BEGIN:VCALENDAR VERSION:2.0 PRODID:-//CYS Research Seminar//https://cys-seminars.kcl.ac.uk/// BEGIN:VEVENT SUMMARY:Measuring\, understanding\, and addressing image-based sexual abus e by Rebecca Umbach DTSTART;TZID=Europe/London:20250114T140000 DTEND;TZID=Europe/London:20250114T150000 DTSTAMP:20260404T155626Z UID:202501141400@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nThis seminar focuses on two separate studies on the topic of image-based sexual abuse (IBSA). IBSA refers to the nonconsensual creat ing\, taking\, or sharing of intimate images\, including threats to share intimate images. The first study investigated the prevalence of\, impacts from\, and responses to IBSA generally\, in 10 countries. The second half of the talk will cover the topic of prevalence\, experiences\, and attitud es towards synthetic IBSA\, sometimes known as deepfake pornography. We’ ll conclude with a discussion of potential preventative interventions. \n\ nDr. Rebecca Umbach is a staff UX researcher at Google. Her research focus es on the experiences of vulnerable populations subjected to online abuse\ , with a particular emphasis on image-based sexual abuse and child sexual abuse material. In her role within the Trust & Safety team at Google\, she uses her research to ensure that the voice of users\, advocacy groups\, a nd subject matter experts are heard by internal stakeholders\, such as pro duct teams and policy developers. Her work is cross-disciplinary\, spannin g criminology\, developmental psychology\, gender studies\, computer studi es\, and human-computer interaction\, and includes a long-standing collabo ration with Professor Nicola Henry at RMIT University. Prior to Google\, s he completed a PhD in Criminology at the University of Pennsylvania. LOCATION:Bush House (S)2.01 END:VEVENT BEGIN:VEVENT SUMMARY:Leveraging Sociotechnical Threat Modeling to Combat Online Abuse b y Miranda Wei DTSTART;TZID=Europe/London:20241216T140000 DTEND;TZID=Europe/London:20241216T150000 DTSTAMP:20260404T155626Z UID:202412161400@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nDigital technologies are not equally safe for everyone. Th e prevalence and severity of online abuse are on the rise\, from toxic con tent on social media to image-based sexual abuse\, as new technologies are weaponized by people who do harm. Further\, this abuse disproportionately harms people already marginalized in society\, creating unacceptable disp arities in safety and reinforcing oppression. Working at the intersection of computer security and privacy (S&P) and human-computer interaction (HCI )\, I address online abuse as the next frontier of S&P challenges. In this talk\, I discuss my research (1) characterizing emerging S&P threats in d igital safety\, with particular attention to the technical and societal fa ctors at play\, (2) evaluating the existing support for online abuse\, tak ing an ecosystem-level perspective\, and (3) developing conceptual tools t hat bridge S&P and HCI towards societally informed S&P research. Taking a sociotechnical approach\, I conclude by outlining how security and privacy can work towards a world where all people using technology feel safe and connected.\n\nMiranda Wei is a PhD candidate at the University of Washingt on\, co-advised by Tadayoshi Kohno and Franziska Roesner. Her research foc uses on human-centered security and privacy\, including combating online a buse and supporting sociotechnical safety. She mainly publishes at USENIX Security\, CHI\, and SOUPS\, and her work has been awarded a John Karat Us able Privacy and Security Student Research Award\, a Google PhD Fellowship \, and paper awards. Previously\, she received a B.A. from the University of Chicago. LOCATION:Bush House (SE) 1.03 END:VEVENT BEGIN:VEVENT SUMMARY:Simulating The Law In A Multiple Agent System by Matteo Cristani DTSTART;TZID=Europe/London:20240716T160000 DTEND;TZID=Europe/London:20240716T170000 DTSTAMP:20260404T155626Z UID:202407161600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nUnderstanding the effects of a new regulation is quite a s ignificant quest that arises from the drafters while processing ideas to b ecome effective. In fact\, there are several effects that could be conside red\, including the legal impact\, namely the modification of the legal ba ckground that takes place whenever we introduce a new norm\, the economic effects\, in particular the costs that are imposed by the law to organisms including the state\, companies and other bodies\, the social effects lik e the change of job statuses of citizens\, or citizenship statuses of work ers or other subjects. Understanding these aspects preliminarily is a good deem of many drafters. In this seminar we illustrate the research activit ies of the KREARTI research group in Verona\, where we aim at delivering a prototype of a system to assist the drafter de iure condendo into develop ing a new law\, so that she can value the future effects of the issue of t hat law\, before to have it in force. The aforementioned goal can be achie ved by means of a simulator\, that\, while observing an artificial society \, digital twin of the actual society on which the law takes place\, allow s to measure the consequences of the issue of a new law\, in order to assi st the drafter in the process of designing the norm itself. The system is described and the research plan that shall bring us to the prototype is il lustrated and discussed.\n\n LOCATION:Bush House BH(S)5.01 END:VEVENT BEGIN:VEVENT SUMMARY:Generic attacks based on functional graphs by Rachelle Heim Boissi er DTSTART;TZID=Europe/London:20240603T150000 DTEND;TZID=Europe/London:20240603T160000 DTSTAMP:20260404T155626Z UID:202406031500@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nThe purpose of this talk is to introduce generic attacks b ased on functional graphs. Over the past ten years\, the statistical prope rties of random functions have been particularly fruitful tool to mount ge neric attacks. Initially\, these attacks targeted iterated hash constructi ons and their combiners\, developing a wide array of methods based on inte rnal collisions and on the average behavior of iterated random functions. More recently\, we (Gilbert et al.