Home » Seminari

News, eventi e seminari

Jump second level menu


Location-privacy in the mobile era: challenges and solutions

Where / Date and Time: aula 1BC45, 2017/06/27 at 11:00

Speaker: Luca Calderoni (Universita di Bologna)

Abstract: The evolution of mobile devices and the diffusion of location-based services (LBS), establish a cornerstone in the digital era. Traditional information (as names, addresses and phone numbers) running across the internet and through a number of other services are now coupled with positional data. With such an impressive amount of information, service providers are able to determine precise location estimates and to know almost everything concerning our opinions, religious and political preferences and private life in general. Anonymous and secure location-based services are thus an important challenge we need to face. Spatial Bloom Filters, a probabilistic data structure designed with location-privacy in mind, represent a viable solution for this issue.

Speaker CV: After a period spent at the Delft University of Technology, The Netherlands, he received a Ph.D. degree in computer science from the University of Bologna, Italy. He is currently a Post-doctoral Researcher with the Smart City Laboratory of the University of Bologna, in Cesena, Italy. His research activity focuses on privacy and security in digital systems and smart cities. Specifically, he published several research papers concerning location privacy, border controls, secure and privacy-preserving tracking and monitoring technologies, location-aware applications and urban ICT infrastructures.

Move up ▲

You Surf So Strange Today: Anomaly Detection in Web Services via HMM and CTMC

Where / Date and Time: aula 1AD100, 2017/05/05 at 16:00

Speaker: Maddalena Favaretto (dipartimento di matematica)

Abstract: In recent years, with the increasing number of attacks against user privacy in web services, researchers put a significant effort on realizing more and more sophisticated Intrusion Detection Systems in order to identify potentially malicious activities. Among such systems, Anomaly Detection Systems rely on a baseline given by a normal behavior and consider every deviation from such behavior as an intrusion. In this paper, we propose a novel Anomaly Detection System to detect intrusions in users’ private areas in on-line web services. Such services usually record logs of user activity from different points: access, actions in a session and system responses. We design an ad-hoc mathematical model for each of these logs to build a profile for a normal behavior. In particular, we model users’ accesses through a Hidden Markov Model (HMM) and Users’ activity with a Continuous Time Markov Chain (CTMC). We propose a novel Anomaly Detection System algorithm that takes into consideration the deviation from the above Markov Processes. Finally, we evaluate our proposal with a thorough set of experiments, which results confirm the feasibility and effectiveness of our solution.

Speaker CV: - - -

Move up ▲

Walking backwards: x86 binary reversing 101

Where / Date and Time: aula 1 AD100, 2017/05/05 at 14:30

Speaker: Andrea Biondo (studente di informatica del dipartimento)

Abstract: From undocumented interfaces to hidden bugs, closed-source software can hold plenty of surprises for whoever dares to look under the hood. Whether you need to work with legacy code, want to audit for security issues or are just plain curious, being able to dissect a piece of software and understand how it works is an invaluable skill to add to your toolbox. Despite the popularity of interpreted languages, most modern software is shipped in compiled, binary form. As such, a good understanding of binary reverse engineering is required to pry into it when the source code is not available. In this talk I will introduce you to the basics of binary reversing on 32- and 64-bit x86 platforms. I will begin with a refresher on the architecture and basic assembly. I will then walk you through recognizing higher level constructs and making sense of the low level code. Finally, I will introduce Hex-Rays IDA, industry standard and my tool of choice, and demonstrate real-world binary analysis and reversing with it.

Speaker CV: - - -

Move up ▲

Sharing Knowledge for Large Scale Visual Recognition

Where / Date and Time: aula 2BC30 Torre Archimede, 2017/03/30 at 12:00

Speaker: Lamberto Ballan (Dipartimento di Matematica Universita' di Padova)

Abstract: This talk overviews my research activities in computer vision, pattern recognition and multimedia for understanding big visual data. In particular, I will focus on two models for ''sharing'' prior and contextual knowledge for solving large scale visual recognition problems. In the first part of the talk, I'll show that images that are very difficult to recognize on their own may become more clear in the context of a neighborhood of related images with similar social-network metadata. Our model uses image metadata non-parametrically to generate neighborhoods of related images, then uses a deep neural network to blend visual information from the image and its neighbors. In the second part of the talk, I'll present our recent work on knowledge transfer for scene-specific motion prediction. When given a single frame of a video, humans can not only interpret the content of the scene, but also they are able to forecast the near future. This ability is driven by their rich prior knowledge about the visual world, both in terms of the dynamics of moving agents, as well as the semantic of the scene. We exploit the interplay between these two key elements to predict scene-specific motion patterns on a novel large dataset collected from UAV.

Speaker CV: - - -

Move up ▲

Variational Markov Logic

Where / Date and Time: Aula 1C150 Torre Archimede, 2017/03/17 at 11:00

Speaker: Radim Nedbal (assegnista di ricerca presso il Dipartimento di Matematica / FBK Trento)

Abstract: A novel framework for statistical relational learning. We name it variational Markov logic to stress the similarity and also the main difference from Markov logic. In both, a first-order logic theory is mapped to a probability distribution function (PDF) over interpretations of the theory. Unlike Markov logic, which yields maximum a posteriori or maximum-likelihood approximation of the PDF using sampling methods, variational Markov logic yields the Bayesian posterior PDF inferred by variational techniques in a purely symbolic way, avoiding numeric calculations. This is crucial for efficiency, and it is due to the representation of the domain model as a variational Markov logic network. The goal of the presentation is to give a high level insight into the problem in terms of main concepts of SRL: Language, Model, Representation, Interpretation, Query, Algorithms. In particular, I'd like to spend more time with Algorithms based on variational techniques and point out opportunities for future improvement.

