Main Conference Keynotes

Toward Practical Client-Side Encryption in Cloud Computing
Robert Deng (Singapore Management University, Singapore)
Abstract: Data breaches in the cloud are on the rise and are becoming more costly to organizations each year. Client-side encryption refers to the practice of encrypting data on end users’ devices before uploading it to the cloud. This approach ensures that data is encrypted during transit and storage, making data inaccessible to anyone without the decryption keys, including service providers and other potential attackers. In this talk, we will first look at the challenges of client-side encryption and provide an overview of the key advancements as well as setbacks in addressing these challenges in the past two decades, including scalable access of encrypted data and search over encrypted data. There are numerous academic publications in this area and the choice of which techniques to use could have significant impact on the system’s security, efficiency, and usability. Finally, we will present our design and implementation of a client-side encryption system for enterprise users.
About the speaker: Robert Deng is AXA Chair Professor of Cybersecurity, Deputy Dean for Faculty & Research, School of Computing and Information Systems, Singapore Management University (SMU). His research interests are in the areas of data security and privacy, network and distributed system security, and applied cryptography. He received the Outstanding University Researcher Award from National University of Singapore, Lee Kuan Yew Fellowship for Research Excellence from SMU, and Asia-Pacific Information Security Leadership Achievements and Community Service Star from International Information Systems Security Certification Consortium (ISC2). He serves/served on the editorial boards of ACM Transactions on Privacy and Security, IEEE Security & Privacy, IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Information Forensics and Security, Journal of Computer Science and Technology, and Steering Committee Chair of the ACM Asia Conference on Computer and Communications Security. He is a Fellow of IEEE and Fellow of Academy of Engineering Singapore.

Federated Learning Security: From Dusk to Dawn
Alexandra Dmitrienko (University of Würzburg, Germany)
Abstract: The evolution of machine learning (ML) as an enabling technology has opened a new era of possibilities and applications. Among these advancements, distributed learning, specifically federated learning (FL), emerges as a significant shift in collaborative intelligence. FL’s unique ability to leverage decentralized data sources promises innovation and privacy protection for local datasets across diverse domains, including healthcare, finance, object recognition, and beyond. However, despite its potential benefits, FL has shown to be vulnerable to various threats. From poisoning attacks to adversarial perturbations and information inference, malicious actors pose significant challenges to the integrity of FL systems. Effectively addressing these vulnerabilities requires the implementation of security-by-design principles within FL frameworks. In this talk, we steer through the complex landscape of FL attacks and defenses, shedding light on the ongoing arms race between adversaries and defenders. We examine their advantages and drawbacks, gaining valuable insights into the evolving nature of these threats. We conclude by outlining research challenges and directions to enhance the resilience and security of FL systems.
About the speaker: Dr. Alexandra Dmitrienko is an esteemed Associate Professor at the University of Wuerzburg in Germany and the head of the Secure Software Systems research group. With a distinguished academic background, Dr. Dmitrienko earned her PhD in Security and Information Technology with summa cum laude distinction from TU Darmstadt in 2015. Her doctoral research focused on enhancing the security and privacy of mobile systems and applications, earning recognition from both academic consortia and industrial organizations such as the European Research Consortium for Informatics and Mathematics (ERCIM STM WG 2016 Award) and Intel (Intel Doctoral Student Honor Award, 2013). Dr. Dmitrienko’s academic journey encompasses a wealth of experience garnered from prominent security institutions in Germany and Switzerland. Prior to assuming her current faculty position in 2018, she acquired expertise at institutions including Ruhr-University Bochum (2008-2011), Fraunhofer Institute for Information Security in Darmstadt (2011-2015), and ETH Zurich (2016-2017). Throughout her career, Dr. Dmitrienko’s research interests have spanned diverse domains within cybersecurity, including software security, systems security and privacy, and the security and privacy of mobile, cyber-physical, and distributed systems. Today, her research also largely focuses on security and privacy aspects of Machine Learning methods.

