[UC3M Security Lab]

Home | People | Research | Projects | Publications | Activities | Seminars | Teaching | BSCW | On media


About our seminars

We run a series of research talks and seminars related to the lab's working areas. Feel free to contact any member of the lab if you're interested in attending a seminar or giving a talk.

Next seminar:

Title: Invited Talk On Ethical Hacking
Speaker: Raoul Chiesa
Short Bio:
Raoul Chiesa has a deep knowledge on underground cyber world. He has wide experience in hacking and cybersecurity. Among others advisory jobs, he is currently leading an international project "Hackers Profiling Project" (HPP), that aims to improve the response to ICT crime and organised crime groups.
Abstract: ---
When / where: Friday, May 5th. 2.2.B08 lab
Material: ---

Past seminars:

Title: Adversarial Machine Learning in Malware Detection
Speaker: Héctor Menéndez (University College London)
Short Bio:
Bio: Héctor Menéndez is Research Associate in University College London. He holds a PhD. in Computer Science in Universidad Autónoma de Madrid (2014), a MSc in Computer Science (2012), a MSc in Mathematics (2013), a BSc in Computer Science (2010) and a BSc in Mathematics from Universidad Autónoma de Madrid (2010). He is involved with Software System Engineering Group (SSEG) at the Department of Computer Science in UCL. His main research interests are related to Information Theory, Software Testing, Malware Analysis, Adversarial Machine Learning, Clustering, Graph-based algorithms and Evolutionary Algorithms.
Abstract: Malware is one of the most relevant problems in cybersecurity. The Internet spreads tons of malicious software, compromising several personal devices. Big data models, based on machine learning, can handle these big quantities of malicious information, but machine learning algorithms were not designed to deal with adversaries, and this issue is generating a big gap between confidence and efficiency that has not been filled yet. This talk aims to introduce vulnerabilities on current machine learning based solutions, and different scenarios where adversaries exploit them. It also aims to give some advice for strengthening machine learning models against adversaries, with the aim of helping to solve this open problem.
When / where: Friday, Mar 10th
Material: ---
Title: Behind the scenes on cybersecurity. Threat intelligence of state-sponsored actors
Speaker: Artturi Lehtiö (F-Secure)
Short Bio:
Artturi Lehtiö has been employed by Finnish cybersecurity company F-Secure since 2014 and currently works as a researcher on subjects such as threat intelligence, threat hunting, malware analysis, and reverse engineering. Recently, much of his research has focused on the tools, tactics, and long-term evolution of suspected state-sponsored threat actors including substantial research into a group known as the Dukes. He has presented at conferences such as VirusBulletin 2015, SECURE.pl 2015, and t2'15.
When / where: Thursday, Oct 20th, 11:00h/ Room 2.1.C17
Material: ---
Title: Flirting under the tablet: Practical Detection of Collusion Potential with Logic Programming
Speaker: Dr. Jorge Blasco (City University London)
Short Bio:
Dr. Jorge Blasco obtained his PhD from University Carlos III of Madrid in 2012. His dissertation was focused in the field of information security and insider threats. He is an active Android and iOS app developer with several apps being available in both OS official markets. After obtaining his PhD, Jorge worked as an assistant lecturer in University Carlos III of Madrid. In 2014, he moved to City University London, where he works as a Research Fellow. His main research interests include mobile malware, steganography and covert channels. He has published several research papers in international Conferences and Journals.
Abstract: The Android operating system is designed with a number of built-in security features such as app sandboxing and fairly granular access controls based on permissions. In real life, however, the isolation of apps is limited as the Android OS supports multiple communication channels. The ability of apps with different security postures to communicate has a negative effect on security as an app (in a sandbox which has permissions to handle such data) is allowed to let sensitive data flow to another app (in another sandbox which has been denied permission to handle such data) and eventually leak out. In this talk we present a method to detect collusion potential between apps by over-approximation. We extract communication and access to protected-resources information from apps. Using logic programming, we identify arbitrary length sets of apps that may be potentially colluding. We have validated our approach against a set of manually crafted colluding applications. Additionally, we have tested our tool against a set of more than 40,000 apps. This is the first work that addresses collusion in such big scale. During the execution of our tool we have detected what we beleive, to best of the authors, knowledge, is the first case of application collusion in the wild.
When / where: Friday, May 20th, 12:30h/ Room 2.1.C08
Material: ---
Title: Ciclo de conferencias en Ciberseguridad ISACA/UC3M (COSEC)