Speaker CV: - - -

Move up ▲

Learning and reasoning with knowledge and data: a review of my favourite approaches

Where / Date and Time: aula 1BC45, Torre Archimede, 2016/12/15 at 15:30

Speaker: Luciano Serafini (Fondazione Bruno Kessler, Trento Italy)

Abstract: Hybrid domains are domains where objects are organised in a structure (e.g., a labelled graph) and some of the components of such a structure is associated to a set of numerical attributes or features (e.g., the vertex of a graph are associated with numeric features, and the arcs are associated to weights). In these domains, structural properties and numerical properties are tightly connected and they cannot be managed separately. On the one hand, logical approaches provide excellent tools to describe some known structural properties of a domain and to automatically infer via deductive reasoning new true properties about the structures that logically follows from them. On the other hand, machine learning techniques, such as regression, kernels, support vector machines, neural networks and graphical models, are quite useful and flexible methodologies to infer, via inductive reasoning (aka learning), new numerical and structural properties from the numerical attributes/features associated to the domain. Since it's beginning Artificial Intelligence dream has been to find a satisfactory integration of these two forms of inference. Along the years many proposals have been done, but they never get to the state of being mature enough. It's only in the recent years, that researchers were looking to suitably combine Logical reasoning and machine learning in hybrid domains, and they developed a number of frameworks which seem to be promising for the solution of such a key AI challenge. In this talk I'll revise some of them. In particular, I'll give an overview of the main principles, which is at the base of all the modern approaches, and I'll briefly present some of the emerging approaches.

Speaker CV: - - -

Move up ▲

Temporal logic and formal verification for cyber-physical systems

Where / Date and Time: aula 2AB 40 Torre Archimede, 2016/11/17 at 11:30

Speaker: Davide Bresolin (Universita' di Padova)

Abstract: Cyber-Physical systems are characterized by the tight integration of cyber aspects (computing) with physical ones (e.g., mechanical, electrical, and chemical processes). Examples of such systems are autonomous robotic systems, multi-agent and embedded systems, automotive, aerospace and medical systems. They need to operate under strong safety, performance, reliability and timing constraints. They are characterized by a mixed discrete and continuous behaviour that cannot be characterized faithfully using either discrete or continuous models only, and thus they need the development of new formalisms and new algorithmic techniques to be formally verified. This talks overviews my research activity in developing temporal logics and reachability analysis techniques for the verification of cyber-physical systems.

Speaker CV: - - -

Move up ▲

Learning 3D shape correspondence with Anisotropic CNNs

Where / Date and Time: Aula 1BC45 Torre Archimede, 2016/09/19 at 14:30

Speaker: Emanuele Rololà (USI Lugano, CH)

Abstract: Establishing correspondence between shapes is a fundamental problem in geometry processing, arising in a wide variety of applications. The problem is especially difficult in the setting of non-isometric deformations, as well as in the presence of topological noise and missing parts, mainly due to the limited capability to model such deformations axiomatically. Several recent works showed that invariance to complex shape transformations can be learned from examples. In this paper, we introduce an intrinsic convolutional neural network architecture based on anisotropic diffusion kernels, which we term Anisotropic Convolutional Neural Network (ACNN). In our construction, we generalize convolutions to non-Euclidean domains by constructing a set of oriented anisotropic diffusion kernels, creating in this way a local intrinsic polar representation of the data (-patch-), which is then correlated with a filter. Several cascades of such filters, linear, and non-linear operators are stacked to form a deep neural network whose parameters are learned by minimizing a task-specific cost. We use ACNNs to effectively learn intrinsic dense correspondences between deformable shapes in very challenging settings, achieving state-of-the-art results on some of the most difficult recent correspondence benchmarks

Speaker CV: Emanuele Rodolà is a post-doctoral researcher at Università della Svizzera Italiana (USI Lugano) since February 2016, where he works in the group led by Prof. Michael Bronstein. Before that, he was an Alexander von Humboldt Fellow in Prof. Daniel Cremers' Computer Vision lab at TU Munich (2013-2016) and a JSPS Research Fellow at The University of Tokyo (Intelligent Systems and Informatics Lab, 2013). He received his PhD in Computer Science under the supervision of Prof. Andrea Torsello at Università Ca' Foscari Venezia (2012), and graduated in Computer System Engineering at the University of Rome ''Tor Vergata'' (2008). During his doctoral studies he spent a visiting research period at Tel Aviv University under the supervision of Prof. Alex Bronstein. He received a number of awards, including the Best Student Paper Award at 3DPVT 2010, the Best Paper Award at VMV 2015, and the Best Paper Award at SGP 2016. He has been serving in the program committees of the top rated conferences in computer vision (CVPR, ICCV, ECCV, ACCV, etc.), served as Area Chair at 3DV 2016, founded and chaired the first ECCV workshop on Geometry Meets Deep Learning (GMDL 2016), organized two SHREC 2016 contests, and was recognized as Outstanding Reviewer at CVPR (2013, 2015, 2016), ICCV (2015), and ECCV (2014). He gave tutorials and short courses in multiple occasions at EUROGRAPHICS, ECCV, and SIGGRAPH Asia. His work on 3D reconstruction was featured by the national Italian television (RAI - Cose dell'altro Geo) in 2012.

Move up ▲

Static analysis for security at the Facebook scale

Where / Date and Time: aula 2AB45 Torre Archimede, 2016/07/21 at 11:30

Speaker: Francesco Logozzo (Facebook inc., Seattle, USA)

Abstract: The scale and continuous growth of commercial code bases are the greatest challenges for adoption of automated analysis tools in Industry. Alas, scale is largely ignored by academic research. We developped a new static analysis tool for security to scale to Facebook scale. It relies on abstract interpretation to focus on the properties that really matter to security engineers and provides fine control on the cost/precision ratio. It was designed from day one for “real world” security and privacy problems at scale. Facebook codebase is huge, and we can analyze it, from scratch in 10 minutes. This talk will give attendees a peek at some of the secret sauce we use to achieve such amazing performance and precision

Speaker CV: - - -

Move up ▲

Invariance proof methods for weakly consistent parallelism

Where / Date and Time: Aula 2AB45 Torre Archimede, 2016/07/21 at 10:00

Speaker: Patrick Cousot (New York University, USA)

Abstract: We design an invariance proof method for concurrent programs parameterised by a weak consistency model. This generalises Lamport/Owicki-Gries method for sequential consistency. We use the cat language to write specifications of consistency models as well as concurrent program specifications.

