Telecommunications Seminar Series
Friday, April 7
IS Building, 3rd Floor Theatre
Dr. Ilya Mironov, Research Scientist, Google
Privacy-preserving Telemetry in Google Chrome: Seeing the Forest Without Seeing the Trees
Abstract: Even most privacy-conscious organizations may benefit from learning from data available to their clients to strengthen security or usability of their offerings. Back in 2014, users of Google Chrome became targets of unwanted software hijacking the browser's settings, such as the startup page or the default search engine. Efforts to estimate the scale of the problem led to development of a privacy-preserving telemetry service, which became the first Internet-scale deployment of differential privacy. We share our experience from 2+ years of operating this service, which is now used for reporting nearly 200 metrics.
Bio: Ilya Mironov is a Staff Research Scientist in Google working on cryptography and privacy. Before that, he was a member of Microsoft Research Silicon Valley. He has Ph.D. from Stanford in cryptography.
This talk is a joint presentation between the Telecommunications Seminar Series and the Cybersecurity (LERSAIS) Speaker Series.
Friday, March 31
IS Building, 3rd Floor Theatre
Dr. Kui Ren, Professor, State University of New York at Buffalo
My Smartphone Knows What You Print: Exploring Smartphone-based Side-channel Attacks Against 3D Printers
Abstract: Additive manufacturing, also known as 3D printing, has been increasingly applied to fabricate highly intellectual-property (IP) sensitive products. However, the related IP protection issues in 3D printers are still largely underexplored. On the other hand, smartphones are equipped with rich onboard sensors and have been applied to pervasive mobile surveillance in many applications. These facts raise one critical question: is it possible that smartphones access the side-channel signals of 3D printer and then hack the IP information? In this talk, we answer this by performing an end-to-end study on exploring smartphone-based side-channel attacks against 3D printers. Specifically, we formulate the problem of the IP side-channel attack in 3D printing. Then, we investigate the possible acoustic and magnetic side-channel attacks using the smartphone built-in sensors. Moreover, we explore a magnetic-enhanced side-channel attack model to accurately deduce the vital directional operations of 3D printer. Experimental results show that by exploiting the side-channel signals collected by smartphones, we can successfully reconstruct the physical prints and their G-code with Mean Tendency Error of 5.87% on regular designs and 9.67% on complex designs, respectively. Our study demonstrates this new and practical smartphone-based side channel attack on compromising IP information during 3D printing.
Bio: Kui Ren is a professor of Computer Science and Engineering and the director of UbiSeC Lab at State University of New York at Buffalo (UB). He received his PhD degree from Worcester Polytechnic Institute. Kui's current research interest spans Cloud & Outsourcing Security, Wireless & Wearable Systems Security, and Mobile Sensing & Crowdsourcing. His research has been supported by NSF, DoE, AFRL, MSR, and Amazon. He received UB Exceptional Scholar Award for Sustained Achievement in 2016, UB SEAS Senior Researcher of the Year Award in 2015, Sigma Xi/IIT Research Excellence Award in 2012, and NSF CAREER Award in 2011. Kui has published extensively in peer-reviewed journals and conferences and received several Best Paper Awards including IEEE ICNP 2011. According to Google Scholar, his total citation exceeds 16,000, and his h-index is 52. He currently serves as an associate editor for IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Mobile Computing, IEEE Wireless Communications, and IEEE Internet of Things Journal. Kui is a Fellow of IEEE, a Distinguished Lecturer of IEEE, a member of ACM, and a past board member of Internet Privacy Task Force, State of Illinois.
This talk is a joint presentation between the Telecommunications Seminar Series and the Cybersecurity (LERSAIS) Speaker Series.
Friday, March 17
2:00 p.m. - 3:00 p.m.
IS Building, Room 403
Coffee with the speaker begins at 1:30 p.m.
Dr. Vitaly Shmatikov, Professor, Cornell Tech
Machine Learning and Privacy: Friends or Foes?
Abstract: Recent advances in machine learning provide powerful new tools and juicy new targets for data privacy research. I will first show how to use machine learning against systems that partially encrypt data in storage while computing over it. Then, I will turn machine learning against itself, to extract sensitive training data from machine-learning models, including black-box models constructed using Google's and Amazon's "learning-as-a-service" platforms. I will conclude with open research questions at the junction of machine learning and privacy.
Bio: Vitaly Shmatikov is a Professor of Computer Science at Cornell Tech. Prior to joining Cornell Tech, he worked at the University of Texas at Austin and SRI International. He obtained his Ph.D. in computer science and M.S. in engineering-economic systems from Stanford University.
Shmatikov's research area is security and privacy. He received the PET Award for Outstanding Research in Privacy Enhancing Technologies twice, in 2008 and 2014, and was a runner-up in 2013. His research group won the Best Practical Paper or Best Student Paper Awards at the 2012, 2013, and 2014 IEEE Symposiums on Security and Privacy ("Oakland"), as well as the 2012 NYU-Poly AT&T Best Applied Security Paper Award, NDSS 2013 Best Student Paper Award, and the CCS 2011 Test-of-Time Award. In 2015-16, he served as the program chair of the IEEE Symposium on Security and Privacy ("Oakland").
This talk is a joint presentation between the Telecommunications Seminar Series and the Cybersecurity (LERSAIS) Speaker Series.
