16.11.
2017
von 16:15–17:15 Uhr

DLS in Cybersecurity: Secure Deduplication - Models and Optimization

Abstract
Deduplication is a widely used mechanism in cloud storage systems which can greatly increase efficiency. The basic idea is to remove duplicate stored files, replacing copies with a pointer to a single version. Empirical evidence shows that deduplication can be extremely effective in reducing both storage requirements and bandwidth used for uploading. However, deduplication also introduces severe challenges to security. There is an inherent conflict between the use of deduplication and the desire of users to encrypt their files prior to uploading. Even if this problem can be solved, client-side deduplication opens up a side channel which can reveal information to an adversary, as shown in 2010 by Harnik et al.

Details anzeigen
19.10.
2017
von 16:15–17:15 Uhr

DLS in Cybersecurity: Security as a Science - Are we making progress?

Abstract
Recent years have seen increasing calls to make security research more “scientific”. Who can argue with science being desirable? But what exactly do people mean when they suggest this, and what are they really seeking? There is little clarity on what a “Science of Security” would look like. We consider this question, in the context of historical science and more recent security research, offer observations and insights, and suggest where things might be improved.

Details anzeigen
21.09.
2017
von 16:15–17:15 Uhr

DLS in Cybersecurity: Sanctum - Towards an Open-Source, Formally-Verified Secure Processor

Abstract
Architectural isolation can be used to secure computation on a remote secure processor with a private key where the privileged software is potentially malicious as recently deployed by Intel's Software Guard Extensions (SGX). This talk will first describe the Sanctum secure processor architecture, which offers the same promise as SGX, namely strong provable isolation of software modules running concurrently and sharing resources, but protects against an important class of additional software attacks that infer private information by exploiting resource sharing....

Details anzeigen
20.07.
2017
von 16:15–17:15 Uhr

DLS in Cybersecurity: New Threat Models for Cryptography

Abstract
Traditionally cryptography is used to protect communications and stored data. The cost of strong cryptography has been decreasing and today cryptography is used in tens of billions of devices. However, it has become apparent that ever more sophisticated attacks are launched to undermine or bypass cryptography: these attacks include compromising end systems, exploiting vulnerabilities in key management procedures, and inserting backdoors in cryptographic standards. We conclude by analyzing how these new threat models affect future research in cryptology and information security.

Details anzeigen
09.03.
2017
von 16:15–17:15 Uhr

DLS in Cybersecurity: Building Robust Distributed Systems and Network Protocols

Abstract
Most distributed systems and network protocols are designed to meet fault-tolerance, performance, and security goals. The high-level steps involved in the life cycle of a protocol development include protocol specification, design, implementation, and deployment....

Details anzeigen
26.01.
2017
von 16:15–17:15 Uhr

Algorithm Engineering for Graph Traversal and Graph Generation in External-Memory

Abstract
Large graphs arise naturally in many real world applications. The actual performance of simple RAM model algo- rithms for traversing these graphs (stored in external memory) deviates significantly from their linear or near-linear predicted performance because of the large number of I/Os they incur....

Details anzeigen
24.11.
2016
von 16:15–17:15 Uhr

DLS in Cybersecurity: Reflections on Code-Reuse Attacks and Defenses

Abstract:
Code reuse attacks have become prevalent techniques to exploit memory corruption vulnerabilities in software programs. The focus of most attacks is on modifying code pointer and a variety of corresponding defenses has been proposed, of which some have already been successfully bypassed. With data-oriented attacks, new opportunities for attackers have emerged and the arms race continues. ...

Details anzeigen
12.05.
2016
von 16:15–17:15 Uhr

Quantum-Secure Authentication of Physical Optical Keys

Authentication is a crucial factor in security.  Authentication can be based on “what you have” or on “what you know”, i.e. traditional physical or digital keys. Both can be easily copied. The modern version of the traditional physical key is the Physical Unclonable Function (PUF): an object that cannot feasibly be copied because of the inherent randomness in its manufacture.

Details anzeigen
28.04.
2016
von 16:15–17:15 Uhr

"Automated Debugging: Are We There Yet?"

Software debugging, which involves localizing, understanding, and removing the cause of a failure, is a notoriously difficult, extremely time consuming, and human-intensive activity. This talk provides an overview of the state of the art in the broader area of software debugging, presents our research on assessing strengths and weaknesses of the main existing debugging techniques, discusses a set of open challenges in this area, and sketches future research directions that may help address these challenges.

Details anzeigen
21.04.
2016
von 16:15–17:15 Uhr

A Timing Approach to Causal Network Inference: From Brain to Social Networks and Beyond

One of the paramount challenges of this century is that of understanding complex, dynamic, large-scale networks. Such high-dimensional networks, including communication, social, financial, and biological networks, cover the planet and dominate modern life. In this talk, we propose novel approaches to inference of information in such networks, using timing that provides rich information for both active and passive learning scenarios. 

Details anzeigen
vorherige SeiteSeite 2 von 5nächste Seite