Abstract: Alongside traditional Information and Communication Technologies, more recent ones like Smartphones and IoT devices also became pervasive. Furthermore, all technologies manage an increasing amount of confidential data. The concern of protecting these data is not only related to an adversary gaining physical or remote control of a victim device through traditional attacks, but also to what extent an adversary without the above capabilities can infer or steal information through side and covert channels! In this talk, we survey a corpus of representative research results published in the domain of side and covert channels, ranging from TIFS 2016 to more recent Usenix Security 2022, and including several demonstrations at Black Hat Hacking Conferences. We discuss threats coming from contextual information and to which extent it is feasible to infer very specific information. In particular, we discuss attacks like inferring actions that a user is doing on mobile apps, by eavesdropping their encrypted network traffic, identifying the presence of a specific user within a network through analysis of energy consumption, or inferring information (also key one like passwords and PINs) through timing, acoustic, or video information.
Speaker: Prof. Mauro Conti.
Affiliation: Mauro Conti is a Full Professor at the University of Padua, Italy, and an Affiliate Professor at the University of Washington, Seattle, USA.
Biography: Mauro Conti is a Full Professor at the University of Padua, Italy. He is affiliated with TU Delft and the University of Washington, Seattle. He obtained his PhD from Sapienza University of Rome, Italy, in 2009. After his PhD, he was a Post-Doc Researcher at Vrije Universiteit Amsterdam, The Netherlands. In 2011 he joined as an Assistant Professor at the University of Padua, where he became Associate Professor in 2015 and Full Professor in 2018. He has been Visiting Researcher at GMU, UCLA, UCI, TU Darmstadt, UF, and FIU. The European Commission and a Fellowship have awarded him a Marie Curie Fellowship (2012) by the German DAAD (2013). Companies, including Cisco, Intel, and Huawei, also fund his research. His main research interest is in the area of Security and Privacy. In this area, he published more than 500 papers in top international peer-reviewed journals and conferences. He is Editor-in-Chief for IEEE Transactions on Information Forensics and Security and Area Editor-in-Chief for IEEE Communications Surveys & Tutorials. He has been Associate Editor for several journals, including IEEE Communications Surveys & Tutorials, IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Information Forensics and Security, and IEEE Transactions on Network and Service Management. He was Program Chair for TRUST 2015, ICISS 2016, WiSec 2017, ACNS 2020, CANS 2021, CSS 2021, WiMob 2023, ESORICS 2023, General Chair for SecureComm 2012, SACMAT 2013, NSS 2021 and ACNS 2022. He is a Fellow of the IEEE, a Fellow of the AAIA, a Senior Member of the ACM, and a Fellow of the Young Academy of Europe.
Registration: Participation is free. However, registration is required on Eventbrite at the following links:
- "Covert & Side Stories: Threats Evolution in Traditional and Modern Technologies (online)",
- "Covert & Side Stories: Threats Evolution in Traditional and Modern Technologies (in person)".