News

Next Seminar on 09.10.2024

Written on 02.10.2024 18:30 by Xinyi Xu

Dear All,


The next seminar(s) will take place on 2024-10-09 at  14:00 (Session A) and 14:30 (Session B).


Session A: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)

Mohd Kashif, Divya Nidadavolu, Mohamad Altamer

https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09

Meeting-ID: 967 8620 5841

Password: BT!u5=

 

Session B: (14:30 - 15:00)

 

Faiq Iftikhar Awan

https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09

Meeting-ID: 661 3690 1453

Password: sxHhzA004}

 

Session A

14:00 - 14:30

Speaker: Mohd Kashif

Type of Talk: Master Intro

Advisor: Nico Döttling

Title: Haskel to FHE Transpiler

Research Area: RA0: Algorithmic Foundations and Cryptography

Abstract: We propose a fully homomorphic encryption transpiler that allows developers to convert high-level code (Haskell) that works on unencrypted data into high-level code that operates on encrypted data.

 

14:30 - 15:00

 

Speaker: Divya Nidadavolu

Type of Talk: Master Intro

Advisor: Xiao Zhang, Mario Fritz

Title: Double Trouble: Enhancing Robustness of Traffic Sign Classifiers Against Dual Adversarial Challenges

Research Area: RA3: Threat Detection and Defenses

Abstract: The advancement of deep learning has greatly improved intelligent transportation systems, especially in traffic sign recognition, which is vital for autonomous driving. While models trained on datasets like the German Traffic Sign Recognition Benchmark (GTSRB) have shown promise, their susceptibility to adversarial attacks is a growing concern. Data poisoning attacks can target specific subsets of traffic signs, leading to dangerous misclassifications, such as confusing stop signs with other signs. Additionally, out-of-distribution (OOD) attacks exploit the model's unfamiliarity with unusual conditions, causing further vulnerabilities. This thesis aims to enhance the robustness of traffic sign recognition models against these threats, ensuring their reliability and safety in real-world autonomous driving scenarios.

 

15:00 - 15:30

 

Speaker: Mohamad Altamer

Type of Talk: Bachelor Intro

Advisor: Cristian-Alexandru Staicu and Dr. Dolière Francis Somé

Title: Content Delivery Networks and CSP: Addressing Web Security Risks

Research Area: RA5: Empirical and Behavioural Security

Abstract: The global companies of today are putting in very serious efforts to ensure that content is presented to the user fast and at any part of the world. Content Delivery Networks (CDNs) now are an essential piece in enabling fast access to web resources globally. However, security concerns arise, particularly when public CDNs are used to deliver content like scripts on web pages, which poses risks to user data. This thesis investigates the relationship between the use of CDNs and Content Security Policy, an important feature in web security, intended to reduce risks associated with the delivery of content from third-party sources. While the CSP feature is useful for restricting content, it becomes insufficient when defining a public CDN as a trusted source By studying the drawbacks of CSP in conjunction with the inherent vulnerabilities in CDNs, This research investigates the security vulnerabilities of public CDNs, examining multiple services including Cloudflare, Amazon, and Google CDN.. The obtained results will contribute important insights for development, research, and usage, highlighting that more proper strategies need to be adopted to enhance the security of web applications. Ultimately, this work is going to contribute towards a more secure and trustworthy internet environment by eliminating the risks associated with the wide use of CDNs.

 

Session B

 

14:30 - 15:00

Speaker: Faiq Iftikhar Awan

Type of Talk: Master Final

Advisor: Andreas Zeller, Marius Smytzek

Title: More Tests, Better Repair?

Research Area: RA3: Threat Detection and Defenses

Abstract: An automated program repair is a tool that can automatically look for bugs in a program and fixes it using techniques like fault-localization, maximum branch coverage etc. Furthermore, test generation uses fuzzers to randomly generate test cases that increase branch coverage of a test subject. Fuzzers are software tools that can generate a large volume of random or semi- random data that can be directly fed into a test subject or program. With this definition in mind, we ask a question. Does more tests translate to better repair? We present a comprehensive analysis based on statistical data and results that tries to an- swer this question. Our approach utilizes recently published tools such as Avicenna, ISLa and Tests4Py to answer this simple question analytically. These tools serve as building blocks for a solution that can use minimal amount of tests to create a specification about a program. Then generate new test cases according to that specification and repair a program using test cases that provide most amount of coverage. Such repairs are then compared against a baseline. What level of enhancement, if any, does an increase in test cases contribute to the effectiveness of a program repair solution?

 

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.