55 results

  • DroidGuard: A Deep Dive into SafetyNet

    • January 06, 2023

    • Inria Center of the University of Rennes - - Room TBD

    Speaker : Romain Thomas (Quarkslab)

    SafetyNet is the Android component developed by Google to verify the devices’ integrity. These checks are used by the developers to prevent running applications on devices that would not meet security requirements but it is also used by Google to prevent bots, fraud and abuse.In 2017, Collin Mulliner & John Kozyrakis made one of the first public presentations about SafetyNet and a glimpse into the[…]

  • Not so AdHoc testing: formal methods in the standardization of the EDHOC protocol

    • December 16, 2022

    • Inria Center of the University of Rennes - - Room TBD

    Speaker : Charlie Jacomme (Inria Paris)

    We believe that formal methods in security should be leveraged in all the standardisation’s of security protocols in order to strengthen their guarantees. To be effective, such analyses should be:* maintainable: the security analysis should be performed on every step of the way, i.e. each iteration of the draft;* pessimistic: all possible threat models, notably all sort of compromise should be[…]

  • Thwarting covert adversaries in FHE pipelines

    • December 09, 2022

    • Inria Center of the University of Rennes - - Room TBD

    Speaker : Sylvain Chatel (EPFL)

    Fully Homomorphic Encryption (FHE) enables computations to be executed directly on encrypted data without decryption, thus it is becoming an auspicious solution to protect the confidentiality of sensitive data without impeding its usability for the purpose of analytics. While many practical systems rely on FHE to achieve strong privacy guarantees, their constructions only consider an honest-but[…]

  • Reasoning over leaks of information for Access Control of Databases

    • October 13, 2022

    • Inria Center of the University of Rennes - - Room TBD

    Speaker : Pierre Bourhis (CNRS, CRISTAL)

    Controlling the access of data in Database management systems is a classical problem and it has been solved through different mechanisms. One of the most common mechanism implemented in most Database management systems is the mechanism of views, i.e defining the accessible data of a user as the result of a query. This mechanism is also used in principle in other systems such as in social networks.[…]

  • Learning-Based Network Intrusion Detection: an Imbalanced, Constantly Evolving and Timely Problem

    • October 07, 2022

    • Inria Center of the University of Rennes - - Room TBD

    Speaker : Maxime Pelcat (INSA Rennes)

    Network intrusion detection systems (NIDS) observe network traffic and aim to pinpoint intrusions, i.e. effective threats on the integrity, availability or confidentiality of services and data provided by this network. There are two types of NIDS:1) signature-based intrusion detection systems that identify known intrusions by referring to an existing knowledge base, and2) anomaly-based intrusion[…]

  • L’empoisonnement de données semble-t-il un risque réaliste ?

    • September 23, 2022

    • Inria Center of the University of Rennes - - Room TBD

    Speaker : Adrien Chan-Hon-Tong (ONERA)

    Les attaques adversaires ont rencontré un fort écho dans la communauté de vision par ordinateur. Pour autant, via ce type d’attaque, un hacker ne peut modifier le comportement de l’algorithme ciblé que localement. Inversement, l’empoisonnement de données est en mesure de modifier globalement le comportement de l’algorithme visé, et, il n’est pas forcément détectable par un opérateur notamment si[…]
Page top