Program
timetable coming soon
Sahar Abdelnabi, Microsoft
Jo Van Bulck, KU Leuven
Maria Eichlseder, TU Graz
Daniel Gruss, TU Graz
David Oswald, University of Birmingham
Fabio Pierazzi, University College London
Kaveh Razavi, ETH Zürich
Christian Rossow, CISPA
Yang Zhang, CISPA
| Monday Sept. 1st |
Tuesday Sept. 2nd |
Wednesday Sept. 3rd |
Thursday Sept. 4th |
Friday Sept. 5th |
|
|---|---|---|---|---|---|
| 9:00 – 09:30 |
9:00 Fabio Pierazzi |
9:00 Yang Zhang Safety Assessment of Large Generative Models |
9:00 Sahar Abdelnabi |
9:00 Maria Eichlseder |
|
| 09:30 – 10:00 | |||||
| 10:00 – 10:30 | |||||
| 10:30 – 11:00 | 10:30 Welcome Coffee ☕ |
10:30 Coffee break ☕ |
10:30 Coffee break ☕ |
10:30 Coffee break ☕ |
10:30 Coffee break ☕ |
| 11:00 – 11:30 |
11:00 David Oswald |
11:00 Christian Rossow |
11:00 Daniel Gruss & Stefan Mangard |
11:00 Jo Van Bulck Trust Under Siege: Exploiting and Mitigating Interface-Based Attacks on TEEs |
11:00 Speaker TBA |
| 11:30 – 12:00 | |||||
| 12:00 – 12:30 | |||||
| 12:30 – 13:00 | 12:30 Lunch break |
12:30 Lunch break |
12:30 Lunch break |
12:30 Lunch break |
12:30 Goodbye lunch |
| 13:00 – 13:30 | |||||
| 13:30 – 14:00 | |||||
| 14:00 – 14:30 |
14:00 Kaveh Razavi Advanced Branch Target Injection Attacks |
14:00 Security Week CTF by LosFuzzys Part 1 |
14:00 Hardware Side-Channel Lab |
14:00 Software Side-Channel Lab Part 1 |
14:00 Speaker Training hosted by Daniel Gruss |
| 14:30 – 15:00 | |||||
| 15:00 – 15:30 | |||||
| 15:30 – 16:00 | 15:30 Coffee break ☕ |
15:30 Coffee break ☕ |
15:30 Social Event 🍫🍷 Visit of the Zotter chocolate factory (sponsored by ISEC) & Dinner with scientific keynote speech at a traditional styrian Buschenschank |
15:30 Coffee break ☕ |
|
| 16:00 – 16:30 |
16:00 PhD Forum |
16:00 Security Week CTF by LosFuzzys Part 2 |
16:00 Software Side-Channel Lab Part 2 |
||
| 16:30 – 17:00 | |||||
| 17:00 – 17:30 | |||||
| 17:30 – 18:00 | |||||
| 18:00 – 18:30 | 18:00 Welcome Dinner️ |
18:00 Dinner️ |
18:00 Dinner️ |
️ | |
| 18:30 – 19:00 | |||||
| 19:00 – 19:30 | |||||
| 19:30 – 20:00 |
We will meet on Monday, Sept 1st, at Rechbauerstraße 12, 8010 Graz, on the first floor in front of the auditorium (“Aula”) where the summer school takes place.
Starting from 10:30 am, we will be there to welcome you with coffee and cake, and to hand you our welcome package.
The school starts at 11:00 am in the “Aula”.
For infos & if you have questions:
Ask our staff on site or join our Discord server
A central goal of the school is to enable communication between presenters and the participants. Therefore we will have a so-called PhD forum on Monday. Everyone is welcome to join and listen to the presentations!
The basic idea of the forum is that PhD students and researchers joining GSW present their current research in a 5-minute talk. This will help them to get connected with other participants working on a similar topic. Furthermore, presenting at the PhD forum is a prerequisite for earning optional 2 ECTS.
Please email your slides until Sunday, 24 August at the latest to securityweek.isec@tugraz.at!
In this session, you will get hands-on experience with system security, cryptography, web security, and more!
The session is hosted by the student team LosFuzzys as a beginner-friendly capture-the-flag competition, where participants must find and exploit vulnerabilities in given programs. Upon successful exploitation, you will receive a flag that will reward you with points! This is a great opportunity to network and collaborate with like-minded people to find solutions to security-related problems.
Please bring your own laptop!
In this tutorial, you will use physical side-channel attacks to break the security of embedded devices.
We will use power analysis attacks and measure the power consumption of a microcontroller while it performs encryptions. Using the power consumption of the device, we will extract the used encryption key.
In particular, we will investigate how to conduct these attacks on simulated secure systems and the AES block cipher. All the experiments will be performed on a real microcontroller on a ChipWhisperer board, which lets you easily measure the power consumption and inject faults.
In contrast to runtime attacks, the CPU microarchitecture itself gives much more subtle ways to attack an application via side-channels. These side channels range from measuring execution time and detecting memory access patterns, over cache attacks (e.g., Flush+Reload) to Meltdown and Spectre attacks, leaking information across different processes and privilege boundaries. In this lab, you will experiment with various microarchitectural side channels.
We all got to present at conferences sometime during our PhD, but no one taught us how. This Speaker Training is for you!
We will run through a few simple exercises for speaking, intonation, controlling volume, insecurities and confidence, emotions and thoughts during a presentation, and mastering question and answer sessions eloquently.