Security Seminar

The talk presents open problems in the study of machine unlearning. The need for machine unlearning, i.e., obtaining a model one would get without training on a subset of data, arises from privacy legislation and as a potential solution to data poisoning or copyright claims. The first part of the talk discusses approaches...

European lawmakers have ruled through the Digital Markets Act that users on different platforms should be able to exchange messages with each other. Yet messaging interoperability opens up a Pandora’s box of security and privacy challenges. While championed not just as an antitrust measure but as a means of providing a...

Abstract not available

Software constantly evolves in response to user needs: new features are built, deployed, mature and grow old, and eventually their usage drops enough to merit switching them off. In any large codebase, this feature lifecycle can naturally lead to retaining unnecessary code and data. Removing these respects users’ privacy...

Conspiracy theories have become a pervasive and potent force in the digital age, challenging societies and democracies worldwide. This talk delves into the enigmatic origins of the QAnon conspiracy to offer a comprehensive analysis of the online fringe communities that facilitate such discourse. We employ a data-driven...

Man is born free, as Marx told us, but is everywhere in chains. The Internet promised freedom but is being turned into a tool of surveillance and control. The Foundation for Information Policy Research was launched in 1998 during 'Crypto War 1' in the run-up to the Regulation of Investigatory Powers Act. After a quarter...

Randomness supports many critical functions in the field of machine learning (ML) including optimisation, data selection, privacy, and security. ML systems outsource the task of generating or harvesting randomness to the compiler, the cloud service provider or elsewhere in the toolchain. Yet there is a long history of...

In this talk I will focus on analysing the robustness of systems which depend on crowdsourced and sensor data. I will showcase vulnerabilities on mobile crowdsourcing services which can be exploited to launch data poisoning attacks successful in faking online posts for robberies, gunshots, and other dangerous incidents...

In this talk we will present a new technique for identifying software supply chain attacks. Supply chain attacks are particularly powerful due to their ability to affect many victims through the compromise of a single shared dependency. While supply chain attacks are not new, they have received significant industry...

The public key infrastructure that secures the web has been around for nearly three decades. Since 2012, it has become a critical (albeit unappreciated) aspect of daily life for billions of people. In that short time, a dizzying number of technologies to improve security and privacy on the web have been designed, deployed...