From Cybersecurity to Artificial Intelligence
In memory of codebreaker Jane Fawcett
We at CYSEC use our global network and organize the first Darmstadt Women in Tech event on March 4, 2020. High-Tech Women will feature talks by internationally renowned female speakers from all over the world. As such, it will be a platform for inspiring successful women in tech to spread their professional achievements and ideas. By presenting their career paths - from Cybersecurity to Artificial Intelligence - and sharing their experience, our speakers will empower young talents to reach their goals and make their careers in tech as well.
This event is dedicated to the memory of codebreaker Jane Fawcett (4 March 1921 – 21 May 2016).
Dr. Najwa Aaraj
Technology Innovation Institute
Chief Research Officer
Merck, Data Scientist
Prof. Lejla Batina
Dr. Hannah Bürckstümmer
Merck, Innovation Program Manager
Dr. Ileana Buhan
Riscure, Product Manager
Prof. Alexandra Dmitrienko
University of Würzburg
Dr. Astrid Elbe
Intel, Managing Director Intel Labs Europe
Merck, Data Scientist
Prof. Nele Mentens
Dr. Azalia Mirhoseini
Google Brain, Senior Scientist
Prof. Fareena Saqib
University of North Carolina at Charlotte
Dr. Johanna Sepúlveda
Airbus Defence and Space,
Senior Scientist Secure Communication
Dr. Xuebing Zhou
Huawei, Director, Privacy Technologies
|Wednesday, March 4, 2020|
|8:00 – 9:00||Registration & Coffee|
|9:00 – 9:15||Welcome|
|9:15 – 9:40||Fix the leak: Side-Channel Protection for SGX using Data Location RandomizationAlexandra DmitrienkoSlidesVideo
Hardware-assisted security architectures, such as Intel SGX, promise protection to security-sensitive applications from malicious software executed on the same platform, and even from the compromised operating system. Recent research, however, has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks, which can lead to a full compromise of SGX-protected secrets. In this talk, we revisit the problem of side-channel attacks on Intel SGX and present a pill -- Dr.SGX tool, that provides protection against cache-based side-channel attacks and attacks that rely on observation of induced page faults. Dr.SGX breaks the link between the memory observations by the adversary and the actual data accesses by the victim through data randomization and strikes the balance between side-channel protection and performance through continuous runtime enclave re-randomization and the re-randomization rate configurable through an adjustable security parameter. The tool is compiler-based and does not require any code annotations – thus, applicable by non-expert developers.
|9:40 – 10:05||Privacy and AI: Contradiction or Symbiosis?Xuebing ZhouSlidesVideo
Artificial Intelligence is about to change our society considerably. In domains like autonomous driving, medical diagnosis and predicting epidemics, AI may even make the difference between life and death. Therefore, ethical concerns arise and are tightly coupled with the growth of AI. Among those, privacy is an important aspect since lots of AI applications rely heavily on personal data. This talk will give an overview of privacy requirements and risks in the application of AI. Relevant Privacy Enhancing Technologies will be introduced from an industrial perspective. It will be shown how solving contradictory requirements of AI and privacy can lead to more trustworthy AI systems and which challenges remain.
|10:05 – 10:30||Learning when to stop: in life and when training deep networksIleana BuhanSlidesVideo
Today, deep neural networks represent a common option when
conducting the profiled side-channel analysis. Such techniques commonly
do not require pre-processing, and yet, they can break targets that are
even protected with countermeasures. Unfortunately, it is usually far
from trivial to find neural network hyper-parameters that would result
in such top-performing attacks.
