Technion Cyber Security Research Center Inaugurated
Dr. Eviatar Matania, Head of Israel’s National Cyber Bureau, attended the inauguration ceremony at the Technion of the Cyber Security Research Center alongside Technion President Professor Peretz Lavie.
Tuesday, April 5, 2016
13:55-14:40 Eran Yahav - Statistical Similarity of Binaries
We address the problem of finding similar procedures in stripped binaries. We present a new statistical approach for measuring the similarity between two procedures. Our notion of similarity allows us to find similar code even when it has been compiled using different compilers, or has been modified. The main idea is to use similarity by composition: decompose the code into smaller comparable fragments, define semantic similarity between fragments, and use statistical reasoning to lift fragment similarity to similarity between procedures. We have implemented our approach in a tool called Esh, and applied it to find various prominent vulnerabilities across compilers and versions, including Heartbleed, Shellshock and Venom. We show that Esh produces high accuracy results, with few to no false positives – a crucial factor in the scenario of vulnerability search in stripped binaries. Joint work with Yaniv David and Nimrod Partush.
Short bio
Eran Yahav is an associate professor at the Computer Science Department, Technion, Israel. Prior to that, he was a research staff member at the IBM T.J. Watson Research Center in New York (2004-2010). He received his Ph.D. from Tel Aviv University (2005) and his B.Sc. from the Technion in 1996. His research interests include program analysis, program synthesis and program verification. Eran is a recipient of the prestigious Alon Fellowship for Outstanding Young Researchers, and the Andre Deloro Career Advancement Chair in Engineering.
Short bio
Eran Yahav is an associate professor at the Computer Science Department, Technion, Israel. Prior to that, he was a research staff member at the IBM T.J. Watson Research Center in New York (2004-2010). He received his Ph.D. from Tel Aviv University (2005) and his B.Sc. from the Technion in 1996. His research interests include program analysis, program synthesis and program verification. Eran is a recipient of the prestigious Alon Fellowship for Outstanding Young Researchers, and the Andre Deloro Career Advancement Chair in Engineering.
14:40-15:25 Mark Silberstein - Never Trust Your Graphics Card!
Graphics Processing Units (GPUs) have become an integral part of modern systems, but their implications for system security are not yet clear. In this talk I will discuss our ongoing research in GPU security. Specifically, I will show that, in contrast to previous publications, GPUs cannot to be used as secure co-processors. Moreover, they themselves provide a stealthy platform for malware with unlimited access to systems memory, and expose previously unknown covert channels for hidden communication with network servers via standard web browsers, which are extremely hard to eliminate.
Short bio
Mark Silberstein is an assistant professor at the Electrical Engineering Department, Technion. Mark’s research is on computer systems with programmable computational accelerators, operating systems, and systems security. Mark did his PhD in Computer Science at the Technion, where his work led to the development of an online distributed system for genetic linkage analysis system, Superlink-online, which today serves geneticists worldwide. Prior to joining the Technion faculty he spent two years as a postdoc at the University of Texas at Austin.
Short bio
Mark Silberstein is an assistant professor at the Electrical Engineering Department, Technion. Mark’s research is on computer systems with programmable computational accelerators, operating systems, and systems security. Mark did his PhD in Computer Science at the Technion, where his work led to the development of an online distributed system for genetic linkage analysis system, Superlink-online, which today serves geneticists worldwide. Prior to joining the Technion faculty he spent two years as a postdoc at the University of Texas at Austin.
15:45-16:05 Daniel Genkin - Physical Side Channel Attacks on PCs and Mobile Devices
Can secret information be extracted from PCs and mobile devices by measuring their physical properties from the outside? What would it take to extract whole keys from such fast and complex devices? We present myriads way to do so, including:
* Acoustic key extraction, using microphones to record the high-pitched noise caused by vibration of electronic circuit components during decryption.
* Electric key extraction exploiting fluctuations in the “ground” electric potential of computers. An attacker can measure this signal by touching the computer’s chassis, or the shield on the remote end of Ethernet, VGA or USB cables.
* Electromagnetic key extraction, using a cheap radios to non-intrusively attack computers and mobile devices.
The talk will discuss the cryptanalytic, physical and signal-processing principles of the attacks, and include live demonstrations. The talk is based on joint works with Lev Pachmanov, Itamar Pipman, Adi Shamir, Eran Tromer and Yuval Yarom
Short bio
Daniel Genkin is a Ph.D student at the Computer Science Department, Technion and a Research Assistant at the School of Computer Science, Tel Aviv University. Daniel’s research focuses on practical and theoretical aspects of cryptography, including side channel attacks and secure multiparty computation.
* Acoustic key extraction, using microphones to record the high-pitched noise caused by vibration of electronic circuit components during decryption.
* Electric key extraction exploiting fluctuations in the “ground” electric potential of computers. An attacker can measure this signal by touching the computer’s chassis, or the shield on the remote end of Ethernet, VGA or USB cables.
* Electromagnetic key extraction, using a cheap radios to non-intrusively attack computers and mobile devices.
The talk will discuss the cryptanalytic, physical and signal-processing principles of the attacks, and include live demonstrations. The talk is based on joint works with Lev Pachmanov, Itamar Pipman, Adi Shamir, Eran Tromer and Yuval Yarom
Short bio
Daniel Genkin is a Ph.D student at the Computer Science Department, Technion and a Research Assistant at the School of Computer Science, Tel Aviv University. Daniel’s research focuses on practical and theoretical aspects of cryptography, including side channel attacks and secure multiparty computation.
16:05-16:50 Eli Ben Sasson - Succinct Incorruptible Computational Integrity
This talk will survey our ongoing research and engineering efforts at Technion and with collaborators, dedicated to constructing efficient systems that enforce computational integrity of programs executed remotely, while preserving privacy of data used in the computation. We shall also discuss applications of our work to decentralized payment systems such as Bitcoin and Zerocash.
Short bio
I am a professor of computer science at Technion – Israel Institute of Technology. My main interest is theoretical computer science (TCS), the study of the mathematical foundations of computation, and within TCS my focus is on computational complexity. (For more information see my research).
Short bio
I am a professor of computer science at Technion – Israel Institute of Technology. My main interest is theoretical computer science (TCS), the study of the mathematical foundations of computation, and within TCS my focus is on computational complexity. (For more information see my research).
17:00 – Technion Cyber Security Research Center Inaugurated ceremony