Filter by content type
Select one or more filters. This choice will reload the page to display the filtered results.
691 results
-
-
Seminar
-
SoSysec
The Internet of Backdoors
Speaker : par Sam L. Thomas (University of Birmingham, UK)
Complex embedded devices are becoming ever prevalent in our everyday lives, yet only a tiny amount of people consider the potential security and privacy implications of attaching such devices to our home, business and government networks. As demonstrated through recent publications from academia and blog posts from numerous industry figures, these devices are plagued by poor design choices[…] -
-
-
Seminar
-
SoSysec
Subject Access Request and Proof of Ownership
Speaker : Cédric Lauradoux (INRIA Rhône-Alpes)
The GDPR (General Data Protection Regulation) provides rights on our data: access, rectification, objection, etc. However, this regulation is not binding on how we can exercise these rights. Data controllers have therefore deployed various methods to authenticate subject requests. We have analyzed how this authentication process can fail and examined its consequences. Our study shows that a key[…] -
-
-
Seminar
-
SoSysec
Splitting the Linux Kernel for Fun and Profit
Speaker : Chris Dalton (HP, Bristol, UK)
This talk looks at a pragmatic attempt at strengthening the security properties of Linux by introducing a degree of intra-kernel protection into the Linux kernel (supported by CPU Virtualization silicon features). Consider it, if you like, an attempt at retrofitting a ‘micro-kernel’ interface into traditionally monolithic Linux whilst maintaining a single linux code base (yes it’s still Linux), no[…] -
-
-
Seminar
-
SoSysec
An evaluation of Symbolic Execution Systems and the benefits of compilation with SymCC
Speaker : Aurélien Francillon (Eurecom)
In this talk I will discuss our recent work, together with Sebastian Poeplau, on Symbolic execution. Symbolic execution has become a popular technique for software testing and vulnerability detection, in particular, because it allows to generate test cases for difficult to reach program paths. However, a major impediment to practical symbolic execution is speed, especially when compared to near[…] -
-
-
Seminar
-
SoSysec
A Fundamental Approach to Cyber Risk Analysis
Speaker : Rainer Böhme (Universität Innsbruck)
This paper provides a framework actuaries can use to think about cyber risk. We propose a differentiated view of cyber versus conventional risk by separating the nature of risk arrival from the target exposed to risk. Our review synthesizes the liter- ature on cyber risk analysis from various disciplines, including computer and network engineering, economics, and actuarial sciences. As a result,[…] -
-
-
Seminar
-
SoSysec
Towards Security-Oriented Program analysis
Speaker : Sébastien Bardin (CEA LIST)
While digital security concerns increase, we face both a urging demand for more and more code-level security analysis and a shortage of security experts. Hence the need for techniques and tools able to automate part of these code-level security analyses. As source-level program analysis and formal methods for safety-critical applications have made tremendous progress in the past decades, it is[…] -