Security Seminar at LORIA

Security Seminar at LORIA

If you want to receive announcements for future seminars, feel free to subscribe to the mailing-list.
A link to an ical file is available, for your digital calendars.

Talks 2018 – 2019

Thursday September 27 2018

Clémentine Maurice (CNRS, IRISA)
Evolution of microarchitectural attacks
A008, 13:30
Hardware is often considered as an abstract layer that behaves correctly, just executing instructions and outputing a result. However, the internal state of the hardware leaks information about the programs that are executing, paving the way for covert or side-channel attacks. In this presentation, we will cover the evolution of microarchitectural attacks. We will first have a look at a historical recap of past attacks and how the field evolved in the last years. We will focus on two recent trends, that are practical attacks (by demonstrating robust covert channels in the cloud) and the increase of the attack surface. We will conclude with the different challenges and open questions that the field is facing.

Thursday October 11 2018

Bryan Ford (EPFL)
Coins, Clubs, and Crowds: Scaling and Decentralization in Next-Generation Blockchains and Cryptocurrencies
Amphi C, 13:30
Building secure systems from independent, mutually distrustful parties is an old topic in computer science. But despite its attendant hype and misinformation, today's “blockchain bandwagon” has successfully brought the gospel of decentralization - both a realization of its possibility and an appreciation for its value - to mainstream society. Currently-deployed blockchains, however, are slow, unscalable, weakly consistent, profligate in energy use, and have effectively re-centralized due to market pressures. We will explore ongoing challenges and progress in rethinking blockchain architecture to improve scalability, efficiency, functionality, privacy, and decentralization. We will explore how decentralized building blocks such as collective signatures and scalable distributed randomness enable architecturally modular solutions to challenges such as scalable Byzantine consensus, horizontal sharding, proof-of-stake, and blockchain-managed secrets. Finally, we explore challenges in fairness and democratization in decentralized systems, how “proof-of-personhood” blockchains could enable information forums and anonymous reputation systems resistant to propaganda campaigns, and how democratic cryptocurrencies could offer a permissionless analog of universal basic income.

Bio: Prof. Bryan Ford leads the Decentralized/Distributed Systems (DEDIS) research laboratory at the Swiss Federal Institute of Technology in Lausanne (EPFL). Ford focuses broadly on building secure decentralized systems, touching on topics including private and anonymous communication, scalable decentralized systems, blockchain technology, Internet architecture, and operating systems. Ford earned his B.S. at the University of Utah and his Ph.D. at MIT, then joined the faculty of Yale University where his work received the Jay Lepreau Best Paper Award and grants from NSF, DARPA, and ONR, including the NSF CAREER award. His continuing work receives support from EPFL, the AXA Research Fund, and numerous industry partners. He has served on numerous prestigious advisory boards including on the DARPA Information Science and Technology (ISAT) study group, the Swiss FinTech Innovations (SFTI) advisory board, and the Swiss Blockchain Taskforce.

Thursday November 15 2018

Corinna Schmitt (Universität der Bundeswehr München)
Authentication in IoT Networks
C005, 14:00
Today over 35 billion devices are connected with each other building the Internet of Things (IoT). The device diversity ranges from constrained devices (e.g., sensor, Smartwatches) over Tables and Smartphone to resource-rich devices like notebooks and servers. In parallel the stack in IoT shows also diversity and includes usage of many standards and third-party services at the same time from collection point to the application. Manifold data is collected all the time and the users have less knowledge about it, but their awareness of misuse rises.
Based on this quite complex situation, authentication in IoT networks is important. But which authentication are we speaking of here? In general two opportunities exist: (1) authentication within the deployed network (e.g., between the devices using encryption and handshakes) and (2) authentication from the user side controlling the access. In this talk the focus is placed on the second opportunity, namely user authentication. Most techniques are smartcard based, but the Web-based approach developed within SecureWSN is different: It is based on credentials and automatically handled requests without involvement of third-parties giving data owner full control of access. Thus, first features of the GDPR strengthening ownership are included in SecureWSN.

Bio: Corinna Schmitt holds a Diploma in Bioinformatics (Dipl. Informatik (Bioinformatik)) from the Eberhard-Karls University of Tübingen (Germany) and a Doctor in Computer Science (Dr. rer. nat.) from the Technische Universität München (Germany). She established an efficient data transmission protocol - called TinyIPFIX - with additional features for aggregation, compression, and secure transmission, complementing it with an user-friendly and flexible GUI (CoMaDa).
From spring 2013 to May 2018 she was employed at the University of Zurich (Switzerland) as "Head of Mobile and Trusted Communications" at the Communication Systems Group (CSG) of Prof. Dr. B. Stiller. Her focus was on constrained networks, security and privacy issues, as well as on Internet of Things related issues. After several years of visiting status at the goup of Prof. Dr. Gabi Dreo-Rodosek at the Universität der Bundeswehr München (Germany) she joint the affiliated Research Institute CODE as researcher and laboratory supervisor. Her research focuses is the same as at the CSG-Group with expands to the application area of military communication and Smart City.
Her work is documented in more than 30 publications, including 8 book chapters, the RFC 8272 on "TinyIPFIX for Smart Meters in Constrained Networks", and the ITU-T recommendation Y.3013 on "Socio-economic Assessment of Future Networks by Tussle Analysis". She contributes / contributed to several EU projects (e.g., CONCORDIA, AutHoNe, SmartenIT, FLAMINGO, symbIoTe) and different standardization organizations (IETF, ITU, ASUT) until now and continues with these activities and recruits research funds continuously. She is active in ACM and IEEE as TCP member, as well as reviewer for several journals and organizer of conferences.

Thursday December 20 2018

Tayssir Touili (LIPN (Laboratoire d'Informatique de Paris Nord))
On static malware detection
C005, 13:30
The number of malware is growing extraordinarily fast. A malware may bring serious damage. Thus, it is crucial to have efficient up-to-date virus detectors. A robust malware detection technique needs to check the behavior (not the syntax) of the program without executing it. We show in this talk how using behavior signatures allow to efficiently detect malwares in a completely static way. We applied our techniques to detect several malwares. Our tool was able to detect more than 800 malwares. Several of these malwares could not be detected by well-known anti-viruses such as Avira, Avast, Norton, Kaspersky and McAfee

Thursday February 28 2019

Aurore Guillevic (INRIA - LORIA)
A008, 13:30

Thursday April 4 2019

Gilles Barthe (MPI (Bochum) and IMDEA (Madrid))
A008, 13:30
© 2013 - 2018 Pierrick Gaudry, Marion Videau and Emmanuel Thomé ; XHTML 1.0 valide, CSS valide