Uppsala University Workshop on Cybersecurity
When: November 12, 2020.
Where: Online only.
We organise a local workshop on cybersecurity organised by the Cybersecurity Arena at the Department of Information Technology. The workshop aims to encourage research on cybersecurity in different academic areas, and to explore possible synergies and collaborations across disciplines.
This will be a one-day event, starting from 09:00 till 15:30. Before lunch we have a number of keynote speakers, and after lunch we organise a number of break-out sessions. We invite participants to show a poster of relevant research during the event.
The mission of the Cybsec.UU arena is to promote academic research at UU related to cybersecurity. Cybersecurity points to different academic disciplines, explicitly acknowledging the presence of adversaries. While the arena originates from the IT institute, we explicitly welcome non-technical perspectives. For more information, see cybsec.UU
Registration deadline: no later than 6 November 2020
For registration, see: register here.
November 12, 2020
- 09:15 - 09:25 Welcome & Summary of the Cybersecurity Arena activities for 2020/2021
- 09:30 - 10:15 Eva Fogelström, Ericsson Research, Sweden: Building trustworthiness in future mobile networks
- 10:20 - 11:05 David Basin, ETH Zürich, Switzerland: Security Protocols: Model Checking Standards
- 11:10 - 11:55 Konrad Rieck, TU Braunschweig, Germany: Not that smart! Security Vulnerabilities in Machine Learning
Poster and Discussion Sessions:
- 13:00 - 13:30 (virtual) poster session A + discussion
- 13:30 - 14:15 Group session 1
- Security and AI
- Security and IoT and resource constrained systems
- Security, Ethics and Humanity
- 14:25 - 14:45 (virtual) poster session B + discussion
- 14:45 - 15:25 Group session 2 (collaboration based)
- 15:25 - 15:30 Closing
- The main event will happen at ZOOM. For the password, see the invitation mail or contact the organisers.
- Eva Fögelström ( www) 5G Security.
- TITLE: Building trustworthiness in future mobile networks.
- Slides: here.
- ABSTRACT: As mobile networks to a larger extent become part of the critical infrastructure, providing connectivity for utilities, transportation, manufacturing and other sectors, there is an increased focus on security, performance, and reliability of the networks, as well as compliance with standards and requirements. This includes technologies and development, as well as deployment and operational aspects of the mobile networks, to ensure that the networks can perform according to expectations also in face of new use cases, new requirements, and new types of attacks. In particular, there are a few key technologies where research efforts are ongoing, that we believe will be fundamental in building trustworthiness in future mobile networks, in 5G and beyond, that we will focus on in this presentation.
- BIOGRAPHY: Eva Fogelström is head of the security department within Ericsson Research, engaging in technologies to build security for 5G and beyond. This includes areas such as confidential computing, identity management, AI security, post-quantum crypto, and methods for security assurance and spans through research, standardization, and academic collaboration. Eva holds a Ph.D. in Telecommunications and an M.Sc. in Electrical Engineering, both from KTH, and she has been with Ericsson since 1997, working in the fields of security, mobility and standardization.
- David Basin (www) Information Security.
- TITLE: Security Protocols: Model Checking Standards (with focus on EMV).
- Slides: here.
- ABSTRACT: The design of security protocols is typically approached as an art, rather than a science, and often with disastrous consequences. But this need not be so! I have been working for ca. 20 years on foundations, methods, and tools, both for developing protocols that are correct by construction and for the post-hoc verification of existing designs. In this talk I will introduce my work in this area and describe my experience analyzing, improving, and contributing to different industry standards, both existing and upcoming.
- BIOGRAPHY: David Basin is a full professor within the Department of Computer Science, ETH Zurich since 2003, where he heads the Information Security Group. He is also department head. He received his bachelor's degree in mathematics from Reed College in 1984, his Ph.D. from Cornell University in 1989, and his Habilitation from the University of Saarbrücken in 1996. His research focuses on Information Security, in particular on foundations, methods, and tools for modeling, building, and validating secure and reliable systems. He is Editor-in-Chief of Springer-Verlag's book series on Information Security and Cryptography and, from 2015 - 2020, of ACM Transactions on Privacy and Security. He is also the founding director of ZISC, the Zurich Information Security Center, which he led from 2003-2011.
- Konrad Rieck ( www)
- TITLE: Not that smart! Security Vulnerabilities in Machine Learning.
- Slides: here.
- ABSTRACT: Machine learning is increasingly used in security-critical applications, such as autonomous driving, face recognition, and malware detection. However, most learning algorithms have not been designed with security in mind and thus are vulnerable to different types of attacks. These attacks may hinder the learning process (poisoning), induce false predictions (evasion), or extract sensitive data from the system (inference). This talk provides an overview of current research on adversarial machine learning and discusses relevant attack types. The talk closes with an outlook on the development of defences for learning-based systems.
- BIOGRAPHY: Konrad Rieck is a Professor at TU Braunschweig, where he leads the Institute of System Security. Prior to this, he worked at the University of Göttingen, TU Berlin, and Fraunhofer Institute FIRST. He graduated in 2004 and received a Ph.D. from TU Berlin in 2009. Konrad Rieck is a recipient of the CAST/GI Dissertation Award, a Google Faculty Research Award, and the German Prize for IT-Security. His interests revolve around computer security and machine learning, including the detection of computer attacks, the analysis of malicious code, and the discovery of vulnerabilities.
Thematic group sessions
The aim of the poster session is to inform others about ongoing activities or interests for collaboration. The format of the poster session is through brief video recordings.
Everyone presenting a poster will get a sponsored registration to the ACM Conference on Computer and Communications Security (CCS, www) during the same week as workshop (9-13 November).
A good option to record a video is to use the recording feature in Zoom. Zoom allows you to share your screen, turn on your webcam, and record your presentation. Similar functionality is provided by Canvas Studio (as part of Studium), QuickTime or iMovie on MacOS, or OBS (Open Broadcast System, free and cross-platform).
The presentation should be no longer than 5:00 minutes. The preferred video format is .mp4. Preferably, the video should be recorded in landscape-format (16:9) in 720p (or more). Please ensure that the microphone volume in the computer and light level in the room are adjusted before recording to capture the presentation in the best quality.
The videos and pdf of the presentation can be uploaded to Box: link.