Filter by content type
Select one or more filters. This choice will reload the page to display the filtered results.
644 results
-
-
Seminar
-
SoSysec
When Good Components Go Bad: Formally Secure CompilationDespite Dynamic Compromise
Speaker : Catalin Hritcu (Inria Paris)
We propose a new formal criterion for secure compilation, providing strong end-to-end security guarantees for components written in unsafe, low-level languages with C-style undefined behavior. Our criterion is the first to model dynamic compromise in a system of mutually distrustful components running with least privilege. Each component is protected from all the others until it becomes[…] -
-
-
Seminar
-
SoSysec
A Formal Analysis of 5G Authentication
Speaker : Sasa Radomirovic (University of Dundee)
Mobile communication networks connect much of the world’s population. The security of users’ calls, text messages, and mobile data depends on the guarantees provided by the Authenticated Key Exchange protocols used. For the next-generation network (5G), the 3GPP group has standardized the 5G AKA protocol for this purpose.In this talk, I will report on our formalization of the 5G standard’s AKA[…] -
-
-
Seminar
-
SoSysec
Machine Learning for Computer Security Detection Systems: Practical Feedback and Solutions
Speaker : Anaël Beaugnon (ANSSI)
Machine learning based detection models can strengthen detection, but there remain some significant barriers to the widespread deployment of such techniques in operational detection systems. In this presentation, we identify the main challenges to overcome and we provide both methodological guidance and practical solutions to address them. The solutions we present are completely generic to be[…] -
-
-
Seminar
-
SoSysec
The Internet of Backdoors
Speaker : par Sam L. Thomas (University of Birmingham, UK)
Complex embedded devices are becoming ever prevalent in our everyday lives, yet only a tiny amount of people consider the potential security and privacy implications of attaching such devices to our home, business and government networks. As demonstrated through recent publications from academia and blog posts from numerous industry figures, these devices are plagued by poor design choices[…] -
-
-
Seminar
-
SoSysec
Subject Access Request and Proof of Ownership
Speaker : Cédric Lauradoux (INRIA Rhône-Alpes)
The GDPR (General Data Protection Regulation) provides rights on our data: access, rectification, objection, etc. However, this regulation is not binding on how we can exercise these rights. Data controllers have therefore deployed various methods to authenticate subject requests. We have analyzed how this authentication process can fail and examined its consequences. Our study shows that a key[…] -
-
-
Seminar
-
SoSysec
Splitting the Linux Kernel for Fun and Profit
Speaker : Chris Dalton (HP, Bristol, UK)
This talk looks at a pragmatic attempt at strengthening the security properties of Linux by introducing a degree of intra-kernel protection into the Linux kernel (supported by CPU Virtualization silicon features). Consider it, if you like, an attempt at retrofitting a ‘micro-kernel’ interface into traditionally monolithic Linux whilst maintaining a single linux code base (yes it’s still Linux), no[…] -