Bachelor- and Master-Seminar

Dear All,

the next seminar(s) take place on 3.3. at 14:00.

Session A 14:00-15:00:
Askar Zaitov -  An Vinh Nguyen Dinh

https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09

Meeting-ID: 967 8620 5841
Kenncode: BT!u5=

Session B 14:00-15:00:
Markus Bever - Nicolas Müller

https://cispa-de.zoom.us/j/99025989421?pwd=cWJIM29LYktsbStxTXlKUStZRi9MUT09

Meeting-ID: 990 2598 9421
Kenncode: 3mZyE$

Session A:

14:00-14:30 

Speaker: Askar Zaitov
Title: Mitigating test flakiness through Record & Replay
Supervisor: Prof. Dr. Andreas Zeller
Advisor: Jenny Rau
Talk type: Master Final talk

Abstract:
When it comes to testing Android applications, flakiness becomes a challenging problem. Dealing with the test flakiness can be annoying to any developer due to an unpredictable outcome (pass or fail) despite executing unaltered code. The problem of test flakiness generally, and in Android, in particular, has been extensively addressed in many papers. Unfortunately, not many solutions were proposed. As a result, there is still room for studying this topic.
The reasons for flaky tests may be different: from problems with Android OS version or library compatibility to differences in environmental conditions (Advertisement, location, random numbers, some elements triggering on specific dates, with specific network responses, etc.). As an outcome, there is no universal solution in how to deal with flaky tests.
In this master thesis, we will try to address test flakiness using a record and replay approach, which focuses on the non-deterministic behavior of Android applications and environmental changes as factors causing test flakiness. The proposed approach starts from recording and saving the environmental conditions from the Application Under Test and then replaying two times without mocking the previously recorded environment and with it to see if applications' models changed between different runs.
The evaluation featuring results from ten different applications shows that the proposed approach achieves improvement between the run without using recorded values and the run with it. This indicates that this approach reduces non-determinism and can help to counteract the flaky tests.

14:30-15:00

Speaker: An Vinh Nguyen Dinh
Type of talk: Master Intro
Advisor: Prof. Mario Fritz
Title: Certification of Neural Network Reinforcement Learning Policies based on Randomized Smoothing

Abstract: Although neural networks perform remarkably well on various learning tasks, they have been shown to be highly vulnerable to adversarial inputs - the inputs specifically made to fool them while staying similar for humans. Against the Attack of many adversary-designing methods, naturally comes the notion of Defense: fortifying networks with properties to repel the attacks or, more favourably, to improve their overall robustness to all attacks and even changes of environment. Still, there is a third side of the equation: Certification, which is to bound the effect of all attacks against a given network and to help enhancing its robustness. Among various certification methods, Randomized Smoothing with its theoretical richness and practical simplicity has arisen as one of the most interesting and efficient methods.

While adversarial competition takes place in the field of supervised learning, the paradigm of Reinforcement Learning has extensively and effectively adapted neural networks to its policies. Once more, neural network advantages come with the burden of adversarial competition, as proven by various attacks and defenses on policies emerging in recent years. Unfortunately, the third faction of robustness certification on policies is still lacking. With that motivation, we propose several techniques to apply and adapt the randomized smoothing method to reinforcement learning policies on some virtual environments. We validate our techniques with the effectiveness, robustness and efficiency of the resulting policies, especially in comparison with other certification techniques also adapted to policies. Possibly, we further extend our techniques to a complex environment or we further enhance our techniques with a defense method.

 

15:00-15:30

No talk this week.

 

Session B:

14:00-14:30

Speaker: Markus Bever
Type of talk: Bachelor Intro
Advisor: Anand Kumar Narayanan
Title: On parallelization for public key cryptanalysis

Abstract:
A lot of current cryptographic applications rely on the assumption, that factorization and discrete logarithm are hard. Most public key cryptosystems in practice are built on such hardness assumptions. A new crypto-technique, which also relies on the hardness of factoring, is Verifiable Delay Function. For example they can be used in block chains or to construct randomness beacons.
Currently, the best ways to factorize integers can by achieved by index calculus algorithms. They mainly consist of two steps. While the first step is embarrassingly parallel, the second step is to solve a huge matrix, for which no efficient parallel algorithms are known.
In late 2020, Kirchner and Fouque proposed a more parallel method to tackle this matrix problem, optimized for the product of space and time resources.
In my thesis, I want to explore the parallelizability of the matrix step and benchmark the threat posed by index calculus algorithms. The Kirchner and Fouque method will be the starting point of my investigations. Beyond their work, I would like to model the current cryptanalytic infrastructure, in particular the plausibility of the product of space and time as a complexity measure. In this part I also want to explore which impact the communication costs have, especially if there is more parallelism. Besides I want to look into possible tradeoffs between time and space, especially because space is often the most critical resource.

 

14:30-15:00

Speaker: Nicolas Müller
Type of talk: Bachelor Final Talk
Advisor: Dr.-Ing. Sven Bugiel
Title: App Piracy in Android

Abstract:
The world of mobile apps is consistently increasing, more and more apps are published in diverse Android app markets. With these increasing stats, apps might get pirated and plagiarism in those markets, especially in unofficial app markets, is often the case. It is also not uncommon that original apps get copied and used to spread most Android malware. Apps get copied with their original functionality, but an attacker might include malicious code and republish those apps to spread the malware. Users often do not recognize those pirated apps and are mostly unaware of a different behavior of the app. Furthermore, commercial apps may get copied and republished for free without the original author's permission to do so, or advertisement of an app might get stripped both shrinking developer's income.
This thesis will study common procedures on how an app is pirated. It will also investigate different defense mechanisms developers include in their apps and how app developers usually try to mitigate piracy and plagiarism of their apps.

15:00-15:30

No talk this week.