Filter by content type
Select one or more filters. This choice will reload the page to display the filtered results.
725 results
-
-
Seminar
-
SoSysec
The Battle Against Bots: Current Threats and New Directions to Counter Automated Attacks
Speaker : Elisa Chiapponi - Amadeus IT Group
In today's digital landscape, the battle between industry and automated bots is an ever-evolving challenge. Attackers are leveraging advanced techniques such as residential proxies, CAPTCHA farms, and AI-enhanced fingerprint rotations to evade detection and execute functional abuse attacks, including web scraping, denial of inventory, and SMS pumping. This talk will explore ongoing efforts to[…]-
SoSysec
-
Intrusion detection
-
-
-
Seminar
-
SoSysec
From Deciding Knowledge to Intrusion Detection
Speaker : Yannick Chevalier - Université de Toulouse
By interpreting terms as distributions over strings, Abadi and Rogaway proved under suitable assumptions that indistinguishability in the computational setting, accepted as the impossibility for an observer to acquire knowledge from observing a protocol execution, is equivalent to formal equivalence in a symbolic setting. This result led to multiple results on “deciding knowledge” using static[…]-
SoSysec
-
Intrusion detection
-
-
-
Seminar
-
SemSecuElec
Acquisition and Exploitation of Traces from Connected Devices
Speaker : Francesco Servida - École des Sciences Criminelles, Université de Lausanne
This presentation aims to give an overview of the traces that can be obtained from connected objects as witnesses or actors at a crime scene. Using several scenarios we cover the challenges of detecting connected devices, the relevant locations for data retrieval and the techniques for acquiring said data. We then present how such data can be useful in helping to understand the dynamics of events[…]-
SemSecuElec
-
Embedded systems
-
-
-
Seminar
-
SemSecuElec
Understanding and fighting fault injections with programming languages
Speaker : Sébastien Michelland - Université Grenoble Alpes, Grenoble INP, LCIS
Would your latest program produce correct results if I skipped a statement in it? Two? Corrupted a variable at random? Then it might not be robust against _fault injection attacks_, which target hardware directly and have such effects. To be fair, nothing really resists them; still, efforts in designing protections have come a long way, relying (perhaps surprisingly) in large part on hardening[…]-
SemSecuElec
-
Fault injection
-
-
-
Seminar
-
Cryptography
Password-Authenticated Key Exchange (PAKE) from Isogenies
Speaker : Sabrina Kunzweiler - Université Bordeaux
The passwords that we use in our everyday life are often chosen to be easily memorable which makes them vulnerable to attacks. This problem is addressed by password-authenticated key exchange (PAKE). The general idea is to enable two parties who share the same (potentially weak) password to establish a strong session key. Most PAKE protocols used today are based on Diffie-Hellman key exchange in[…] -
-
-
Seminar
-
Cryptography
Generic Attack on Duplex-Bases AEAD Modes using Random Function Statistics
Speaker : Rachelle Heim Boissier - Inria
Duplex-based authenticated encryption modes with a sufficiently large key length are proven to be secure up to the birthday bound 2^(c/2), where c is the capacity. However this bound is not known to be tight and the complexity of the best known generic attack, which is based on multicollisions, is much larger: it reaches 2^c/α where α represents a small security loss factor. There is thus an[…] -