\, EUROCRYPT 2023) introduced a forgery attack on so-called duplex-based Authenticated Encryption modes which is b ased on exceptional random functions\, i.e.\, functions whose graph admits a large component with an exceptionally small cycle. We have since then i mproved this attack Bonnetain et al.\, CRYPTO 2024) using so-called nested exceptional functions. We also improved several attacks against hash comb iners using exceptional random functions. This talk will present a variety of generic attacks based on functional graphs against hash functions\, ha sh-based MACs and AEAD modes. \n\nPhD student at Université Versailles Sa int-Quentin-en-Yvelines working under the supervision of Christina Boura\, Henri Gilbert and Yann Rotella. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:A Human-centered Approach to Develop AI-based Decision-Support Sys tems by Nadin Kokciyan DTSTART;TZID=Europe/London:20240524T110000 DTEND;TZID=Europe/London:20240524T120000 DTSTAMP:20260404T155626Z UID:202405241100@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nThe talk introduces the research we do in CHAI Lab (Human- centered AI Lab) in the School of Informatics\, University of Edinburgh. I will introduce three ongoing projects\, while the main focus will be on t he first one: 1. "A Collaborative Human-AI Approach to Mitigate Large-Scal e Phishing Attacks"\, where we aim to develop AI-based tools to mitigate p hishing attacks\, 2. "Uncovering implicit inferences for improved relation al argument mining"\, where we aim to analyse unstructured text to discove r meaningful arguments and connections between them\, 3. "Enabling Answera bility in Sociotechnical Systems"\, where we develop a mediator agent tool to facilitate dialogues between organizations and users. \n\nNadin is a L ecturer in Artificial Intelligence in the School of Informatics at Univers ity of Edinburgh\; and a Senior Research Affiliate at the Centre for Techn omoral Futures\, Edinburgh Futures Institute. Her research interests inclu de human-centered AI\, Privacy\, Argument Mining\, Responsible AI and AI E thics. She received her PhD from Bogazici University in 2017\, and held a postdoc position at King's College London prior to joining University of E dinburgh. Nadin regularly serves on the program committees for leading AI conferences such as AAMAS\, IJCAI\, AAAI and ECAI. In 2021\, she was also a guest editor for Sociotechnical Perspectives of AI Ethics and Accountabi lity in IEEE Internet Computing. LOCATION:Bush House (S)2.05 END:VEVENT BEGIN:VEVENT SUMMARY:Securing the Future: IoT Cyber Security in Business Integrations by Belal Asad DTSTART;TZID=Europe/London:20240415T150000 DTEND;TZID=Europe/London:20240415T160000 DTSTAMP:20260404T155626Z UID:202404151500@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nThe Internet of Things (IoT) has become an integral part o f our daily lives\, revolutionising various industries with its innovative applications. IoT devices\, such as smart appliances\, security systems\, and home hubs\, have made our lives more convenient and efficient. They a re used in sectors including healthcare\, agriculture\, and defence\, prov iding benefits like enhanced efficiency\, cost savings\, and data-driven d ecision-making.\n\nIn the context of business integration\, IoT cyber secu rity is critical to the success and security of the integration. Cyber sec urity concerns in any integration can be complex\, particularly due to vul nerabilities and breaches that may arise from non-compatible systems and p olicies. These risks include due diligence\, compliance\, managing IoT sys tems\, finance-related risks\, and asset-related risks.\n\nSeveral high-pr ofile integration transactions have suffered due to cyber security issues. For instance\, Experian's acquisition of Court Ventures and Verizon's pur chase of Yahoo! were impacted by cyber security issues that surfaced after the transactions were announced. Furthermore\, several IoT providers have been through critical cyber security breaches\, which can significantly a ffect any business. \n\n\nAs an Assistant Manager at Evelyn Partners\, I s tand at the vanguard of our cyber security initiatives\, offering expert c onsulting services that ensure the integrity of our clients' digital asset s. My leadership in projects spanning IoT security\, security analysis\, a nd risk management has been pivotal in fortifying our cyber defences.\nCon currently\, I am honing my expertise through a PhD in advanced cyber secur ity and AI at the University of Southampton. This scholarly pursuit not on ly ignites my passion for the field but also enriches the strategies I imp lement at Evelyn Partners. I am privileged to hold esteemed certifications such as SC-300\, SC-100\, SC-200\, and CEH\, underscoring my dedication t o professional excellence.\nAs a published author and certified trainer\, I am fervently committed to disseminating knowledge and nurturing a cultur e of cyber security awareness. I eagerly anticipate engaging in a dialogue about the multifaceted nature of cyber threats and sharing actionable ins ights on how we can continue to excel in our cyber security endeavours\,\n \nOh\, and did I mention my diverse cultural heritage? It's an integral pa rt of who I am\, infusing a touch of global perspective and a dash of char m into my work. Join me as we explore the cutting-edge strategies that wil l keep us at the forefront of cyber security. