1.Title: Crypto Against Extreme Attacks
Speaker: Moti Yung
Abstract: we have learned that computing systems are weak and attackers are performing penetrations and surveillance on computing systems, which make crypto less effective. This talk will describe how one can modify cryptography to allow for more effective crypto while facing leakage of systems performing cryptography.
Speaker: Wenyuan Xu
Wireless systems have been integrated into various embedded systems with good intention: tire pressure monitoring systems (TPMS) were intended to improve road safety and fuel economy, and automatic metering reading (AMR) systems were designed to reduce the burden of manually collecting utility consumption. However, the security and privacy implication of those systems are not well understood as many of their communication protocols are proprietary. In this talk, we present case studies analyzing the first mandated in-car sensor networks (TPMS) and widely deployed AMR utility meters, using a low-cost out-of-shelf software radio platform (USRP). We show that in both systems, eavesdropping is easily possible at an unexpected distance even with cheap antennas. This leads to privacy concerns as vehicles can be tracked through the identifiers of TPMS or residents’ activities can be recognized through the periodic meter reading reports. Current protocols do not employ authentication or basic input validation, thereby allowing for remote spoofing of sensor messages.The talk concludes with a set of recommendations for improving the privacy and security of tire pressure monitoring systems, ARM utility meters, and other forthcoming consumer wireless networks.
Wenyuan Xu received her Ph.D. degree in electrical and computer engineering from Rutgers University in 2007, an M.S. degree in computer science and engineering from Zhejiang University in 2001, and a B.S. degree in electrical engineering with the highest honor from Zhejiang University in 1998. She an associate professor in the Department of Computer Science and Engineering, University of South Carolina. Her research interests include wireless networking, network security and privacy. Dr. Xu is a co-author of the book Securing Emerging Wireless Systems: Lower-layer Approaches, Springer, 2009. She received the United State NSF Career Award in 2009 and was selected as the 1000 Young talents of China in 2012. She has served on the technical program committees for several IEEE/ACM conferences on wireless networking and security, and she currently serves as the associate editor of EURASIP Journal on Information Security, Ad Hoc & Sensor Wireless Networks (AHSWN), International Journal of Autonomous and Adaptive Communications Systems (IJAACS).
Speaker: Shouhuai Xu
For decades, Computer and Information Security studies have been driven by core concepts such as Confidentiality, Integrity, and Authentication. What would be the core concepts that will drive the study of the emerging discipline of Cybersecurity? In this talk, I will present the novel concept of Cybersecurity Dynamics, which has a great potential in formulating a foundation for the emerging Science of Cybersecurity. I will discuss some preliminary results toward the ultimate goal as well as some technical barriers that must be adequately addressed before we can achieve the ultimate goal. Please refer to http://www.cs.utsa.edu/~shxu/socs/index.html for more information about this exciting research endeavor.
Dr. Shouhuai Xu is an associate professor in the Department of Computer Science, University of Texas at San Antonio. His research is primarily in making cyberspace more secure and trustworthy. He is especially interested in mathematical modeling and analysis of macroscopic cybersecurity, and devising microscopic practical mechanisms including provably-secure cryptographic protocols to counter advanced cyber attacks (including malware). His research has been funded by AFOSR, ARO, NSF and ONR. He is a PC co-chair of Inscrypt'13, and has served on the Program Committees of 70+ international conferences and workshops. He is currently an Associate Editor of IEEE Transactions on Dependable and Secure Computing (IEEE TDSC) and International Journal of Security and Networks (IJSN). He earned his PhD in Computer Science from Fudan University. Please refer to www.cs.utsa.edu/~shxu for more information about his research.