CISPA's 2nd edition of the Young Researcher Security Convention will take place from March 30 - April 3, 2020 featuring talks, workshops, discussions, poster presentations, and a social program. Dive into three hot topics in the area of IT Security! You will be able to meet and learn from top experts in these fields.
A great opportunity for Bachelor and Master students!

Hot topics in Security Testing  

Expert

Prof. Dr. Andreas Zeller

Fuzzing, or testing systems with myriads of randomly generated inputs, is one of the most cost-effective ways to find bugs and vulnerabilities in real-world programs: Setup the fuzzer, start it, and let it do its job for hours and days. To make fuzzers effective, though, they need to produce inputs that reach and test functionality beyond mere input processing.
READ MORE In this course, we explore how to build effective fuzzers that make use of language specifications, coverage feedback, program semantics, and more – using the fuzzingbook.org toolkit that allows to create, integrate, and extend such fuzzers within minutes. When you’re done with the course, you will be able to (a) use fuzzers effectively for security testing and (b) build your own innovative or domain-specific fuzzer. Includes lots of live coding!

Hot topics in Cyberphysical Security  

Expert

Dr. Nils Ole Tippenhauer

Cyber-Physical Systems consist of networked embedded devices that measure and actuate physical processes. Examples for such systems include industrial control systems, drones, and cars. Such systems face novel security challenges through physical-layer attacks, e.g., attacks that aim to damage the system. Nevertheless, the physical layer can also be leveraged to detect attacks and anomalies.
READ MORE We will take a deep dive into recent research in the area of physical-layer ICS and wireless security, and show exciting offensive and defensive research to bring security into these engineering domains. In particular, challenges related to industrial protocols, veracity of sensor readings, and host security are considered. In addition, options for (complementary) security countermeasures to address those challenges are proposed and compared.

Hot topics in Machine Learning

Experts

Prof. Dr. Mario Fritz

Dr. Yang Zhang

With the advance of machine learning techniques, we have seen a quick adoption of this technology in a broad range of application scenarios. As machine learning is becoming more broadly deployed, such approaches become part of the attack surface of modern IT systems and infrastructures. The class will cover several attack vectors and defenses of today's and future intelligent systems build on AI and machine learning technology.
READ MORE

Machine Learning Overview
Machine Learning is a quickly advancing research area that has led to several breakthroughs in the past years. We will give a short introduction into some of the most relevant concepts -- including Deep Learning techniques.

Evasion attacks
While there has been a leap in performance of machine learning systems in the past decade, still many open issues remain in order to deploy such models in critical systems with guarantees on robustness. In particular, Deep Learning techniques have shown strong performance on a wide range of tasks, but are equally highly susceptible to adversarial manipulation of the input data. Successful attacks that change the output and behavior of an intelligent system can have severe consequences ranging from accidents of autonomous driving systems to by-passing malware or intrusion detection. We cover techniques in the domain of adversarial machine learning that aim at manipulation the predictions of machine learning models and show defenses in order to protect against such attacks.

Inference attacks
Machine Learning services are offered by a range of providers that make it easy for clients e.g to enable intelligent services for their business. Based on a dataset, a machine learning model is trained that then can be access e.g. via an online API. The data and the machine learning model itself are important assets and often constitute intellectual property. Our recent research has revealed that such assets leak to customers that use the service. Hence, an adversary can exploit the leaked information to gain access to data and/or the machine learning model by only using the service. We will cover novel inference attacks on machine learning models and show defenses that allow secure and protected deployment of machine learning models.

Privacy
The success of today’s machine learning algorithms is largely fueled by large datasets. Many domains of practical interest are human centric and are target at operating under real-world conditions. Therefore, gathering real-world data is often key the success of such methods. This is frequently achieved by leveraging user data or crowdsourcing efforts. We will present privacy preserving machine learning techniques that prevent leakage of private information or linking attacks.

Provable Security against Spectre Attacks

Expert

Dr. Swen Jacobs

The Spectre attacks, based on speculative execution and side channels, have surprised the hardware and software industries, and their repercussions will be felt for the foreseeable future. Since the problem cannot be fixed at the hardware level without sacrificing the performance gains of speculative execution, more fine-grained solutions on the software level are necessary.
READ MORE We will discuss how vulnerability to attacks based on speculative execution and side channels can be automatically detected and fixed on the software level, obtaining provable security against this type of attacks.

When:

March 30- April 3, 2020

Where:

Helmholtz Center for Information Security (CISPA)
Stuhlsatzenhaus 5
66123 Saarbrücken, Germany

Application deadline:

Late Application until February 17, 2020

Notification of acceptance:

February 20, 2020

Participation fee:

50,- €

Travel Grants:

We provide financial support up to 500,-€ per person for travel (2nd-class train ticket, economy class flights) and accommodation cost. Please contact us before booking your trip or hotel. The cost will be reimbursed after successful participation via bank transfer.

Accommodation:

We have a list of suggested hotels close to CISPA.

Questions?

Please send an e-mail to .

How to apply:

Fill out the linked PDF below (Apply now) and send it via e-mail to . Don't forget to attach a Motivation Letter, Curriculum Vitae, Transcript of Records, and University Certificates.

Apply Now!

 

Have a look at our previous events:

Secon 2019
Summer School 2018