Speaker CV: - - -

Move up ▲

Cyber warfare Trends and Future

Where / Date and Time: Meeting Room VII Floor, 2016/06/01 at 13:00

Speaker: Dr. Ali Dehghantanha (University of Salford UK)

Abstract: When Sir Timothy John Tim Berners-Lee envisioned the Internet, no one could probably though as how computers and computing clouds can be used as war instruments! However, with increasing reliance of governments and enterprises on computing devices this probability has become reality. Through out history of classical wars, civilian commercial entities have not been the primary targets of warfare! In those days the only means of warfare was kinetic warfare, using spears, swords, ballistic weapons, explosives, and so on. However, nowadays we are observing the appearance of doctrine and dedicated cyber warfare programs all around the world! Countries are begun to include cyber warfare in their military doctrine as well as their college curriculums on both offensive and defensive applications. They are developing strategies and tools to conduct information attacks and train developers as software soldiers while their main targets are usually normal civilians at least as jumping points! This talk lightens the current trends and mechanisms in cyber warfare with specific focus on countries that are actively involved and their attack techniques. This talk looks to the future directions in running such cyber attacks and necessity to educate users. Finally it suggests some solutions to make more peaceful cyber world.

Speaker CV: - - -

Move up ▲

Finding the Needle in the Internet of Everythings Haystack

Where / Date and Time: Meeting Room VII Floor, 2016/05/31 at 13:00

Speaker: Dr. Ali Dehghantanha (University of Salford UK)

Abstract: With the fast integration of smart things we are swiftly moving towards a pervasive, intelligent and integrated environment where smart sensors are collecting large amount of potentially private data. Internet of everything (IoT) would soon pervade all aspects of our life from managing our home temperature to thinking cars and smart management of the cities. So it won’t take long to see people suing others for misusing their smart things, thinking cars that have accident and attackers who compromised smart sensors. The Internet of everything is developing a haystack which contains lots of valuable forensics artefacts while identification, collection, preservation and reporting evidences would be a challenge in this environment. This talk would discuss about tools, methods, and techniques to identify, collect and preserve IoT evidences and then elaborates on different challenges that forensics examiners would face in investigating of IoT environments.

Speaker CV: - - -

Move up ▲

Become Your Own Malware Fortune Teller

Where / Date and Time: Meeting Room VII Floor, 2016/05/30 at 17:00

Speaker: Dr. Ali Dehghantanha (University of Salford UK)

Abstract: Since 1949 that John von Neumann developed the theory of self-reproducing automatons and development of first computer viruses in 1982; malicious programs have always served as a tool for facilitating cyber criminals! A wider range of malwares have been developed since then and we are always hit by new and innovative malwares every day. Being prepared for fighting against future malware and defending the organization network has always been an issue for cyber security teams and forensics investigators. This presentation is elaborating evolvement of different types of malwares namely mobile malwares, macro malwares, and ransomware to reveal the patterns that are keep accruing in development and wide adoption of these programs. Those patterns are then mapped to predict future trends in malicious programs. The talk would elaborate on expected trends in Internet of Things (IoT) malwares, autonomous vehicles malwares and self-learning malicious programs. Finally, the best responses to these malware trends from different stakeholders’ perspective such as law enforcement agents, malware analyst, and incident handlers are discussed and a model for predicting future trends of any malicious program is explained.

Speaker CV: - - -

Move up ▲

Structure metric learning in prototype-based models and its application for intelligent tutoring

Where / Date and Time: aula 2AB45 Torre Archimede, 2016/01/21 at 10:00

Speaker: Prof. Dr. Barbara Hammer (CITEC centre of excellence Bielefeld University)

Abstract: Prototype-based learning techniques enjoy a wide popularity due to their intuitive training and model interpretability. Applications include biomedical data analysis, image classification, or fault detection in technical systems. Recently, first promising attempts incorporate such models into the domain of intelligent tutoring systems (ITS): in a nutshell, ITSs provide automated, personalised feedback to learners when performing some learning task such as learning how to program. Here a challenge is to avoid time-consuming expert generation of how to provide such feedback; machine learning technology offers promising ways to automate this process, specifically, prototype-based methods enable an automatic feedback generation by highlighting prototype solutions given a learner solution. This strategy relies on the core property of such models that they represent data in terms of typical representatives. Within the talk, we will mainly focus on modern variants of so-called learning vector quantization (LVQ) due to their strong learning theoretical background and exact mathematical derivative from explicit cost functions. The use of LVQ in ITSs faces two challenges: 1) Data are typically non-vectorial, e.g. structured data such as sequences are present; since classical LVQ models have been designed for euclidean vectors only, the question is how to extend LVQ technology towards non-vectorial data. We will present relational extensions of LVQ technology which enable its use for proximity data as provided by structure metrics such as alignment in a very generic way. 2) Structure metrics crucially depend on model parameters such as the scoring function, and their optimum choice is not clear. Still, the accuracy of such models crucially depends on a correct choice of these metric parameters. We will present recent results which allow to adjust structure metric parameters autonomously based on the given data and learning task only.

Speaker CV: http://www.techfak.uni-bielefeld.de/~bhammer/

Move up ▲

Using Mobile Sensors for Estimating Citywide Pollution Levels

Where / Date and Time: aula 1BC50 Torre Archimede, 2016/01/20 at 10:30

Speaker: Prof. Carlos T. Calafate (Technical University of Valencia (UPV), Spain)

Abstract: Mobile sensing is becoming the best option to monitor our environment due to its ease of use, high flexibility, and low price. In this talk we show the evolution of a project starting from an initial validation procedure using an analytical/simulation-based approach, and then moving towards a real mobile sensing architecture (EcoSensor) able to monitor different air pollutants using low-end sensors. Our architecture is composed of three different modules: a mobile sensor for monitoring environment pollutants, an Android-based device for transferring the gathered data to a central server, and a central processing server for analyzing the collected data through spatial interpolation techniques and generate pollution distribution maps. Besides presenting the architecture itself, we analyze different issues related to the monitoring process: (i) Filtering captured data to reduce the variability of consecutive measurements; (ii) Converting the sensor output to actual pollution levels; (iii) Reducing the temporal variations produced by mobile sensing process; and (iv) Applying interpolation techniques for creating detailed pollution maps. In addition, we study the best strategy to use mobile sensors by first determining the influence of sensor orientation on the captured values, and then analyzing the influence of time and space sampling in the interpolation process. Finally, we detail how the project is evolving towards UAV-based solutions for automated monitoring in rural & adverse ground mobility environments.

Speaker CV: Carlos T. Calafate is an associate professor in the Department of Computer Engineering at the Technical University of Valencia (UPV) in Spain. He graduated with honours in Electrical and Computer Engineering at the University of Oporto (Portugal) in 2001. He received his Ph.D. degree in Informatics from the Technical University of Valencia in 2006, where he has worked since 2002. His research interests include ad-hoc and vehicular networks, mobile applications, QoS, network protocols, video streaming, and network security. To date he has published more than 270 articles, several of them in top conferences and journals. Currently he is leading the Smart@CarPhone, a 3-year project financed by the Spanish government.