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:Modular Design of Secure Group Messaging Protocols and the Securit y of MLS by Yiannis Tselekounis DTSTART;TZID=Europe/London:20240318T150000 DTEND;TZID=Europe/London:20240318T160000 DTSTAMP:20260404T155626Z UID:202403181500@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nEnd-to-end encrypted secure messaging is a widely used cla ss of cryptographic protocols enabling clients to communicate securely and asynchronously over untrusted network and server infrastructure. The term “secure” encompasses several security guarantees\, including message authenticity and a robust level of message confidentiality\, captured by t he notions of post-compromise security (PCS) and forward secrecy (FS). Int uitively\, these notions require that current messages remain secure again st any adversary that controls all network traffic and can leak all partic ipants’ local states both in the past (PCS) and in the future (FS).\n\nA new class of messaging applications are based on underlying Continuous Gr oup Key Agreement (CGKA) protocols\, including the IETF’s upcoming Messa ging Layer Security (MLS) standard. Most of the functionality\, security a nd efficiency properties of these protocols is inherited directly from the ir underlying CGKAs\, rendering CGKA a growing subject of cryptographic re search in recent years. In this work we analyse the security and propose i mprovements for the CGKA protocol proposed by the MLS standard. \n\nYia nnis Tselekounis is a Lecturer at the Department of Information Security a t Royal Holloway\, University of London. His research focuses on applied a nd theoretical aspects of cryptography\, including the security of cryptog raphic protocols\, leakage/tamper-resilient cryptography\, and blockchains . Before joining RHUL\, Yiannis was a postdoctoral researcher at Carnegie Mellon University and Faculty Fellow at New York University. He obtained h is PhD degree from the Department of Informatics of the University of Edin burgh. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:Lattice Gaussian Sampling Using Markov Chain Monte Carlo (MCMC)\, With Applications to Trapdoor Sampling by Cong Ling DTSTART;TZID=Europe/London:20240311T150000 DTEND;TZID=Europe/London:20240311T160000 DTSTAMP:20260404T155626Z UID:202403111500@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nSampling from a lattice Gaussian distribution has emerged as a common theme in various areas such as coding and cryptography. The de facto sampling algorithm—Klein’s algorithm yields a distribution clos e to the lattice Gaussian only if the standard deviation is sufficiently l arge. This talk is concerned with a new method based on Markov chain Monte Carlo (MCMC) for lattice Gaussian sampling\, which converges to the targe t lattice Gaussian distribution for any value of the standard deviation. A number of algorithms will be presented\, such as Gibbs and Metropolis-Has tings. A problem of central importance is to determine the mixing time. It is proven that some of these Markov chains are geometrically ergodic\, na mely\, the sampling algorithms converge to the stationary distribution exp onentially fast. Finally\, an application to trapdoor sampling based on NT RU is demonstrated\, potentially outperforming the FALCON signature scheme .\n\nCong Ling is currently a Reader (equivalent to Professor/Associate Pr ofessor) in the Electrical and Electronic Engineering Department at Imperi al College London. His research interest is focused on lattices and their applications to coding and cryptography. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:Understanding the Security Limitations of Encrypted Cloud Data by Evangelia Anna (Lilika) Markatou DTSTART;TZID=Europe/London:20240226T150000 DTEND;TZID=Europe/London:20240226T160000 DTSTAMP:20260404T155626Z UID:202402261500@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nIn order to protect data in the cloud\, a database should be stored in encrypted form and queries executed without prior decryption. Searchable encryption schemes are being deployed in real-world applicatio ns to achieve this objective. They balance security and performance by pro viding efficient algorithms that\, however\, leak some information about t he data. This talk considers range queries on encrypted multidimensional d ata and explores the feasibility of reconstructing the plaintext data by e xploiting the information leakage from such queries. We analyze common typ es of leakage\, like access pattern\, i.e.\, individually encrypted record s in query responses\, and volume pattern\, i.e.\, encrypted entire query responses. We also develop efficient searchable encryption schemes and ass ess both theoretically and experimentally their vulnerability to reconstru ction attacks that exploit their leakage. By furthering the understanding of the security limitations of encrypted cloud data\, our work enables dev elopers to make more informed choices when deploying searchable encryption solutions.\n\nEvangelia Anna (Lilika) Markatou is an assistant professor of cybersecurity at TU Delft. She received her PhD from Brown University\, advised by Roberto Tamassia. She graduated with a Bachelor's degree in El ectrical Engineering and Computer Science in 2016 from the Massachusetts I nstitute of Technology (MIT). In 2018\, she received a Master of Engineeri ng from MIT advised by Nancy Lynch. In her research\, she aims to develop secure and private protocols that enable users to utilize cloud computing resources without sacrificing their data. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:Concrete Security for Succinct Arguments from Vector Commitment Sc hemes by Ziyi Guan DTSTART;TZID=Europe/London:20240207T160000 DTEND;TZID=Europe/London:20240207T170000 DTSTAMP:20260404T155626Z UID:202402071600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nWe study the concrete security for succinct interactive ar guments realized from probabilistic proofs and vector commitment schemes i n the standard model. \n\nWe establish the tightest bound on the security of Kilian’s succinct interactive argument based on probabilistically che ckable proofs (PCPs). Then we show tight bounds for succint interactive ar guments based on public-coin interactive oracle proofs (IOPs)\, for which no previous analysis is known. Finally we conclude that this VC-based appr oach is secure when realized with any public-query IOP (a special type of private-coin IOP) that admits a random continuation sampler.