it comes to security design, there are no existing methodologies for introducing a cryptographic system, in a way that it is employed for some immediate recognized need, yet it is ready for extensions and the design is proactively built for growing with increased services. I will cover a methodology that has been used in a number of cases, being opportunistic (in a positive way) to introduce hooks for growth, when and how to apply it, and how to think about the dynamicity of the system to avoid the need to retrofit security as it grows and changes.
The example I will talk about is Google's Ad Exchange (advertisement exchange) which is part of Google offering to select in a real time bidding (by an auction) which "display ad" from which ad network to show to users. The system is part of Google Ads management system, and it is used to serve banner (display) ads which are a large part of the economic support of Internet publishing.