Filter by content type
Select one or more filters. This choice will reload the page to display the filtered results.
684 results
-
-
Seminar
-
SoSysec
An evaluation of Symbolic Execution Systems and the benefits of compilation with SymCC
Speaker : Aurélien Francillon (Eurecom)
In this talk I will discuss our recent work, together with Sebastian Poeplau, on Symbolic execution. Symbolic execution has become a popular technique for software testing and vulnerability detection, in particular, because it allows to generate test cases for difficult to reach program paths. However, a major impediment to practical symbolic execution is speed, especially when compared to near[…] -
-
-
Seminar
-
SoSysec
A Fundamental Approach to Cyber Risk Analysis
Speaker : Rainer Böhme (Universität Innsbruck)
This paper provides a framework actuaries can use to think about cyber risk. We propose a differentiated view of cyber versus conventional risk by separating the nature of risk arrival from the target exposed to risk. Our review synthesizes the liter- ature on cyber risk analysis from various disciplines, including computer and network engineering, economics, and actuarial sciences. As a result,[…] -
-
-
Seminar
-
SoSysec
Towards Security-Oriented Program analysis
Speaker : Sébastien Bardin (CEA LIST)
While digital security concerns increase, we face both a urging demand for more and more code-level security analysis and a shortage of security experts. Hence the need for techniques and tools able to automate part of these code-level security analyses. As source-level program analysis and formal methods for safety-critical applications have made tremendous progress in the past decades, it is[…] -
-
-
Seminar
-
SoSysec
Not so AdHoc testing: formal methods in the standardization of the EDHOC protocol
Speaker : Charlie Jacomme (Inria Paris)
We believe that formal methods in security should be leveraged in all the standardisation’s of security protocols in order to strengthen their guarantees. To be effective, such analyses should be:* maintainable: the security analysis should be performed on every step of the way, i.e. each iteration of the draft;* pessimistic: all possible threat models, notably all sort of compromise should be[…] -
-
-
Seminar
-
SoSysec
The PINED-RQ Family: Differentially Private Indexes for Range Query Processing in Clouds
Speaker : Tristan Allard (IRISA, Université de Rennes 1)
Performing non- aggregate range queries on cloud stored data, while achieving both privacy and efficiency is a challenging problem. With the PINED-RQ family of techniques, we propose constructing a differentially private index to an outsourced encrypted dataset. Efficiency is enabled by using a cleartext index structure to perform range queries. Security relies on both differential privacy (of the[…] -
-
-
Seminar
-
SoSysec
L’empoisonnement de données semble-t-il un risque réaliste ?
Speaker : Adrien Chan-Hon-Tong (ONERA)
Les attaques adversaires ont rencontré un fort écho dans la communauté de vision par ordinateur. Pour autant, via ce type d’attaque, un hacker ne peut modifier le comportement de l’algorithme ciblé que localement. Inversement, l’empoisonnement de données est en mesure de modifier globalement le comportement de l’algorithme visé, et, il n’est pas forcément détectable par un opérateur notamment si[…] -