为促进网络空间安全研究的学术交流,了解国际网络空间安全发展最新学术动态,新加坡南洋理工大学、CRPO(The CyberSG R&D Programme Office)邀请清华大学段海新教授、新加坡管理大学高德斌教授、新加坡科技设计大学周建英教授、新加坡国立大学梁振凯教授等,将于2024年5月27日(周一)在南洋理工大学分享他们近期的研究成果。
会议时间:2024年5月27日(周一)14:00-16:40
会议地点:Seminar Room 1-1 (ABN), Singapore /Academic Building North, 50 Nanyang Ave, Singapore 639798
主持人:刘杨 南洋理工大学教授
腾讯会议:566-459-761
注:本次会议全程英文交流,线上会议名额上限100人,欢迎大家准时参会!
会议议程
演讲主题及内容摘要
(按演讲顺序排列)
Host:Liu Yang
BIO:
Dr. Yang Liu obtained his bachelor and ph.d degree in the National University of Singapore in 2005 and 2010, respectively. In 2012, he joined Nanyang Technological University as a Nanyang Assistant Professor. He is currently an associate professor, director of the cybersecurity lab, Program Director of HP-NTU Corporate Lab and Deputy Director of the National Satellite of Excellence of Singapore. In 2019, he received the University Leadership Forum Chair professorship at NTU.
Dr. Liu specializes in cyber security and software engineering. His research has bridged the gap between the theory and practical usage of formal methods and program analysis to evaluate the design and implementation of software for high assurance and security. By now, he has more than 250 publications in top tier conferences and journals. He has received a number of prestigious awards including MSRA Fellowship, TRF Fellowship, Nanyang Assistant Professor, Tan Chin Tuan Fellowship, and 10 best paper awards and one most influence system award in top conferences like ASE, FSE and ICSE.
Duan Haixin
Title: Cyber-Cannon: Coordinating Cloud Services for Distributed Denial of Service(DDoS) Attacks
Abstract:
Cloud services, with their robust resources, have enhanced network services by increasing their reliability and security. For example, Content Delivery Networks(CDNs), one of the most popular cloud services, have been deployed widely as the best practice against Distributed Denial of Service (DDoS) attacks. Great power of cloud service must come with great responsibilities; however, great power with great vulnerabilities, could be potentially abused or even transformed into the weapon of mass destruction in the cyberspace.
In this context, Professor Duan and his team have undertaken extensive research in recent years. They have conducted deep examinations of security vulnerabilities in cloud services, especially Content Delivery Networks (CDN) and Domain Name System(DNS). They have shed light on how attackers could ingeniously misuse these resources to construct potent offensive tools. Additionally, they have proposed solutions for patching these vulnerabilities and mitigation to enhance the security of some cloud services such as DNS and CDN.
Professor Duan envisions that their research could spark some thoughtful discussion to ensure that the powerful cloud becomes a powerful protection rather than a huge threat.
Bio :
Haixin Duan is a professor at the Institute for Network Sciences and Cyberspace, Tsinghua University. Focusing on network security, Professor Duan's teaching and research encompass critical areas such as the security of Internet infrastructure, including the domain name system(DNS), Web and CDN, public key infrastructures and cloud services.
Together with his team, professor Duan has found a lot of critical vulnerabilities of DNS, HTTP/HTTPS, CDN and Web PKI, which impact many leading internet companies and open source vendors like Google, Apple, Microsoft, Amazon, Akamai, CloudFlare, Apache, ISC and etc. Their research has helped the leading companies or open source communities to fix their vulnerabilities, and led IETF and other organizations to update protocol standards to enhance security.
Prof. Duan publishes their findings in top security conferences (USENIX Security, Security&Privacy, CCS and NDSS) and won several best paper awards in CCS, NDSS and DSN. As the co-founder of Blue-Lotus Team(Once a famous CTF team based in Tsinghua), InForSec (an International Forum for Security Research), and DataCon (a data security competition), prof. Duan has always been an active contributor to the Chinese community of security research and education.
Gao Debin
Title: Source-to-Bytecode Signature Generation for Insecure Method Identification on Android
Abstract:
We propose MtdScout, a novel cross-layer, method-level clone detection tool for Android apps. MtdScout generates bytecode signatures for flawed source methods using compiler-style interpretation and abstraction, and efficiently matches them with target app bytecode using signature-mapped search trees. Our experiments using ground-truth apps show that MtdScout achieves the highest accuracy among three tested clone detection tools, with a precision of 92.5% and recall of 87.2%. A large-scale experiment with 23.9K apps from Google Play demonstrates MtdScout’s effectiveness in complementing both LibScout and CryptoGuard by identifying numerous false negatives they missed due to app shrinking, method-only cloning, and inherent timeouts and failures in expensive taint analysis. Additionally, our experiment uncovers four security findings that highlights the disparities between MtdScout’s method-level clone detection and package-level library detection.
Bio :
Debin GAO,Associate Professor of Computer Science; Co-Director, Centre on Security, Mobile Applications & Cryptography; Faculty Manager, SMU BSc (IS)-CMU Fast-Track Programme; Supervisor to SCIS UG instructors Lee Kong Chian Fellow.
