RuCTFE 2015 report

Yesterday the security gang of the University of Venice challenged the best hackers in the world in RuCTFE 2015, one of the most important information security competition. Despite some connectivity problems, at the end of a fierce battle we placed 12th out of 300, resulting once again the 1st Italian team.

Congratulations to out students and professors!

Cookies picture

18/11/2015 – Talk by Gian-Luca dei Rossi

Title:  Evaluating the impact of eDoS attacks to cloud facilities
Time: 12:00
Location: Meeting Room, building Zeta
Type: Research Results
Speaker: Gian-Luca Dei Rossi
The complexity of modern cloud facilities requires attentive management policies that should encompass all aspects of the system. Security is a critical issue, as intrusions, misuse or denial of service attacks may damage both the users and the cloud provider including its reputation on the market.
Disruptive attacks happen fast, cause evident and short term damages and are usually the result of operations that are hard to disguise. On the other hand, Energy oriented Denial of Service (eDoS) attacks aim at producing continuous minor damages, eventually with long term consequences. These long lasting attacks are difficult to detect. In this tale we present a model of the behavior of a system under eDoS attack.
We study the impact in terms of cloud energy consumption of an attack strategy previously proposed in the literature and compare it with other strategies that we propose. Our findings show that the strategy previously proposed in the literature, based on keeping the cloud close to saturation, is not optimal (from the point of view of the attacker) in presence of non-constant workload and that there is a trade-off between the aggressiveness of the attacker and the duration of the attack in order to maximize the damage.

11/11/2015 – Talk by Moshin Jafri

Title:  Underwater Wireless Sensor Networks: Applications, Advances and Research challenges
Time: 13:00
Location: Meeting Room, building Zeta
Type: Survey
Speaker: Moshin Jafri
Abstract: Underwater Wireless Sensor Networks (UWSNs) have several applications such as sea mine detection and seismic monitoring. UWSNs consist of a large number of sensors and vehicles, deployed to transmit sensed data to the base station. They monitor swarms of underwater vehicles in environmental and military applications by exploiting their reconfigureability. In this talk, we discuss about the organizational architecture of UWSNs and the state of the art of various networking facets related to UWSNs. This talk serves as a summary of existing protocols, providing inspiration for the growth of underwater networks. We also outline the recent advancements in this area by focusing on the lower strata of the communication stack, and envision future trends. Current research ranges from low-power algorithms and modulations to energy-aware routing and MAC protocols. We highlight the key challenges such as high error rate, low network throughput and high energy consumption for data transmission. Furthermore, high propagation delay, Doppler shifts and time-varying multi-path effects constitute major research subjects, which require reliable communication systems in order to coordinate multiple devices, either mobile or stable.

04/11/2015 – Talk by Enrico Steffinlongo

Title:  Static Detection of Collusion Attacks in ARBAC-based Workflow Systems
Time: 13:00
Location: Meeting Room, building Zeta
Type: Research result
Speaker: Enrico Steffinlongo
Abstract: Authorization in workflow systems is usually built on top of role-based access control (RBAC); security policies on workflows are then expressed as constraints on the users performing a set of tasks and the roles assigned to them. When the user-to-role assignment can be changed by potentially untrusted users, like in the case of Administrative RBAC (ARBAC), collusions may take place to circumvent the intended security policies. In this paper, we study this problem in a formal model of workflows based on event structures and we define a precise notion of security against collusion. We then propose a static analysis technique based on a reduction to a role reachability problem for ARBAC, which can be used to prove or disprove security for restricted – yet useful – classes of workflow systems. Finally, we implement our analysis in a tool, WARBAC, and we experimentally show its effectiveness on a set of publicly available examples.

27/10/2015 – Talk by Jean-Michel Fourneau (Université de Versailles Saint Quintin)

Title: Discrete Time Stochastic Automata Network with Steady-State Product Form distribution
Time: 13:00
Location: Meeting Room, building Zeta
Type: Research result
Speaker: Jean-Michel Fourneau
Abstract: We present some sufficient conditions for a discrete time Stochastic Automata Networks (SAN) to have a steady-state distribution which has a multiplicative form. The proofs are based on algebraic properties of the tensor operations associated with SAN. Some examples are given.
Bio sketch: J.M. Fourneau is Professor of Computer Science at the University of Versailles St. Quentin, France. He was formerly with Ecole Nationale des Telecommunications, Paris and University of Paris XI Orsay as an Assistant Professor. He graduated in Statistics and Economics from Ecole Nationale de la Statistique et de l’Administation Economique, Paris and he obtained is Ph.D. and his habilitation in Computer Science at the University of Paris XI Orsay in 1987 and 1991 respectively. He is the Head of the Performance Evaluation team within PRiSM laboratory at Versailles University and his recent research interests are algorithmic performance evaluation, Stochastic Automata Networks, G-networks, stochastic bounds, and application to high speed networks, and all optical networks.

