Survol des conférences offertes dans le cadre du colloque du CRDM sur la cybersécurité

Neuf conférenciers et conférencières participeront à l’animation de notre colloque sur la cybersécurité qui se tiendra le 16 septembre 2024 à l’Université Laval (lien d’inscription). Découvrez les conférences en parcourant les résumés des différentes interventions :

1ère session de conférences : Cybersecurity and AI

Steven H. H. Ding (McGill University)

Talk title: « Safeguarding the Digital Frontier: Exploring the Convergence of AI for Security and Security for AI »
Talk abstract: In an era where our reliance on technology is constantly expanding, the intricate relationship between AI and security has never been more paramount. This presentation delves into the intersection of AI and security, spotlighting three recent research projects that illustrate the synergy between these fields. First, we explore the world of firmware security by delving into the development of a Firmware Bill of Materials and Vulnerability Detection system, shedding light on the critical importance of securing the very foundation of modern devices. Next, we pivot to the realm of avionic platforms, focusing on Intrusion Detection tailored for the MIL1553 protocol, a critical component of aerospace systems. Lastly, we delve into the realm of cyber threats, showcasing the potential of Multi-Agent Learning in the context of Evasive Malware Generation and Detection, offering insights into the evolving landscape of digital threats and countermeasures.  Join us as we embark on a journey through the dynamic landscape of AI-driven security, revealing recent advancements and practical applications to safeguard our digital future.

Guy-vincent Jourdan (University of Ottawa)

Talk title: « The fragile security of deep learning models »
Talk abstract: In the past couple of years, we have seen an explosion of the use of “artificial intelligence”, and in particular of deep learning model and of generative AI. ChatGPT and similar technologies have taken the world by storm, showing an astonishing ability to create text, images and even videos that are barely distinguishable from human produced content. Many businesses have jumped in the bandwagon and countless companies are integrating these models into their product lines as fast as they possibly can.
They certainly do produce excellent results in many situations and save time and money. But how secure are they really?
In this talk, we will discuss two examples of models that are heavily adopted and, while very effective, are also easily compromised, and are much more insecure than previously understood: a face recognition system, and a diffusion model. With no fix on the horizon, blind adoption of these models is shown to be problematic.

Foutse Khomh (Polytechnique Montréal)

Talk title: « Evolving Threats in AI-Based Systems: New Risks and Challenges »
Talk abstract: As AI-based systems become increasingly integrated into critical applications, the landscape of cybersecurity is rapidly evolving. This Keynote will explore the new and emerging threats AI poses, focusing on vulnerabilities specific to machine learning and large language models (LLMs) in particular. I will share insights from our research aimed at understanding and mitigating these risks, along with our efforts to benchmark and support the red teaming of LLMs. Attendees will gain insights into the evolving attack surface of AI systems and learn about some key approaches being developed to enhance the security of AI-based systems

2e session de conférences : Software security

Euijin (Alley) Choo (University of Alberta)

Talk title: titre à venir
Talk abstract: en cours

Paria Shirani (University of Ottawa)

Talk title: « Code Analysis for Vulnerability Detection »
Talk abstract: en cours

Furkan Alaca (Queen’s University)

Talk title: « Securing User Authentication with Trusted Execution Environments and Personal Devices »
Talk abstract: As research and common practices in password and two-factor authentication have evolved, so too have attack strategies. This talk provides an overview of longstanding and contemporary challenges in user authentication, and highlights the role that single sign-on schemes can play in solving these challenges. We present a comparative analysis framework for single sign-on schemes that identifies areas for improvement, and we discuss our current research on how trusted execution environments (TEEs) and users’ personal devices (e.g., laptops, smartphones, smartwatches) can be leveraged to strengthen the security of user authentication while minimizing negative impacts on usability.

3e session de conférences : Critical infrastructure security

Karthik Pattabiraman (UBC)

Talk title: « Secure and Resilient Cyber-Physical Systems for Critical Infrastructure »
Talk abstract: Cyber-Physical systems (CPS) are all around us, and are often used in critical infrastructure such as Industrial Control Systems (ICS) and medical devices. As such, they are an easy and high-value target for attackers. Most CPS are designed to be resilient to natural faults and failures, but not security attacks. In this talk, I will present our group’s work on security of three classes of CPS used in critical infrastructure. The first class is robotic vehicles such as drones and rovers, which are highly susceptible to sensor attacks. The second class is medical devices that use machine learning (ML), which are susceptible to both adversarial attacks and data poisoning. The last class is CPS used in ICS systems, which are susceptible to Denial of Service (DoS) and time delay attacks. In all three classes of systems, cost is a critical constraint, and hence we need to develop low-cost attack resilience techniques for them. I will conclude by outlining the future directions in building secure and resilient CPS for critical infrastructure.

Hadis Karimipour (University of Calgary)

Talk title: « Critical Infrastructure Cybersecurity in the Era of AI »
Talk abstract: As the digital landscape evolves, critical infrastructure and operational technology (OT) systems are increasingly exposed to sophisticated cyber threats. This presentation delves into the emerging risks and attack vectors that challenge the security of these vital systems. With the advent of AI, we are equipped with new tools and methodologies to detect, prevent, and mitigate these threats. This session will explore the pivotal role of AI in enhancing the cybersecurity of critical infrastructure, offering insights into how AI-driven solutions can be leveraged to protect these systems against current and future challenges.

Marwa Elsayed (Western University)

Talk title: « Advancing Security Services for Connected & Autonomous Vehicles »
Talk abstract: As Cyber-Physical Systems (CPSs) revolutionize the automotive industry by seamlessly blending digital intelligence with physical mechanics, they usher in the era of Connected Autonomous Vehicles (CAVs). However, this transformation also makes the cybersecurity landscape increasingly complex, presenting an expansive frontier for potential threats. My research advocates for integrating security throughout the engineering lifecycle to fortify CAVs, from inception through deployment and beyond. This talk will delve into how integrating cutting-edge, adaptive security services—such as real-time threat detection—can ensure that CAVs navigate complex environments precisely while standing as paragons of security in the digital age. Adopting this holistic approach can not only protect vehicle data and operations but also instill trust in a future where autonomous transportation is as secure as it is revolutionary.

 

Posted in Évènements.