计算机网络的口令越来越不可靠?如何提升可靠性?移动广告产业链面临灭顶之灾?如何避免?手指的动作也能泄露您的移动设备密码? 如何在瞬息万变的网安研究领域不断创新?
7月15日,网安国际学术论坛(InForSec)与您再度相约上海复旦大学!特别邀请到普渡大学、加州大学戴维斯分校、东南大学的网安知名专家前来分享他们的研究成果和心得体会。
一、会议时间
主办:复旦大学
协办:网络安全研究国际学术论坛(InForSec)
时间:2016年7月15日(周五)下午1:30-5:30
地点:复旦大学张江校区Z2107教室
二、会议议程
| 事 项 | 主讲嘉宾 | 主题 | |
| 1:30-5:30 | 主持人: 杨珉 复旦大学软件学院教授,网安国际论坛InForSec发起人 | ||
| 1:30-2:30 | 专家报告 | 李宁辉 美国普渡大学计算机系教授 | Improve Password Security |
| 2:30-3:30 | 专家报告 | 陈浩 美国加州大学戴维斯分校计算机系教授 | Security and Privacy in Mobile Advertising |
| 3:30-4:30 | 专家报告 | 凌振博士 东南大学计算机科学学院 | 面向触屏终端输入的盲识别攻击与防御 |
| 4:30-5:30 | 自由讨论 | ||
(论坛参与回执“姓名+单位+手机+邮箱”请发送到:inforsec@mail.ccert.edu.cn)
三、演讲嘉宾及内容摘要
1、报告题目
Improve Password Security(口令安全的发展与研究)
李宁辉:美国普渡大学计算机科学系教授
内容摘要(Abstract):
Password-based authentication is perhaps the most widely used method for user authentication. Passwords are both easy to understand and use, and easy to implement. However, one major weakness of password-based authentication is that many users tend to choose weak passwords that are easy to guess. We discuss research regarding to improving password security, including how to best check password strengths, and whether commonly suggested password generation strategies such as mnemonic sentence-based strategies and strategies based on choosing words provide a sufficient level of security.
演讲人简介:
Ninghui Li is a Professor of Computer Science at Purdue University. His research interests are in security and privacy. He has published over 120 referred papers in these areas, and is on the editorial boards of ACM Transactions on Privacy and Security (TOPS), Journal of Computer Security (JCS), and ACM Transactions on Internet Technology. Prof. Li is Vice Chair of ACM Special Interest Group on Security, Audit and Control (SIGSAC). He has served on the Program Committees of over 100 international conferences and workshops in computer security, databases, and data mining, including serving as Program Chair for 2014 and 2015 ACM Conference on Computer and Communications Security (CCS), ACM’s flagship conference in the field of security and privacy.
2、报告题目(Title): Security and Privacy in Mobile Advertising
陈浩 加州大学戴维斯分校计算机科学系教授
内容摘要(Abstract):
Advertising is the financial pillar of the mobile computing ecosystem.
Mobile advertising involves all the parties in the ecosystem: users, app developers, advertisers, and ad networks. As much, vulnerabilities in mobile ads have far-reaching impact, which may even threaten the health of the mobile computing ecosystem. I will start with an overview of the technological and financial relationships between all the parties in the mobile ad ecosystem and their misaligned incentives. Then, I will focus on privacy issues in mobile ads, the impact of app cloning on mobile ads, and mobile ad fraud. I will describe how to build systems to detect and measure such malicious behavior at scale. Finally, I will discuss prevention and challenges.
演讲人简介:
Hao Chen is a professor at the Department of Computer Science at the University of California, Davis. He received his Ph.D.at the Computer Science Division at the University of California, Berkeley, and both his B.S. and M.S. from Southeast University. His primary interests are computer security and mobile computing. He won the National Science Foundation CAREER award in 2007, and UC Davis College of Engineering Faculty Award in 2010.
3、报告题目(Title):面向触屏终端输入的盲识别攻击与防御
凌振博士 东南大学计算机科学学院
报告摘要:
移动智能设备中的相机“遍地开花”,黑客利用移动设备中的相机对用户手指输入过程进行录像,即便在录像中没有显示任何的触屏信息,也可巧妙地利用手指移动和触摸位置推测密码信息。为了抵御此类攻击,我们提出了一种新颖的安全手指鼠标认证技术,利用摄像头和图像处理技术跟踪用户的手指动作,以此控制屏幕上的鼠标进行安全的键值选择与输入。
演讲人简介:
凌振,东南大学计算机学科与工程学院讲师,于2014年获得东南大学计算机专业的博士学位。研究方向为网络安全、匿名通信网络、隐私保护、网络取证以及智能终端安全。2008年8月至2009年11月,他在香港城市大学计算机科学系任副研究员参与网络安全相关研究工作,2011年8月至2013年8月以访问博士研究生身份加入加拿大维多利亚大学计算机系从事相关研究工作,在攻读博士学位期间,参与了多项国家和部、省级科研项目,在学术会议和期刊发表了论文二十余篇,其中包括国际高水平期刊IEEE/ACM Transactions on Networking (ToN), IEEE Transactions on Dependable and Secure Computing (TDSC),IEEE Transactions on Parallel and Distributed Systems (TPDS),IEEE Transactions on Computers (TC),IEEE Transactions on Information Forensics and Security (TIFS)以及学术会议ACM Conference on Computer and Communications Security (CCS),IEEE International Conference on Computer Communications (INFOCOM)。其研究成果在知名国际黑客会议Black Hat上发表演讲2次,在2014年中国互联安全大会(ISC)演讲1次,并由CCTV10制作成节目用于教育宣传。凌振博士获得了2015年CCF优秀博士论文奖,2014年ACM中国优秀博士论文奖,ACM南京分会卓越博士奖,东南大学优秀博士论文奖等奖项,他是IEEE、ACM、CCF会员并担任各种会议的程序委员会委员,包括INFOCOM、IPCCC、ICCCN、HPCC、ICA3PP、WASA、DCOSS、ChinaCom、ICCC、CCNC、WISA、ICNC、BigSecurity等,曾担任国际著名期刊审稿人,包括IEEE TDSC,IEEE TIFS,IEEE TPDS,IEEE TC,IEEE TMC,IEEE TWC,ACM Computing Surveys,IET Information Security等。