Organizado por esta Escuela Politécnica Superior con la colaboración de ISACA (Information Systems Audit and Control Association) se va a celebrar un ciclo de conferencias sobre seguridad cuyo calendario y temas figuran en el adjunto. ISACA es una asociación internacional creada en 1967 que agrupa actualmente a casi 140.000 profesionales y emite varias certificaciones (CISA, CISM, CRISC, etc.) altamente valoradas en el mundo profesional de la auditoría y la seguridad de la información.

→ Programa (PDF)

Conferencia: Cookies y otras tecnologías de monitorización en Internet
Ponente: Alejandro Ramos. Responsable de Seguridad. ING Direct.

Biografía resumida:
Alejandro Ramos es el responsable del departamento de Seguridad de la Información de un gran banco online y profesor colaborador en el Master de Seguridad de la Universidad Europea de Madrid. Actualmente es uno de los editores del blog de divulgación de seguridad informáticaSecurityByDefault.com. y coautor del libro “Hacker Épico“.
Lugar y fecha: 14/09/2015 15:30. Sala de Video 3.1.S08 en Leganés. Se emitirá en videoconferencia a Colmenarejo.
Material: Presentación (PDF)
Conferencia: Estado de situación y retos del Esquema Nacional de Seguridad
Ponente: Miguel Ángel Amutio. Subdirector en Ministerio de Hacienda y AAPP

Biografía resumida:

Miguel A. Amutio Gómez, estudió en el Colegio La Salle de Deusto y es Licenciado en Informática por la Universidad de Deusto (1988). CISA, CISM, CRISC. Subdirector Adjunto en la S.G. de Coordinación de Unidades TIC de la Dirección de Tecnologías de la Información y las Comunicaciones del Ministerio de Hacienda y Administraciones Públicas. Es coordinador de la elaboración y desarrollo del Esquema Nacional de Seguridad (Real Decreto 3/2010) y del Esquema Nacional de Interoperabilidad (Real Decreto 4/2010), así como del desarrollo de las Normas Técnicas de Interoperabilidad previstas en la disposición adicional primera del Real Decreto 4/2010, junto con su documentación complementaria.

Curriculum - Version extendida (PDF)
Lugar y fecha: 21/09/2015 15:30. Aula de Grados en Leganés. Se emitirá en videoconferencia a Colmenarejo.
Material: Presentación (PDF)
Conferencia: Resiliencia en Entornos Críticos e Industriales
Ponente: Javier Osuna. Responsable División de Consultoría de GMV

Biografía resumida:

Javier Osuna es licenciado en Management Information Systems (MIS) por Clarkson University, completando su estudios con un Master en Administración de Empresas por esa misma Universidad. Javier lleva trabajando más de 20 años en los campos de Auditoría y Consultoría de Seguridad.  Inició sus andadura profesional en ANDERSEN (extinta Arthur Andersen), posteriormente trabajo para CAP GEMINI y en el año 2001, Javier se incorpora a Grupo GMV, donde ejerce como Jefe de División de Seguridad ofreciendo servicios a Organizaciones internacionales y nacionales de primer nivel en los campos de Ciberseguridad, Seguridad, Continuidad y Procesos. Dentro de sus áreas de especialización, cabe destacar Ciberseguridad, Planes de Continuidad y Contingencias, Sistemas de Gestión (unificados, seguridad, continuidad y calidad) y Planes Estratégicos. Javier es vocal de GMV en el grupo SC27 de AENOR y profesor de Continuidad de Negocio durante los últimos 5 años en el master de Seguridad UPM.  Adicionalmente, ha elaborado el capítulo 13 de INTYPEDIA, Seguridad en DNSs, ha publicado artíclos en medios reconocidos como Red Seguridad, SIC, Segurtecnia, BSI, Actualidad Económica, etc…, y ha participado en ponencias dentro de los ámbitos de Continuidad y Cyberseguridad en foros táles como la Primera Jornada de ISACA (Capítulo de Madrid), Expomanagement, Securmática y SEG2².