Move up ▲

ShareLaTeX e CfL

Where / Date and Time: aula 2BC30 Torre Archimede, 2015/11/30 at 12:00

Speaker: Luca Tronchin

Abstract: ShareLatex e' uno strumento software per la scrittura collaborativa di testi latex, accessibile da un comune browser internet, che sta diffondendosi nel mondo accademico. Ne verra' fatta una presentazione generale lato utente e poi una piu' tecnica, relativa all'attivita' di inserimento di CfL come servizio aggiuntivo disponibile dall'interfaccia utente di ShareLatex. CfL e' un progetto di ''Computing from Latex'' ovvero di calcolo a partire da un problema matematico scritto in un testo latex: il problema viene riconosciuto dal parser di CfL ed un solutore numerico viene generato in uno script Python, a sua volta eseguito; i risultati vengono restituiti all'interno del testo latex che viene infine compilato in PDF. Verranno presentati alcuni esempi relativi allo stato dell'arte di CfL ed alcune applicazioni in ambito ingegneristico ed educational. Il progetto e' aperto ad ulteriori sviluppi.

Speaker CV: - - -

Move up ▲

Embedded security in the wild: SCA on small devices and IoT technologies

Where / Date and Time: 1AD100, 2015/10/21 at 10:00

Speaker: Lejla Batina (Radboud University, NL)

Abstract: In this talk we first give an overview of side-channel attacks on embedded devices and we discuss some recent developments in this area. In the second part of the talk we survey some prominent solutions for privacy-friendly RFID identification protocols and discuss their properties and hardware requirements.

Speaker CV: - - -

Move up ▲

Boten ELISA: A Novel Approach for Botnet C&C in Online Social Networks

Where / Date and Time: sala riunioni IV piano, 2015/09/24 at 13:00

Speaker: Daniele Lain (studente magistrale Universita' di Padova)

Abstract: The Command and Control (C&C) channel of modern botnets is migrating from traditional centralized solutions (such as the ones based on Internet Relay Chat and Hyper Text Transfer Protocol), towards new decentralized approaches. As an example, in order to conceal their traffic and avoid blacklisting mechanisms, recent C&C channels use peer-to-peer networks or abuse popular Online Social Networks (OSNs). A key reason for this paradigm shift is that current detection systems become quite effective in detecting centralized C&C. In this talk, we introduce the evolution of C&C channels and modern detection systems. We then present ELISA (Elusive Social Army), a novel type of botnet that conceals C&C information using OSNs accounts of unaware users. In particular, ELISA exploits in a opportunistic way the messages that users exchange through the OSN. We show that several popular social networks can be maliciously exploited to run this type of botnet, and we discuss why current traffic analysis systems cannot detect ELISA. This work will be also presented at the 2015 IEEE Conference on Communications and Network Security (CNS 2015).

Speaker CV: - - -

Move up ▲

GNSS Spoofing Attacks and Countermeasures

Where / Date and Time: aula 2BC30 Torre Archimede, 2015/09/17 at 10:00

Speaker: Christina Popper (Ruhr-University Bochum (RUB), Germany)

Abstract: In this talk we will review techniques that allow to identify spoofing attacks on Global Navigation Satellite Systems (GNSS), such as GPS. The specific setup of these systems - in particular the reliance on one-way communication - ease attacks, but make them also particularly interesting for security research. I will present different attack models and scenarios as well as detection solutions that take fundamental principles into account.

Speaker CV: Christina Pöpper is Assistant Professor and head of the Information Security Group at Ruhr-University Bochum (RUB), Germany. She is also a member of HGI, the Horst-Görtz-Institute for IT-Security at RUB. Before joining RUB, she worked as a postdoctoral researcher at the Institute of Information Security at ETH Zurich, where she obtained a Ph.D. in Computer Science in 2011. Prior to that, she worked at the European Space Agency (ESA) and received her Dipl.-Ing. Degree in Computer Science from ETH Zurich in 2005. Her research interests cover various IT-security topics, with a focus on communication, wireless, and protocol-layer security.

Move up ▲

Data Deduplication and its Security Risks

Where / Date and Time: aula 2BC30, 2015/09/10 at 13:30

Speaker: Chia-Mu Yu (Yuan Ze University, Taiwan)

Abstract: Cloud storage such as Dropbox and Bitcasa is one of the most popular cloud services. Currently, with the prevalence of mobile cloud computing, users can even collaboratively edit the newest version of documents and synchronize the newest files on their smart mobile devices. A remarkable feature of the current cloud storages is their virtually infinite storage. To support the unlimited storage, the cloud storage provider uses data deduplication technique to reduce the data to be stored and therefore reduce the storage expense. Moreover, the use of data deduplication also helps significantly reduce the need of bandwidth and therefore improve the user experience. Nevertheless, in spite of the above benefits, the data deduplication has its inherent security weaknesses. For example, the adversary may have an unauthorized file downloading via the file hash only. In this talk, we will introduce the inherent security risks of data deduplication, review previous solutions, identify their performance weaknesses, and raise potential countermeasures.

Speaker CV: Chia-Mu Yu received his Ph.D. degree from National Taiwan University in 2012. He was a research assistant in the Institute of Information Science, Academia Sinica, Taipei, Taiwan from 2005 to 2010. He was a visiting scholar at Harvard University (Sep 2010 - Sep 2011), a visiting scholar at Imperial College London (Jan 2012 - Sep 2012), a postdoc researcher at IBM Thomas J. Watson Research Center (Oct 2012 - Jul 2013), and a visiting professor at Waseda University (Feb 2015 - Mar 2015). He is currently an Associate Editor of IEEE Access, Associate Editor of Security and Communication Networks, and assistant professor at Department of Computer Science and Engineering, Yuan Ze University, Taiwan. He received Excellent Junior Research Investigator Grant from Ministry of Science and Technology, Taiwan, in 2015. His research interests include cloud security, privacy preservation techniques, botnet/APT detection, and cryptography.

