Prof. Rei Safavi-Naini (University of Calgary)
Professor of Computer Science
Rei Safavi-Naini is the AITF Strategic Chair in Information Security and a founding Director of Institute for Security, Privacy and Information Assurance at the University of Calgary. Before joining the University of Calgary in 2007 as the iCORE Chair in Information Security, she was a Professor of Computer Science and the Director of Telecommunication and Information Technology Research Institute (now ICT Research Institute) at the University of Wollongong Australia.
She has over 300 refereed publications, has served as an Associate Editor of IEEE Transactions on Information Theory, ACM Transactions on Information and System Security (TISSEC), and is currently an Associate Editor of IEEE Transactions on Dependable and Secure Computing, IET Information Security and Journal of Mathematical Cryptology.
She has served as Program Chair/co-Chair of numerous conferences, most recently, ACM CCSW 2014, Financial Cryptography 2014, ACNS 2013 and Crypto 2012. She is a member of the Steering Committee of International Conference in Information Theoretic Security and ACM CCS Cloud Computing Security Workshop.
She has a PhD in Electrical Engineering from University of Waterloo, Canada.
Her current research interests are cryptography, information theoretic security, quantum-safe cryptography, network and communication security and privacy, and Cloud security and privacy.
Melissa Chase (Microsoft Research Redmond)
Researcher in the Cryptography group at Microsoft Research Redmond
Melissa is a researcher in the Cryptography group at Microsoft Research Redmond. Her research focuses on defining and constructing cryptographic protocols and primitives. Some areas She have worked in include anonymous credentials and e-cash, non-interactive zero knowledge proofs, primitives providing controlled malleability, and constructions for signatures schemes and attribute-based encryption and more generally pairing-based cryptography.
She completed a PhD in Computer Science at Brown University, working under Anna Lysyanskaya. During the summer of 2007, She went to IBM Zurich to work with Jan Camenisch in the idemix group, and She spent the fall semester of 2006 at the cryptography program at UCLA’s IPAM. She did her undergrad at Harvey Mudd College in Computer Science and Math.
Prof. Dr.-Ing. Tibor Jager (Bergische Universität Wuppertal)
Professor in the School of Electrical, Information and Media Engineering
Tibor's research addresses fundamental open research questions on the theoretical foundations of real-world cryptography.
He finished his PhD in 2011 at the Horst Görtz Institute of Ruhr-University Bochum, under the supervision of Prof. Jörg Schwenk. After Postdoc positions at the Karlsruhe Institute of Technology and Ruhr-University Bochum, he was appointed associate professor for IT security at Paderborn University in 2016 and is a full professor of IT security and cryptography at Bergische Universität Wuppertal since 2019.
He has published 50+ research papers in cryptography and IT security, received an ERC Grant in 2018 and the IETF Best Contribution Award to TLS 1.3 in 2016.
Prof. Yingjiu Li (University of Oregon)
Ripple Professor in the Department of Computer and Information Science
Title: Robust Android Malware Detection
Despite intensive research over 10 years, Android malware detection still faces substantial challenges including frequent changes in the Android framework, the existence of noisy labels in large-scale up-to-date datasets, and the continuous evolution of Android malware. The consequences of ignoring these challenges are multifold. One is the fast decline of malware detection accuracy over time due to the use of out-of-date malware detection feature sets, the ignorance of new APIs and changed APIs, and the failure of capturing emerging malware patterns. On the other hand, the use of noisy datasets leads to distorted training of malware detection models, unfair evaluation of malware detection performance, and unidentified false positives and false negatives.
To address these challenges, this talk summarizes three robust malware detection approaches, including DroidEvolver, SDAC, and a noise detection framework. Adapting to the frequent changes in the Android framework and the continuous evolution of Android malware, DroidEvolver automatically and continually updates itself during malware detection without any human involvement. While most existing malware detection systems can be updated by retraining on new applications with true labels, DroidEvolver requires neither retraining nor true labels to update itself, mainly due to the insight that DroidEvolver makes necessary and lightweight update using online learning techniques with evolving feature set and pseudo labels. The detection performance of DroidEvolver is evaluated on a dataset of 33,294 benign applications and 34,722 malicious applications developed over a period of six years. Using 6,286 applications dated in 2011 as the initial training set, DroidEvolver achieves high detection F-measure (95.27%), which only declines by 1.06% on average per year over the next five years for classifying 57,539 newly appeared applications. This performance of DroidEvolver is significantly better than what was reported in the literature.
SDAC addresses the same model aging problem using a different approach. SDAC evolves effectively by evaluating new APIs’ contributions to malware detection according to existing APIs’ contributions. In SDAC, the contributions of APIs are evaluated by their contexts in the API call sequences extracted from Android apps. A neural network is applied on the sequences to assign APIs to vectors, among which the differences of API vectors are regarded as their semantic distances. SDAC then clusters all APIs based on their semantic distances to create a feature set in the training phase, and extends the feature set to include all new APIs in the detecting phase. Without being trained, SDAC can adapt to the use of new APIs in the detection phase. In extensive experiments with datasets dated from 2011 to 2016, SDAC achieves a significantly higher detection accuracy and slower aging speed than DroidEvolver with certain overhead.
Another challenge is that training data may contain noisy labels and it is challenging to make the training data noise-free at a large scale. To address this problem, we propose a generic framework to reduce the noise level of training data for the training of any machine learning-based Android malware detection. Our framework makes use of all intermediate states of two identical deep learning classification models during their training with a given noisy training dataset to generate a noise-detection feature vector for each input sample. The framework then applies a set of unsupervised outlier detection algorithms on all noise-detection feature vectors to reduce the noise level of the given training data before feeding it to any machine learning-based Android malware detection approach. In our experiments with three different Android malware detection approaches, the framework can detect significant portions of wrong labels in different training datasets at different noise ratios and thus improve the performance of Android malware detection significantly.
About Yingjiu Li
Yingjiu Li is currently a Ripple Professor in the Department of Computer and Information Science at the University of Oregon. He obtained his PhD degree in Information Technology with a focus on Cybersecurity from at the George Mason University in 2003.
His research interests include IoT Security and Privacy, Mobile and System Security, Applied Cryptography and Cloud Security, and Data Application Security and Privacy. He has published over 140 technical papers in international conferences and journals, and served in the program committees for over 130 international conferences and workshops, including top-tier cybersecurity conferences.
Dr. Tieyan Li (Head of Digital Trust, Shield Lab. Huawei)
Title: Digital Identity: A Long Journey from Centralization to Decentralization
About Tieyan Li
Dr. Tieyan Li is an expert on security and applied cryptography, and a technology generalist on applications, systems and networks. He is currently leading research on Digital Trust-building the trust layer for future digital world, and previously on mobile platform, IoT security, and AI security at Shield Lab., Singapore Research Center, Huawei Technologies.
Dr. Li received his Ph.D. Degree in Computer Science from National University of Singapore. From that on, he was a security scientist at Institute for Infocomm Research, I2R Singapore.
Dr. Li has more than 20 years experiences and is proficient in security design, architect, innovation and practical development. He was also active in academic security fields with tens of publications and many patents. Dr. Li has served as the PC members for many security conferences, and is an influential speaker in industrial security forums. His current research topics include: Trustworthy AI (e.g., adv. robustness, transparency, fairness), Trustworthy Computing (e.g., exploit mitigation, secure enclave), Trustworthy Identity (e.g., DID, SSI), and Trust Infrastructure (e.g., Blockchain).