\n\nBased on h ttps://eprint.iacr.org/2023/1737.pdf\, joint work with Alessandro Chiesa\, Marcel Dall’Agnol\, and Nick Spooner. \n\n\nZiyi Guan is a third-year P hD student at EPFL\, supervised by Alessandro Chiesa and Mika Göös. She is interested in theoretical computer science\, in particular complexity t heory and cryptography. LOCATION:Bush House (S)2.05 END:VEVENT BEGIN:VEVENT SUMMARY:When cybersecurity meets psychology: Toward usable online scam det ection by Sarah Zheng DTSTART;TZID=Europe/London:20240129T140000 DTEND;TZID=Europe/London:20240129T150000 DTSTAMP:20260404T155626Z UID:202401291400@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nOnline scams are taking an emotional and financial toll on people around the globe. Artificial intelligence (AI) is already being us ed to create targeted campaigns and humans are not able to distinguish AI- generated from "human" content. Evidently\, technical systems alone cannot prevent people from falling for online scams. We also need to update the human computer user. \nI will present three studies from my PhD that exami ned novel paradigms to improve people's ability to detect phishing e-mails - a quintessential type of online scam. The first study tested what psych ological and demographic factors relate to people's likelihood to fall for phishing e-mails\, using an experimental setting with behavioural trackin g and a representative participants sample. The result gave rise to design ing three e-mail security tools to scan e-mails in a usable fashion\, whic h we evaluated in the second study. Third\, I used the psychological conce pt of "self-projection" to design and test an adversarial phishing detecti on training. Indeed\, engaging people with how phishing e-mails are create d can improve their detection ability. \nI will end the talk with a reflec tion on the implications of our findings and future directions for researc h.\n\nSarah recently completed her PhD in Security & Crime Science at UCL with a full scholarship from the Dawes Centre for Future Crime. She has a background in psychology and neuroscience\, and four years of experience i n AI and data science consulting. These roles include developing machine l earning models for credit card fraud detection and working on AI use cases for the Dutch MoD. She started programming websites in primary school\, b ut a fascination with how the human mind works made her a psychological re searcher in the first place. With her work\, she aims to bridge the gap be tween cognitive and computer science. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:Obfuscation from Lattice-Based Equivocal Assumption by Ivy K. Y. W oo DTSTART;TZID=Europe/London:20231218T160000 DTEND;TZID=Europe/London:20231218T170000 DTSTAMP:20260404T155626Z UID:202312181600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nIndistinguishability obfuscation allows one to turn a prog ram unintelligible\, without altering its functionality. Because it captur es the power of most known cryptographic primitives and enables new ones\, obfuscation is often referred to as being crypto-complete. In this work w e investigate constructions of indistinguishability obfuscation\, whose se curity can be reduced from potentially hard problems over lattices. Compar ed to other candidates\, a purely lattice-based obfuscator has the advanta ge of being based on a single source of hardness and being plausibly post- quantum\, enabling many applications in quantum cryptography.\n\nWe propos e a new construction of lattice-based obfuscation whose security relies on an instance-independent assumption over lattices called the Equivocal Lea rning with Errors (LWE) assumption\, which is closely related to the recen tly introduced Evasive LWE assumption. Our main technical ingredient is a new statistical trapdoor algorithm for equivocating LWE secrets over latti ces with exceptionally short vectors\, which may be of independent interes t.\n\nIvy K. Y. Woo is a PhD student in cryptography at Aalto University\, Finland since 2022. Her research focuses on cryptographic constructions f rom lattices. Recently she is working on advanced encryption such as attri bute-based encryption. More generally\, she is interested in constructing cryptographic objects from an algebraic perspective. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:Three Years of Shouting at Computers: Security and Privacy for Spe ech Interfaces by Will Seymour DTSTART;TZID=Europe/London:20231211T160000 DTEND;TZID=Europe/London:20231211T170000 DTSTAMP:20260404T155626Z UID:202312111600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nIt can feel like every new consumer device comes with some kind of voice integration. While this is often a win for usability\, free ing up our hands and eyes to do other tasks\, there's also something inher ently creepy/unsettling about devices that speak and listen to us.\n\nIn t his talk I'll be covering a range of exploratory work on privacy and secur ity issues with conversational devices\, how these are intensified by the way that computer speech is processed in the brain\, and how we might be a ble to navigate a path out of the mess we've gotten ourselves into.\n\n\nW illiam Seymour is a Lecturer in Cybersecurity and member of the Cyber Secu rity Group in the Department of Informatics at King’s College London. Be fore coming to King’s as a postdoctoral researcher\, he obtained a DPhil in Cybersecurity from the University of Oxford and an MEng in Computer Sc ience from the University of Warwick.