Filter by content type
Select one or more filters. This choice will reload the page to display the filtered results.
688 results
-
-
Seminar
-
SoSysec
The Battle Against Bots: Current Threats and New Directions to Counter Automated Attacks
Speaker : Elisa Chiapponi - Amadeus IT Group
In today's digital landscape, the battle between industry and automated bots is an ever-evolving challenge. Attackers are leveraging advanced techniques such as residential proxies, CAPTCHA farms, and AI-enhanced fingerprint rotations to evade detection and execute functional abuse attacks, including web scraping, denial of inventory, and SMS pumping. This talk will explore ongoing efforts to[…]-
SoSysec
-
Intrusion detection
-
-
-
Seminar
-
SoSysec
From Deciding Knowledge to Intrusion Detection
Speaker : Yannick Chevalier - Université de Toulouse
By interpreting terms as distributions over strings, Abadi and Rogaway proved under suitable assumptions that indistinguishability in the computational setting, accepted as the impossibility for an observer to acquire knowledge from observing a protocol execution, is equivalent to formal equivalence in a symbolic setting. This result led to multiple results on “deciding knowledge” using static[…]-
SoSysec
-
Intrusion detection
-
-
-
Seminar
-
SemSecuElec
Acquisition and Exploitation of Traces from Connected Devices
Speaker : Francesco Servida - École des Sciences Criminelles, Université de Lausanne
This presentation aims to give an overview of the traces that can be obtained from connected objects as witnesses or actors at a crime scene. Using several scenarios we cover the challenges of detecting connected devices, the relevant locations for data retrieval and the techniques for acquiring said data. We then present how such data can be useful in helping to understand the dynamics of events[…]-
SemSecuElec
-
Embedded systems
-
-
-
Seminar
-
SemSecuElec
Understanding and fighting fault injections with programming languages
Speaker : Sébastien Michelland - Université Grenoble Alpes, Grenoble INP, LCIS
Would your latest program produce correct results if I skipped a statement in it? Two? Corrupted a variable at random? Then it might not be robust against _fault injection attacks_, which target hardware directly and have such effects. To be fair, nothing really resists them; still, efforts in designing protections have come a long way, relying (perhaps surprisingly) in large part on hardening[…]-
SemSecuElec
-
Fault injection
-
-
-
Seminar
-
Cryptography
Evaluation embarquée de l'entropie d'un générateur d'aléa pour la cryptographie
Speaker : David Lubicz - DGA et IRMAR
Dans cet exposé, nous présentons une méthode de mesure embarquée de la composante thermique du jitter de phase d'un couple d'anneaux d'oscillateurs : cette mesure est nécessaire pour calculer le taux d'entropie d'un générateur d'aléa physique basé sur des anneaux oscillants. La précision de cette mesure dont le principe repose sur un algorithme de type Monte-Carlo dépend de l' équidistribution de[…] -
-
-
Seminar
-
Cryptography
Generic SCARE: reverse engineering without knowing the algorithm nor the machine
Speaker : Hélène LE BOUDER - IMT Atlantique
A novel side-channel-based reverse engineering technique is introduced, capable of reconstructing a procedure solely from inputs, outputs, and traces of execution. Beyond generic restrictions, no prior knowledge of the procedure or the chip it operates on is assumed. These restrictions confine the analysis to 8-bit RISC constant-time software implementations. Specifically, the feasibility of[…] -