Lugar y fecha: 28/09/2015 15:30. Aula de Grados en Leganés. Se emitirá en videoconferencia a Colmenarejo.
Material: ---
Conferencia: Auditoría de Tecnologías de Información: realidad y nuevos retos
Ponente: Antonio de la Madrid. Responsable Auditoría TI de Telefonica

Biografía resumida:

Jefe de Auditoría de Redes y Sistemas en Telefónica España desde el año 2000, previamente trabajó como Senior Consultant en Accenture (1997-2000). Durante este tiempo tambien ejerció tareas como vocal de la junta directiva del Capítulo de ISACA-Madrid en los roles de Vicepresidente (2006-2008) y en el area de Formación y Certificaciones (2012-2014). Posee distintas certificaciones tales como CISA (Certified Informat), CIA (Certified Internal Auditor), Auditor Líder BS7799 ISO/IEC 27001 y ITIL Foundation.

Lugar y fecha: 5/10/2015 15:30. Aula de Grados en Leganés. Se emitirá en videoconferencia a Colmenarejo.
Material: Presentación (PDF)
Conferencia: Ciberseguridad en Entornos Industriales.
Ponente: Erik de Pablo. Director de Investigación de ISACA Madrid

Biografía resumida:

No disponible

Lugar y fecha: 19/10/2015 15:30. Ubicación por determinan en Leganés. Se emitirá en videoconferencia a Colmenarejo. Salón de Grados de Colmenarejo
Material: Presentación (PDF)
Conferencia: De qué, de quién y cómo protegernos en Internet.
Ponente: Arturo Ribagorda Garnacho. Catedrático UC3M. Director del Máster de Ciberseguridad.

Biografía resumida:

Ing. de Telecomunicación (UPM) y Dr. en Informática (UPM). Es Catedrático de Universidad. Dirige el Instituto Juan Velázquez de Velasco, de Inteligencia para la Seguridad y la Defensa, el Máster Universitario en Ciberseguridad y la Cátedra INDRA de Ciberseguridad. Codirige el Máster de Analista de Inteligencia (URJC, UC3M, UB, UABA). Ha sido director de la Escuela Politécnica Superior y del Departamento de Informática de la Universidad Carlos III de Madrid estando en posesión de su medalla de mérito.

Su actividad académica se centra en exclusiva en la Seguridad de las TIC, campo en el que comenzó a trabajar en el año 1988. Ha participado en proyectos de investigación autonómicos, nacionales y europeos, publicado numerosos artículos en revistas, nacionales e internacionales, y ponencias en congresos de la materia. Así mismo, es autor de cuatro libros versados en la seguridad. Dirige el grupo de investigación COSEC, Computer Security Lab (www.seg.inf.uc3m.es), constituido por cinco profesores titulares, cinco ayudantes doctores, cinco investigadores y varios profesores asociados.

Resumen: Breve resumen de la conferencia (PDF)
Lugar y fecha: 26/10/2015 15:30. Sala de Video 3.1.S08 en Leganés. Se emitirá en videoconferencia al Salón de Grados de Colmenarejo
Material: Presentación (PDF)

