To authors: A regular paper presentation would be 25 mins in total (including 5 mins Q&A) and a tool/dataset paper presentation would be 15 mins in total (including 5 mins Q&A).
Cone Deck 2 Visitor Parking
8921 University Rd, Charlotte, NC 28262
Despite long-ago predictions that other user-authentication technologies would replace passwords, passwords remain pervasive and are likely to continue to be so. This talk will describe our research on methods to tackle three key ingredients of account takeovers for password-protected accounts today: (i) site database breaches, which is the largest source of stolen passwords for internet sites; (ii) the tendency of users to reuse the same or similar passwords across sites; and (iii) credential stuffing, in which attackers submit breached credentials for one site in login attempts for the same accounts at another. A central theme of our research is that these factors are most effectively addressed by coordinating across sites, in contrast to today's practice of each site defending alone. We summarize algorithms to drive this coordination; the efficacy and security of our proposals; and the scalability of our designs through working implementations.
Michael Reiter is a James B. Duke Distinguished Professor in the Departments of Computer Science and Electrical & Computer Engineering at Duke University, which he joined in January 2021 following previous positions in industry (culminating as Director of Secure Systems Research at Bell Labs, Lucent) and academia (Professor of CS and ECE at Carnegie Mellon, and Distinguished Professor of CS at UNC-Chapel Hill). His technical contributions lie primarily in computer security and distributed computing. He is a Fellow of the ACM and IEEE, winner of the ACM SIGSAC Outstanding Contributions Award, and two-time winner of the Test-of-Time Award from the ACM Conference on Computer and Communications Security, for research papers that have had long-lasting influence.
This panel will focus on the challenges and opportunities in educating and developing a skilled workforce in the field of identity management. The panel will bring together experts in identity management from academia and industry to discuss the current state of identity management education and workforce development, and explore potential solutions to address the existing gaps. The panelists will examine the evolving nature of identity management, and the skillsets and knowledge required for professionals to excel in this field. They will also discuss the various educational and training programs available to aspiring identity management professionals, and the effectiveness of these programs in meeting the needs of the industry. Additionally, the panel will explore the role of industry-academia partnerships in fostering workforce development in identity management.
The increasingly pervasive use of big data and machine learning is raising various ethical issues, in particular privacy and fairness. In this talk, I will discuss some frameworks to understand and mitigate the issues, focusing on iterative methods coming from information theory and statistics. In the area of privacy protection, differential privacy (DP) and its variants are the most successful approaches to date. One of the fundamental issues of DP is how to reconcile the loss of information that it implies with the need to preserve the utility of the data. In this regard, a useful tool to recover utility is the Iterative Bayesian Update (IBU), an instance of the Expectation-Maximization method from Statistics. I will show that the IBU, combined with the metric version of DP, outperforms the state-of-the art, which is based on algebraic methods combined with the Randomized Response mechanism, widely adopted by the Big Tech industry (Google, Apple, Amazon, ...). Then, I will discuss the issue of biased predictions in machine learning, and how DP can affect the level of fairness and accuracy of the trained model. Finally, I will show that the IBU can be applied also in this domain to ensure a fairer treatment of disadvantaged groups and reconcile fairness and accuracy.
Catuscia Palamidessi is Director of Research at INRIA Saclay (since 2002), where she leads the team COMETE. She has been Full Professor at the University of Genova, Italy (1994-1997) and Penn State University, USA (1998-2002). Palamidessi's research interests include Privacy, Machine Learning, Fairness, Secure Information Flow, Formal Methods, and Concurrency. In 2019 she has obtained an ERC advanced grant to conduct research on Privacy and Machine Learning. She has been PC chair of various conferences including LICS and ICALP, and PC member of more than 120 international conferences. She is in the Editorial board of several journals, including the IEEE Transactions in Dependable and Secure Computing, Mathematical Structures in Computer Science, Theoretics, the Journal of Logical and Algebraic Methods in Programming and Acta Informatica. She is serving in the Executive Committee of ACM SIGLOG, CONCUR, and CSL.
This panel will explore the potential of ChatGPT in the field of computer science and security. The panel will discuss the current and future applications of ChatGPT in various areas of computer science and security, such as natural language processing, data analytics, and cyber security. The experts will also deliberate on the potential impact of ChatGPT on the future of computer science and security, and its implications for society. Through this panel, attendees will gain valuable insights into the exciting developments in the field of computer science and security, and the role that ChatGPT is expected to play in shaping its future.