澳门新葡新京,澳门新葡新京官网『首页』

学术预告

当前位置: 首页 > 科学研究 > 学术预告 > 正文

中科院陈恺教授学术报告

澳门新葡新京-澳门新葡新京官网『首页』 :2018-07-23    作者:     来源:     点击:

报告时间:2018年7月24日(周二) 上午10:45-11:30

报告地点:软件园校区行政办公室楼202会议室


报告题目:基于人工智能的攻防对抗

报告摘要:

Patches and related information about software vulnerabilities are often made available to the public, aiming to facilitate timely fixes. Unfortunately, the slow paces of system updates (30 days on average) often present to the attackers enough time to recover hidden bugs for attacking the unpatched systems. We seek to generate proof-of-concept (PoC) exploits for the vulnerability types never automatically attacked. Unlike an input validation flaw that is often patched by adding missing sanitization checks, fixing other vulnerability types is more complicated, usually involving replacement of the whole chunk of code. To address this challenge, we present SemFuzz, a novel technique leveraging vulnerability related text (e.g., CVE reports and Linux git logs) to guide automatic generation of PoC exploits. Such an end-to-end approach is made possible by natural-language processing (NLP) based information extraction and a semantics-based fuzzing process guided by such information.

On the other hand, machine learning algorithm (e.g., deep learning) may also have flaws. The popularity of ASR (automatic speech recognition) systems, like Google Voice, Cortana, brings in security concerns, as demonstrated by recent attacks. We find that the voice commands can be stealthily embedded into songs, which, when played, can effectively control the target system through ASR without being noticed. We also demonstrate that such CommanderSongs can be spread through Internet (e.g., YouTube) and radio, potentially affecting millions of ASR users.

个人简介:

陈恺,中国科学院信息工程研究所,研究员、博导;中国科学院大学教授。信息安全国家重点实验室副主任、《Cybersecurity》编辑部主任。国家“万人计划”青年拔尖人才、北京市“科技新星”。2010年获中国科学院研究生院博士学位,美国宾州立大学博士后。中国保密协会隐私保护专业委员会委员,中国计算机学会系统软件专委会委员。主要研究领域包括软件与系统安全、人工智能对抗、隐私保护。在IEEE S&P、USENIX Security、ACM CCS、ICSE、ASE、TIFS、TDSC、TMC、TRE、RAID、DSN、MobiSys等发表论文70余篇;曾主持和参加国家重点研发计划、国家自然科学基金、863计划、国家发改委信息安全专项、中科院战略性先导科技专项等国家部委课题40余项。

常用链接

相关链接

  • ,澳门新葡新京官网
  • 时空视点传媒
  • ,澳门新葡新京官网中加合作办学项目
  • 电子商务交易技术国家工程实验室

地址:中国济南高新技术产业开发区舜华路1500号        邮编:250101

电话:(86)-531-88391516        传真:(86)-531-88391686

扫一扫
关注公众号
XML 地图 | Sitemap 地图