Abstract: In this talk, I will present the results of my recent work including: 1- Caring for Intimate Data in Fertility Technologies, Mehrnezhad, Almeida, ACM Conference on Human Factors in Computing Systems (CHI), 2021 2- How Can and Would People Protect from Online Tracking? Mehrnezhad, Coopamootoo, and Toreini, Privacy Enhancing Technologies Symposium (PoPETs), 2022 3-
Abstract: Recent bugs in implementations, such as Heartbleed or in the Matrix chat application, demonstrate that formally verifying security properties for protocol models is an important first step but not enough to also guarantee them for implementations. We present a bottom-up verification approach to prove trace-based security properties directly on the level of existing implementations.
Abstract: There are lots of potential uses for machine readable specifications so you would think that every major real world artifact like long-lived hardware and software systems, protocols, languages, etc. would have a formal specification that is used by all teams extending, implementing, testing, verifying or securing the design. But, in practice, this is usually
Abstract: The European Union’s General Data Protection Regulation (GDPR) requires websites to inform users about personal data collection and request consent for cookies. Yet the majority of websites do not give users any choices, and others attempt to deceive them into accepting all cookies. We document the severity of this situation through an analysis of
Abstract: Machine learning can be a powerful ally in fighting Cybercrime provided that few challenges in its application can be solved. The Keybridge team at Oracle Labs has experience with developing ML solutions for security use cases. In this talk we would like to share those experiences and discuss three challenges – selecting an ML model,
Abstract: Users rely on ad and tracker blocking tools to protect their privacy. Unfortunately, existing ad and tracker blocking tools are susceptible to mutable advertising and tracking content. In this paper, we first demonstrate that a state-of-the-art ad and tracker blocker, AdGraph, is susceptible to such adversarial evasion techniques that are currently deployed on the
Abstract: Classification tasks on labeled graph-structured data have many important applications ranging from social recommendation to financial modeling. Deep neural networks are increasingly being used for node classification on graphs, wherein nodes with similar features have to be given the same label. Graph convolutional networks (GCNs) are one such widely studied neural network architecture that
Abstract: A wide variety of applications, such as modern payment systems, access control for critical infrastructures, healthcare applications like contact tracing, depend on location and proximity information. There are multiple ways to establish physical distance between two entities, most of which are prone to distance modification attacks and can lead to loss of property (e.g.,
Abstract: I’ll give a demo of the Internet Computer which hosts powerful smart contracts that are general purpose, tamperproof, composable, autonomous and run at web speed. I’ll proceed with an overview of the platform, which is a sharded blockchain system which offers advanced features such as on-chain governance, scaling and system upgrades. Needless to say,
Abstract: In this talk, I will introduce LTrack, a new tracking attack on LTE that allows an attacker to stealthily extract user devices’ locations and permanent identifiers (IMSI). To remain stealthy, the localization of devices in LTrack is fully passive, relying on our new uplink/downlink sniffer. Our sniffer records both the times of arrival of