\n\nWilliam conducts interdisciplinar y work at the intersection of security\, privacy\, HCI\, ethics\, and law using a combination of computational and social science research methods. His work explores people’s concerns about using AI systems\, what values those systems should embody\, and how they can better meet the needs of t he people who use them. He has worked with a wide range of public sector a nd industry partners including Microsoft\, BRE Group\, and the Information Commissioner’s Office. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:Lattice-Based Polynomial Commitments: Towards Asymptotic and Concr ete Efficiency by Ngoc Khanh Nguyen DTSTART;TZID=Europe/London:20231204T160000 DTEND;TZID=Europe/London:20231204T170000 DTSTAMP:20260404T155626Z UID:202312041600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nPolynomial commitments schemes are a powerful tool that en ables one party to commit to a polynomial p of degree d\, and prove that t he committed function evaluates to a certain value z at a specified point u\, i.e. p(u) = z\, without revealing any additional information about the polynomial. Recently\, polynomial commitments have been extensively used as a cryptographic building block to transform polynomial interactive orac le proofs (PIOPs) into efficient succinct arguments.\n\nIn this talk\, we present new constructions of lattice-based polynomial commitments that ach ieve succinct proof size and verification time in the degree d of the poly nomial. Extractability of the schemes holds in the random oracle model und er the standard Module-SIS assumption. Concretely\, the most optimized ver sion achieves proof in the order of 600KB for d = 2^20\, which becomes com petitive with the hash-based FRI commitment.\n\nNgoc Khanh Nguyen is a lec turer at King's College London. His current topics of interests are (but n ot limited to) efficient lattice-based constructions and efficient post-qu antum zero-knowledge proofs.\n\nPreviously\, Khanh was a postdoctoral rese archer at EPFL\, hosted by Prof. Alessandro Chiesa. He obtained his PhD de gree at ETH Zurich and IBM Research Europe - Zurich\, supervised by Dr Vad im Lyubashevsky and Prof. Dennis Hofheinz. Before that\, he did his underg raduate and master studies at the University of Bristol\, UK. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:Protecting Humans from Misused Generative AI by Shawn Shan DTSTART;TZID=Europe/London:20231121T153000 DTEND;TZID=Europe/London:20231121T163000 DTSTAMP:20260404T155626Z UID:202311211530@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:In-person seminar\n\nGenerative AI is revolutionizing the art industry by training models on billions of copyrighted artwork without con sent\, compensation or credit for the original artists. AI's ability to co py artists' styles from their copyrighted work is disrupting existing arti sts' income and livelihood\, and discouraging aspiring art students from p ursuing their dreams. In this talk\, I will present our work “Glaze” t hat protects human artists from this threat by exploiting fundamental weak nesses in generative models. I will share some of the ups and downs of imp lementing and deploying an adversarial ML tool to a global user base\, and reflect on mistakes and lessons learned. \n\nShawn Shan is a PhD candidat e in Computer Science at University of Chicago\, advised by Ben Zhao and H eather Zheng. His research focuses on developing technical solutions to pr otect people from malicious uses of AI. His research has received the Best Paper and Internet Defense Award in USENIX\, and covered by media outlets such as the New York Times\, BBC\, Scientific American\, and MIT Tech Rev iew. LOCATION:STRAND Building - Room S3.05 END:VEVENT BEGIN:VEVENT SUMMARY:How to Verify Privacy Automatically by Laouen Fernet DTSTART;TZID=Europe/London:20231113T160000 DTEND;TZID=Europe/London:20231113T170000 DTSTAMP:20260404T155626Z UID:202311131600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nPrivacy is relevant for virtually any application handling data. Therefore\,\nstudying privacy is critical\, especially considering the increasing\ndigitalization of applications. In order to protect sensit ive information\, it is\ncrucial to have strong guarantees that systems re spect privacy. New digital\napplications need to be secured and protected against any misuse\, such as\nsurveillance\, profiling\, stalking\, or coe rcion (e.g.\, a doctor should be able to\nmake prescriptions without press ure from pharmaceutical companies).\n\nOne way to formally specify how sys tems and applications work is to model them\nwith security protocols. They are protocols defining how messages are exchanged\nbetween several partie s\, often relying on cryptographic operations. In this\ntalk\, I will intr oduce the notion of $(\\alpha\, \\beta)$-privacy in security\nprotocols an d illustrate the problem with examples. I will present recent\nresearch ab out automated verification of privacy and mention important\nchallenges.\n \nI am a PhD student under the supervision of Sebastian Mödersheim and Lu ca\nViganò. I am working in the Software Systems Engineering section at D TU Compute\,\nthe department of Applied Mathematics and Computer Science o f the Technical\nUniversity of Denmark. Previously I completed there an MS c in Computer Science\nand Engineering with a focus on safety and security by design.\n\nMy research topic is the study of privacy using formal meth ods and logic\, and in\nparticular automated verification techniques. The goal is to better understand\nthe actual privacy guarantees of digital app lications so that we can develop\ntechnology respecting peoples' rights to privacy. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:Drift Forensics of Malware Classifiers by Theo Chow DTSTART;TZID=Europe/London:20231106T160000 DTEND;TZID=Europe/London:20231106T170000 DTSTAMP:20260404T155626Z UID:202311061600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:This seminar will be a dry-run of the talk to be given at the AISec workshop 2023\, co-located with ACM CCS. \n\nThe widespread occurren ce of mobile malware still poses a significant security threat to billions of smartphone users.