Research and its possible contributions to the cybersecurity industry
Inria and its partners from the CEA, CNRS, CDEFI and CPU will host the forum's research village. They will be offering visitors to the show a number of summary presentations on various scientific works that address major issues such as the protection of personal data and physical security.
Inria will offer three presentations. The first one will address privacy issues on September 7, then two presentations will address hardware security issues on September 8.
- Nijta: A voice anonymization solution to protect speaker’s privacy
With the increasing popularity of smart devices, many users have access to voice-based interfaces, which offer simple access to modern technologies in their language. Building and maintaining these systems requires large-scale voice data collection, which raises privacy concerns for the speakers. Human voice contains private, sensitive, and personally identifiable information about the speaker that must be removed before processing to respect European privacy laws such as the GDPR. We address this issue by providing a robust voice anonymization tool, Nijta, which can quickly remove speaker’s personally identifiable information from their voice data and safeguard their identity against malicious action.
Day: Tuesday, September 7
Schedule: 2:30 PM to 3:00 PM and 4:00 PM to 4:30 PM
- Timesecbench - Evaluating timing information leakages in the microarchitecture
Processor design has been focused for too long on performance and power consumption issues. The security has rarely been addressed. Today, with the media attention received by Spectre and Meltdown attacks, designing circuits granting strong security guarantees is becoming a hot topic. In order to protect such a circuit, we first need to understand where the problems come from. Timesecbench is a security benchmark suite that evaluates microarchitectural timing information leakage. Guided from the benchmark results, we build RISC-V processors resisting this class of vulnerability.
Day: Wednesday, September 8
Schedule: 10:30 AM to 11:00 AM
- When jamming attacks in wireless networks become (too) smart
In the context of the IoT, different types of nodes coexist, with varying resources and computing capabilities. These nodes mostly act under energy constraints and exchange data through wireless communication protocols (e.g. 802.11, Bluetooth). Consider two energy-constrained communicating nodes, a transmitter and a receiver. Consider also a third node, which shares the same characteristics as the first two, and which jam the transmission. This is a typical denial of service (DoS) attack. Standard protocols are robust enough to detect this type of attack and react to it (e.g., by channel hopping). However, if the attack make use of machine learning mechanisms to learn information about the nodes, the detection, the environment, etc., then detecting the DoS is more complicated and the nodes involved in the transmission may exhaust their energy. Our demo will illustrate this by showing DoS attacks in a wireless network, where machine learning mechanisms lead to low detection probability and energy depletion of nodes under attack.
Day: Wednesday, September 8
Schedule: 11:00 AM to 11:30 AM
See the complete program of presentations in the research village on the forum's website (select "Research Pitch")
In addition to these presentations by researchers, Inria will be associated with the pavilion of the Hauts-de-France region, which will host the HumAIn alliance, with which the Inria Lille - Nord Europe center is associated.
Innovation in the spotlight with the two startups Daspren and Malizen
- Daspren: detecting and stopping ransomware
Daspren is made up of a team of experts who are passionate and determined to offer their customers high-quality protection solutions. Its Parad solution, based on artificial intelligence, is a unique solution capable of detecting pure zero-day ransomware attacks, with no known IoC and no history.
- Malizen: improving the daily life of cybersecurity experts
Malizen is designing ZeroKit, a new software platform to give back useful time to cybersecurity teams. ZeroKit centralizes events and team intelligence around collaborative analysis interfaces and learns from decisions made to support cyber analysts and give them back some useful time.