The hyper-parameter leading the training process is the number of epochs
during which the training happens. If the training is too short, the
network does not reach its full capacity, while if the training is too
long, the network over fits, and consequently, is not able to generalize
to unseen examples. Finding the right moment to stop the training
process is particularly difficult for side-channel analysis as there are
no clear connections between machine learning and side-channel metrics
that govern the training and attack phases, respectively. In this work,
we tackle the problem of determining the correct epoch to stop the
training in deep learning-based side-channel analysis. First, we explore
how information is propagated through the hidden layers of a neural
network, which allows us to monitor how training is evolving. Second, we
demonstrate that the amount of information transferred to the output
layer can be measured and used as a reference metric to determine the
epoch at which the network offers optimal generalization. To validate
the proposed methodology, we provide extensive experimental results that
confirm the effectiveness of our metric of choice for avoiding
overfitting in the profiled side-channel analysis.
|10:30 – 11:00||Coffee break|
|11:00 – 11:25||IoT security challenges: embedded encryption and machine learning technologiesNajwa AarajVideo
In this talk, I will focus on the security of CPS / IoT devices, which
are increasingly being deployed for a multitude of functionalities. The
spread of such devices will be even wider due to emerging technologies
such as 5G, edge and cloud computing, etc.
|11:25 – 12:05||A data scientist’s journey: a personal account of what we have learntStuti Agrawal and Eleonora LippolisSlides
In this talk, we will share our experiences of how we became data scientists. We both started with different ambitions in mind, and slowly moulded it in the direction of data science. We are currently working in the same team at Merck, supporting the healthcare business with data science. As the application of data science in this industry is still developing, we face many challenges (eg. stakeholder buy-in, data availability, infrastructure, trust etc.), but we also get the satisfaction of driving important long-term decisions within the company. Through our journey we have learnt that applying data science to the real world goes beyond building the best machine learning model. Our talk is an account of discovering the data scientists within ourselves.
|12:05 – 12:30||Secure Communication in the Quantum EraJohanna Sepúlveda|
|12:30 – 13:30||Lunch|
|13:30 – 13:55||Secure Boot Process for FPGAsFareena SaqibSlidesVideo
Compromise of boot process, access and control of a single sensor ormicro-controller by a hacker can lead to full control on entire electronic network. This situation is expanding rapidly posing serious security and privacy challenge to manufacturers as well as customers/operators,and requires immediate and tactfully strategic solution to avoid conceivable property and human losses and to counter the advantage made available to adversaries by the increasing complexity of software and hardware and the additional flexibility provided by mobile devices to interact with these systems. The talk will introduce the hardware security primitives to improve the resilience against boot attacks. Secure boot processes that counter the theft or compromise of secret information, e.g., keys for encryption. The talk will overview FPGA boot process, and discuss the state of the art secure boot processes.
|13:55 – 14:20||The chip, Mia and the tableLejla BatinaSlidesVideo|
|14:20 – 14:45||Neuromorphic Systems @ Merck Innovation CenterHannah BürckstümmerSlidesVideo
At the Innovation Center at Merck, we strive to develop business beyond our current focus areas. Neuromorphic Systems, which aim to mimic the working principles of our brain to increase computing power and decrease power consumption, is one of these intriguing topics. Neuromorphic solutions address the problem of the massively growing carbon footprint of ICT with an alarming status of 10% of the global energy use. And, they will enable much more intelligent edge applications such as sensors in autonomous cars or natural signal processing in our mobile phones. Here, challenges in data privacy, communication bandwidth and processing latency are driving artificial intelligence from the cloud to the edge. Besides, I want to share my journey from acting according to the values of my parents to a more reflected set of values corresponding to my own, deep beliefs.
|14:45 – 15:45||Student panel discussionModerator: Juliane KrämerVideo|
|15:45 – 16:30||Coffee break|
|16:30 – 16:55||Efficiency and agility: in secure hardware and in life!Nele MentensSlidesVideo
When embedded electronic systems need high performance or low power consumption, it is often unavoidable to move computationally intensive or power-hungry operations, such as cryptographic algorithms, from software to hardware. In this presentation, we highlight research challenges and directions in the field of cryptographic hardware design. In the first part, we address the effect of emerging technologies on the implementation and security properties of cryptographic hardware components. In the second part, we introduce the concept of cryptographic agility, i.e. the ability of cryptographic implementations to be updated depending on newly detected vulnerabilities, new standards, or the availability of more efficient implementations.