\nTo counter this threat\, several machine learning-b ased detection systems have been proposed within the last decade.\nThese m ethods have achieved impressive detection results in many settings\, witho ut requiring the manual crafting of signatures.\nUnfortunately\, recent re search has demonstrated that these systems often suffer from significant p erformance drops over time if the underlying distribution changes---a phen omenon referred to as concept drift.\nSo far\, however\, it is still an op en question which main factors cause the drift in the data and\, in turn\, the drop in performance of current detection systems.\n\nTo address this question\, we present a framework for the in-depth analysis of dataset aff ected by concept drift. \nThe framework allows gaining a better understand ing of the root causes of concept drift\, a fundamental stepping stone for building robust detection methods.\nTo examine the effectiveness of our f ramework\, we use it to analyze a commonly used dataset for Android malwar e detection as a first case study.\nOur analysis yields two key insights i nto the drift that affects several state-of-the-art methods. \nFirst\, we find that most of the performance drop can be explained by the rise of two malware families in the dataset.\nSecond\, we can determine how the evolu tion of certain malware families and even goodware samples affects the cla ssifier's performance. \nOur findings provide a novel perspective on previ ous evaluations conducted using this dataset and\, at the same time\, show the potential of the proposed framework to obtain a better understanding of concept drift in mobile malware and related settings.\n\nTheo Chow is a dedicated PhD candidate under the guidance of Professor Fabio Pierazzi. H e is an active member of the Cyber Security Group within the Department of Informatics at King’s College London. Prior to embarking on his doctora l journey at King's\, Theo completed his Master of Science (MSc) in Advanc ed Microelectronics and Computer Systems at the University of Bristol\, fo llowing a Bachelor of Engineering (BEng) in Electronics Engineering at the University of Warwick.\n\nTheo's research passion lies at the intersectio n of eXplainable AI (XAI)\, Cybersecurity\, Concept Drift\, and Machine Le arning Model Robustness. His work addresses the growing concerns surroundi ng the reliability of Machine Learning models and delves into how XAI can offer solutions. He is dedicated to demystifying the 'black box' nature of these models\, ultimately empowering practitioners to understand and trus t these increasingly influential systems. LOCATION:Bush House (S) 5.01 - CUSP Room END:VEVENT BEGIN:VEVENT SUMMARY:Formally Verifying CRYSTALS-Kyber by Katharina Katharina DTSTART;TZID=Europe/London:20230724T130000 DTEND;TZID=Europe/London:20230724T140000 DTSTAMP:20260404T155626Z UID:202307241300@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\n\n\n LOCATION:Online END:VEVENT BEGIN:VEVENT SUMMARY:Studying Information Weaponization on the Web by Emiliano De Crist ofaro DTSTART;TZID=Europe/London:20230622T160000 DTEND;TZID=Europe/London:20230622T170000 DTSTAMP:20260404T155626Z UID:202306221600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nOver the past 20 years or so\, the world has seen an explo sion of data. While in the past\, controlled experiments\, surveys\, or co mpilation of high-level statistics allowed us to gain insights into the pr oblems we explored\, the Web has brought about a host of new challenges fo r researchers hoping to gain an understanding of modern socio-technical be havior. First\, even discovering appropriate data sources is not a straigh tforward task. Next\, although the Web enables us to collect highly detail ed digital information\, there are issues of availability and ephemerality : simply put\, researchers have no control over what data a 3rd party plat form collects and exposes\, and more specifically\, no control over how lo ng that data will remain available. Third\, the massive scale and multiple data formats require creative analysis execution. Finally\, modern socio- technical problems\, while related to typical social problems\, are fundam entally different and\, in addition to posing a research challenge\, can a lso disrupt researchers' personal lives.\n\nIn this talk\, I will discuss how our work has overcome the above challenges. Using concrete examples fr om our research\, I will delve into some of the unique datasets and analys es we have performed\, focusing on emerging issues like hate speech\, coor dinated harassment campaigns\, and deplatforming\, as well as modeling the influence that Web communities have on the spread of disinformation\, wea ponized memes\, etc. Finally\, I will discuss how we can design proactive systems to anticipate and predict online abuse and\, if time permits\, how the "fringe" information ecosystem exposes researchers to attacks by the very actors they study.