ZISC Seminars – Page 2

How Geopolitics is Elevating the Importance of Cybersecurity in Aviation: Exploring the Latest Research

April 25, 2024Harshad SathayeZISC Seminars

Abstract: This seminar spotlights the latest research aimed at boosting aviation security. As the geopolitical landscape shifts, it has exposed key vulnerabilities, especially in digital communications and navigation systems. We will delve into ongoing research efforts focused on strengthening aviation security by pinpointing these vulnerabilities and crafting effective countermeasures to address various potential threats. Join

Model Stealing Attacks and Defenses: Where are we now?

April 11, 2024Harshad SathayeZISC Seminars

Abstract: The success of deep learning in many application domains has been nothing short of dramatic. This has brought the spotlight onto security and privacy concerns with machine learning (ML). One such concern is the threat of model theft. I will discuss our work on exploring the threat of model theft, especially in the form

Xray: Finding Security Vulnerabilities in Arm AXI Implementations Using Model Checking

March 14, 2024Harshad SathayeZISC Seminars

Abstract: The Arm Advanced eXtensible Interface (AXI) protocols are widely used in bus implementations that connect processors, accelerators, memories, and other IP cores. Any bugs in these implementations can pose a security risk to the correctness of the connected IPs. Malicious or third-party IPs can use such implementation bugs to bypass security mechanisms employed at

Shufflecake: plausible deniability for multiple hidden filesystems on Linux

February 29, 2024Harshad SathayeZISC Seminars

Abstract: Shufflecake (ACM CCS 2023, DEF CON Demo Labs 2023) is a toolfor Linux that allows to create multiple hidden volumes on a storagedevice in such a way that it is very difficult, even under forensicinspection, to prove the existence of such volumes. This is useful forpeople whose freedom of expression is threatened through coercion

Scrappy: SeCure Rate Assuring Protocol with PrivacY

February 15, 2024Harshad SathayeZISC Seminars

Abstract: Preventing abusive activities caused by adversaries accessing online services at a rate exceeding that expected by websites has become an ever-increasing problem. CAPTCHAs and SMS authentication are widely used to provide a solution by implementing rate limiting, although they are becoming less effective, and some are considered privacy-invasive. In light of this, many studies

The next cloud is in orbit? Hacking satellites for fun

December 7, 2023Harshad SathayeZISC Seminars

Abstract: Hack-A-Sat was a 4-years long aerospace-inspired cybersecurity competition organized by the US department of Air and Space force. After three simulated editions, this year’s competition finals took place on a real satellite in orbit – called Moonlighter – and the Italian team mhackeroni won it. This talk overviews the Hack-A-Sat competition, what types

ACAI: Protecting Accelerator Execution with Arm Confidential Computing Architecture

November 23, 2023Harshad SathayeZISC Seminars

Abstract: Trusted execution environments in several existing and upcoming CPUs demonstrate the success of confidential computing, with the caveat that tenants cannot securely use accelerators such as GPUs and FPGAs. In this paper, we reconsider the Arm Confidential Computing Architecture (CCA) design, an upcoming TEE feature in Armv9-A, to address this gap. We observe that

Compact Frequency Estimators in Adversarial Environments

November 9, 2023Harshad SathayeZISC Seminars

Abstract: Count-Min Sketch (CMS) and HeavyKeeper (HK) are two realizations of a compact frequency estimator (CFE). These are a class of probabilistic data structures that maintain a compact summary of (typically) high-volume streaming data, and provide approximately correct estimates of the number of times any particular element has appeared. CFEs are often the base structure

Is Your Wallet Snitching On You? An Analysis on the Privacy Implications of Web3

October 26, 2023Harshad SathayeZISC Seminars

Abstract: With the recent hype around the Metaverse and NFTs, Web3 is getting more and more popular. The goal of Web3 is to decentralize the web via decentralized applications. Wallets play a crucial role as they act as an interface between these applications and the user. Wallets such as MetaMask are being used by millions

Chain-key Bitcoin

October 12, 2023Harshad SathayeZISC Seminars

Abstract: Chain-key Bitcoin (ckBTC) is a Bitcoin “layer 2” built on top of the Internet Computer blockchain (IC). It enables both individuals as well as IC smart contracts to transact the deposited Bitcoin cheaply and with a much higher throughput compared to the Bitcoin network. Crucially, ckBTC has no additional trust assumptions other than those