Security Of AI, By AI and For AI: Charting New Territories in AI-Centered Cybersecurity Research
XiaoFeng Wang (Indiana University at Bloomington, USA)
Abstract: The rapid advancements in artificial intelligence (AI) technologies and the unyielding demand for their transformative applications have ushered in significant opportunities for security and privacy research and innovations. There is an urgent need for innovative and practical solutions to protect data and other assets to support the training and utilization of large, complicated machine learning (ML) models in a scalable and cost-effective manner (“Security For AI”). In the meantime, substantial research efforts are focused on understanding the security and privacy implications of AI systems, particularly identification of vulnerabilities in ML models and mitigation of associated risks (“Security Of AI”). Furthermore, cutting-edge AI technologies are increasingly being deployed to enhance the security of computing systems, offering intelligent protection and more effective defenses against real-world threats (“Security By AI”).
In this presentation, I will use our research in these areas to demonstrate how AI innovations have expanded the horizons of security and privacy research. For instance, under the theme “Security For AI,” I will provide an overview of ongoing research at the Center for Distributed Confidential Computing (CDCC) — one of the largest initiatives funded by the US National Science Foundation aimed at advancing practical, scalable data-in-use protection. This initiative is poised to have a transformative impact on AI research. Regarding “Security Of AI,” I will discuss our investigations into Trojan threats to ML models, exploring the fundamentality of this emerging security risk, its defensibility in particular. In the context of “Security By AI,” I will showcase how AI and ML technologies are revolutionizing the detection and prediction of security threats within carrier networks—a vital infrastructure—by automating the analysis of their documentations. Lastly, I will discuss potential future directions in the vast space of AI-centered cybersecurity research and innovations.
About the speaker: Dr. Wang is the Associate Dean of Research for Luddy School of Informatics, Computing and Engineering, Indiana University at Bloomington, and a Fellow of ACM, IEEE and AAAS. He serves as Director and Lead PI of Center for Distributed Confidential Computing (CDCC), a Frontiers Project in Secure and Trustworthy Computing funded by the National Science Foundation. The center aims at laying the technological foundations for practical data-in-use protection based on Trusted Execution Environments (TEE) over today and tomorrow’s cloud and edge platforms, which is critical to the advance of AI and data science.
Dr. Wang is the Chair of ACM Special Interest Group on Security, Audit and Control (SIGSAC), and was also TPC Co-Chair of the ACM Conference on Computer and Communications Security (CCS), the ACM’s flagship security and privacy conference, during 2018 and 2019. In the past 20 years, Dr. Wang has been working on a broad range of research topics in systems security and data privacy. He is considered to be one of the most prominent systems security and privacy researchers, a top author according to online statistics such as CSRankings, System Security Circus (Eurecom), and Top Authors, the Systems Cirus (EPFL). Dr. Wang is known for his high-impact research on security analysis of real-world systems and biomedical data privacy. Particularly, the projects he led on side-channel analysis and mitigation, payment and single-sign-on API integrations, Android and iOS security and IoT protection have changed the way the industry built computing systems. Also he is a pioneer researcher on human genome privacy and a co-founder of the iDASH Genome Privacy Competition that contributes to reducing the gap between security and cryptography research and real-world demands for biomedical data sharing and computing protection. More recently, he is actively working on TEE-based Data-in-Use protection for supporting AI, Trustworthy AI, and application of AI technologies (such as NLP and deep learning) to protect computing systems, LTE/5G networks in particular.
For his work, Dr. Wang has received numerous awards, including Award for Outstanding Research in Privacy Enhancing Technologies (the PET Award), Best Practical Paper Award at the 32nd IEEE Symposium on Security and Privacy (IEEE S&P Oakland), and two Distinguished Paper Awards at the 26th Network and Distributed
System Security Symposium (NDSS). His work has been extensively reported by public media, including CNN, New York Times, Wall Street Journal, MSNBC, Forbes, Slashdot, Nature News, etc.
Workshops Keynotes