\n\nEmiliano De Cristofaro is Professor of Security and Privacy Enhancing Technologies at University College London (UCL). He received a PhD in 2011 from the University of California\, Irvine\, advis ed by Gene Tsudik. Before joining UCL in 2013\, Emiliano was Research Scie ntist at Xerox PARC. His research background includes privacy-oriented (ap plied) cryptography and systems security\; currently\, he focuses on priva cy in machine learning and cybersafety. Emiliano has co-chaired the PETS S ymposium and the security/privacy tracks at WWW and ACM CCS. With his co-a uthors\, he received distinguished paper/honorable mention awards from ACM CCS\, NDSS\, ACM IMC\, and ACM CSCW. Ostensibly\, he only refers to himse lf in the third person when writing seminar bios. LOCATION:Bush House (S)2.03 END:VEVENT BEGIN:VEVENT SUMMARY:Interrogating Slack & Discord Chatbots to Uncover S&P Issues by Gu illermo Suarez-Tangil DTSTART;TZID=Europe/London:20230327T160000 DTEND;TZID=Europe/London:20230327T170000 DTSTAMP:20260404T155626Z UID:202303271600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nThis talk will offer an overview of two innovative methodo logies designed to understand what can be done when malicious or potential ly unwanted software runs in the cloud. In the absence of a binary to be a nalyzed\, traditional static and dynamic analysis becomes useless. In part icular\, I will present our latest IMC’22 paper focusing on the Slack ch atbot ecosystem. \n\n\nGuillermo Suarez-Tangil is an Assistant Professor a t IMDEA Networks Institute and a Ramon Y Cajal Fellow. His research focuse s on systems security and malware analysis and detection. In particular\, his area of expertise lies in the study of smart malware\, ranging from th e detection of advanced obfuscated malware to the automated analysis of ta rgeted malware. Guillermo also holds a position at King’s College London (KCL) as an Assistant Professor\, where he has been part of the Cybersecu rity Group since 2018. Before joining KCL\, he was a Senior Research Assoc iate at University College London (UCL) where he explored the use of progr am analysis to study malware. He has also been actively involved in other research directions aiming at detecting and preventing Mass-Marketing Frau d and security and privacy issues on the social web. \n LOCATION:BH(S)2.07 END:VEVENT BEGIN:VEVENT SUMMARY:ADAPT it! APT Attribution for Heterogeneous Files by Aakanksha Sah a DTSTART;TZID=Europe/London:20230323T150000 DTEND;TZID=Europe/London:20230323T160000 DTSTAMP:20260404T155626Z UID:202303231500@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nIn recent years\, we have witnessed a surge in the growth of technically sophisticated Advanced Persistent Threat (APT) attacks and their impact on industry\, governance\, and democracy. APT attacks are cha racterized by long-running complex attack chains that utilize heterogeneou s files and sophisticated tactics\, techniques\, and procedures (TTPs). On e of the most critical questions in this context is identifying the threat group behind the attack\, which is known as APT attribution. Group attrib ution is helpful for defenders as it helps them prioritize their response and remediation efforts.\nIn this talk\, we introduce ADAPT\, a static mac hine learning-based approach to APT attribution\, which automates and stan dardizes the attribution process across heterogeneous file types. We prese nt the findings and insights obtained from applying ADAPT to a newly craft ed APT dataset consisting of 5\,989 real-world APT samples from approximat ely 162 threat groups\, spanning from May 2006 to October 2021.\n\n\nAakan ksha is a second-year doctoral student at TU Wien’s Security and Privacy Research Unit. Before joining TU Wien\, Aakanksha did her Master’s degr ee in Computer Science from the University of Utah\, focusing on Cybersecu rity. Following that\, she worked as a Security Software Engineer at Micro soft\, Redmond\, USA. While working at Microsoft\, Aakanksha often engaged in purple-team activities where they reverse-engineered malware binaries and emulated external adversaries (APT groups)\, such as APT29 and Fin7\, to improve security detection and response. The experience drew her to the research area of malware analysis and attribution of advanced adversary a ttacks.\n LOCATION:BH(S)2.05 END:VEVENT BEGIN:VEVENT SUMMARY:Information Flow Control in Object-Oriented Programs by Narges Kha kpour DTSTART;TZID=Europe/London:20230308T160000 DTEND;TZID=Europe/London:20230308T170000 DTSTAMP:20260404T155626Z UID:202303081600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\n\n\n LOCATION:BH(SE)2.11 END:VEVENT BEGIN:VEVENT SUMMARY:Dos and Don’ts of Machine Learning in Computer Security by Danie l Arp DTSTART;TZID=Europe/London:20230224T160000 DTEND;TZID=Europe/London:20230224T170000 DTSTAMP:20260404T155626Z UID:202302241600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nWith the growing processing power of computing systems and the increasing availability of massive datasets\, machine learning algori thms have led to major breakthroughs in many different areas. Despite grea t potential\, machine learning in security is prone to subtle pitfalls tha t undermine its performance and render learning-based systems potentially unsuitable for security tasks and practical deployment. In the talk\, we l ook at this problem with critical eyes. First\, we identify common pitfall s in the design\, implementation\, and evaluation of learning-based securi ty systems. We conduct a study of 30 papers from top-tier security confere nces within the past ten years\, confirming that these pitfalls are widesp read in the current security literature. In an empirical analysis\, we fur ther demonstrate how individual pitfalls can lead to unrealistic performan ce and interpretations\, obstructing the understanding of the security pro blem at hand. As a remedy\, we propose actionable recommendations to suppo rt researchers in avoiding or mitigating the pitfalls where possible. Furt hermore\, we identify open problems when applying machine learning in secu rity and provide directions for further research. \n\n\n LOCATION:BH(SE)2.11 END:VEVENT BEGIN:VEVENT SUMMARY:Practically-exploitable Cryptographic Vulnerabilities in Matrix by Martin Albrecht DTSTART;TZID=Europe/London:20230125T160000 DTEND;TZID=Europe/London:20230125T170000 DTSTAMP:20260404T155626Z UID:202301251600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nWe report several practically-exploitable cryptographic vu lnerabilities in the Matrix standard for federated real-time communication and its flagship client and prototype implementation\, Element. These\, together\, invalidate the confidentiality and authentication guarantees c laimed by Matrix against a malicious server. This is despite