Title: Process Firewall: Protecting Programs During Resource Retrieval
Speaker: Trent Jaeger (Penn State University)
Short Bio:
Trent Jaeger is a Professor in the Computer Science and Engineering Department at The Pennsylvania State University and the Co-Director of the Systems and Internet Infrastructure Security Lab. Trent's research interests include systems security and the application of programming language techniques to improve security. He has published over 100 referreed papers on these topics and the book "Operating Systems Security," which examines the principles behind secure operating systems designs. Trent has made a variety of contributions to open source systems security, particularly to the Linux Security Modules framework, SELinux, integrity measurement in Linux, and the Xen security architecture. He is currently the Chair of the ACM Special Interest Group on Security, Audit, and Control (SIGSAC) and Program Chair of ASIACCS 2014. Trent has an M.S. and a Ph.D. from the University of Michigan, Ann Arbor in Computer Science and Engineering in 1993 and 1997, respectively, and spent nine years at IBM Research prior to joining Penn State.
Abstract: Programs must retrieve many system resources to execute properly, but there are several classes of vulnerabilities that may befall programs during resource retrieval. These vulnerabilities are difficult for programmers to eliminate because their cause is external to the program: adversaries may control the inputs used to build names, namespaces used to find the target resources, and the target resources themselves to trick victim programs to retrieve resources of the adversaries' choosing. In this talk, I will present a system mechanism, called the Process Firewall, that protects programs from vulnerabilities during resource retrieval by introspecting into running programs to enforce context-specific rules. Our key insight is that using introspection to prevent such vulnerabilities is safe because we only aim to protect processes, relying on access control to confine malicious processes. I will show that the Process Firewall can prevent many types of vulnerabilities during resource retrieval, including those involving race conditions. I will also show how to perform such introspection and enforcement efficiently, incurring much lower overhead than equivalent program defenses. Finally, I will describe a conceptual model that describes the conditions for safe resource retrieval, and outline how to produce enforceable rules from that model. By following this model, we find that the Process Firewall mechanism can prevent many vulnerabilities during resource retrieval without causing false positives.
When / where: Thursday, July 2nd, 11:00h/ 2.1.C19
Material: ---
Title: Hardware Security and Trust
Speaker: Giorgio Di Natale (Montpellier Laboratory of Informatics, Robotics and Microelectronics (LIRMM), FR)
Short Bio:
Giorgio Di Natale received the PhD in Computer Engineering from the Politecnico di Torino in 2003.
He is currently a researcher for the National Research Center of France at the LIRMM laboratory in Montpellier.
His research interests include: hardware security and trust, reliability, fault tolerance, test.
He is the Action Chair of the COST Action IC1204 (TRUDEVICE) on Trustworthy Manufacturing and Utilization of Secure Devices.
Moreover, he is the chair of the European group of the TTTC, Golden Core member of the Computer Society and Senior member of the IEEE.
Abstract: This talk will present a survey of known attacks, practices, relevant research works and solutions in the following categories:
� IC data (assets) attacks: These are attacks that aim at retrieving the secret data of the IC; e.g., hacking a smart cart to get the secret key;
� IC design (IP) attacks: These are attacks that aim at getting more information on the IC design in order to counterfeit it; e.g., perform reverse engineering on an IC or IP, steal and/or even claim the ownership;
� IC functionality (tampering) attacks: these are attacks that target the alternation of the original function of the chip/system. For example, a chip ceases functioning or continues to operate but then in an impaired manner, a chip introducing corruption in the data, etc.
� IC piracy: in these cases, fraudulent practices are used to illegally sell circuits to make "easy money". This class includes for example over-building of integrated circuit and re-packaging of used old circuits to re-sell as new ones.
When / where: 27 January 2015, 9:00h / (Room Edificio Juan Benet)
Material: ---
Title: Mining Structural and Behavioral Patterns in Smart Malware
Speaker: Guillermo Suarez-Tangil
Abstract: Smart devices equipped with powerful sensing, computing and networking capabilities have proliferated lately, ranging from popular smartphones and tablets to Internet appliances, smart TVs, and others that will soon appear (e.g., watches, glasses, and clothes). One key feature of such devices is their ability to incorporate third-party apps from a variety of markets. This poses strong security and privacy is- sues to users and infrastructure operators, particularly through software of malicious (or dubious) nature that can easily get access to the services provided by the device and collect sensory data and personal information.
Malware in current smart devices�mostly smartphones and tablets�has rocketed in the last few years, supported by sophisticated techniques (e.g., advanced obfuscation and targeted infection and activation engines) purposely designed to overcome security architectures currently in use by such devices. This phenomenon is known as the proliferation of smart malware. Even though important advances have been made on malware analysis and detection in traditional personal computers during the last decades, adopting and adapting those techniques to smart devices is a challenging problem. For example, power consumption is one major constraint that makes unaffordable to run traditional detection engines on the device, while externalized (i.e., cloud-based) techniques rise many privacy concerns.
This Thesis examines the problem of smart malware in such devices, aiming at designing and developing new approaches to assist security analysts and final users in the analysis of the security nature of apps. We first present a comprehensive analysis on how malware has evolved over the last years, as well as recent progress made to analyze and detect malware. Additionally, we compile together the most cutting-edge open source tools, and we design a versatile and multipurpose research laboratory for smart malware analys and detection.
Second, we propose a number of methods and techniques aiming at better analyzing smart malware in scenarios with a constant and large stream of apps that require security inspection. More precisely, we introduce Dendroid, an effective system based on text mining and information retrieval techniques. Dendroid uses static analysis to measures the similarity between malware samples, which is then used to automatically classify them into families with remarkably accuracy. Then, we present Alterdroid, a novel dynamic analysis technique for automatically detecting hidden or obfuscated malware functionality. Alterdroid introduces the notion of differential fault analysis for effectively mining obfuscated malware components distributed as parts of an app package.
