Abstract

Machine learning (ML) is vulnerable to security and privacy attacks.

 

Abstract

Internet of Things (IoT) applications can exploit energy harvesting syst

 

Abstract

Security and privacy systems are often composed of complex components an

Coffee Time: 15:30 - 16:00. Kernel matrices can be found in computational physics, chemistry, statistics, and machine learning. Fast algorithms for matrix-vector multiplication for kernel matrices have been developed, and is a subject of continuing interest, including here at KAUST. One also often needs fast algorithms to solve systems of equations involving large kernel matrices. Fast direct methods can sometimes be used, for example, when the physical problem is 2-dimensional. In this talk, we address preconditioning for the iterative solution of kernel matrix systems. The spectrum of a kernel matrix significantly depends on the parameters of the kernel function used to define the kernel matrix, e.g., a length scale.

The Domain Name System (DNS) is a core protocol for the Internet. It resolves mappings between Internet Protocol (IP) addresses and their corresponding Fully Qualified Domain Names (FQDNs). Since all Internet communications rely on it, DNS structuring should therefore be resilient and robust against failure to avoid any service interruption. While the research community and experienced practitioners have established best practices to this end, many worldwide DNS implementations are still prone to many types of configuration errors. In this talk, I discuss the adoption of these approaches in some countries. Also, a case study is presented considering domains in Saudi Arabia (.sa) that illustrates the value of measuring the DNS at this scale. The results are valuable to improve the DNS infrastructure in the kingdom. Lastly, I provide recommendations to improve DNS service resilience and robustness.

In recent years we are witnessing the advent of service computing and cloud technologies in industrial applications, with intriguing innovations and novel compelling challenges. For instance, in the automotive, there are initiatives for consolidating Electronic Control Units (ECUs) as virtual machines on the same board. Or in the Industry 4.0 (I4.0), researchers and practitioners are dealing with the challenge of making the factory floor programmable by softwarizing hardware elements with edge-cloud native components. The talk will delve into this novel trend, discussing enabling virtualization technologies for industrial systems, including hypervisors, real-time container-based solutions, and software orchestration approaches.

Cloud storage is pervasive nowadays; surprisingly, how to secure cloud storage that is usable in the real world is in fact still open. In this work, we propose a novel system called End-to-Same-End Encryption (E2SEE) that can be deployed directly on existing infrastructure and provide both security and usability. Our system can be flexibly used to augment any App with secure storage, for users to create a personal digital lockbox, and for the cloud to provide secure storage service. A preliminary version of E2SEE was deployed in Snapchat, serving hundreds of millions of users, and the research result was published at USENIX Security 22.

Federated learning (FL) is increasingly deployed among multiple clients to train a shared model over decentralized data. To address the privacy concerns, FL systems need to protect the clients' data from being revealed during training, and also control data leakage through trained models when exposed to untrusted domains. However, existing FL systems (with distributed differential privacy) work impractically in the presence of client dropout, resulting in either poor privacy guarantees or degraded training accuracy. In addition, existing FL systems focus on safeguarding the privacy of training data, but not on protecting the confidentiality of the models being trained, which are increasingly of high business value. In this talk, I will present two pieces of our recent work that aim to address these aforementioned issues.

This presentation addresses the challenges associated with trusting Neural Networks due to their black-box nature and limited ability to answer important questions on how they behave. The thesis proposes techniques that increase the trustworthiness of Neural Network models by employing approaches to overcome their black-box nature. The techniques include efficient extraction and verification of weights and decisions to ensure correctness with regards to pre-existing properties, continuous and exact explanations of the model behavior, and scalable training techniques providing strong, theoretically provable guarantees of privacy. We provide strong, approximation-free guarantees about Neural Networks, improving their trustworthiness to make it more likely that users will be willing to deploy them in the real world.

Despite long-ago predictions (e.g., see Bill Gates, 2004) that other user-authentication technologies would replace passwords, passwords remain not only pervasive but have flourished as the dominant form of account protection, especially at websites such as retailers that require a low-friction user experience. This talk will describe our research on methods to tackle three key ingredients of account takeovers for password-protected accounts today: (i) site database breaches, which is the largest source of stolen passwords for internet sites; (ii) the tendency of users to reuse the same or similar passwords across sites; and (iii) credential stuffing, in which attackers submit breached credentials for one site in login attempts for the same users' accounts at another.

