יום עיון בסייבר ואבטחת מידע - Cyberday
CYBERDAY 2019
יום עיון בסייבר ואבטחת מידע
מרכז המחקר לאבטחת סייבר בטכניון ע"ש הירושי פוג'יווארה
האירוע יערך באודיטוריום צ'רצ'יל בטכניון, חיפה
יום שלישי, 12 במרץ 2019
 
 

[הרחב אבסטרקטים - Expand Abstracts]

 

התכנסות, כיבוד קל

09:00

 

דברי פתיחה

09:30

 

פרופ' מרק זילברשטיין, הטכניון

When SGX Fell Victim to Speculative Execution Bugs

This talk will elaborate on the details of the recent Foreshadow speculative execution attack. The first variant of Foreshadow breaks the SGX confidentiality guarantees and enables us to circumvent the SGX remote attestation mechanism. Later, Intel's continued investigation revealed two other variants, with the most devastating one allowing a malicious Guest OS running in a virtual machine to access the host data. The talk will also explain a few less known technical details and will discuss some non-technical implications of this attack.

Joint work with Jo Van Bulck, Frank Piessens, Raoul Strackx (imec-DistriNet, KU Leuven), Marina Minkin (Technion & University of Michigan), Ofir Weisse, Daniel Genkin, Baris Kasikci, Thomas F. Wenisch (University of Michigan), Yuval Yarom (University of Adelaide and CSIRO's Data61).

שקפים

09:35

 

יובל ויסגלס, HARMAN International

Deep Fooling - Real-World Attacks Against Vehicles' Perception Systems

As modern cars become more computerized and connected, the cyber-physical threat has grew significantly as well. Now, with the introduction of semi-autonomous vehicles and the ability of cars to perceive their environment and self-control the speed and driving direction, the attack surface grows even further.  What new vulnerabilities brings AI to automobiles? What is the real-world feasibility of exploiting these new vulnerabilities to control a moving car? In his talk, Yuval will show how vulnerabilities existing in modern perception systems, as found on production vehicles, can be exploited to form real-world attacks.

Yuval Weisglass is Vice President Automotive Cyber Security at HARMAN International, a subsidiary of Samsung Electronics Co. Yuval joined HARMAN with the acquisition of TowerSec in January 2016 where he served as Co-Founder & CTO. Yuval has over 20 years of experience in cybersecurity both as a security researcher and as a leader of R&D groups specializing in security-related innovation projects. Among Yuval’s unique expertise are: security research and security design of embedded systems, research of side-channel attacks on secured elements and long-time hobby of reverse engineering vehicle’s systems. Before founding TowerSec in 2013, Yuval spent 11 years at the Israeli Security Agency where he held senior R&D management roles in the field of cybersecurity. Yuval is an alumni of the elite intelligence 8200 Unit of the Israel Defense Forces, where he served as an officer in the field of advanced technology research.

10:20

הפסקה + הצגת פוסטרים

11:05

 

אסף הראל, קרמבה סקיוריטי

Automotive Security: Think Like a Hacker

As vehicles are getting connected, cyber security attacks are starting to be common to the automotive industry. In this talk we will describe the hacker perspective to the automotive industry and to the problem of hacking into a vehicle.

Assaf Harel is the Chief Scientist & co-founder of Karamba. Assaf has broad experience with embedded, networking, security and mobile technologies. He was Senior Research and Development (R&D) Manager at Check Point Software Technologies (NASDAQ:CHKP), overseeing the development of several innovative, emerging endpoint security products and technologies. Previously, he held software development positions at Metalink and Dune Networks. Assaf served in the elite intelligence unit of the Israeli Defense Forces (IDF). He received a B.Sc. and M.Sc. Cum Laude in Computer Science from the Technion and an MBA Cum Laude from Haifa University.

שקפים

11:35

Keynote lecture
Prof. Bart Preneel, KU Leuven (Belgium)

ההרצאה תינתן באנגלית - Lecture will be given in English

The Future of Security and Privacy

This talk analyzes how technology trends such as the Internet of Things, Big Data and AI are affecting privacy and security. While these technologies bring great benefits to society, they are also changing the power relations and hence disturbing the balance between individuals, companies and governments. Among the more worrying trends are the expansion of mass surveillance and the growing number of active attacks by malicious actors, law enforcement and intelligence, which increase the risk in the digital ecosystem. We explore how novel architectures, cryptographic techniques and open solutions can help to turn the tide.

Bart Preneel is full professor and head of COSIC, an imec research group at the KU Leuven. COSIC currently has 80 members, including 7 professors, 20 postdoctoral researchers, and more than 40 PhD students. Bart Preneel has been visiting professor at five universities in Europe. He has authored more than 400 scientific publications. His main research interests are cryptography, information security and privacy. Bart Preneel has coordinated the Network of Excellence ECRYPT (2004-2018, 250 researchers) and is coordinating the Marie-Curie ITN ECRYPT.NET. He has served as panel member and chair for the European Research Council and has been vice-president and president of the IACR (International Association for Cryptologic Research). He is a member of the Permanent Stakeholders group of ENISA (European Network and Information Security Agency) and of the Academia Europaea. He has been invited speaker at more than 120 conferences in 50 countries. He received the RSA Award for Excellence in the Field of Mathematics (2014), was nominated as fellow of the IACR (2015) and received the ESORICS Outstanding Research Award (2017). In 2013, he testified in the European Parliament for the LIBE Committee Inquiry on Electronic Mass Surveillance of EU Citizens. Bart Preneel frequently consults for and collaborates with companies; those include high tech leaders but also start-ups. This work has resulted in several patents and widely used solutions.

שקפים

12:20

הפסקה וארוחת צהריים קלה

13:20

 

Keynote lecture
פרופ' עדי שמיר, מכון ויצמן למדע

ההרצאה תינתן באנגלית - Lecture will be given in English

A Simple Explanation for the Mysterious Existence of Adversarial Examples with Small Hamming Distance

The existence of adversarial examples in which tiny changes in the input can fool well trained neural networks has many applications and implications in cyber security, but it is still far from being understood, and in particular it is not clear which parameters determine the number of input coordinates one has to change in order to mislead the network. In this talk I will describe a simple mathematical framework which enables us to think about this problem from a fresh perspective, turning the existence of adversarial examples from a baffling phenomenon into a natural consequence of the geometry of R^n with the $L_0$ (Hamming) metric, which can be quantitatively analyzed.

14:20

פרופ' אלי ביהם, הטכניון

TCAN: Authentication Without Cryptography on a CAN Bus

In this talk we present TCAN, an authentication mechanism for messages on the CAN bus that does not require cryptography. TCAN ensures that the messages are sent by their alleged senders, and are not forged by other parties connected to the bus. The main idea of TCAN is to identify nodes on the bus by their physical location. In order to uniquely identify nodes by their physical location we install dedicated nodes on the bus that measure reception time differences, which are correlated to the senders' location on the bus due to the fixed speed of propagation.

This is a joint work with Eli Gavril and Sara Bitan.

שקפים

15:20

 

דברי סיום

16:05

 

רוב ההרצאות תתקיימנה בעברית - Most lectures will be given in Hebrew

שקפי ההרצאות יופיעו בדף זה לאחר האירוע, מותנה באישור המרצים

יום עיון בסייבר ואבטחת מידע - Cyberday

ימי עיון קודמים רוב ההרצאות תתקיימנה בעברית
Most lectures will be given in Hebrew