Next, we present an evaluation of the power-consumption trade-offs among different strategies for off-loading, or not, certain security tasks to the cloud. We develop a system for testing several functional tasks and metering their power consumption. Based on the results obtained in this analysis, we then propose a cloud-based system, called Targetdroid, that addresses the problem of detecting targeted malware by relying on stochastic models of usage and context events derived from real user traces. Based on these models, we build an efficient automatic testing system capable of triggering targeted malware.
Finally, based on the conclusions extracted from this Thesis, we propose a number of open research problems and future directions where there is room for research.
When / where: 16 October 2014, 15:30h / (Room Sal�n de Grados - Auditorio Padre Soler)
Material: ---
Title: A user-managed access control model and mechanisms for Web Based Social Networks. Enhancing expressive power, co-ownership management, interoperability and authorized data exposures. (PhD Dissertation)
Speaker: Lorena González
Abstract: Web Based Social Networks (WBSNs) are well-known applications which are used by thousands of people worldwide. However, privacy issues, and access control in particular, cannot be disregarded. WBSNs consist of users who upload data to be shared with other users and the management of who is able to access to the uploaded data is a subject to study. In this respect, this thesis focuses on four aspects. First, WBSN users have to specify their privacy preferences in a fine-grained way. Second, WBSN data is not usually related to a single user, who uploads it and who is considered the owner, but to multiple users who are referred to as co-owners. Then, access control has to be managed preserving the privacy of both, owners and co-owners, such that all their privacy preferences are satisfied without restrictions. Thirdly, the great quantity of WBSNs forces users upon being enrolled in many of them, though being access control management a cumbersome task. Lastly, users upload data to WBSNs and providers store it and may use it for unnoticed or unauthorized purposes.
The goal of this thesis is to facilitate fine-grained access control management along the whole usage process within and among different WBSNs in a privacy preserving way. Firstly, an expressive usage control model, together with its administrative model, is proposed to achieve the definition of fine-grained access control preferences.
Based on previous models, a mechanism to manage co-ownership corresponds to the second contribution of this thesis. Data is decomposed in parts and each of them is assigned to the owner or to a co-owner who establishes access control preferences. Then, these preferences are jointly evaluated and the privacy of all users is completely preserved.
Having the right tools to manage access control in a fine-grained way, the third and last contribution of this thesis is a pair of protocols, one being based on an extension of the other, to attain interoperability, reusability and unauthorized data exposures among different WBSNs. Also taking the proposed usage control model as the underlying base to manage access control, these protocols reduce the burden of managing access control in different applications and thus, they help to increase users' control over their data.
When / where: 30 June 2014, 11:30h / (Room 1.2.C16)
Material: ---
Title: Attacks Against Instrusion Detection Networks: Evasion, Reverse Engineering and Optimal Countermeasures (PhD Dissertation)
Speaker: Sergio Pastrana
Abstract: Intrusion Detection Networks (IDNs) constitute a primary element in current cyberdefense systems. IDNs are composed of different nodes distributed among a network infrastructure, performing functions such as local detection--mostly by Intrusion Detection Systems (IDS)--, information sharing with other nodes in the IDN, and aggregation and correlation of data from different sources. Overall, they are able to detect distributed attacks taking place at large scale or in different parts of the network simultaneously.
IDNs have become themselves target of advanced cyberattacks aimed at bypassing the security barrier they offer and thus gaining control of the protected system. In order to guarantee the security and privacy of the systems being protected and the IDN itself, it is required to design resilient architectures for IDNs capable of maintaining a minimum level of functionality even when certain IDN nodes are bypassed, compromised, or rendered unusable. Research in this field has traditionally focused on designing robust detection algorithms for IDS. However, almost no attention has been paid to analyzing the security of the overall IDN and designing robust architectures for them.
This Thesis provides various contributions in the research of resilient IDNs grouped into two main blocks. The first two contributions analyze the security of current proposals for IDS nodes against specific attacks, while the third and fourth contributions provide mechanisms to design IDN architectures that remain resilient in the presence of adversaries.
When / where: 16 June 2014, 12:00h / (Room 3.1.S08)
Material: Thesis Document
Title: Risk analysis and management
Speaker: Dr. D. Antonio Ma�as
Abstract: The public or private organizations depend on information technology to achieve their service goals. Current concern about risk management is directly related to the widespread use of electronic and computer media which bring clear benefits for users; but it also causes risks that must be managed.
Knowing the risks to which working items are exposed to is indispensable to manage them. Many informal guides, methodical approaches and tools have appeared to support their analysis to know how safe (or unsafe) they are. The challenge of these approaches is the complexity of the problem they face up to; complexity in the sense that there are many elements to consider, and if analysises are not rigorous, achieved conclusions will be unreliable. This is why a methodical approach that leaves no room for improvisation, is pursued.
Security concerns are recurrent because even being in hands of information systems, there are serious responsibilities to meet organization goals. Affected people wonder whether these systems deserve their trust; trust that diminishes in regard to each error, specially if investments do not result in the absence of faults. Ideally, systems do not fail. However, we live with systems that fail. Therefore, the issue is not the absence of incidents but knowing what can happen and what to do when it happens. Fear of the unknown is the main source of distrust and consequently, knowledge brings confidence: knowing the risks to control and face up to.
When / where: 24, 26 March 2014, 10:00-13:00h / (Room 2.3.A03)
Material: ---
Title: Well-behaved (Multicore) Mobile Clouds - An Overview
Speaker: Flavio Lombardi (Department of Mathematics, Universit� di Roma Tre)
Abstract: The increasing need for performing complex computations has motivated outsourced computing, which is increasingly popular thanks to the convenience of cloud computing resources. These latter can be themselves hosted on mobile nodes, thus allowing workload distribution over multiple wireless nodes. However, the complexity of such systems renders them vulnerable to malicious or selfish behavior. In fact, computing nodes can potentially misbehave or fail. Exploiting the external redundancy of cloud nodes can help guarantee correctness, security and availability of results. In this presentation, we introduce distributed computing security and reliability issues of a (possibly mobile) cloud. Furthermore, we discuss the opportunities and issues of leveraging the internal redundancy of cloud multicore computing resources.
When / where: 13 Nov. 2013, 13:00h / (Room 2.1.D03)
Material: ---

