报告题目：Good Practices, Lessons Learned and Practical Examples in Carrying Out Scientific Research
报告时间： 2018年9月14日（周五）下午 4:00
报告人：牛津大学 博士后. Riccardo Spolaor
报告简介：In this talk, we discuss some general rules to take into account when a new research topic needs to be explored. The speaker will provide some advice to help students to find out a good research topic, properly explore the state of the art, and organize their work. Then, it will be presented a concrete an example of the process to follow to produce a survey. This talk is a chance to get some knowledge about the scientific publication process and good practices for young researchers. In the second part of the talk, the speaker presents examples of his research work regarding novel security and privacy challenges on the analysis of side-channels of mobile devices. This part is composed of three examples of side-channels: (i) the usage of network traffic analysis to infer user private information; (ii) the energy consumption of mobile devices during battery recharge as a way to identify a user and as a covert channel to exfiltrate data; and (iii) the possible security application of data collected from built-in sensors in mobile devices to authenticate the user and to evade sandbox detection by malware..
报告人简介：Riccardo Spolaor is currently a Research Associate at University of Oxford (UK) in Prof. Ivan Martinovic’s System Security Lab Research group. He obtained his Ph.D. in Brain, Mind, and Computer Science at the University of Padua, Italy in 2018, under the supervision of Prof. Mauro Conti. He obtained his Master's Degree in Computer Science in 2014 from the University of Padua, with a thesis about a smartphone privacy attack inferring user actions via traffic analysis. He has been a Visiting Ph.D. Student at Radboud University (The Netherlands, 2015), Ruhr-Universitat Bochum (Germany, 2016), University of Oxford (UK, 2016, 2017, and 2018), and University of Jinan(P.R.China, 2018). His main research interests are: Privacy and security issues on mobile devices; Application of machine learning techniques to infer user information; Network traffic analysis and SDN; Energy consumption analysis; and Malware detection.