Banner
Home      Log In      Contacts      FAQs      INSTICC Portal
 
Documents

Keynote Lectures

Keynote Lecture
Cristina Alcaraz, University of Malaga, Spain

Covert & Side Stories: Threats Evolution in Traditional and Modern Technologies
Mauro Conti, University of Padua, Italy

Security, Privacy and the “Human Factor”: Making Sense of the Paradoxes of Security and Privacy Behavior
Spyros Kokolakis, University of the Aegean, Greece

 

Keynote Lecture

Cristina Alcaraz
University of Malaga
Spain
 

Brief Bio
Available soon.


Abstract
Available soon.



 

 

Covert & Side Stories: Threats Evolution in Traditional and Modern Technologies

Mauro Conti
University of Padua
Italy
 

Brief Bio
Mauro Conti is Full Professor at the University of Padua, Italy. He is also affiliated with TU Delft and University of Washington, Seattle. He obtained his Ph.D. from Sapienza University of Rome, Italy, in 2009. After his Ph.D., he was a Post-Doc Researcher at Vrije Universiteit Amsterdam, The Netherlands. In 2011 he joined as Assistant Professor at the University of Padua, where he became Associate Professor in 2015, and Full Professor in 2018. He has been Visiting Researcher at GMU, UCLA, UCI, TU Darmstadt, UF, and FIU. He has been awarded with a Marie Curie Fellowship (2012) by the European Commission, and with a Fellowship by the German DAAD (2013). His research is also funded by companies, including Cisco, Intel, and Huawei. His main research interest is in the area of Security and Privacy. In this area, he published more than 550 papers in topmost international peer-reviewed journals and conferences. He is Editor-in-Chief for IEEE Transactions on Information Forensics and Security, Area Editor-in-Chief for IEEE Communications Surveys & Tutorials, and has been Associate Editor for several journals, including IEEE Communications Surveys & Tutorials, IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Information Forensics and Security, and IEEE Transactions on Network and Service Management. He was Program Chair for TRUST 2015, ICISS 2016, WiSec 2017, ACNS 2020, CANS 2021, CSS 2021, WiMob 2023 and ESORICS 2023, and General Chair for SecureComm 2012, SACMAT 2013, NSS 2021 and ACNS 2022. He is Fellow of the IEEE, Fellow of the AAIA, Senior Member of the ACM, and Fellow of the Young Academy of Europe.


Abstract
Alongside traditional Information and Communication Technologies, more recent ones like Smartphones and IoT devices also became pervasive. Furthermore, all technologies manage an increasing amount of confidential data. The concern of protecting these data is not only related to an adversary gaining physical or remote control of a victim device through traditional attacks, but also to what extent an adversary without the above capabilities can infer or steal information through side and covert channels! In this talk, we survey a corpus of representative research results published in the domain of side and covert channels, ranging from TIFS 2016 to more recent Usenix Security 2022, INFOCOM 2023, CCS 2023, and including several demonstrations at Black Hat Hacking Conferences. We discuss threats coming from contextual information and to which extent it is feasible to infer very specific information. In particular, we discuss attacks like inferring actions that a user is doing on mobile apps, by eavesdropping their encrypted network traffic, identifying the presence of a specific user within a network through analysis of energy consumption, or inferring information (also key one like passwords and PINs) through timing, acoustic, or video information.



 

 

Security, Privacy and the “Human Factor”: Making Sense of the Paradoxes of Security and Privacy Behavior

Spyros Kokolakis
University of the Aegean
Greece
 

Brief Bio
Dr. Spyros Kokolakis is a Professor in the Department of Information and Communication Systems Engineering of the University of the Aegean. He holds a B.Sc. (Informatics) and a Ph.D. (Information Systems) from the Athens University of Economics & Business (GR). He has served as the Dean of the School of Engineering at the University of the Aegean. His research interests include Information Systems Security Management, Information Privacy and Data Protection, and Business Information Systems. He has extensive consulting experience in the field of information security management and he is a certified ISO22301 Lead Auditor and ISO9001 Internal Auditor.


Abstract
Why do people who claim to be concerned about privacy disclose their personal information on social media? Why do users that are aware of security threats often neglect to take protective measures? Why do loyal employees sometimes fail to comply with security policies? Why do infosec managers often insist on practices and policies that have been proven to be ineffective? These and several more questions arise whenever we observe individuals’ security and privacy behavior and despite the vast amount of research in the field, we still lack a comprehensive explanation.
In this talk, we’ll explore privacy and security behavior from multiple perspectives, including cognitive biases and decision-making heuristics, latent incentives, socio-cultural dispositions, and organizational politics. We’ll show that no single theoretical model can provide sufficient guidance and, thus, it is important to adopt a multidisciplinary and multi-theoretical approach.



footer