SBSeg Short Courses

Confirmed Short Courses

IMPORTANT: Some short courses will have a more practical approach. It is recommended to bring a notebook to perform the proposed exercises.


Short Course 1: Identidade Digital Descentralizada: Conceitos, aplicações, iniciativas, plataforma de desenvolvimento e implementação de caso de uso (Monday, 09/02, 08:30-12:00)

Fernando Marino (CPqD)
José Reynaldo Formigoni Filho (CPqD)
Emilio Nakamura (CPqD)
Sérgio Luis Ribeiro (CPqD)
Vitor Oliveira (CPqD)

Abstract: This short course aims to demonstrate a conceptual and practical view of Decentralized Digital Identity of things and people based on blockchain. We will present the main concepts related to blockchain, digital identity and self-sovereign digital identity, global initiatives, as well as legal and standardization aspects. The hands-on part will include the creation of a DLT network specialized for creating and managing Decentralized Digital Identities as well as the development of an application that executes the main methods and routines of the DLT (Hyperledger Indy) framework, such as: issuing decentralized identifiers ("DIDs") between applications ("Agents"), managing these identifiers, proof authentication and revocation of credentials by the issuer.


Short Course 2: Aprendizado de Máquina para Segurança: Algoritmos e Aplicações (Monday, 09/02, 13:30-17:00)

Fabrício Ceschin (UFPR)
Luiz Oliveira (UFPR)
André Grégio (UFPR)

Abstract: The massive amount of data produced by security solutions have been creating a strong dependency on automated methods for knowledge discovery. Attacks against computer systems make use of several transmission channels and formats (e.g., network traffic, binary files, text, chained system calls etc.), which difficult their observation among unsuspicious data. Machine learning techniques are a great aid for separating data into classes, but they need to be correctly deployed. In this course, we will show how to adequately apply machine learning algorithms to the security data science process. To do so, we will discuss key concepts about the subject and present practical examples with free, open source tools.


Short Course 3: Análise de mecanismos para consenso distribuído aplicados a Blockchain (Thursday, 09/05, 08:30-12:00)

Charles Miers (UDESC)
Guilherme Kosl ovski (UDESC)
Mauricio Aronne Pillon (UDESC)
Marcos Simplicio Jr (USP)
Tereza Carvalho (USP)
Bruno Rodrigues (University of Zurich)
Joao Battisti (UDESC)

Abstract: The Blockchain concept has recently emerged as an alternative approach for e-commerce payment, based on decentralized systems that do not rely on trusted institutions. Actually, since Blockchain was first proposed for use in cryptocurrencies, several solutions have appeared that employ this technology in a variety of domains, such as creating distributed registries of smart contracts. Whichever the target application domain, though, solutions implementing Blockchain use a set of well-known technologies, such as encryption, Merkle Trees, P2P networks, and consensus mechanisms. The latter are of particular research interest today, since most consensus mechanisms used in the early cryptocurrencies (e.g., Bitcoin) involve considerable computational power to ensure system consistency. Aiming to evaluate the state of the art on the area, this manuscript reviews Blockchain concepts and classifications, focusing specifically on the underlying consensus mechanisms and security aspects of the resulting solutions. We also describe a brief experiment using Ethereum and MultiChain, aiming to analyze security aspects of the Practical Byzantine Fault Tolerance (PBFT) and Proof-of-Work (PoW) consensus approaches.


Short Course 4: Introdução à Engenharia Reversa de Aplicações Maliciosas em Ambientes Linux (Thursday, 09/05, 13:30-17:00)

Marcus Felipe Botacin (UFPR)
Lucas Baganha Galante (Unicamp)
Otávio Augusto Araújo Silva (Unicamp)
Paulo Lício de Geus (Unicamp)

Abstract: Malicious software have been evolving to look even more indubious to the targeted system. Moreover, they have been relying on obfuscation and anti-analysis techniques to avoid their behavior being discovered during their execution, thus making forensic procedures harder to be conducted on a proper manner. Reverse engineering is an useful procedure to handle such type of threat, pinpointing the best inspection paths to be followed by analysts, such as how to unpack a given sample or which protection techniques are implemented by a sample. In this course, we present reverse engineering techniques to analyze malicious software samples, thus introducing the reader to general malware handling procedures. The course introduces techniques both in userland as well as in the OS kernel, including dynamic application tracing, debugging and rootkit techniques.

In order to follow the practical exercises of this short course, each student must prepare in advance their notebook as shown below:

  • virtual machine with Ubuntu 16 or 18 LTS (it has to be a virtual machine for the exercises do not infect the physical machine)
  • git (to obtain the examples)
  • binutils package (gcc, gdb, make, etc)
  • upx-ucl package (binary packer)
  • ht package (hexadecimal editor)
  • linux headers of the kernel version used
  • programming tools (languages, IDEs) at student's choice

Organizing Committee

SBSeg Short Courses Chair:
Marco A. A. Henriques (FEEC - Unicamp)

SBSeg 2019 Chairs:
Routo Terada (IME-USP)
Daniel Macêdo Batista (IME-USP)

sbseg2019@ime.usp.br

The SBSeg 2019 is an initiative by the Brazilian Computer Society (SBC).