Table of contents

  • This session has been presented November 22, 2024 (11:00 - 12:00).

Description

  • Speaker

    Elisa Chiapponi - Amadeus IT Group

In today's digital landscape, the battle between industry and automated bots is an ever-evolving challenge. Attackers are leveraging advanced techniques such as residential proxies, CAPTCHA farms, and AI-enhanced fingerprint rotations to evade detection and execute functional abuse attacks, including web scraping, denial of inventory, and SMS pumping.

This talk will explore ongoing efforts to detect and mitigate these automated threats in a real-world environment, focusing on new work-in-progress approaches. We will delve into new strategies to counter the rise of automated attacks, such as AI-driven detection models, reputation databases, and timing measurements. Additionally, we will discuss the usage of techniques like mirroring real websites to lure and mislead attackers, and the shift towards analyzing functional behavior rather than relying solely on fingerprinting. Throughout the talk, we will consider the challenges and limitations of implementing these solutions within a large-scale, real-world company, and invite discussion on how to overcome these obstacles.

Practical infos

Next sessions

  • Vers l’émergence d’un droit européen pour la Blockchain : Une approche sous l’angle de la Privacy et de l’encadrement des crypto-actifs

    • December 05, 2025 (10:00 - 11:00)

    • Inria Center of the University of Rennes - Aurigny room

    Speaker : Damien Franchi - Univ Rennes, IODE

    La Blockchain, technologie derrière Bitcoin, fait l’objet d’un encadrement juridique de plusen plus important, en particulier de la part de l’Union européenne. Curieusement, le mot« Blockchain » n’apparaît pas dans les textes l’encadrant. Les expressions « technologie deregistres distribués » (Distributed ledger technology, DLT), ou, parfois, « registreélectronique » lui sont plutôt privilégiées.[…]

    • SoSysec

    • Law

  • Blockchain and digital currencies: between European regulation and technological challenges

    • December 05, 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Aurigny room

    Speaker : Loïc Miller - CentraleSupélec

    As the European Union develops a legal framework for crypto-assets and data protection, the technological question underlying the emergence of a genuine digital currency remains open. Blockchain today stands as an interdisciplinary field of study at the crossroads of computer science, economics, and law. This presentation will place the ongoing regulatory framework in perspective with the[…]

    • SoSysec

    • Distributed systems

  • Hardware-Software Co-Designs for Microarchitectural Security

    • December 11, 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Room Petri/Turing

    Speaker : Lesly-Ann Daniel - EURECOM

    Microarchitectural optimizations, such as caches and speculative out-of-order execution, are essential for achieving high performance. However, these same mechanisms also open the door to attacks that can undermine software-enforced security policies. The current gold standard for defending against such attacks is the constant-time programming discipline, which prohibits secret-dependent control[…]

    • SoSysec

    • Hardware/software co-design

    • Micro-architectural vulnerabilities

Show previous sessions
Page top