Move up ▲

Formal Security Analysis of the MaCAN Protocol

Where / Date and Time: aula 1BC50, 2015/09/11 at 13:30

Speaker: Alessandro Bruni

Abstract: Embedded real-time network protocols such as the CAN bus cannot rely on off-the-shelf schemes for authentication, because of the bandwidth limitations imposed by the network. As a result, both academia and industry have proposed custom protocols that meet such constraints, with solutions that may be deemed insecure if considered out of context. MaCAN is one such compatible authentication protocol, proposed by Volkswagen Research and a strong candidate for being adopted by the automotive industry. In this work we formally analyse MaCAN with ProVerif, an automated protocol verifier. Our formal analysis identifies two flaws in the original protocol: one creates unavailability concerns during key establishment, and the other allows re-using authenticated signals for different purposes. We propose and analyse a modification that improves its behaviour while fitting the constraints of CAN bus. Although the revised scheme improves the situation, it is still not completely secure. We argue that the modified protocol makes a good compromise between the desire to secure automotive systems and the limitations of CAN networks, and we discuss the limitations of the analysis tool in analysing this case study, showing an extension of the language that overcomes them.

Speaker CV: Alessandro Bruni is a PhD student at the Technical University of Denmark (DTU), and received his MS and BS from Università degli Studi di Padova. His research interests span across formal verification, model checking, security protocols and machine learning.

Move up ▲

How to Generate Security Cameras: Towards Defence Generation for Socio-Technical Systems

Where / Date and Time: aula 2AB45, 2015/07/14 at 14:00

Speaker: Olga Gadyatskaya (University of Luxembourg)

Abstract: Recently security researchers have started to look into automated generation of attack trees from socio-technical system models. The obvious next step in this trend of automated risk analysis is automating the selection of security controls to treat the detected threats. However, the existing socio-technical models are too abstract to represent all security controls recommended by practitioners and standards. We propose an attack-defence model, consisting of a set of attack-defence bundles, to be generated and maintained with the socio-technical model. The attack-defence bundles can be used to synthesise attack-defence trees directly from the model to offer basic attack-defence analysis, but they can also be used to select and maintain the security controls that cannot be handled by the model itself. In the talk we will review the concepts of socio-technical models and automated generation of attacks, present the attack-defence model, and discuss the current challenges in the automated risk analysis.

Speaker CV: Olga Gadyatskaya is a Research Associate in the Interdisciplinary Centre for Security, Reliability and Trust (SnT) at the University of Luxembourg. Prior to joining SnT in 2014, she was a post-doctoral researcher at the University of Trento, Italy. She received her PhD in Mathematics at Novosibirsk State University, Russia, in 2008. Her current research spans from mobile systems security to security and risk evaluation for socio-technical systems.

Move up ▲

StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications

Where / Date and Time: aula 2AB45, 2015/07/14 at 10:30

Speaker: Yury Zhauniarovich (University of Trento)

Abstract: Static analysis of Android applications can be hindered by the presence of the popular dynamic code update techniques: dynamic class loading and reflection. Recent Android malware samples do actually use these mechanisms to conceal their malicious behavior from static analyzers. These techniques defuse even the most recent static analyzers that usually operate under the ``closed world'' assumption (the targets of reflective calls can be resolved at analysis time; only classes reachable from the class path at analysis time are used at runtime). In this work we proposed the solution that allows existing static analyzers to remove this assumption. This is achieved by combining static and dynamic analysis of applications in order to reveal the hidden/updated behavior and extend static analysis results with this information. In this presentation we will describe design, implementation and preliminary evaluation results of our solution called StaDynA.

Speaker CV: Yury Zhauniarovich is a postdoctoral researcher at the University of Trento (Italy) in Security Research Group. He earned his M.Sc. degree in Computer Science from the Belarusian State University in 2007. From 2007 till 2009, he worked as a SAP Consultant at Itransition. In April 2014, he received his Ph.D. degree in Information and Communication Technology from the University of Trento. His research interests include design, implementation and evaluation of security enhancements of mobile operating systems, runtime security, smartphone applications security and mobile malware.

Move up ▲

Recent Advances in Simulation Technology and Serious Games – Applications from METU Game Technologies Master’s Program

Where / Date and Time: 1BC45, 2015/06/25 at 14:00

Speaker: Dr. Elif Surer (Informatics Institute, METU (Ankara, Turkey))

Abstract: In this talk, recent tools and approaches that are used in the domains of simulation technology and serious games will be introduced. Applications and theses from Middle East Technical University Game Technologies Program regarding flight, cloth simulations, military applications, motion capture and education will also be presented in detail.

Speaker CV: - - -

Move up ▲

Model Selection and Error Estimation in Learning from Empirical Data

Where / Date and Time: Aula 1BC50 Torre Archimede, 2015/06/26 at 14:30

Speaker: Luca Oneto (SmartLab, DITEN, University of Genoa)

Abstract: In the Supervised Learning framework, a model is built by exploiting the available observations through a Learning Algorithm that is able to capture the information hidden in the data. Model Selection addresses the problem of tuning a Learning Algorithm to the available data in order to reduce the Generalization (True) Error of the final model. This problem affects most of the algorithms because, in general, their effectiveness is controlled by one or more hyperparameters which must be tuned during the learning process for achieving optimal performances. Associated to the issues of Model Selection we find the problem of estimating the True Error of a classifier: in fact, the main objective of building an optimal classifier is to choose the parameters and hyperparameters that minimize its True Error and compute an estimate of this value for predicting the classification performance on future data. Unfortunately, despite the large amount of work done on this important topic, the problem of Model Selection and Error Estimation for a Learning Algorithm is still open and the focus of extensive research. The purpose of this seminar is to give an overview of the problem of Model Selection and Error Estimation. We will start from the seminal works of the 80s until the most recent results on this topic. Finally we will discuss future directions of this multidisciplinary field of research

Speaker CV: Luca Oneto was born in Rapallo, Italy in 1986. He is currently a Researcher at University of Genoa with particular interests in Machine Learning, Statistical Learning Theory and Data Mining. He re- ceived his Bachelor Degree in Electronic Engineering at the University of Genoa, Italy in 2008. He subsequently started his master studies in Electronic Engineering in the same university with focus in Intelligent Systems and Statistics. After receiving his MSc Degree in 2010, he started to work as a consultant for the DITEN and DIBE Departments at University of Genoa, together with other con- sultant activities for Mac96 and Ansaldo STS in the context of many European Projects. In 2014 he received his PhD in School of Sciences and Technologies for Knowledge and Information Retrieval (University of Genoa) with the thesis ”Learning Based On Empirical Data”. Today he works as a consultant and teaches in many BSc and MSc courses at University of Genoa as a Researcher.

