Table of contents

Description

  • Speaker

    Luca Demetrio - University of Genova

With the abundance of programs developed everyday, it is possible to develop next-generation antivirus programs that leverage this vast accumulated knowledge. In practice, these technologies are developed with a mixture of established techniques like pattern matching, and machine learning algorithms, both tailored to achieve high detection rate and low false alarms. While companies state the application of both techniques, no rigorous investigation on the interconnection between detection strategies have been properly discussed and evaluated, thus keeping further advancements in the field locked up in secrecy. In this talk, we will venture forth into both pattern-matching and data-based decision-making processes to study how they can be integrated, and how their performances can be tuned to improve their efficacy. Also, we will peek into the world of adversaries that want to sneak through these next-generation antivirus programs, highlighting new challenges as well.

Practical infos

Next sessions

  • Black-Box Collision Attacks on Widely Deployed Perceptual Hash Functions and Their Consequences

    • October 03, 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Métivier room

    Speaker : Diane Leblanc-Albarel - KU Leuven

    Perceptual hash functions identify multimedia content by mapping similar inputs to similar outputs. They are widely used for detecting copyright violations and illegal content but lack transparency, as their design details are typically kept secret. Governments are considering extending the application of these functions to Client-Side Scanning (CSS) for end-to-end encrypted services: multimedia[…]

    • Cryptography

    • SoSysec

  • CHERIoT RTOS: An OS for Fine-Grained Memory-Safe Compartments on Low-Cost Embedded Devices

    • November 21, 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Room Markov

    Speaker : Hugo Lefeuvre - The University of British Columbia

    Embedded systems do not benefit from strong memory protection, because they are designed to minimize cost. At the same time, there is increasing pressure to connect embedded devices to the internet, where their vulnerable nature makes them routinely subject to compromise. This fundamental tension leads to the current status-quo where exploitable devices put individuals and critical infrastructure[…]

    • SoSysec

    • Compartmentalization

    • Operating system and virtualization

    • Hardware/software co-design

    • Hardware architecture

Show previous sessions
Page top