Abstract: You’ve probably already heard the story: we got contracted to analyze a bunch of trains breaking down after being serviced by third-party workshops. We reverse engineered them and found code which simulated failures when they detected servicing attempts. We presented our findings at 37C3 and then an update of the story at 38C3. This
Abstract: TEE implementations on RISC-V offer an enclave abstraction by introducing a trusted component called the security monitor (SM). The SM performs critical tasks such as isolating enclaves from each other as well as from the OS by using privileged ISA instructions that enforce the physical memory protection. However, the SM executes at the highest
Abstract: The security landscape of satellite systems has undergone a significant transformation in recent decades. With thousands of satellites launched annually, space-based infrastructure has become increasingly critical for communication, observation, and scientific measurement. However, this growth has also been accompanied by a decrease in the barrier to entry for attacks, driven by the widespread availability
Abstract: Embedded and IoT devices are becoming increasingly widespread, often supporting safety-critical operations. However, these devices typically lack the advanced security features of more powerful systems due to cost and energy constraints, making them vulnerable to software-based attacks. To address this, Control Flow Attestation (CFA) has been proposed as a cost-effective method to detect control
Abstract: Driven by recent advances in large language models (LLM), generative AI applications have become the dominant workload for the modern cloud. Specialized hardware accelerators, such as GPUs, NPUs, and TPUs, play a key role in AI adoption due to their superior performance over general-purpose CPUs. AI models and the data are often highly sensitive
Abstract: Modern messaging applications such as iMessage, Signal, and WhatsApp encrypt their users’ messages using cryptography that provides strong security guarantees. All these security guarantees are void, however, when inauthentic keys are used. For years, the only option to authenticate your peers’ keys was to compare safety numbers in-person, which was rarely done in practice.
Abstract: A flurry of DoS vulnerabilities have been recently disclosed in DNS, many of which enable an attacker to overload victim DNS servers by sending only modest volumes of requests that trigger large amplification effects. This talk starts with our systematic investigation of such vulnerabilities. By establishing a taxonomy of amplification primitives intrinsic to DNS
Abstract: While AI has achieved human-level performance in specific tasks, it often fails when deployed in real-world applications — like failing to detect a large truck in front of a Tesla. Why do such errors occur, and how long will it be before AI is widely and reliably deployed in everyday life? This talk will
Abstract: Abstract: In a world increasingly shaped by AI technologies, addressing their technical, ethical, and fairness challenges becomes imperative. This talk will address the criticality of identifying ethical, responsible, and safe requirements for large language models, featuring published and ongoing research at Precog Lab https://precog.iiit.ac.in/. We’ll discuss representation steering to make interpretable changes to language
Abstract: This talk will discuss the challenges associated with tracing data and attributing it to the input or output of a model. Tracing of data to the input, referred to as membership inference, involves determining whether a specific data point was part of the model’s training set. Successfully attributing data to the training set of