Move up ▲

Impact of Country-scale Internet Disconnection on Structured and Social P2P Overlays

Where / Date and Time: 1BC45, 2015/06/10 at 14:00

Speaker: Ding Ding (University of Padua)

Abstract: Peer-to-peer systems are resilient in the presence of churn and uncorrelated failures. However, their behavior in extreme scenarios where massive correlated failures occur is not well-studied. Yet, there have been examples of situations where a country-scale fraction of Internet users have been disconnected from the rest of the network—for instance, when a government cuts connectivity to the outside world as a mechanism for suppression of uprisings. In this paper, we consider the effect of such partitions on topology and routing of structured and social-based unstructured P2P overlays, including a novel social-aware overlay. In particular, we consider nodes within a relatively small fraction of the network (2.5% or fewer Internet users), and study whether users can communicate with their (n-hop away) social neighbors in a peer-to-peer fashion after the partition. We perform an extensive simulation-based analysis to assess the probability for these communications to be possible. In our analysis, we consider both real and synthetic datasets of online social networks. Our results show that structured P2P overlay routability is severely hampered by country-scale partition events. In addition, the proposed social-based unstructured overlay network provides improved routability while maintaining a smaller number of links.

Speaker CV: - - -

Move up ▲

Fighting Authorship Linkability with Crowdsourcing

Where / Date and Time: 1BC 50 , 2015/06/09 at 11:00

Speaker: Prof. Gene Tsudik (University of California, Irvine)

Abstract: Massive amounts of contributed content -- including traditional literature, blogs, music, videos, reviews and tweets -- are available on the Internet today, with authors numbering in many millions. Textual information, such as product or service reviews, is an important and increasingly popular type of content that is being used as a foundation of many trendy community-based reviewing sites, such as TripAdvisor and Yelp. Some recent results have shown that, due partly to their specialized/topical nature, sets of reviews authored by the same person are readily linkable based on simple stylometric features. In practice, this means that individuals who author more than a few reviews under different accounts (whether within one site or across multiple sites) can be linked, which represents a significant loss of privacy. In this work, we start by showing that the problem is actually worse than previously believed. We then explore ways to mitigate authorship linkability in community-based reviewing. We first attempt to harness the global power of crowdsourcing by engaging random strangers into the process of re-writing reviews. As our empirical results (obtained from Amazon Mechanical Turk) clearly demonstrate, crowdsourcing yields impressively sensible reviews that reflect sufficiently different stylometric characteristics such that prior stylometric linkability techniques become largely ineffective. We also consider using machine translation to automatically re-write reviews. Contrary to what was previously believed, our results show that translation decreases authorship linkability as the number of intermediate languages grows. Finally, we explore the combination of crowdsourcing and machine translation and report on results.

Speaker CV: - - -

Move up ▲

Violating Consumer Anonymity: Geo-locating Nodes in Named Data Networking

Where / Date and Time: 1BC45, 2015/05/28 at 13:00

Speaker: Alberto Compagno (Sapienza University of Rome)

Abstract: Named Data Networking (NDN) is an instance of information-centric network architecture designed as a candidate replacement for the current IP-based Internet. It emphasizes efficient content distribution, achieved via in-network caching and collapsing of closely-spaced content requests. NDN also offers strong security and explicitly decouples content from entities that distribute it. NDN is widely assumed to provide better privacy than IP, mainly because NDN packets lack source and destination addresses. In this paper, we show that this assumption does not hold in practice. In particular, we present several algorithms that help locate consumers by taking advantage of NDN router-side content caching. We use simulations to evaluate these algorithms on a large and realistic topology, and validate the results on the official NDN testbed. Beyond locating consumers, proposed techniques can also be used to detect eavesdroppers.

Speaker CV: - - -

Move up ▲

Bitcoin Forensics - Where are my coins?

Where / Date and Time: aula 2BC30, 2015/05/26 at 17:30

Speaker: Matteo Brunati (CyBrain srl)

Abstract: Bitcoin is a technology and a social phenomenon which raised lots of public interest after the seizure of Silkroad website since winter 2013/2014. Even though the public interest seems diminished during 2015, analyzing the Bitcoin network we see that transactions numbers and volumes actually increased since last year, thus confirming the thesis of many Police Forces worldwide which see a usage increase of this technology between criminals. During this seminar we will analyze the Bitcoin technology from a Digital Forensics point of view, looking at Bitcoin wallets, transactions, software and network in order to understand and investigate its use. We will cover also an introduction to Bitcoin antiforensics, pinpointing some techniques to improve Bitcoin users privacy.

Speaker CV: - - -

Move up ▲

Proof, Secrets, and Computation

Where / Date and Time: Palazzo del Bo - Aula Magna Galileo Galilei, 2015/05/25 at 09:30

Speaker: Silvio Micali (MIT Boston)

Abstract: We show how Theory of Computation has revolutionized our millenary notion of a proof, revealing its unexpected applications to our new digital world. In particular, we shall demonstrate how interaction can make proofs much easier to verify, dramatically limit the amount of knowledge released, and yield the most secure identification schemes to date.

Speaker CV: Silvio Micali has received his Laurea in Mathematics from the University of Rome, and his PhD in Computer Science from the University of California at Berkeley. Since 1983 he has been on the MIT faculty, in Electrical Engineering and Computer Science Department, where he is Ford Professor of Engineering and Associate Department Head. Silvio's research interests are cryptography, zero knowledge, pseudo-random generation, secure protocols, and mechanism design. Silvio has received the Turing Award (in computer science), the Gödel Prize (in theoretical computer science), and the RSA prize (in cryptography). He is a member of the National Academy of Sciences, the National Academy of Engineering, and the American Academy of Arts and Sciences.

