News
Next Seminar on 23.10.2024
Written on 16.10.2024 17:10 by Xinyi Xu
Dear All,
The next seminar(s) will take place on 2024-10-23 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Madhurima Ghosh, Louai Alkhatib, Paul Kalbitzer
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Password: BT!u5=
Session B: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Luis Felger, Riddhi Suryavanshi, Lenny Händler
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Meeting-ID: 661 3690 1453
Password: sxHhzA004}
Session A
14:00 - 14:30
Speaker: Madhurima Ghosh
Type of Talk: Master Intro
Advisor: Mridula Singh, Xiao Zhang
Title: Benchmarking Machine Learning-based Industrial Control Systems (ICS) Network Intrusion Detection System (NIDS) for Robustness
Research Area: RA3: Threat Detection and Defenses
Abstract: Industrial Control Systems (ICS) are an essential part of critical infrastructure, responsible for the automated control and monitoring of industrial processes. They are integral to sectors such as energy, water, manufacturing, transportation, and chemical production. The security of these systems is paramount due to the potential catastrophic consequences of successful cyber-attacks. Hence, Network Intrusion Detection System (NIDS) is required to analyse industrial network traffic in real time for adversarial behaviour. Anomaly detection mechanism using Machine Learning (ML) techniques is gaining popularity for NIDS. However, the robustness of these ML models, particularly against adversarial attacks, is not fully understood. This research proposes to develop a rigorous framework to test and benchmark the robustness of ML-based NIDS in ICS environments through adversarial attacks, ultimately contributing to more secure and resilient ICS networks.
14:30 - 15:00
Speaker: Louai Alkhatib
Type of Talk: Bachelor Intro
Advisor: Thorsten Holz, Bhupendra Acharya
Title: Hall of Fame: Measuring Vulnerability Disclosures by Bug Bounty Hunters
Research Area: RA5: Empirical and Behavioural Security
Abstract: Bug bounty programs have significantly enhanced software security by establishing structured environments for identifying vulnerabilities. These programs have been widely adopted by major corporations such as Google and Apple, and others are facilitated through crowdsourced platforms like HackerOne and Bugcrowd. A detailed analysis of reports from these programs would help us understand the technical details that hunters use during their vulnerability assessments. Therefore, this thesis explores the dual aspects of bug bounty programs: the analytical and the empirical. The analytical component try to asses the disclosed vulnerabilities, focusing on the types of vulnerabilities reported, the methodologies employed in their discovery. The empirical section delves into the experiences of top bug bounty hunters, exploring the strategies and tools they employ through a detailed survey. Notably, this research addresses the lack of focus on technical practices in the existing literature by integrating a comprehensive technical survey that uncovers the methods used by hunters to find bugs.
15:00 - 15:30
Speaker: Paul Kalbitzer
Type of Talk: Master Intro
Advisor: ["Andreas Zeller", "José Antonio Zamudio Amaya"]
Title: Generating tests for the detection of XMLi vulnerabilities based on WSDL specifications
Research Area: RA3: Threat Detection and Defenses
Abstract: In this thesis we propose a framework to combat XMLi. By leveraging the WSDL specification (Web Services Description Language) of a web service, our framework provides customized test inputs specifically designed to check for XMLi vulnerabilities. By creating XML messages that reflect the service’s functionality and strategically modifying them using grammar-based techniques, the framework effectively simulates XML injection attacks, enabling a thorough examination of web services for XMLi vulnerabilities.
Session B
14:00 - 14:30
Speaker: Luis Felger
Type of Talk: Bachelor Intro
Advisor: Michael Schwarz, Lukas Gerlach
Title: Analyzing the Data-Obliviousness Preservation of Runtimes by the Example of WebAssembly
Research Area: RA3: Threat Detection and Defenses
Abstract: Executing processor instructions on hardware often leads to micro-architectural effects, such as cache-induced timing differences when accessing memory. Adversaries can exploit these to observe the execution behavior of programs. If secret parameters affect this, adversaries can learn about their values, too. Hence, data-oblivious algorithms have been developed, which do not expose parameter values with their execution behavior. However, previous work showed that translating source code to machine code can affect data-obliviousness, e.g., due to applied optimizations. Meanwhile, widespread software development approaches include translating programs multiple times. For example source code is often compiled to intermediate representations before being translated by runtimes to operations of the target hardware. Thus, data-obliviousness can break at multiple stages. Previous analysis approaches, such as DATA, that depend on tracing and comparing executed instructions, focus on native binaries. However, it seems to be difficult to utilize these to analyze programs, that depend on runtimes to dynamically translate intermediate representations to operations of the target platform at execution. We assume that the complexity of such runtimes, strategies like garbage collection, and dividing work to multiple worker threads lead to huge and varying traces. Initial investigations back these considerations. Thus, our goal is to develop an alternative approach that improves analysing data-obliviousness of programs, that require runtimes to translate their intermediate representation at execution. While we assume that our general approach will be transferable to other environments as well, we want to focus our implementation and demonstration on programs, that have been written in C, translated to WebAssembly, and are executed with different runtimes on x86.
14:30 - 15:00
Speaker: Riddhi Suryavanshi
Type of Talk: Master Intro
Advisor: Nils Ole Tippenhauer
Title: Driving Off the Privacy Hill - Examining Privacy Concerns in Connected Cars
Research Area: RA4: Secure Mobile and Autonomous Systems
Abstract: In today’s automotive landscape, the integration of cloud connectivity into modern vehicles presents a variety of benefits. However, this car-to-cloud connectivity also expands the attack surface for potential hackers, raising concerns about the security and privacy of data transmission. Despite these concerns, a noticeable gap exists in research regarding the privacy practices associated with connected cars, including data collection and transmission methods. This thesis addresses this gap by identifying the current technologies employed in automotive car-to-cloud connectivity and evaluating their privacy posture.
15:00 - 15:30
Speaker: Lenny Händler
Type of Talk: Bachelor Final
Advisor: Robert Künnemann
Title: Analysing Tox using Equivalence Properties
Research Area:
Abstract: Tox is a protocol for instant messaging and audio/video communication. In contrast to other proposals like Skype, Signal or Matrix, it uses a p2p architecture. It was designed to provide privacy, however, neither the protocol, nor these guarantees have been clearly defined. Even worse, some attacks are already known. The goal of this thesis is to formalise the protocol and some of the confidentiality guarantees it means to provide. To this end, we are planning to use deepsec, a decidability procedure for trace equivalence.