Elisa Bertino, Purdue University,
Title: Security and Privacy in the IoT
The Internet of Things (IoT) paradigm refers to the network of physical
"things" embedded with electronics, software, sensors, and connectivity to
objects to exchange data with servers, centralized systems, and/or other
devices based on a variety of communication infrastructures. IoT makes it
to sense and control objects creating opportunities for more direct
between the physical world and computer-based systems. IoT will usher
a large number of application domains, ranging from manufacturing and energy
management (e.g. SmartGrid), to healthcare management and urban life (e.g.
SmartCity). However, because of its fine-grained, continuous and pervasive
acquisition and control capabilities, IoT raises concerns about security and
privacy. Deploying existing security solutions to IoT is not straightforward
of device heterogeneity, highly dynamic and possibly unprotected
large scale. In this talk, after outlining key challenges in IoT security
privacy, we present initial approaches to securing IoT data, including
techniques to prevent IoT devices to be compromised and used by botnets.
Bio: Elisa Bertino is currently a Professor of Computer Science with Purdue
University and serves as Research Director of the Center for Education and
in Information Assurance and Security. Her main research interests include
privacy, digital identity management systems, database systems, distributed
and multimedia systems. She is a fellow of the Association for Computing
and has been named a Golden Core Member for her service to the IEEE Computer
Yang Xiang, Swinburne University of Technology, Australia
Title: AI-Driven Cyber Security
Today we have evidenced massive cyber attacks, such as WannaCry ransomware,
hit millions of people in more than 150 countries with billions of dollars
Cyber security has become one of the top priorities globally in the research
Recent years, Artificial Intelligence (AI) has been widely used in numerous
and industries, including finance, healthcare, education, and
supported by a diversity of datasets from a huge number of sources in
domains. These datasets consist of multiple modalities, each of which has a
different representation, distribution, scale, and density.
People have recognized that AI technologies are some of the most effective
against cyber intrusions. Cyber security companies are increasingly looking
to AI to
improve defense systems and create the next generation of cyber protection.
important questions have been asked, such as:
• How AI models learn and understand what is normal and what is abnormal on
• How AI that uses machine learning and other technologies can differentiate
or harmful binary or source codes?
• How can hackers bypass AI-driven security solutions?
Although AI has been talked as one of the game-changing technologies for
security, many doubts still persist. New methods and tools, consequently,
follow up in order to adapt to this emerging security paradigm. In this
will discuss the concept of AI-Driven Cyber Security and how data analytics
used to address the security and privacy problems in cyberspace.
Bio: Professor Yang Xiang received his PhD in Computer Science from Deakin
Australia. He is currently the Director of Centre for Cyber Security Research at
University. His research interests include network and system security,
systems, and data analytics. He has published more than 200 research papers in
international journals and conferences, such as IEEE Transactions on Computers,
Transactions on Parallel and Distributed Systems, IEEE Transactions on
Security and Forensics, and IEEE Transactions on Dependable and Secure
serves as the Associate Editor of IEEE Transactions on Computers, Security and
Communication Networks (Wiley), and the Editor of Journal of Network and
Applications (Elsevier). He is a Senior Member of the IEEE.
Mirosław Kutyłowski, Wroclaw University of Science and Technology, Poland
Title: On Crossroads of Privacy Protection
For a long time privacy protection have been understood as a protection of
private sphere and separation between public and private life.
This is about to change dramatically due to increasing role of IT systems.
Expansion of Internet of Things makes the problem even harder, as
attacks against these systems get easier, when "private" information
about IoT artefacts becomes disclosed.
Privacy protection understood as reducing the amount of identification information
to the minimal level necessary to perform a given functionality is going to
become one of the fundamental good practices.
Privacy protection on one hand and necessity of strong authentication seem
to be contradictory goals. Fortunately, there are cryptographic schemes that create
a firm basis for solving this problem effectively. According to such a scheme
a user holds cryptographic personal keys for creating pseudonymous identities.
The same keys can be used to prove ownership of these identities by means of
corresponding to them. On the other hand, different identities and signatures
of the same person are unlinkable, unless a fundamental cryptographic problem has
broken. Still, this does not enable Sybil attacks -- misusing anonymity for
protecting own misbehavior.
