Abstract: Users rely on ad and tracker blocking tools to protect their privacy. Unfortunately, existing ad and tracker blocking tools are susceptible to mutable advertising and tracking content. In this paper, we first demonstrate that a state-of-the-art ad and tracker blocker, AdGraph, is susceptible to such adversarial evasion techniques that are currently deployed on the
Abstract: Classification tasks on labeled graph-structured data have many important applications ranging from social recommendation to financial modeling. Deep neural networks are increasingly being used for node classification on graphs, wherein nodes with similar features have to be given the same label. Graph convolutional networks (GCNs) are one such widely studied neural network architecture that
Abstract: A wide variety of applications, such as modern payment systems, access control for critical infrastructures, healthcare applications like contact tracing, depend on location and proximity information. There are multiple ways to establish physical distance between two entities, most of which are prone to distance modification attacks and can lead to loss of property (e.g.,
Abstract: I’ll give a demo of the Internet Computer which hosts powerful smart contracts that are general purpose, tamperproof, composable, autonomous and run at web speed. I’ll proceed with an overview of the platform, which is a sharded blockchain system which offers advanced features such as on-chain governance, scaling and system upgrades. Needless to say,
Abstract: In this talk, I will introduce LTrack, a new tracking attack on LTE that allows an attacker to stealthily extract user devices’ locations and permanent identifiers (IMSI). To remain stealthy, the localization of devices in LTrack is fully passive, relying on our new uplink/downlink sniffer. Our sniffer records both the times of arrival of
Abstract: Attacks such as Spectre and Meltdown use a combination of speculative execution and shared microarchitectural state to leak information across security domains. Defeating them without massive performance overheads requires careful co-design of software and hardware. In this talk I will present a principled approach to this problem, based on hardware-software contracts for secure speculation,
Abstract: Decentralized Finance (DeFi) allows smart contracts to offer trustworthy and decentralized financial services. However, the trustworthiness of these systems depends on whether the human-readable specification and intent was correctly implemented. While these services handle billions of dollars, the security is still lacking. In this presentation we will examine the current state and why past
Abstract: Our society is increasingly reliant upon a wide range of Cyber-Physical Systems (CPS), Internet-of-Things (IoT), embedded, and so-called “smart”, devices. They often perform safety-critical functions in numerous settings, e.g., home, office, medical, automotive and industrial. Some devices are small, cheap and specialized sensors and/or actuators. They tend to have meager resources, run simple software,
Abstract: In this talk I’ll present the Frontal attack, a new timing side-channel attack on Intel CPU processors. Our attack exploits timing differences that arise from how the CPU frontend fetches and processes instructions while being interrupted. In particular, we observe that in modern Intel CPUs, some instructions’ execution times will depend on which operations
Abstract: The goal of secure multi-party computation (MPC) is to allow a set of parties to perform an arbitrary computation task, where the security guarantees depend on the set of parties that are corrupted. The more parties are corrupted, the less is guaranteed, and typically the guarantees are completely lost when the number of corrupted