Title: Authentication in constrained settings
Speaker: Katerina Mitrokotsa (University of Applied Sciences of Western Switzerland)
Abstract: Access to restricted services and/or places requires authentication. However, authentication is sometimes performed in: i) noisy conditions, ii) hostile environments and iii) constrained settings. By noisy conditions, we refer to noise in the communication channel that may lead to modification of the transmitted information. By hostile environments we mainly refer to environments where attackers may attempt to impersonate legitimate users, while by constrained settings we refer to environments that may include communication among wireless devices with limited resources. Authentication is a decision making problem where we need to decide whether or not to accept the credentials of an identity-carrying entity. In the context of cryptographic authentication, we have extensively investigated the family of distance bounding protocols. These can be used as the main countermeasure against relay attacks. We analyse the security of such protocols. These authentication problems will also be briefly connected to the problem of privacy-preservation.
When / where: 12 Jun. 2013, 11:00h / Adoraci�n de Miguel (Room 1.2.C16)
Material: ---

Title: Frontiers in sequential decision making
Speaker: Christos Dimitrakakis �cole polytechnique f�d�rale de Lausanne (EPFL)
Abstract: Reinforcement learning is the problem of learning how to act in an unknown environment via interaction and limited feedback. Within the framework of decision theory, the problem can be formally solved by assuming a Bayesian viewpoint. However, in many cases both Bayesian inference and planning may be computationally intractable. In this talk I shall give an overview of my past and current research in the field. The first part shall discuss near-optimal algorithms for planning problems in this setting. The second part shall focus on methods for Bayesian inference for learning to act in continuous state spaces, with a focus on generality and computational efficiency.
When / where: 12 Jun. 2013, 12:30h / Adoraci�n de Miguel (Room 1.2.C16)
Material: ---