Bio: Miroslaw Kutylowski is full professor at Wroclaw University of Technology. He
member of Research Council of Institute of Computer Science at Polish Academy of
and an elected member of Polish State Commission for Academic Titles. In his carreer
Humboldt Fellowat Technical University of Darmstadt, and Hochschuldozent at Heinz
Institute, University of Paderborn, and professor at Institute of Computer Science,
University. He has received MISTRZ Award from Foundation for Polish Science, IBM
Award and 2013 Award from Polish Chamber of Information Technology and
has been active in different bodies concerning egovernment issues, in particular
interface between ICT and legal systems. His research is focused on algorithms in
distributed systems, privacy, security and cryptography.
Yunlei Zhao, Fudan University, China
Title: Generic and Efficient Lattice-Based Key Exchange from Key
In this work, we abstract some key ingredients in previous lattice-based key
protocols, by introducing and formalizing the building tool, referred to as key
consensus (KC) and its asymmetric variant AKC. KC and AKC allow two
parties to reach consensus from close values obtained by some secure information
exchange. We then discover upper bounds on parameters for any KC and AKC. KC and
fundamental to lattice based cryptography, in the sense that a list of
primitives based on lattice (including key exchange, public-key encryption, and
can be modularly constructed from them. As a conceptual contribution, this much
simplifies the design and analysis of these cryptosystems in the future.
We then design and analyze both general and highly practical KC and AKC schemes,
are referred to as OKCN and AKCN respectively for presentation simplicity. Based
and AKC, we present generic constructions of key exchange (KE) from LWR, LWE,
MLWE with delicate analysis of error rates. The generic construction allows
instantiations with our OKCN and AKCN schemes, for which we elaborate on
choosing the concrete parameters in order to achieve a well-balanced performance
security, computational cost, bandwidth efficiency, error rate, and operation
Bio:Yunlei Zhao received the Ph.D degree in computer science in 2004 from Fudan
Shanghai, China. In the same year, he joined Hewlett-Packard European Research
Bristol, UK, as a Postdoc researcher. Since 2005, he worked at Fudan University, and
currently a professor at Software School, Fudan University. His research interests
theory and applications of cryptography, information security, and the interplay
complexity theory and cryptography.
Kui Ren, University at Buffalo, United States
Title: The Dual Role of Smartphones in IoT Security
The world is entering the era of Internet of Things (IoT) with numerous
under the way, including smart manufacturing and smart living. In IoT, the
interconnected physical devices of various forms, embedded with electronics,
sensors, actuators, jointly perform sophisticated tasks and support abundant
unprecedented services for the world. Centering around many of these innovations
smartphones as they are so pervasively owned by almost every individual, so
interleaved into almost every aspect of our daily living, and so powerfully
with abundant sensing, computing and networking capability.
The role of smartphone in IoT Security, however, can be two-fold. On the one
could be used as a low-cost attacking device, trying to penetrate into
that have never been considered before. On the other hand, it is also the first
defense in the security forefront. In both cases, we need to carefully study to
understand the capability of Smartphones, as well as their security
this talk, I will use two examples to illustrate this observation and hopefully
further researches along this line.
Bio: Kui Ren is SUNY Empire Innovation Professor and the director of the Ubiquitous
and Privacy Research Laboratory (UbiSeC) in the Department of Computer Science and
Engineering, University at Buffalo, State University of New York, where he joined in
an associate professor and was promoted to full professor in 2016. Previously, he
with the Department of Electrical and Computer Engineering at Illinois Institute of
Technology (IIT), where he received early tenure and promotion in five years
He received degrees from three different majors, i.e., his Ph.D in Electrical and
Engineering from Worcester Polytechnic Institute, USA, in 2007, M.Eng in Materials
Engineering in 2001, and B.Eng in Chemical Engineering in 1998, both from Zhejiang
University, China. His current research interests include Data and Computation
Security in the context of Cloud Computing, Wireless Systems Security in the context
Internet of Things, and Crowdsourcing-based Large-scale Data Acquisition. He has
frequently in peer-reviewed journal and conference papers. His H-index is 54, and
citation has exceeded 19,000, according to Google Scholar (as of Aug. 2017). More
than 10 of
his publications have been each cited more than 600 times, with the highest
His research has also been widely covered by the media, including CBS News,
American, NSF News, ACM TechNews, Science Daily, The Conversation, etc. He has
more than 100 keynote/invited talks at conferences and universities worldwide.