Colloquium Details
Securing Modern System is More Challenging Than Ever (and requires new and dedicated guardrails).
Speaker: Ben Nassi, Technion, Black Hat
Location: 60 Fifth Avenue 150
Date: March 12, 2025, 2 p.m.
Host: Joe Bonneau
Synopsis:
Over the past decade, an increasing number of systems and devices have gained Internet connectivity and been enhanced with sensing capabilities and AI.
While these advancements have created a world of smarter, more automated, and highly connected devices, they have also introduced significant security and privacy challenges that cannot be effectively addressed with traditional countermeasures. The first part of this talk will focus on side-channel attacks. We discuss the challenges posed by the coexistence of functional devices with limited computational power (that do not adhere to Moore’s law) alongside sensors with ever-increasing sampling rates. We will explore how threats such as cryptanalysis and speech eavesdropping—previously accessible only to well-resourced adversaries—can now be executed by ordinary attackers using readily available hardware like photodiodes and video cameras. These attacks leverage optical traces or video footage from a device’s power LED to extract sensitive information.
The second part of the talk will focus on AI security. We explore the unique challenges AI-powered systems face in the physical realm and a countermeasure to secure Teslas against time-domain adversarial attacks. Finally, we discuss the emerging need to secure LLM-powered applications against a new threat we call Promptware that exploits an application’s GenAI component to perform malicious activity. We explore Morris-II, a variant of Promptware that behaves as an AI worm.
Zoom: https://nyu.zoom.us/j/98895548109
Note: In-person attendance only available to those with active NYU ID cards.
Speaker Bio:
Dr. Ben Nassi is a research fellow in the Faculty of Electrical and Computer Engineering (ECE) at the Technion and a Board Member at Black Hat. Ben investigates the security and privacy of systems and devices. He has introduced innovative side-channel attacks to recover speech from light emitted by light bulbs and to extract cryptographic keys from a device’s power LED using video footage. In the realm of cyber-physical systems, he developed techniques to secure Tesla vehicles against time-domain adversarial attacks and to detect intrusive video filming conducted by drones. Recently, his research has expanded to AI security, where he proposed methods to protect GenAI-powered applications from AI worms and AI infostealers and to safeguard autonomous vehicle perception against emergency vehicle lighting attacks. His work has been published in leading academic venues such as USENIX Security, IEEE S&P, and CCS, as well as prestigious industrial conferences, including Black Hat, DEFCON, and the RSA Conference. His research has garnered significant media attention, with features in Forbes, Fox News, Wired, Ars Technica and other major outlets. Ben earned his PhD from Ben-Gurion University, focusing on “Security and Privacy in the IoT Era,” and completed his postdoctoral fellowship at Cornell Tech. His accomplishments include winning the 2023 Pwnie Award for Best Cryptographic Attack and the Dean’s Award for Excellence in PhD Studies.