Abstract: This talk will discuss the challenges associated with tracing data and attributing it to the input or output of a model. Tracing of data to the input, referred to as membership inference, involves determining whether a specific data point was part of the model’s training set. Successfully attributing data to the training set of
Abstract: With blockchain technology at its core, cryptocurrencies have captured widespread attention both in academic research and beyond in recent years. As these systems oversee increasing stakes, reaching into the billions of US dollars, they have become attractive attack targets. Notably, several attacks have focused on their network layer, which crucially provides the communication foundation for innovations in the consensus or
Abstract: The focus of applied cryptography is the security of cryptographic systems used in practice. This includes analyzing cryptographic protocols and primitives used in the wild, and designing and deploying secure systems. Unfortunately, this is a challenging task. Cryptography is highly brittle and small design or implementation mistakes can have devastating effects on a system
Abstract: This seminar spotlights the latest research aimed at boosting aviation security. As the geopolitical landscape shifts, it has exposed key vulnerabilities, especially in digital communications and navigation systems. We will delve into ongoing research efforts focused on strengthening aviation security by pinpointing these vulnerabilities and crafting effective countermeasures to address various potential threats. Join
Abstract: The success of deep learning in many application domains has been nothing short of dramatic. This has brought the spotlight onto security and privacy concerns with machine learning (ML). One such concern is the threat of model theft. I will discuss our work on exploring the threat of model theft, especially in the form
Abstract: The Arm Advanced eXtensible Interface (AXI) protocols are widely used in bus implementations that connect processors, accelerators, memories, and other IP cores. Any bugs in these implementations can pose a security risk to the correctness of the connected IPs. Malicious or third-party IPs can use such implementation bugs to bypass security mechanisms employed at
Abstract: Shufflecake (ACM CCS 2023, DEF CON Demo Labs 2023) is a toolfor Linux that allows to create multiple hidden volumes on a storagedevice in such a way that it is very difficult, even under forensicinspection, to prove the existence of such volumes. This is useful forpeople whose freedom of expression is threatened through coercion
Abstract: Preventing abusive activities caused by adversaries accessing online services at a rate exceeding that expected by websites has become an ever-increasing problem. CAPTCHAs and SMS authentication are widely used to provide a solution by implementing rate limiting, although they are becoming less effective, and some are considered privacy-invasive. In light of this, many studies
Abstract: Hack-A-Sat was a 4-years long aerospace-inspired cybersecurity competition organized by the US department of Air and Space force. After three simulated editions, this year’s competition finals took place on a real satellite in orbit – called Moonlighter – and the Italian team mhackeroni won it. This talk overviews the Hack-A-Sat competition, what types
Abstract: Trusted execution environments in several existing and upcoming CPUs demonstrate the success of confidential computing, with the caveat that tenants cannot securely use accelerators such as GPUs and FPGAs. In this paper, we reconsider the Arm Confidential Computing Architecture (CCA) design, an upcoming TEE feature in Armv9-A, to address this gap. We observe that