5月29日,InForSec与您相约西安电子科技大学。李晖、顾国飞、王晓峰等名师精彩开讲!精彩不容错过!
主办:西安电子科技大学
协办:网络安全研究国际学术论坛(InForSec)
时间:2016年5月29日(周日)下午1:30-5:30
地点:西安电子科技大学北校区新科技楼1012会议室
会议日程:
| 事 项 | 主讲嘉宾 | 主题 | |
| 1:30-5:30 | 主持人:段海新 清华大学网络科学与网络空间研究院教授,网安国际论坛InForSec发起人 | ||
| 1:30-2:30 | 专家报告 | 李晖 西安电子科技大学网络与信息安全学院执行院长 | S-USIM:基于USIM的双链路认证协议及其应用 |
| 2:30-3:30 | 专家报告 | Guofei Gu 美国德州农工大学(TAMU)计算机科学与工程系副教授 | Empowering Dynamic Network Defenses With SDN (Software-DefinedNetworking) Technology
|
| 3:30-4:30 | 专家报告 | 王晓峰 美国印第安纳大学教授 | Security Innovations in the Big-Data Era |
| 4:30-5:30 | 圆桌论坛:如何撰写网络安全国际顶级学术会议论文
主持人:杨珉 国家973首席科学家、复旦大学教授 |
||
演讲嘉宾及内容摘要
1、报告题目 S-USIM:基于USIM的双链路认证协议及其应用
演讲人:李晖,教授,博士生导师。现任西安电子科技大学网络与信息安全学院执行院长。中国密码学会理事、安全协议专业委员会委员、密码芯片专业委员会委员,中国电子学会信息论分会委员,中国通信学会通信安全专业委员会委员主要的研究方向是密码信息安全、信息论与编码理论。主持国家863计划、国家科技支撑计划、新一代宽带移动通信国家重大专项、国家自然科学基金、国防预研等项目,获得省部级科技进步奖一等奖2项,二等奖3项,三等奖1项,国家级教学成果二等奖2项。获发明专利授权20余项,申请发明专利 20项。论文170余篇,担任ISPEC 2009和IAS2009国际会议程序委员会合作主席,e-forensic 2010、ProvSec2011、ISC2011国际学术会议大会合作主席,NSS2014、ASIACCS2016大会荣誉主席,获ASIACCS 2013杰出论文奖。
内容摘要(Abstract):
当前基于短信验证码的认证方式已经成为互联网应用认证的主流方式,然而移动终端智能化以及恶意代码的泛滥,使得窃取短信验证码造成用户利益损失的事件时有发生。我们设计并实现了基于USIM和短消息的双链路认证协议,在USIM上实现数字签名功能,将交易信息通过短消息直接发送到USIM中,USIM将交易信息在显示在屏幕上经用户确认后,计算数字签名并返回服务端。协议实现了交易的数字签名认证,已用于网银的支付认证,并可扩展用于各类互联网认证,有效提升抵御恶意代码攻击的能力。
2、报告题目(Title): Empowering Dynamic Network Defenses With SDN (Software-DefinedNetworking) Technology
演讲人:Dr. Guofei Gu is an associate professor in the Department of Computer Science & Engineering at Texas A&M University (TAMU). He received his Ph.D. degree in Computer Science from the College of Computing, Georgia Institute of Technology. His research interests are in network and system security, such as malware and APT (Advanced Persistent
Threat) defense, software-defined networking (SDN) and cloud security, and mobile/smartphone security. Dr. Gu is a recipient of 2010 NSF CAREER Award, 2013 AFOSR Young Investigator Award, IEEE S&P’10 Best Student Paper Award, and ICDCS’15 Best Paper Award. He is an active member of the security research community and has pioneered several new research directions such as botnet detection/defense and SDN security. Dr. Gu has served on the program committees of top-tier security conferences such as IEEE S&P, ACM CCS, USENIX Security, and NDSS, among many others. He is an Associate Editor for IEEE Transactions on Information Forensics and Security (TIFS) and a Steering Committee co-chair for International Conference on Security and Privacy in Communication Networks (SecureComm). He is currently directing the SUCCESS (Secure Communication and Computer Systems) Lab at TAMU.
内容摘要(Abstract):
Software Defined Networking (SDN) is a new networking paradigm that decouples the control logic from the closed and proprietary implementations of traditional network data plane infrastructure. SDN enables researchers to more easily design and distribute innovative flow handling and network control algorithms. We believe that SDN can, in time, prove to be one of the more impactful technologies to drive a variety of innovations in network security and security will be a new killer app for SDN. However, to date there remains a stark paucity of SDN security research and development.
In this talk, I will discuss some new opportunities as well as challenges in this new direction, and demonstrate with our recent research results. I will discuss how SDN can enhance network security, e.g., by offering a dramatic simplification to the way we design and integrate complex network security applications/services into large networks. I will also introduce our recent work, PBS (Programmable BYOD Security), a new SDN-motivated security solution to enable fine-grained, application-level network security programmability for the purpose of network management and policy enforcement on mobile apps and devices.
3、报告题目(Title): Security Innovations in the Big-Data Era
演讲人:王晓峰 美国印第安纳大学教授
d
Dr. XiaoFeng Wang is a professor in the School of Informatics and Computing at Indiana University, Bloomington. He received his Ph.D. in Electrical and Computer Engineering from Carnegie Mellon University in 2004, and has since been a faculty member at IU. Dr. Wang is a well-recognized researcher on system and network security. His work focuses on cloud and mobile security, and data privacy. He is a recipient of 2011 Award for Outstanding Research in Privacy Enhancing Technologies (the PET Award) and the Best Practical Paper Award at the 32nd IEEE Symposium on Security and Privacy. His work frequently receives attention from media, including CNN, MSNBC, Slashdot, CNet, PC World, etc. Examples include his discovery of security-critical vulnerabilities in payment API integrations (http://money.cnn.com/2011/04/13/technology/ecommerce_security_flaw/) and his recent study of the security flaws on the Apple platform (http://money.cnn.com/2015/06/18/technology/apple-keychain-passwords/). His research is supported by the NIH, NSF, Department of Homeland Security, the Air Force and Microsoft Research. He is the director of IU’s Center for Security Informatics.
内容摘要(Abstract):
The rapid progress in computing has produced a huge amount of data, which will continue to grow in the years to come. In this big-data era, we envision that tomorrow’s security technologies will be data-centric: new defense will become smart and proactive by using the data to understand what the attackers have already done, what they are about to do, what their strategies and infrastructures are; effective protection will be provided for dissemination and analysis of the data involving sensitive information on an unprecedented scale. In this talk, I report our first step toward this future of secure computing. We show that through effective analysis of over a million Android apps, previously unknown malware can be detected within a few seconds, without resorting to conventional Anti-Virus means such as signatures and behavior patterns. Also, by leveraging trillions of web pages indexed by search engines, we can capture tens of thousands of compromised websites (including those of government agencies like NIH, NSF and leading education institutions world-wide) by simply asking Google and Bing right questions and automatically analyzing their answers through Natural Language Processing. Further, we found that an in-depth understanding about the unique features of human genomes and how they are used in biomedical research and healthcare systems can help us find a highly efficient way to protect patient privacy during a large-scale genome analysis. Our findings indicate that by unlocking the great value of data, we can revolutionize the security landscape, making tomorrow security technologies more intelligent and effective.
报名方式:论坛参与回执“姓名+单位+手机+邮箱”请于5月25日前发送到:inforsec@ccert.edu.cn,并注明是否参加晚餐沙龙。
