August 11-13, 2021
Maison Glad, Jeju, Korea

Invited Talks




 Invited Talk 1: Yonghwi Kwon (University of Virginia)
 Title: Program Analysis for Security   
 Date : August 12, 11:00AM (UTC+09:00)


Abstract:

 Program analysis is the automated process of analyzing the behavior of computer programs both statically and dynamically. Over the years, we have seen various applications of program analysis, including malware analysis, vulnerability analysis, software testing, etc. As we virtually live with computer systems, the importance of secure and correct programs and program analysis techniques improve those properties. In this talk, I will present two recent projects of program analysis solving security problems: malware analysis and swarm security. First, I will present the difficulties in web-server-based malware analysis techniques and our solution to effectively expose malicious behaviors. We propose a novel concept of cooperative counter-factual executions. Second, we will discuss how the concept of counter-factual causality can be used in the context of robotics. We introduce a testing technique that can effectively and efficiently test swarm robotics, finding and fixing configuration bugs in swarm algorithms.
 

Biography:
 
 Yonghwi Kwon is an assistant professor of computer science at the University of Virginia. He is broadly interested in solving system security problems via program analysis. He is a recipient of the two ACM Distinguished Paper Award in 2019 and 2013, NSF CRII Award in 2018, Maurice H. Halstead Memorial Award in 2017, IEEE/ACM Automated Software Engineering (ASE) Best Paper Award in 2013.  

 

 

 

 


 Invited Talk 2: Yang Zhang (CISPA)
 Title: Quantifying Privacy Risks of Machine Learning Models   
 Date : August 13, 09:00 AM (UTC+09:00)


Abstract:

 Machine learning has made tremendous progress during the past decade. While continuing to improve our daily lives, recent research shows that machine learning models are vulnerable to various privacy attacks. In this talk, I'll cover our two recent works on quantifying the privacy risks of machine learning models. First, I will talk about some recent development of membership inference, including membership inference with only labels and attacks against machine unlearning. Second, I will present our work on the first link stealing attacks against graph neural networks.
 

Biography:
 
 Yang Zhang is a faculty member at CISPA Helmholtz Center for Information Security, Germany. Previously, he was a group leader at CISPA. He obtained his Ph.D. degree from University of Luxembourg in November 2016. Yang's research interests lie at the intersection of privacy and machine learning. Over the years, he has published multiple papers at top venues in computer science, including WWW, CCS, NDSS, and USENIX Security. His work has received NDSS 2019 distinguished paper award. Yang has served in the technical program committee of USENIX Security 2022 2021, ACM CCS 2021 2020 2019, WWW 2021 2020, and PETS 2022 2021 2020.  

 

 

 

 


 Invited Talk 3: Eun Jung Kim (Texas A&M Univ.)
 Title: Preventing Cache Leakage from Spectre and Meltdown Attacks 
 Date : August 13, 10:00 AM (UTC+09:00)


Abstract:

 Recently the Spectre and Meltdown vulnerabilities have shaken the computing industry to its core, showing that security is not only a software problem, but that the vulnerabilities exist in the design of modern processors and allow for sensitive information such as passwords and e-mail contents to be read from memory. These attacks take advantage of high performance hardware design features known as Speculative Execution and Branch Prediction. In this talk, I will first introduce these attack examples and I will then discuss an idea to build next generation CPUs to enable secure speculation without sacrificing performance.
 

Biography:
 
 Eun Jung Kim is an associate professor in the Department of Computer Science & Engineering, Texas A&M University, where she has been since 2003. Her research interests include computer architecture, parallel/distributed systems, low-power design, secure computing, performance evaluation, and fault tolerant computing. She is serving as associated editors for IEEE transactions on Computer and IEEE Computer Architecture Letter. She has served as program committee chairs/members for top-tier conferences in the Computer Architecture area. She has published more than 70 scientific papers in leading refereed journals, conferences and book chapters. She has graduated 11 Ph.D. students and 17 M.S. since joining Texas A&M. Dr. Kim received the NSF CAREER Award in 2009. She is a member of the IEEE Computer Society and the ACM.  

 
 
 


Abstract:

 Moving Target Defense (MTD) is a promising defense technique and has been researched recently a lot. The main purpose of MTD is to confuse attackers by changing the attack surface of various systems and networks. This talk will cover the following topics:
1) Introduction to MTD including a brief intro to security fundamentals, and an introduction to security assessment;
2) recent advances in MTD techniques including i) three dimensions of MTD (when, how, and what to trigger), ii) MTD techniques in a horizontal/vertical manner, iii) MTD metrics and MTD-related security and economic metrics, and iv) The state of the art MTD techniques (with my own research highlights);
3) Some practical examples of MTD design and implementation; and finally
4) MTD challenges and future directions.


 

Biography:
 
 Dr. Dan Dongseong Kim is an Associate Professor (softly equivalent to a Reader in the UK; a full professor in the US) in Cyber Security at The University of Queensland (UQ), Brisbane, Australia since 2019. Prior to UQ, he was a faculty member in Cyber Security in the Department of Computer Science and Software Engineering at the University of Canterbury (UC), Christchurch, New Zealand from 2011 to 2018. From 2008 to 2011, he was a postdoc at Duke University in the US. He was a visiting scholar at the University of Maryland, College Park, Maryland in the US in 2007. His research interests are in Cyber Security and Dependability for various systems and networks. More information is available at his UQ webpage: https://researchers.uq.edu.au/researcher/23703.