In this talk I will discuss the shift towards hardware acceleration and show with several examples from industry and from research the large role that FPGAs are playing. I will hypothesize that we are in a new era where most of the established assumptions, rules of thumb, and accumulated wisdom about many aspects of computation in general and of data processing in particular no longer hold and need to be revisited.

In this talk, Professor Pramod Bhatotia will give an overview of systems research at TU Munich. He will cover his teaching and ongoing research projects. And will conclude the talk with a brief overview of his ERC project.

Vulnerability discovery can be challenging: many software packages, both open and closed-source projects, build on existing code from public software repositories to network drives, derived from earlier versions or related software packages. Even implemented protocols rely on such repositories. It is important to detect such copies of code when the original code contains a software vulnerability, especially one that is exploitable, as seen with flaws such as the bash vulnerability Shellshock or the SSL vulnerability Heartbleed.

In this talk we will explore how research in systems and distributed systems may improve the resilience to cyber attacks following 3 axes targeting mobile systems, distributed systems, and operating systems

I will discuss four related proposals: Gracewipe (coercion-resistant disk data deletion), Hypnoguard (cold-boot protection for RAM data in sleep), SafeKeeper (protecting web credentials from rougue IT admins), and Blindfold (protecting PKI private keys from human admins). While our solutions are possibly a step forward, more importantly, we highlight pitfalls of such solutions against a strong adversary.

Trusted Execution Environments (TEEs) ensure the confidentiality and integrity of computations in hardware. Subject to the TEE's threat model, the hardware shields a computation from most externally induced fault behavior except crashes. As a result, a crash-fault tolerant (CFT) replication protocol should be sufficient when replicating trusted code inside TEEs.  However, TEEs do not provide efficient and general means of ensuring the freshness of the external, persistent state. Therefore, CFT replication is insufficient for TEE computations with an external state, as this state could be rolled back to an earlier version when a TEE restarts.  Furthermore, using BFT protocols in this setting is too conservative, because these protocols are designed to tolerate arbitrary behavior, not just rollback during a restart.

 

RC3 Thursday Afternoon Chat 

These are informal chats intended to generate o

From my experience, I will try to answer doubts and dilemmas PhD students are often faced with, in their path towards a degree. Namely, I'll discuss how advisors, colleagues, peers, reviewers and so forth, fit in the universe of a PhD student, and I will end sharing my own definition of 'excellence', as an objective to pursue.

 

Abstract

AI/ML systems "learn" to make decisions based on the data with which&nbs

In this talk, I will start by providing our vision for next-generation networks. Throughout the talk, I will highlight several challenges in existing communication technologies that could have the potential of shaping new research and deployment directions of future wireless networks, including, (i) review our recent advances in non-terrestrial networks, which includes both UAVs and satellite (ii) show satellite systems are essential for today’s traffic-intensive applications while maintaining an accepted end-to-end latency for delay-sensitive applications and (iii) show how we integrated both existing Wi-Fi technology with optics to extend the Internet as we use it today to the underwater environments via Aqua-fi.

This talks presents a very serious emerging threat: the bots scraping web sites and hiding their IPs thanks to residential IP providers. The problem, state of the art and a new solution will be explained.

Over the last decade, we have witnessed a rapid growth of blockchain technologies and their applications. Different governments have announced their strategy to boost the blockchain industry. For example, Chinese President Xi Jinping has recently endorsed blockchain and its potential for the Chinese economy; and the Australian Government announced that it would establish a National Blockchain Roadmap to help position Australia’s blockchain industry to become a global leader. This talk presents an overview of three of our works towards secure and scalable blockchains. I will first revisit the honest majority assumption of permissionless blockchains (AsiaCCS’21), and then present our efforts in making blockchain more scalable and secure against real-world threats.

Our standard of living, nation GDP,  and, in some cases, even our safety rely on critical infrastructures (CIs). In particular, being CIs generally perceived as a commodity (think of GPS availability, or avionics & maritime traffic routes and hubs), their security has largely been overlooked. The emergent property is that, nowadays, CIs systems are generally fragile, especially with respect to cyber attacks.