September 07, 2018,  10:15-11:00,  Location : Rav.1315,  Speaker : Mohammed Ali Alghazwi

Multimodal Biometric Authentication

The use of biometrics has rapidly increased over the last few years due to the increased

security that biometrics provide over traditional methods such as passwords. This led to a

wide adoption of this technology and its use is predicted to increase further in the future.

Multimodal authentication provides more level of authentication than unimodal biometrics

which uses only one biometric data such as fingerprint, face, palm print or iris. Our proposal

includes a detailed model of a multimodal biometric system which complies with industry

standards and can be deployed in various platforms. Our proposed model and specification is

open and can be implemented for any possible system size. We believe this would provide a

more secure, open and interoperable authentication mechanism which would also help with

the standardisation of multimodal biometric authentication systems. 

September 06, 2018,  11:00-12:00,  Location : RAV 1315,  Speaker : Schahram Dustdar, Technical University of Vienna

Smart Cities unplugged - Engineering the fabric of IoT, People, and Systems


In this talk I will explore the integration of people, software services, and things with their data, into a novel resilient ecosystem, which can be modeled, programmed, and deployed on a large scale in an elastic way. This novel paradigm has major consequences on how we view, build, design, and deploy ultra-large scale distributed systems and establishes a novel foundation for an "architecture of value" driven Smart City. In particular, this keynote talk addresses three novel paradigms for designing the service-oriented information systems of the

future: Elastic Computing, Social Compute Units, and Osmotic Computing.

These three paradigms serve as a foundation for future large-scale distributed systems. Furthermore, we will discuss our responsibilities as computer scientists, technologists, and researchers for creating technologies, which benefit society in a positive way, thereby strengthening the new fabric of interconnected people, software services, and things into a novel resilient ecosystem.


Schahram Dustdar is Professor of Computer Science heading the Distributed Systems Group at the Technical University of Vienna.

From 2004-2010 he was also Honorary Professor of Information Systems at the Department of Computing Science at the University of Groningen (RuG), The Netherlands.

From 1999 - 2007 he worked as the co-founder and chief scientist of Caramba Labs Software AG in Vienna (acquired by Engineering NetWorld AG), a venture capital co-funded software company focused on software for collaborative processes in teams. Caramba Labs was nominated for several (international and national) awards: World Technology Award in the category of Software (2001); Top-Startup companies in Austria (Cap Gemini Ernst & Young) (2002); MERCUR Innovationspreis der Wirtschaftskammer (2002).

From Dec 2016 until Jan 2017 he was a Visiting Professor at the University of Sevilla, Spain and from January until June 2017 he was a Visiting Professor at UC Berkeley, USA. He is co-Editor-in-Chief of the new ACM Transactions on the Internet of Things as well as Editor-in-Chief of Computing (Springer). He is an Associate Editor of IEEE Transactions on Services Computing, IEEE Transactions on Cloud Computing, ACM Transactions on the Web, and ACM Transactions on Internet Technology, as well as on the editorial board of IEEE Internet Computing and IEEE Computer. Dustdar is recipient of the ACM Distinguished Scientist award (2009), the IBM Faculty Award (2012), an elected member of the Academia Europaea: The Academy of Europe, where he is chairman of the Informatics Section, as well as an IEEE Fellow (2016). 

November 29, 2017,  12:30-13:30,  Location : Zi 2042,  Speaker : R. Bortolameotti (Riccardo) MSc.

DECANTeR: DeteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting

We present DECANTeR, a system to detect anomalous outbound HTTP communication, which passively extracts fingerprints for each application running on a monitored host. The goal of our system is to detect unknown malware and backdoor communication indicated by unknown fingerprints extracted from a host's network traffic. We evaluate a prototype with realistic data from an international organization and datasets composed of malicious traffic. We show that our system achieves a false positive rate of 0.9%, an average detection rate of 97.7%, and that it cannot be evaded by malware using simple evasion techniques such as using known browser user agent values. Moreover, we show that our solution outperforms the current state of the art that detects covert communication channels by focusing only on benign data. Finally, DECANTeR detects 96.8% of information stealers in our dataset, which shows its potential to detect data exfiltration. 

November 21, 2017,  14:00-15:00,  Location : Zi 2042,  Speaker : T.R. van de Kamp (Tim) MSc.

How to Monitor When All Data Is Encrypted?

We propose the first multi-client predicate-only encryption scheme capable of efficiently testing the equality of two encrypted vectors.

Our construction can be used for the privacy-preserving monitoring of relations among multiple clients. Since both the clients' data and the predicates are encrypted, our system is suitable for situations in which this information is considered sensitive. We prove our construction plaintext and predicate private in the generic bilinear group model using random oracles, and secure under chosen-plaintext attack with unbounded corruptions under the symmetric external Diffie–Hellman assumption. Additionally, we provide a proof-of-concept implementation that is capable of evaluating one thousand predicates defined over the inputs of ten clients in less than a minute on commodity hardware. 

October 24, 2017,  14:00-14:30,  Location : Zi 2126,  Speaker : H.T. Esquivel Vargas (Herson) MSc.

Automatic Deployment of Specification-based Intrusion Detection in the BACnet Protocol

Specification-based intrusion detection (SB-ID) is a suitable approach to monitor Building Automation Systems (BASs) because the correct and non-compromised functioning of the system is well understood. The goal is to compare the expected behavior of devices with their actual behavior as observed in the network.

The main drawback of SB-ID is that the creation of specifications often require human intervention. Automated specification extraction, on the other hand, is crucial to effectively apply SB-ID in volatile environments such as BASs where new devices are often added, removed, or replaced.

We present an approach to automatically extract specifications in the context of the BACnet protocol (ISO 16484-5) extensively used in our university campus.