Short Courses

Abstract: The popularization of computing devices and communication technologies highlights new security threats. The implementation of the Internet of Things (IoT) expands the attack surface, generating more threats due to the inherent security vulnerabilities. Data Science and Artificial Intelligence (AI) emerge as powerful tools. They offer new possibilities for cybersecurity, including the analysis of large volumes of data, the identification and prediction of vulnerabilities, as well as the detection of intruders. This short course presents the concepts, methodology, and techniques of Data Science for Cybersecurity with multiple objectives: (i) to disseminate the culture of Data Science in Cybersecurity; (ii) to demonstrate the potential of Artificial Intelligence and Machine Learning techniques for this area; (iii) to encourage collaborations between research groups in Brazil and ours at UFMG and UFPR; and (iv) to share results from the MCTI/FAPESP MENTORED project. We also demonstrate the entire Data Science pipeline in Cybersecurity, as well as discussing future perspectives, challenges, and open research questions.

Important: For a better experience during the practical part of the minicourse, we strongly recommend that participants bring a computer/laptop with a Linux operating system (or with a Linux virtual machine installed) and Internet access; Python 3 installed; a Google account to access the Drive that will be provided, and a Google Colab account.

Abstract: This short course aims to explore the context of LLMs and related AI systems from a cybersecurity perspective, addressing the attack surface to which such systems are exposed. In particular, the aim is to show the threats, solutions and best practices to improve the security of intelligent systems. The topic will be covered comprehensively, comprising theoretical and practical aspects. On the theoretical aspects, the objective is to enable to the participants be able to assess the security challenges associated with AI systems, identifying threats such as training data poisoning and privacy violations, as well as techniques and tools to identify and mitigate the corresponding risks. At the same time, standards, good practices and recommendations promoted by entities such as NIST and ENISA (European Community) for the protection of AI systems will be discussed.

Abstract: This article discusses Trusted Execution Environments (TEEs), a fundamental technology for ensuring data security and privacy in an interconnected world. TEEs provide an isolated environment within processors, enabling the secure execution of applications that require confidentiality and integrity. The work discusses the main characteristics of TEEs, such as secure isolation, encryption, and resistance to attacks, in addition to exploring their implementation in mobile devices and operating systems. Practical examples, such as the use in payment applications and biometric authentication, highlight the importance of TEEs for the protection of sensitive data. The article also considers supporting technologies, such as Intel SGX and ARM TrustZone, and discusses challenges and opportunities in the adoption of TEEs in different platforms, including RISC-V and cloud environments.

Abstract: This chapter presents comprehensive concepts on forensic analysis applied to Bitcoin through machine learning techniques. The study begins with a theoretical overview of Bitcoin and its ecosystem, detailing the decentralized nature of its blockchain and the challenges associated with its pseudonymous transactions. It then explores methods for acquiring and processing blockchain data, highlighting fundamental statistical analyses that reveal transaction patterns and anomalies. A section is also dedicated to the application of heuristics H1 and H2, which are essential for tracing mixed transactions. Additionally, we examine the concept of OSINT to enrich blockchain data with external intelligence, providing deeper insights into suspicious activities. Finally, the chapter explores the application of supervised and unsupervised machine learning models in Bitcoin forensics. These models are evaluated for their effectiveness in detecting illicit activities, identifying suspicious entities, and improving the accuracy of forensic investigations. The findings underscore the potential of combining machine learning with traditional forensic methods to enhance the overall robustness of Bitcoin investigations.

Check out HERE authors’ mini-bio!