SEPTEMBER 2024
|
|
“Acquisition and Exploitation of Traces from Connected Devices” by Francesco Servida (École des Sciences Criminelles, Université de Lausanne( Date : 27 september 2024 This presentation aims to give an overview of the traces that can be obtained from connected objects as witnesses or actors at a crime scene. Using several scenarios we cover the challenges of detecting connected devices, the relevant locations for data retrieval and the techniques for acquiring said data. We then present how such data can be useful in helping to understand the dynamics of events of interest to investigators, as well as the challenges involved in exploiting such data.
|
SEPTEMBER 2024
|
|
“Understanding and fighting fault injections with programming languages” by Sébastien Michelland (Université Grenoble Alpes, Grenoble INP, LCIS) Date : 27 september 2024 Room Pétri/Turing Would your latest program produce correct results if I skipped a statement in it? Two? Corrupted a variable at random? Then it might not be robust against _fault injection attacks_, which target hardware directly and have such effects. To be fair, nothing really resists them; still, efforts in designing protections have come a long way, relying (perhaps surprisingly) in large part on hardening code, which is much easier to deploy than new hardware. Of course, modeling the effects of physical tinkering at the abstraction level of a program requires inherent approximations, and recent work has shown that even countermeasures based on assembler-level models (the most common type) can still be bypassed by abusing micro-architectural effects.
|
