Invited Speaker: Bruno Crispo
Affiliation: Department of Information Engineering and Computer Science University of Trento – Italy
Talk title: Attacks on The Internet of Things: Why Your Actual Antivirus Suite won’t Work.
Since its first formulation by Kevin Ashton, the Internet of Things (IoT) moved from being limited at bridging real world objects to the digital world to a much more ambitious vision. In this new vision IoT aims at fusing the cyber, physical and social world in a new integrated system. While such harmonic integration and seamless sharing of resources has undoubtedly many advantages, it may creates also wonderful new opportunities for attackers. In this talk, I will present some examples of attacks targeting IoT that compared to traditional malware not only use novel techniques but they can have a much wider impact on our lives.
I will conclude by outlining some of the research challenges need to be addressed to design security mechanisms aimed at protecting the IoT.
Invited Speaker: Jean Goubault-Larrecq
Affiliation: LSV, CNRS and ENS de Cachan, France
Talk title: Does mathematical rigor have its place in intrusion detection?
(The title question is of course rhetorical, and I’ll argue that the answer is a resounding yes.) Intrusion detection, and prevention, is often associated with very practical concerns, and practitioners often insist that security tools are usable and give results on real, deployed systems and networks. This is of course necessary.
I’ll argue that the underpinnings of the security tools we are using should be designed with mathematical rigor, and will give two, related, examples. The first one is Orchids, an efficient IPS developed at INRIA and ENS Cachan. The key to the success of Orchids is a rigorous mathematical semantics, which allows in particular for correct (semantics-preserving) optimizations.
The second one is NetEntropy, an Orchids plug-in, which classifies network flows as random/encrypted/compressed or not. NetEntropy compares statistical entropies with reference values computed by the so-called Paninski estimator. The nice surprise here is how small the confidence intervals are, even in highly undersampled cases—i.e., NetEntropy can reach a decision after only a few dozen bytes read, with overwhelming confidence.
This is joint work with Julien Olivian.