Move up ▲

Neurodynamic Optimization Approaches to Parallel Data Selection in the Era of Big Data

Where / Date and Time: aula 2AB40 Torre Archimede, 2015/05/29 at 14:30

Speaker: Jun Wang (The Chinese University of Hong Kong)

Abstract: In the present information era, huge amount of data to be processed daily. In contrast of conventional sequential data processing techniques, parallel data processing approaches can expedite the processes and more efficiently deal with big data. In the last few decades, neural computation emerged as a popular area for parallel and distributed data processing. The data processing applications of neural computation included, but not limited to, data sorting, data selection, data mining, data fusion, and data reconciliation. In this talk, neurodynamic approaches to parallel data processing will be introduced, reviewed, and compared. In particular, my talk will compare several mathematical problem formulations of well-known multiple winners-take-all problem and present several recurrent neural networks with reducing model complexity. Finally, the best one with the simplest model complexity and maximum computational efficiency will be highlighted.  Analytical and Monte Carlo simulation results will be shown to demonstrate the computing characteristics and performance of the continuous-time and discrete-time models. The applications to parallel sorting, rank-order filtering, and data retrieval will be also discussed.

Speaker CV: Jun Wang is a Professor and the Director of the Computational Intelligence Laboratory in the Department of Mechanical and Automation Engineering at the Chinese University of Hong Kong. Prior to this position, he held various academic positions at Dalian University of Technology, Case Western Reserve University, and University of North Dakota. He also held various short-term visiting positions at USAF Armstrong Laboratory (1995), RIKEN Brain Science Institute (2001), Universite Catholique de Louvain (2001), Chinese Academy of Sciences (2002), Huazhong University of Science and Technology (2006–2007), and Shanghai Jiao Tong University (2008-2011) as a Changjiang Chair Professor. Since 2011, he is a National Thousand-Talent Chair Professor at Dalian University of Technology on a part-time basis. He received a B.S. degree in electrical engineering and an M.S. degree in systems engineering from Dalian University of Technology, Dalian, China. He received his Ph.D. degree in systems engineering from Case Western Reserve University, Cleveland, Ohio, USA. His current research interests include neural networks and their applications. He published over 170 journal papers, 15 book chapters, 11 edited books, and numerous conference papers in these areas. He is the Editor-in-Chief of the IEEE Transactions on Cybernetics since 2014 and a member of the editorial board of Neural Networks since 2012. He also served as an Associate Editor of the IEEE Transactions on Neural Networks (1999-2009), IEEE Transactions on Cybernetics and its predecessor (2003-2013), and IEEE Transactions on Systems, Man, and Cybernetics – Part C (2002–2005), as a member of the editorial advisory board of International Journal of Neural Systems (2006-2013), as a guest editor of special issues of European Journal of Operational Research (1996), International Journal of Neural Systems (2007), Neurocomputing (2008, 2014), and International Journal of Fuzzy Systems (2010, 2011). He was an organizer of several international conferences such as the General Chair of the 13th International Conference on Neural Information Processing (2006) and the 2008 IEEE World Congress on Computational Intelligence, and a Program Chair of the IEEE International Conference on Systems, Man, and Cybernetics (2012). He has been an IEEE Computational Intelligence Society Distinguished Lecturer (2010-2012, 2014-2016). In addition, he served as President of Asia Pacific Neural Network Assembly (APNNA) in 2006 and many organizations such as IEEE Fellow Committee (2011-2012); IEEE Computational Intelligence Society Awards Committee (2008, 2012, 2014), IEEE Systems, Man, and Cybernetics Society Board of Directors (2013-2015), He is an IEEE Fellow, IAPR Fellow, and a recipient of an IEEE Transactions on Neural Networks Outstanding Paper Award and APNNA Outstanding Achievement Award in 2011, Natural Science Awards from Shanghai Municipal Government (2009) and Ministry of Education of China (2011), and Neural Networks Pioneer Award from IEEE Computational Intelligence Society (2014), among others.

Move up ▲

Intelligent Transportation Systems and Smart Cities: Overview of the Research activities of the Grupo de Redes de Computadores (GRC), Universitat Politecnica de Valencia

Where / Date and Time: Room 1BC/45 Torre Archimede, 2015/01/21 at 11:30

Speaker: Prof. Pietro Manzoni (Universitat Politecnica de Valencia)

Abstract: Wireless communication for intelligent transportation systems (ITSs) and Smart Cities is a promising technology to improve driving safety, reduce traffic congestion and support information services in vehicles. During recent ITS development, transportation telematics techniques have exhibited much progress, e.g., interaction between automobiles and the infrastructure for delivering services such as road-side assistance, automatic crash notification, concierge assistance and vehicle condition reports. This presentation provides an overview of the research activities that are being carried out in the Networking Group of the Universitat Politecnica de Valencia on this topic. The results and the future work from the cooperation with an industrial partner will also be described. This seminar is organized by Prof. Claudio Palazzi

Speaker CV: Pietro Manzoni received the MS degree in computer science from the Universita' degli Studi of Milan, Italy, in 1989, and the PhD degree in computer science from the Politecnico di Milano, Italy, in 1995. He is currently a full professor of computer science at the Universitat Politecnica de Valencia, Spain in the Department of Computer Engineering. His research activity is related to mobile wireless data systems design, modelling, and implementation, particularly oriented to Intelligent Transport Systems and Smart Cities. He published more than 200 scientific papers, 49 of them in international journals with impact; his H-index is 25 according to Google Scholar. He has been actively involved in the organization or in the technical committee of various scientific conference and journals. He collaborates with various international academic and industrial research centres. He is a member of the IEEE.

Move up ▲

Cyber-Physical Security in Future Cities

Where / Date and Time: Aula 1BC45, 2014/11/03 at 14:30

Speaker: David Yau (Singapore University of Technology and Design)

Abstract: Digital control and communication are being used to modernize urban infrastructures, such as electrical grids and water systems, to meet the increasing demands of future cities for size, performance, and sustainability. While the added intelligence provides desirable performance features, it also adds to the system's complexity, which raises equally critical concerns for safety and security. In this talk, I will overview research that analyzes cyber-physical system (CPS) vulnerabilities such as real-time consumer pricing in emerging smart-grid demand response. I will also propose a design methodology to monitor the (not fully trustworthy) high performance operation of a smart grid, but assure its fallback to a simple and safe operation mode when the system drifts too close to unsafety.

