security

The Weaponization of Disinformation in Canada

Harminder Phull — Mon, 10 Apr 2023 18:27:04 +0000

The Weaponization of Disinformation in Canada Harminder Phull Mon, 04/10/2023 - 14:27

The Weaponization of Disinformation in Canada - April 27 - 28, 2023

Digital disinformation presents a mounting threat to, and challenge for, liberal democracies. Global events like Brexit, electoral interference, Russia’s invasion of Ukraine, and the ongoing COVID-19 pandemic, have made the abstract threat of digital disinformation into a distinct reality. The shifting global balance of power, characterized by growing multipolarity, is unfolding alongside the expansion of tools, strategies, and spaces for adversarial states and non-state actors to expand their influence, disrupt multilateral diplomacy, threaten liberal democratic norms and values, and de-legitimize a rules-based global order.

This interdisciplinary workshop will help to bring together awareness among the academic community, industry, civil society, and government, outlining and assessing the evolving threat of digital disinformation while also providing direction and guidance on how to protect liberal democracies like Canada from weaponized digital disinformation.

Seminar • Cryptography, Security, and Privacy (CrySP) — Securing Cloud-assisted Services

Jodi Szimanski — Tue, 20 Nov 2018 18:14:33 +0000

Seminar • Cryptography, Security, and Privacy (CrySP) — Securing Cloud-assisted Services Jodi Szimanski Tue, 11/20/2018 - 13:14

N. Asokan, Department of Computer Science
Aalto University, Finland

All kinds of previously local services are being moved to cloud settings. While this is justified by the scalability and efficiency benefits of cloud-based services, it also raises new security and privacy challenges. Solving them by naive application of standard security/privacy techniques can conflict with other functional requirements. In this talk, I will outline some cloud-assisted services and the conflicts that arise while trying to secure these services.

I will then take the case of cloud-assisted malware scanning as an example scenario to discuss the privacy concerns that arise. I will discuss possible solutions these concerns by casting them as an instance of the private membership test problem. I will briefly describe hardware-assisted trusted execution environments (TEEs) which are widely available now and describe a solution to private membership test using TEEs. In the process, I will also point out several other recent advances in using and building TEEs and my work in this area over the last decade and a half.

Finally, I will discuss the more general setting of using cloud-hosted machine learning models in a privacy-preserving manner. I will describe MiniONN, a solution to transform any existing neural network into an oblivious variant. Oblivious neural networks (ONNs), hosted in a cloud server, can be used by clients without the server learning any information about the inputs clients send to the ONN or the results sent back to them. I will mention the pros and cons of this approach and briefly speculate on how hardware-assisted trusted execution may help address the cons.

Bio: N. Asokan is a professor of computer science at Aalto University in Finland where he co-leads the Secure Systems Group and directs the Helsinki-Aalto Center for Information Security HAIC. He is a PI for the Intel Collaborative Research Center. He is an IEEE Fellow (2017) and an ACM Distinguished Scientist (2015).

Asokan was a staff member at UW (MFCF) in the 1990s and subsequently earned his doctorate in computer science from UW. Visit his web page or his Twitter profile for more on his work.

CrySP Speaker Series on Privacy - Finding Very Damaging Needles in Very Large Haystacks

Jodi Szimanski — Mon, 16 Jul 2018 15:12:03 +0000

CrySP Speaker Series on Privacy - Finding Very Damaging Needles in Very Large Haystacks Jodi Szimanski Mon, 07/16/2018 - 11:12

Vern Paxson, University of California, Berkeley / Corelight, Inc. / International Computer Science Institute

Many of the most costly security compromises that enterprises suffer manifest as tiny trickles of behavior hidden within oceans of other site activity. This talk will examine the problem of developing robust detectors for particular forms of such activity. The process is in some ways a dual to that of adversaries who seek to design algorithms to identify users who employ particular approaches for keeping their network activity private. The themes include research pitfalls, the crucial need to leverage domain knowledge in an apt fashion, and why machine learning is difficult to effectively apply to such problems.

Bio

Vern Paxson is a Professor of EECS at UC Berkeley, and co-founder and Chief Scientist of Corelight, a company based on the network monitoring technology he has developed for many years. He also leads the Networking and Security Group at the International Computer Science Institute in Berkeley. His research focuses heavily on measurement-based analysis of network activity and Internet attacks. He works extensively on high performance network monitoring, detection algorithms, cybercrime, and countering censorship and abusive surveillance. He was inducted in 2006 as a Fellow of the ACM, and in 2011 he received ACM's SIGCOMM Award "for his seminal contributions to the fields of Internet measurement and Internet security, and for distinguished leadership and service to the Internet community." His measurement work has also been recognized by ACM's Grace Murray Hopper Award and by the 2015 IEEE Internet Award.