Title: Cryptographic systems. The technical state of the art
Speaker: Luis Hern�ndez Encinas (Consejo Superios de Investigaciones Cient�ficas (CSIC) & Universidad Carlos III de Madrid)
Abstract: This seminar bases on: I. Introduction of cryptography; II. Mathematical fundamentals in cryptography; III. Eliptic curves cryptosystems; IV. Digital signatures; V. Nonstandard digital signatures; VI. Secret sharing; and VII. Physical devices attacks
When / where: 30 Jan. 2013, 1600h-2000h / Room 2.1.C10
31 Jan. 2013, 1600h-2000h / Room 2.1.C10
Material: ---

Title: Research Issues on Internet Security
Speaker: Antonio Villani (Università di Roma Tre)
Abstract: One of the most perpetuated attacks in Internet is the Denial of Service (DoS) attack. Despite the strong effort made by the research community, a DoS attack remains the simplest way to damage an organization. We present a comparison of different metrics for DoS detection that have been evaluated on real and heterogeneous dataset. Further, the difficulty of sharing network logs rise many privacy concerns. In this talk, we present a novel techniques to anonymize network traces which offers some formal guarantees on the user's privacy while preserving data utility. Related to this issue is the security of the Border Gateway Protocol (BGP). Indeed, despite its importance, the BGP lacks of strong security features; in particular, the Autonomous System (AS) origin authentication is one of the most considerable properties to preserve. Many solutions to this problem have been proposed in the literature, but no one has been adopted so far. We present a new and efficient solution to the AS origin authentication based on Identity Based Cryptography. Finally, some interesting open research issues in this context will be highlighted.
When / where: 13 Mar 2012, 1600h / Room 2.1.C01
Material: ---

Title: Data Survivability
Speaker: Roberto Di Pietro (Università di Roma Tre & Universidad Carlos III de Madrid)
Abstract: In this series of lectures the speaker will focus on what are the threats and countermeasures (in several and compelling contexts) to have data survive against an adversary motivated to delete it. In particular, we will introduce first the concept of epidemiology-inspired solutions to have data survive in mobile networks. Later, we will focus on the same problem of data survivability, but focusing on the checks required to assure that outsourced data (e.g. to GoogleDocs) is still in place. Finally, we will highlight what are some of the threats and countermeasures in the novel context of data deduplication (e.g. in Dropbox).
When / where: 13 Mar 2012, 1300h-1400h / Room 2.1.C17
14 Mar 2012, 1100h-1400h / Room 2.1.C17
15 Mar 2012, 1100h-1400h / Room 2.1.C17
Material: More info here

Title: Unattended Wireless Sensor Networks: Security threats and countermeasures
Speaker: Roberto Di Pietro (Università di Roma Tre & Universidad Carlos III de Madrid)
Abstract: In this series of lectures the speaker will first introduce the Unattended Wireless Sensor Networks (UWSNs) model, later he will highlight some of the security threats this model is subject to (e.g. data authentication and survivability), as well as associated countermeasures. How to achieve self-healing in front of node compromising is also discussed. This newly introduced model (UWSNs) can be considered still in its infancy, and smart (or smarter) solutions on these and close problems are still on call.
When / where: 14 Feb 2012, 1300h-1400h / Room 2.1.C19
15 Feb 2012, 1100h-1400h / Room 2.1.C19
16 Feb 2012, 1100h-1400h / Room 2.1.C17
Material: More info here