Speaker CV: David Yau received the B.Sc. (first class honors) from the Chinese University of Hong Kong, and M.S. and Ph.D. from the University of Texas at Austin, all in computer science. He has been Professor of Informations Systems Technology and Design at SUTD since 2013. Since 2010, he has been Distinguished Scientist at the Advanced Digital Sciences Center, Singapore, where he leads the Smart Grid IT research program. Prior to Singapore, he was Associate Professor of Computer Science at Purdue University (West Lafayette), USA. David’s research interests are in network protocol design and implementation, CPS security and privacy, quality of service, network incentives, and wireless and sensor networks. He received a CAREER award from the U.S. National Science Foundation. He was also the recipient of an IBM PhD Fellowship. He won Best Paper award from the 2010 IEEE International Conference on Multi-sensor Fusion and Integration (MFI). His papers in 2008 IEEE Int'l Conf. Mobile Ad-hoc and Sensor Systems (MASS), 2013 IEEE Int'l Conf. Pervasive Computing and Communications (PerCom), 2013 IEEE Int'l Conf. Cyber-Physical Systems, Networks, and Applications (CPSNA), and 2013 ACM BuildSys were Best Paper finalists.

Move up ▲

Staying Alive: System Design for Self-Sufficient Sensor Networks

Where / Date and Time: Aula 1BC/50 - Dipartimento di Matematica - Torre di Archimede, 2014/11/04 at 11:30

Speaker: Michele Rossi (DEI - Universita' degli Studi di Padova)

Abstract: Self-sustainability is a crucial step for modern wireless sensor networks (WSN). In this talk, I will offer an original mathematical framework for autonomous WSN powered by renewable energy sources. At first, the problem at stake will be decomposed into two nested optimization steps: the inner step characterizes the optimal network operating point subject to an average energy consumption constraint, while the outer step provides online energy management policies that make the system energetically self-sufficient in the presence of intermittent (Markov-modulated) energy sources. This framework sheds new light into the design of pragmatic schemes for the control of energy harvesting sensor networks and permits to gauge the impact of key sensor network parameters, such as the battery capacity, the harvester size, the information transmission rate and the radio duty cycle. The obtained (online) energy management policies are finally evaluated considering real solar radiation traces, validating them against state of the art solutions and describing the impact of relevant design choices in terms of achievable network throughput and battery level dynamics.

Speaker CV: Michele Rossi is Assistant Professor of wireless networking at the Department of Engineering (DEI), University of Padova. He received the MS degree in Electrical Engineering and the Ph.D. in Telecommunications Engineering from the University of Ferrara (Italy) in 2000 and 2004, respectively. In 2003 he has been with the Center for Wireless Communications (CWC) at the University of California, San Diego, where he performed research on Wireless Sensor Networks (WSNs) under the supervision of Prof. Ramesh R. Rao. Since november 2005 he has been with the department of Information Engineering @ the University of Padova. Dr. Rossi is actively involved in local as well as EU funded projects, is author of about 100 papers published in peer reviewed International journals, book chapters and conferences and is the recipient of four IEEE Best Paper Awards. In 2010-2014 he has been a Marie Curie fellow within the FP7 SWAP project (on energy harvesting sensor networks). Dr. Rossi is a Senior Member of the IEEE and serves as Associate Editor for the IEEE Transactions on Wireless Communications. His research interests include: the design, the stochastic modeling and the optimization of wireless systems, the use of application layer coding, spatio-temporal compression for WSNs, protocol design for energy harvesting WSNs and Internet of Things, telecommunication technology for smart energy grids.

Move up ▲

Security and Privacy in Molecular Communications and Nanonetworks

Where / Date and Time: aula 2BC30 Torre Archimede, 2014/10/31 at 09:30

Speaker: Alberto Giaretta (MSc student in Computer Science - Universita' di Padova)

Abstract: Nanotechnology might be the silver bullet in the future of several sectors such as the biomedical and military ones. Molecular Communication paradigm has some distinct characteristics from traditional communication paradigm and these differences are of primary importance in order to achieve reliable and efficient nanonetworks. Being a different communication paradigm, Molecular Communication raises open issues about security and data privacy that are not easily solvable with standard approaches. In this context, this presentation will give an overview about: Nanonetworks, Molecular Communication paradigm, and their security issues. The content of this presentation is based on the following papers: 1. Valeria Loscri, Cesar Marchal, Nathalie Mitton, Giancarlo Fortino, Athanasios V. Vasilakos, ''Security and Privacy in Molecular Communication and Networking: Opportunities and Challenges'', IEEE Transactions on Nanobioscience, accepted, 2014 2. Ian F. Akyildiz, Fernando Brunetti, Cristina Blázquez, ''Nanonetworks: A new communication paradigm'', Computer Networks, 52, 2260–2279, 2008. 3. Sasitharan Balasubramaniam, Pietro Lio’, ''Multi-hop Conjugation based Bacteria Nanonetworks'', IEEE Transactions on NanoBioscience, vol. 12, no. 1, pp.47-59, March 2013. 4. Tadashi Nakano and Athanasios V. Vasilakos, Guest Editorial Special Section on Molecular Communication. IEEE Transactions on NanoBioscience, Vol. 13, no. 3, 2014.

Speaker CV: - - -

Move up ▲

3D Shape matching by bag-of-feature descriptors

Where / Date and Time: aula 2AB40 Torre Archimede, 2014/10/30 at 11:30

Speaker: Umberto Castellani (Universita di Verona)

Abstract: 3D shape matching is very important in a wide variety of fields such as computer graphics, computer vision, and medical image analysis with applications like object recognition, automatic medical diagnosis, and content-based shape retrieval. Recent methods are based on the so called Bag-of-Features (BoF) paradigm commonly used in text and image retrieval by first computing local shape descriptors, and then representing each shape in a ‘geometric dictionary’ using vector quantization. In this talk the matching approach based on the BoF framework will be introduced by proposing several variants and advanced aspects of the involved pipeline (i.e., supervised and non-supervised). Finally, some case studies will be reported for 3D shape retrieval and shape-based medical image classification.

Speaker CV: Umberto Castellani is Ricercatore (i.e., Assistant Professor) of Department of Computer Science at University of Verona. He received his Dottorato di Ricerca (PhD) in Computer Science from the University of Verona in 2003 working on 3D data modelling and reconstruction. He held visiting research positions at Edinburgh University (UK), Universite' Blaise Pascal (France), Michigan State University (USA), Universite' D'Auvergne (France), Italian Institute of Technology (IIT), and University College London (UK). His research is focused on 3D data processing, statistical learning and medical image analysis. He has co-authored several papers published in leading conference proceedings and journals. He is teaching Computer Vision at the Computer Science Department, and Multimedia at the Department of Filologia, Letteratura e Linguistica at the University of Verona. He is member of Eurographics, IAPR, MICCAI and IEEE.

Move up ▲