Sommaire

  • Cet exposé a été présenté le 07 mars 2018.

Description

  • Orateur

    par Sam L. Thomas (University of Birmingham, UK)

Complex embedded devices are becoming ever prevalent in our everyday lives, yet only a tiny amount of people consider the potential security and privacy implications of attaching such devices to our home, business and government networks. As demonstrated through recent publications from academia and blog posts from numerous industry figures, these devices are plagued by poor design choices concerning end-user security. What’s even more worrying, are reports of manufacturers inserting backdoor-like functionality into the production firmware of those devices.This talk will provide a precise definition of the term backdoor and outline a framework we have devised for reasoning about such constructs. We will discuss the main challenges in backdoor detection, and present two tools we have developed to perform backdoor detection in a semi-automated manner. We will demonstrate the effectiveness of our methods through a number of case-studies of real-world backdoors.

Infos pratiques

Prochains exposés

  • Un protocole SMPC de curation de données d'entrainement et sa fragilité aux hypothèses de sécurité...

    • 06 décembre 2024 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Métiviers room

    Orateur : Marc-Olivier Killijian - Université du Québec à Montréal

    ... ou "Sécurité et insécurité - dans quel état j’erre, ai-je bien rangé mon modèle de sécurité ?" De nos jours, les sources de données, et leurs curateurs, sont répartis à travers le monde. Il arrive que les propriétaires de ces données souhaitent collaborer entre eux afin d’augmenter la qualité de ces données, particulièrement avant d’entrainer des modèles d’apprentissage machine.Dans cet exposé[…]

    • SoSysec

    • Respect de la vie privée

    • Apprentissage machine

    • Systèmes distribués

  • Safety-Security Convergence of Industrial Control Systems

    • 13 décembre 2024 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Room Aurigny

    Orateur : Maxime Puys - Université Clermont Auvergne - IUT de Clermont-Ferrand

    Industrial Control Systems (ICS) are designed to provide a service, such as power generation or water treatment, while protecting people, assets, and the environment against hazards. However, ICS now integrate Information Technology (IT) and are interconnected with the outside world such as the Internet, thereby exposing their infrastructures to cyberattacks. Cyberattacks have thus become new[…]

    • SoSysec

    • Détection d'intrusion

Voir les exposés passés
Haut de page