ZISC Seminars – Page 2

When Cryptocurrency Meets Network Security: The layers, the attacks, and the defenses

June 7, 2024Harshad SathayeZISC Seminars

Abstract: With blockchain technology at its core, cryptocurrencies have captured widespread attention both in academic research and beyond in recent years. As these systems oversee increasing stakes, reaching into the billions of US dollars, they have become attractive attack targets. Notably, several attacks have focused on their network layer, which crucially provides the communication foundation for innovations in the consensus or

Thriving in between theory and practice: How applied cryptography bridges the gap

May 23, 2024Harshad SathayeZISC Seminars

Abstract: The focus of applied cryptography is the security of cryptographic systems used in practice. This includes analyzing cryptographic protocols and primitives used in the wild, and designing and deploying secure systems. Unfortunately, this is a challenging task. Cryptography is highly brittle and small design or implementation mistakes can have devastating effects on a system

How Geopolitics is Elevating the Importance of Cybersecurity in Aviation: Exploring the Latest Research

April 25, 2024Harshad SathayeZISC Seminars

Abstract: This seminar spotlights the latest research aimed at boosting aviation security. As the geopolitical landscape shifts, it has exposed key vulnerabilities, especially in digital communications and navigation systems. We will delve into ongoing research efforts focused on strengthening aviation security by pinpointing these vulnerabilities and crafting effective countermeasures to address various potential threats. Join

Model Stealing Attacks and Defenses: Where are we now?

April 11, 2024Harshad SathayeZISC Seminars

Abstract: The success of deep learning in many application domains has been nothing short of dramatic. This has brought the spotlight onto security and privacy concerns with machine learning (ML). One such concern is the threat of model theft. I will discuss our work on exploring the threat of model theft, especially in the form

Xray: Finding Security Vulnerabilities in Arm AXI Implementations Using Model Checking

March 14, 2024Harshad SathayeZISC Seminars

Abstract: The Arm Advanced eXtensible Interface (AXI) protocols are widely used in bus implementations that connect processors, accelerators, memories, and other IP cores. Any bugs in these implementations can pose a security risk to the correctness of the connected IPs. Malicious or third-party IPs can use such implementation bugs to bypass security mechanisms employed at

Shufflecake: plausible deniability for multiple hidden filesystems on Linux

February 29, 2024Harshad SathayeZISC Seminars

Abstract: Shufflecake (ACM CCS 2023, DEF CON Demo Labs 2023) is a toolfor Linux that allows to create multiple hidden volumes on a storagedevice in such a way that it is very difficult, even under forensicinspection, to prove the existence of such volumes. This is useful forpeople whose freedom of expression is threatened through coercion

Scrappy: SeCure Rate Assuring Protocol with PrivacY

February 15, 2024Harshad SathayeZISC Seminars

Abstract: Preventing abusive activities caused by adversaries accessing online services at a rate exceeding that expected by websites has become an ever-increasing problem. CAPTCHAs and SMS authentication are widely used to provide a solution by implementing rate limiting, although they are becoming less effective, and some are considered privacy-invasive. In light of this, many studies

The next cloud is in orbit? Hacking satellites for fun

December 7, 2023Harshad SathayeZISC Seminars

Abstract: Hack-A-Sat was a 4-years long aerospace-inspired cybersecurity competition organized by the US department of Air and Space force. After three simulated editions, this year’s competition finals took place on a real satellite in orbit – called Moonlighter – and the Italian team mhackeroni won it. This talk overviews the Hack-A-Sat competition, what types

ACAI: Protecting Accelerator Execution with Arm Confidential Computing Architecture

November 23, 2023Harshad SathayeZISC Seminars

Abstract: Trusted execution environments in several existing and upcoming CPUs demonstrate the success of confidential computing, with the caveat that tenants cannot securely use accelerators such as GPUs and FPGAs. In this paper, we reconsider the Arm Confidential Computing Architecture (CCA) design, an upcoming TEE feature in Armv9-A, to address this gap. We observe that

Compact Frequency Estimators in Adversarial Environments

November 9, 2023Harshad SathayeZISC Seminars

Abstract: Count-Min Sketch (CMS) and HeavyKeeper (HK) are two realizations of a compact frequency estimator (CFE). These are a class of probabilistic data structures that maintain a compact summary of (typically) high-volume streaming data, and provide approximately correct estimates of the number of times any particular element has appeared. CFEs are often the base structure