|16:55 – 17:20||How I became Intel Labs Europe Research Director: A story how unpredictable a career isAstrid ElbeSlides
After you finished your master or PhD you might think you find your first job, work very hard, especially as a technical female you will be promoted and of course your employer is helping you step by step to climb the carrier ladder. And finally you will reach all the jobs and goals you are aiming for. This might be the case at the beginning of your carrier. But as soon as you are approaching more senior roles it becomes very different, because there is such strong competition and many really good candidates for such senior roles. During my talk I want to tell you a few stories how I made my carrier with 3 young kids at home, a more than full time working and travelling husband, no family close to my house in Munich and not much support from my employers. I will not recommend any of you to do it the same way, but I hope my stories will motivate you to strive for ambitious carrier goals. To be successful you should follow your passion, figure out in what you are much better at than anybody else, keep your own goals always as a “North Star” and stay persistent and focused on them. Do not think too much about carrier, promotion, more money, more status etc., but of course you need to take advantage of opportunities showing up, even if you have to move out of your comfort zone.
|17:20 – 17:45||Machine Learning for SystemsAzalia MirhoseiniSlides
In the past decade, computer systems and chips have played a key role in the success of AI. Our vision in Google Brain's ML for Systems team is to use AI to transform the way systems and chips are designed. Many core problems in systems and hardware design are combinatorial optimization or decision making tasks with state and actions sizes that are orders of magnitude larger than common AI benchmarks in robotics and games. In this talk, I will go over some of our research on tackling such optimization problems. First, I talk about our work on deep reinforcement learning models that learn to do resource allocation, a combinatorial optimization problem that repeatedly appears in systems. Our method is end-to-end and abstracts away the complexity of the underlying optimization space; the RL agent learns the implicit tradeoffs between computation and communication of the underlying resources and optimizes the allocation using only the true reward function (e.g., the runtime of the generated allocation). I will then discuss some of our recent work on deep reinforcement learning methods for sequential decision making tasks with long horizons and large action spaces, built upon imitation learning and tree search in continuous action spaces. Finally, I discuss our work on deep models that learn to find solutions for the classic problem of balanced graph partitioning with minimum edge cuts. We define an unsupervised loss function and use neural graph representations to adaptively learn partitions based on the graph topology. Our method enables the first generalized partitioner, meaning we can train models that produce performant partitions at inference time on new unseen graphs.
|17:45 – 19:00||Panel discussion: “Emerging Technologies: Opportunities and Risks”Moderator: Ahmad-Reza Sadeghi|
Panelists: Astrid Elbe, Hannah Bürckstümmer, Fareena Saqib, Johanna SepúlvedaVideo
Dr. Juliane Krämer
Prof. Ahmad-Reza Sadeghi
Prof. Lejla Batina
Prof. Nele Mentens
In memory of Jane Fawcett, this event takes place on March 4, her date of birth. Jane Fawcett worked at Bletchley Park during World War II, where she deciphered a message that led directly to the sinking of a German warship, and thus directly to a victory in battle. Although she later said “what we did at Bletchley was the most significant thing we ever did in our lives”, she never spoke about her significant role in cryptanalysis until the 1990s.
We want to encourage women in tech to show off their work and talk about their successes in order to motivate young women to do the same.
Registrations are closed due to overwhelming request. The event is already overbooked.
If you are a master student, PhD student or postdoc in cryptography, CrossFyre 2020 could be another interesting event for you. CrossFyre has been organized annually since its foundation at TU Darmstadt in 2011. This year it celebrates its 10th anniversary in Croatia in May, co-located with EuroCrypt 2020: https://crossfyre20.cs.ru.nl/