Ahmad-Reza Sadeghi is a professor of Computer Science at TU Darmstadt, Germany where he heads the System Security Lab at the Cybersecurity and Privacy Research Center (CYSEC). Since 2012 he is the director of the Intel Collaborative Research Institute for Collaborative Autonomous & Resilient Systems (ICRI-CARS). For his influential research on Trusted Computing he received the renowned German “Karl Heinz Beckurts” award. This award honors excellent scientific achievements with high impact on industrial innovations in Germany. He is the author of more than 300 peer-reviewed scientific publications in the field of IT security and privacy and was, amongst others, Editor-In-Chief of the prestigious IEEE Security and Privacy Magazine. He is also on the advisory board of several large multinational IT-enterprises.

In 2018 Prof. Sadeghi received the ACM SIGSAC Outstanding Contributions Award for dedicated research, education, and management leadership in the security community and for pioneering contributions in content protection, mobile security and hardware-assisted security. SIGSAC is ACM’s Special Interest Group on Security, Audit and Control.

Things, Trouble, Trust: Promises, Pitfalls and Opportunities of the IoT

The Internet of Things (IoT) is rapidly emerging with the goal to connect the unconnected. Many new device manufacturers are entering the market of internet-connected appliances for smart homes and offices, ranging from motion sensors to virtual voice assistants. However, due to lack of security by design and flawed implementations, we are facing significant security and privacy challenges specific to IoT, such as perilous IoT botnet attacks, and novel privacy threats caused by widespread installation of wireless sensors, actuators and smart home appliances even in the private setting of our homes.

The massive scale of the IoT device population and enormous diversity of device hardware, operating systems, software frameworks and manufacturers makes it very difficult to establish standard IoT security and privacy-protecting solutions by simply applying and extending known solutions, neither for per-device security architectures nor for network security measures. In particular, existing intrusion detection techniques seem ineffective to detect compromised IoT devices.

In this talk, we will present our recent work, including industry collaborations, on addressing various security and privacy challenges in the growing IoT landscape. In particular, we focus on approaches for automated device identification and reliable detection of compromised devices based on their inherent communication behaviour.

Frank Piessens is a full professor in the Department of Computer Science at the Katholieke Universiteit Leuven, Belgium.

His research field is software security, where he focuses on the development of high-assurance techniques to deal with implementation-level software vulnerabilities and bugs, including

techniques such as software verification, run-time monitoring, hardware security architectures, type systems and programming language design.

He studies the theory behind these techniques as well as their application in many types of software systems, including web applications, embedded software, and mobile applications.  His

achievements in the field of software security include contributions to: the development of verification techniques for C-like languages, the development of the secure multi-execution technique for enforcing information flow security, the development of a variety of countermeasures for memory safety related vulnerabilities, and the development of the embedded security architecture Sancus.

He has served on the program committee of numerous security and software conferences including ACM CCS, Usenix Security, IEEE Security & Privacy, and ACM POPL. He acted as program chair for the International symposium on Engineering Secure Software and Systems (ESSOS 2014 & 2015), for the International Conference on Principles of Security and Trust (POST 2016) and for the IEEE European Symposium on Security & Privacy (Euro S&P 2018 & 2019).

Coming soon.