Zhou Jianying
Title: The Need of Testbeds for Cyber-Physical System Security
Abstract:
Critical infrastructure becomes a strategic target in the midst of a cyber war. Governments are investing significantly in response to the risks and challenges while researchers and vendors are aggressively developing and marketing new technologies aimed at protecting critical infrastructure. In this talk, I will briefly describe the framework and features of a cyber-physical system (CPS) which serves as the core to provide critical services in different industrial domains. Then I will discuss the challenges we face and the approaches we can take to defend against cyber attacks. I will elaborate the need of CPS testbeds for testing and validating cybersecurity solutions in a safe and realistic environment, and also compare different types of CPS testbeds. Finally I will introduce the fully operational industrial grade CPS testbeds in iTrust.
Bio :
Jianying Zhou is a professor and center director for iTrust at Singapore University of Technology and Design (SUTD). Before joining SUTD, he was a principal scientist and the head of Infocomm Security Department at Institute for Infocomm Research, A*STAR. He also worked at the headquarters of Oracle as a security consultant.
Prof. Zhou received PhD in Information Security from Royal Holloway, University of London. His research interests are in applied cryptography and network security, cyber-physical system security, mobile and wireless security. He has published 300+ referred papers at international conferences and journals with 13,000+ citations. He received ESORICS'15 Best Paper Award and ACSAC'23 Distinguished Paper Award. He has 2 technologies being standardized in ISO/IEC 29192-4 and ISO/IEC 20009-4, respectively. He also has 10+ technologies being patented.
Prof. Zhou is a co-founder & steering committee co-chair of ACNS, which is ranked in top 20 cyber security conferences. He is also steering committee chair of ACM AsiaCCS, and steering committee member of Asiacrypt. He has served 200+ times in international cyber security conference committees (ACM CCS & AsiaCCS, IEEE CSF, ESORICS, RAID, ACNS, Asiacrypt, FC, PKC etc.) as general chair, program chair, and PC member. He is associate editor-in-chief of IEEE Security & Privacy. He has also been in the editorial board of top cyber security journals including IEEE TDSC, IEEE TIFS, Computers & Security. He is an ACM Distinguished Member. He received the ESORICS Outstanding Contribution Award in 2020, in recognition of his contributions to the community.
Liang Zhenkai
Title: Information-Flow Analysis in the Age of GPU Processing
Abstract:
Dynamic Information Flow Tracking (DIFT) forms the foundation of a wide range of security and privacy analysis. However, the performance and scalability of DIFT are impeded by the extensive number of states and data flows within programs, which make the execution of interactive data flow analysis queries cumbersome with traditional methods. In this talk, we identify that DIFT under dependency-based information flow rules can be cast as linear transformations over taint states. This transformation enables a novel matrix-based representation, FlowMatrix, to represent DIFT operations concisely and makes it practical to adopt GPUs as co-processors for DIFT analysis. FlowMatrix provides efficient support for interactive DIFT query operations. We design a DIFT query system and prototype it on commodity GPUs. Our evaluation shows that our prototype outperforms CPU-based baseline by several times and enables rapid response to DIFT queries. It has two to three orders of magnitude higher throughput compared to typical DIFT analysis solutions. FlowMatrix represents an initial step in the direction toward balancing the complexity and efficiency to adopt new processing technologies in information-flow analysis. We also discuss the potential and limitation of related technologies through the view of complexity.
Bio :
Zhenkai Liang is an Associate Professor in the Department of Computer Science at National University of Singapore. He is also a co-Lead Principal Investigator of National Security R&D Lab of Singapore. His research interests are in system and software security, such as binary program analysis, security in Web, mobile, and Internet-of-things (IoT) platforms. He has been publishing high-impact papers in top security and software engineering conferences, and has won several best paper awards in security and software engineering conference, including Annual Computer Security Applications Conference (ACSAC), USENIX Security Symposium, and ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE). He has also won the Annual Teaching Excellence Award of NUS in 2014 and 2015. He is a current member of the Steering Group of NDSS and has served as technical committee members and editorial board members of main security conferences and journals, including ACM Conference on Computer and Communications Security (CCS), USENIX Security Symposium, Network and Distributed System Security Symposium (NDSS), and IEEE Transactions on Dependable and Secure Computing (TDSC) and ACM Transaction on Privacy and Security (TOPS). He received his Ph.D. degree in Computer Science from Stony Brook University in 2006, and B.S. degrees in Computer Science and Economics from Peking University in 1999.
ABOUT CRPO
The CyberSG R&D Programme Office (CRPO) is a new national centre at Nanyang Technological University, Singapore. The CRPO aims to propel Singapore to the forefront of cybersecurity innovation and implementation, backed by S$62 million in funding from the Cyber Security Agency of Singapore (CSA). CRPO will focus its efforts on three main thrusts to advance cybersecurity comprehensively: cutting-edge research and development, advancements in technology and translational development, and fostering ecosystem/industry growth and training.