21/10/2015: Talk by Ivan Stojic

Title: Perfect sampling in stochastic Petri nets using decision diagrams
Time: 13:00
Location: Meeting Room, building Zeta
Type: Research result
Speaker: Ivan Stojic
Abstract: Stochastic Petri nets (SPN) are an important formalism for performance evaluation of telecommunication systems and computer hardware and software architectures whose underlying process is a continuous time Markov chain (CTMC). Since solving a CTMC underlying an SPN is often computationally too expensive due to state space explosion, simulation and sampling techniques are often used in analysis of SPN models. In this talk we present an algorithm for generating samples from stationary probability distribution of the CTMC underlying an SPN. The algorithm uses uniformization and decision diagrams to exploit regularities in structure of CTMCs obtained from SPNs in order to efficiently implement coupling from the past, a well known algorithm for perfect sampling.

06/05/2015: Talk by Benny Van Houdt (University of Antwerp)

Title: Mean field models for SSD garbage collection
Time: 14:00
Location: Conference Room, building Alpha
Type: Research result
Speaker: Benny Van Houdt
Abstract: In this talk we discuss some mean field models for a broad class of garbage collection algorithms for flash-based solid state drives (SSDs) and as well as the insights they provide. We start with a basic introduction on mean field models and SSDs. Next we take a detailed look at the mean field model in the most basic setting (uniform random writes) and discuss its implications. Finally, if time permits, some of the new insights provided by more advanced models with hot and cold data or hot data identification will be presented.

29/04/2014: Talk by Silvia Crafa (Università di Padova)

Title: The evolutionary ecology of programming languages
Time: 14:00
Location: Meeting room, building Zeta
Type: Research result
Speaker: Silvia Crafa
Abstract: Taking advantage from the theoretical understanding of biological evolution, I will review the history of popular programming languages from an evolutionary perspective, focusing on the quest for good programming abstractions. In particular, I will discuss the different abstraction levels involved in present-day concurrent and distributed programming, commenting on the role of the theoretical approach. The general aim is pointing out a number of remarks in order to grasp a unifying, but not simplistic, view of programming languages development.

08/04/2014: Talk by Frank Kelly (Cambridge University)

Title: Efficient advert assignment
Time: 14:00
Location: Conference room, building Alpha
Type: Research result
Speaker: Frank Kelly
In current Ad-auctions, there is an information asymmetry between the platform and advertisers: the platform typically knows more than an advertiser about the search being conducted, such as information about the searcher. Hence the platform can potentially choose prices and an allocation that depends on the platform’s additional information. In contrast, the advertiser has to rely on more coarse-grained information, perhaps just the search terms of a query together with a crude categorization of the searcher.

We show that the information asymmetry can be used to develop a simple mechanism for advert assignment and pricing that incentivizes truthful bidding and encourages convergence to a unique Nash equilibrium that is socially optimal.

This is joint work with Peter Key and Neil Walton.

Short Bio: 
Frank Kelly is Professor of the Mathematics of Systems in the University of Cambridge, and Master of Christ’s College. He was elected a Fellow of the Royal Society in 1989, and a Foreign Member of the National Academy of Engineering in 2012. In 2013 he was awarded a CBE for services to mathematical sciences.
His main research interests are in random processes, networks and optimization. He is especially interested in applications to the design and control of networks and to the understanding of self-regulation in large-scale systems.

Frank Kelly has received several prizes for his work. In 1979 he won the Davidson Prize of the University of Cambridge. In 1989 he was awarded the Guy Medal in Silver of the Royal Statistical Society. He was awarded the 1991 Lanchester Prize of the Institute for Operations Research and the Management Sciences, and in 1997 the Naylor Prize of the London Mathematical Society. In 2005 he received the IEEE Koji Kobayashi Computers and Communications Award, in 2008 the John von Neumann Theory Prize of INFORMS, in 2009 the SIGMETRICS Achievement Award and the Gold Medal of the Association of European Operational Research Societies, in 2011 the Beale Medal of the Operational Research Society, in 2013 the INFORMS Saul Gass Expository Writing Award and in 2015 the Alexander Graham Bell Medal of the IEEE. He has been awarded Honorary Doctorates by Heriot-Watt University and by Eindhoven University of Technology.

He served as Director of the Statistical Laboratory in the University of Cambridge from 1991 to 1993. He has served on the Scientific Board of HP’s Basic Research Institute in Mathematical Sciences, the Scientific Council of EURANDOM, the Conseil Scientifique of France Telecom, and the Council of the Royal Society. He has chaired the Advisory Board of the Royal Institution/University of Cambridge Mathematics Enrichment Project, and the Management Committee of the Isaac Newton Institute for Mathematical Sciences.

He spent the academic year 2001-2 as a visiting professor at Stanford University. From 2003 to 2006 he served as Chief Scientific Adviser to the United Kingdom’s Department for Transport. He was chair of the Council for the Mathematical Sciences from 2010 to 2013, and is a member of the RAND Europe Council of Advisors.