Using end-to-end encrypted services is quickly becoming a critical component of how enterprises meet regulations and ensure data sovereignty. This presentation will provide an inside look at the value E2EE (end-to-end encrypted) services offer to enterprises, how they work in pr … | Continue reading
We propose a comprehensive online hate and harassment taxonomy derived from analyzing over 150 interdisciplinary research papers that cover disparate threats ranging from intimate partner violence to coordinated mobs. | Continue reading
We analyze over 1.2 billion email-based phishing and malware attacks against Gmail users to understand which factors place a person at heightened risk of being targeted. | Continue reading
In this UX research we identify the key cybersecurity challenges faced by political campaigns as they face increasing threats from well-funded, sophisticated attackers, especially nation-states. | Continue reading
This keynote discusses whether applying deep-learning to cryptanalysis will revolutionize the field or if it will go out of fashion in a few years due to the lack of breakthroughs. | Continue reading
Retrospective of my attempt to make people smile during the COVID pandemic by performing magic tricks online for 32 weeks in a row. | Continue reading
Learn how to perform a deep-learning side-channels attack using TensorFlow to recover AES cryptographic keys from a hardware device power traces, step by step. | Continue reading
Learn how to perform a deep-learning side-channels attack using TensorFlow to recover AES cryptographic keys from a hardware device power traces, step by step. | Continue reading
Learn the concepts behind deep-learning side-channels attack, a powerful cryptanalysis technique, by using it to recover AES cryptographic keys from a hardware device. | Continue reading
This talk provides an overview of how accounts get compromised and the defenses we found effective at Google to reduce accounts hijacking risks. | Continue reading
This talk showcases SCALD, our tool that leverages deep-learning explainability and dynamic execution to automatically find which parts of a crypto-hardware implementation is responsible for leaking the information exploited by side-channel attacks | Continue reading
This blog post distills the key findings of our longitudinal analysis of how Europe’s right to be forgotten (RTBF) is being applied in practice. | Continue reading
This talk provides a step-by-step introduction on how to use deep learning to perform AES side-channel attacks. | Continue reading
In this talk we look into Gmail telemetry to illuminate the differences between phishing groups in terms of tactics and targets. | Continue reading
This post exposes how real-world highly advanced poker cheating devices work. | Continue reading
For South Asian women, a major hurdle to their meaningful participation online is their ability to ensure their safety. This post illustrates this challenge by recounting the safety and privacy challenges faced by women across India, Pakistan, and Bangladesh, who talked to us abo … | Continue reading
This post looks at two-factor authentication adoption in the wild, highlights the disparity of support between the various categories of websites, and illuminates how fragmented the two factor ecosystem is in terms of standard adoption. | Continue reading
This post looks at two-factor authentication adoption in the wild, highlights the disparity of support between the various categories of websites, and illuminates how fragmented the two factor ecosystem is in terms of standard adoption. | Continue reading
This post provides an overview of the impact of the Twitter 2018 accounts purge through the lens of its impact on 16k of Twitter’s most popular accounts. | Continue reading
This blog post surveys the attacks techniques that target AI (Artificial Intelligence) systems and how to protect against them. | Continue reading
This blog post surveys the attacks techniques that target AI (Artificial Intelligence) systems and how to protect against them. | Continue reading
This post looks at the main difficulty faced while using a classifier to block attacks: handling mistakes and uncertainty such that the overall system remains secure and usable. | Continue reading