3rd year External Midterm Review Meeting (2009.01.07)
Document Actions
invitation & conference program (in Hanzi)
2008 1st iCAST /CMU/TRUST Joint Conference
on Security and Privacy Technologies
「資安科技跨國研究計畫」國際會議暨成果發表會
iCAST計畫首開國內先例,結合 3 大領域 4 大組織,與美國柏克萊加州大學 (University of California, Berkeley) 及卡內基美隆大學 (Carnegie Mellon University) 共同合作、研發先進資安前瞻技術與培育專業科技人才,藉以提昇我國資安研究水準與技術研發能量,朝提昇國內資安能量及台灣國際知名度的方向持續努力。
本計畫即將完成第二年度期程,已達成既定之能量產出。謹訂於 2008 年 1 月 7 日 至 8 日假台灣科技大學國際大樓 IB101 舉辦 國際會議暨成果發表會 。 iCAST 團隊國內外 20 餘名專家學者將進行成果發表及專題演說,現場同時展示團隊研發之雛型系統。
活動議題包含 3 大主軸:全域性安全隱私保證 (Pervasive Security and Privacy Assurance) 、無線安全與監控網路技術 (Wireless Security and Video Surveillance) 以及入侵偵測與風險管理 (Intrusion Detection and Risk Management) 。期與國內產學研各界進行資安相關學術及實務經驗交流,並透過未來密切的合作加速國內資安科技水準的提昇。
• 活動時間: 97 年 1 月 7 日 至 8 日
• 活動地點:台灣科技大學國際大樓 IB101 (台北市基隆路 4 段 43 號)
名額有限,請即刻上網詳閱相關訊息!
報名網址: http://conference.iis.sinica.edu.tw/servlet/Register?ConferenceID=78
Preliminary Program
AM, Monday, January 7
| 8:40-9:00 |
Registration |
I. Pervasive Security and Privacy Assurance
9:00-12:00 Session Chair: Yih-Kuen Tsay
| 9:00-9:10 |
Opening Remarks |
| 9:10-9:40 |
"Is Program Analysis Really Relevant to Cybersecurity?" |
| 9:40-10:00 |
“Verifying Memory Safety of Programs with Dynamic Data Structures” |
| 10:00-10:20 |
“Extending Automated Compositional Verification to the Full Class of Omega-Regular Languages” |
| 10:20-11:00 |
“GAnGS: Gather, Authenticate 'n Group Securely” |
| 11:00-11:15 |
Break |
| 11:15-11:40 |
“
Durability and Privacy from Adhoc Wireless Storage ” |
| 11:40-12:00 |
“
The DETER Testbed: An Overview of Design, Implementation and Use ” |
PM, Monday, January 7
II. Wireless Security and Video Surveillance
1:00 -4:45 Session Chairs: Shiuh-Pyng Shieh and Wei-Chung Hwang
| 1:00-1:25 |
“
Secured Video Surveillance ” |
| 1:25-1:40 |
“ICNet: Securty and Privacy in Video Surveillance Networks” |
| 1:40-2:00 |
“Combining TLS and TPMs to Achieve Device and User Authentication for Wi-Fi and WiMAX Citywide Networks” |
| 2:00-2:15 |
Break |
| 2:15-2:30 |
“
SECUR: Secure Environment-aware Configurable Ubiquitous oveRlay ” |
| 2:30-2:45 |
“Unforgeably Verifiable In-Network Aggregation” |
| 2:45-3:00 |
“
UCB/ITRI Wireless Camera Mote Status Update ” |
| 3:00-3:15 |
“
Hierarchical Proxy Re-Encryption with Application to Access Control ” |
| 3:15-3:30 |
“
Dynamic Pharming Attacks and Locked Same-origin Policies for Web Browsers ” |
| 3:30-3:45 |
“Secure Logging in Wireless Forensic” |
| 3:45-4:00 |
“
Can Machine Learning Be Secure? ” |
| 4:00-4:15 |
“A Graph Approach to Quantitative Analysis of Control Flow Obfuscating Transformations” |
| 4:15-4:30 |
“
Testbed Implementation of Secure Flooding Time Synchronization Protocol ” |
| 4:30-4:45 |
“
Optimizing Heterogeneous Networks ” |
• Demo Tour: 4:50 – 5:30
• Banquet: 6:30 – 9:00 pm (By Invitation Only), Place: 14F , VIP Room, Howard International House
AM, Tuesday, January 8
III. Intrusion Detection and Risk Management
9:00-12:10 Session Chairs: Frank Ching-Chi Hsu and Sy-Yeuan Liou
| 9:00-9:30 |
"Machine Learning and Privacy Protection ” |
| 9:30-9:55 |
“A Tool for Offline and Live Testing of Evasion Resilience in Network Intrusion Detection Systems” |
| 9:55-10:10 |
" Statistical Learning for Novel Attack Discovery ” |
| 10:10-10:25 |
“Exploitation Relay for Penetration Test in Verifying System Vulnerabilities” |
| 10:25-10:40 |
Break |
| 10:40-11:00 |
“
IDEAS: Intrusion Detection and Event Analysis System ” |
| 11:00-11:20 |
“ Defending On-Line Web Application Security ” |
| 11:20-11:40 |
“ Stealthy Attack Detection and Scalable Network Forensics ” |
| 11:40-12:00 |
“ A Web-Based Risk Assessment Architecture” |
| 12:00-12:10 | Closing Remarks |
1:30-4:45pm, Tuesday, January 8
Tutorial: Adrian Perrig (CMU)
“New Technologies for Trusted Computing”
Trusted computing technologies represent a promising approach for containing the numerous security vulnerabilities in current operating systems and applications. In fact, the Trusted Computing Base (TCB) of current applications includes millions of lines of code. We developed multiple approaches for isolating the execution of security-sensitive code from vulnerabilities present in TCBs and for guaranteeing that execution remains untampered by malware.
In particular, we developed techniques based on the new trusted execution support provided by the new generation of AMD and Intel processors. Furthermore, we harness attestation technology provided by Trusted Platform Module (TPM) hardware. We have also developed alternative software-based attestation techniques to provide analogous properties in the case of legacy hardware.
Finally, we have developed SecVisor, a tiny hypervisor that ensures code integrity for commodity OS kernels. In particular, SecVisor ensures that only approved code can execute in kernel mode over the entire system lifetime. This protects the kernel against code injection attacks, such as kernel rootkits.
• Adrian Perrig is an Associate Professor in Electrical and Computer Engineering, Engineering and Public Policy, and Computer Science at Carnegie Mellon University .