Matrix’ cry ptographic routines being constructed from well-known and studied cryptogr aphic building blocks. On the one hand\, one of our attacks proceeds by ch aining three attacks to achieve a full authentication and confidentiality break. On the other hand\, the vulnerabilities we exploit differ in their nature (insecure by design\, protocol confusion\, lack of domain separati on\, implementation bugs) and are distributed broadly across the different subprotocols and libraries that make up the cryptographic core of Matrix. Together\, these vulnerabilities highlight the need for a systematic and formal analysis of the cryptography in the Matrix standard. \n\n\nMartin w orks across the field of cryptography and recently joined King’s College London as a professor. \n LOCATION:BH(S)5.01 END:VEVENT BEGIN:VEVENT SUMMARY:On the Security of Machine Learning by Erwin Quiring DTSTART;TZID=Europe/London:20221114T170000 DTEND;TZID=Europe/London:20221114T180000 DTSTAMP:20260404T155626Z UID:202211141700@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nMachine learning is increasingly used in security-critical applications\, such as malware detection\, face recognition\, and autonom ous driving. But can we trust machine learning? Unfortunately\, the answer is `No`. Learning methods are vulnerable to different types of attacks th at thwart their secure application. However\, most research has focused on attacks in the feature space of machine learning.\n\nIn my talk\, we will learn that we should think beyond the feature space when thinking about t he security of machine learning. First\, the problem space with real-world objects such as PDF files or malicious code should be considered. Real at tacks are possible but require specialized techniques. Second\, the mappin g from problem to feature space can introduce a considerable vulnerability in learning-based systems. Using the example of image scaling\, we will e xamine how an adversary can exactly control the input to a learning algori thm. Third\, we will also learn that the feature space also has an inheren t connection to the media space of digital watermarking.\n\nErwin Quiring is a postdoctoral researcher at the Ruhr University Bochum \nas part of Ge rmany's Excellence Cluster CASA. His main research focus \nlies in the int ersection between machine learning and security\, with \ntopics such as ma lware detection\, deep fake detection\, or adversarial \nlearning.\n LOCATION:BH(S)5.01 END:VEVENT BEGIN:VEVENT SUMMARY:Malware: The Never-Ending Arms Race by Héctor Menendez DTSTART;TZID=Europe/London:20221108T140000 DTEND;TZID=Europe/London:20221108T150000 DTSTAMP:20260404T155626Z UID:202211081400@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\n"Antivirus is death" and probably every detection system t hat focuses on a single strategy for indicators of compromise. This famous quote that Brian Dye --Symantec's senior vice president-- stated in 2014 is the best representation of the current situation with malware detection and mitigation. Concealment strategies evolved significantly during the l ast years\, not just like the classical ones based on polymorphic and meta morphic methodologies\, which killed the signature-based detection that an tiviruses use\, but also the capabilities to fileless malware\, i.e. malwa re only resident in volatile memory that makes every disk analysis sensele ss. This review provides a historical background of different concealment strategies introduced to protect malicious --and not necessarily malicious -- software from different detection or analysis techniques. It will cover binary\, static and dynamic analysis\, and also new strategies based on m achine learning from both perspectives\, the attackers and the defenders.\ n\n\n LOCATION:BH(S)5.01  END:VEVENT BEGIN:VEVENT SUMMARY:Integrating Security by Design and Automated Security Analysis for Digital Identity Management by Marco Pernpruner DTSTART;TZID=Europe/London:20221024T160000 DTEND;TZID=Europe/London:20221024T170000 DTSTAMP:20260404T155626Z UID:202210241600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nWith the rapid growth of technology\, the concept of ident ity had to evolve towards a new paradigm: digital identity. This requires the establishment of digital identity management protocols to handle all t he related processes. The design of these protocols is a very sensitive pr ocess that should be supported by specific methodologies to help security designers reach the best trade-off between all the dimensions at stake. In this seminar\, we will dive into identity management protocols by both pr oviding some relevant examples and describing a security methodology that we have developed to evaluate the security and risk of these protocols dur ing the design process.\n\n\nMarco Pernpruner is a PhD student in Security \, Risk and Vulnerability\, jointly offered by the University of Genoa and Fondazione Bruno Kessler (Italy). He received the BSc degree in Informati on and Business Organisation Engineering from the University of Trento in 2016\, and the MSc degree in Computer Science and Engineering from the Uni versity of Verona in 2019. He is currently visiting King’s College Londo n under the supervision of Prof. Luca Viganò. His research focuses on dig ital identity\, with a specialization in the design\, security and risk as sessment of multi-factor authentication and fully-remote enrollment proced ures. LOCATION:Bush House (S)2.01 END:VEVENT BEGIN:VEVENT SUMMARY:Cosmic Rays: a Neglected Potential Threat to Evidential Integrity in Digital Forensic Investigations? by Richard Overill DTSTART;TZID=Europe/London:20221004T160000 DTEND;TZID=Europe/London:20221004T170000 DTSTAMP:20260404T155626Z UID:202210041600@https://cys-seminars.kcl.ac.uk/ DESCRIPTION:\n\nThe Cosmic Ray Defence is introduced and its plausibility in various cybercrime scenarios is evaluated quantitatively.\n\n LOCATION:BH(N)5.11 END:VEVENT END:VCALENDAR