I am a Professor in Secure Systems at University
of Surrey. I am also the Deputy
Director of the Surrey Centre for
Cyber Security (SCCS), and Director of Surrey's Gold-level ACE-CSE Academic
Centre of Excellence in Cyber Security Education.
From October 2021 to June 2022, I was
Royal-Society Leverhulme Senior Research
Fellow.
Since 2019, I have been leading the EPSRC-funded project AutoPass, in collaboration with Thales and Vector.
Between 04/2019 and 12/2022, I lead the Timetrust project under the
EPSRC-NCSC RISE Institute; TimeTrust is in collaboration
with Univ. of Birmingham, Visa, Mastercard, HP Labs,
Consultant Hyperion.
My research interests are in area of cyber security, formal verification and
cryptography, with a focus on:
- formal security analysis: development of formal
frameworks and tools for security (protocol)
analysis
- provable security: generic framework
development, protocol design, security
proofs
- formal verification (especially model
checking), applied logics
- wireless, mobile and IoT security:
e.g., distance-bounding, RFID/NFC
security, 5G
News
________________________________
- March 2023. Our paper ("Program Semantics and Verification Technique for AI-centred
Programs" by F. Rajaona, I. Boureanu, V. Malvone and F. Belardinelli) won BEST PAPER AWARD at the
25th Symposium on Formal Methods 2023 (FM 2023) in Luebeck, Germany!
- February 2023. Our Apple-Visa attack is still NOT PATCHED,
sadly! See me demo-ing it very much in
real-life, on stage, here:
over-the-limit-payment, live, from locked iPhone
.
- January 2023. At SCCS, we are the general chairs of WiSec
2023 ! Come to WiSec 2023 and to SCCS in June 2023!
- October 2022. Our "L1RP" solution to prevent (most) relay attacks has been
accepted as an amendment of the ISO 14443
standard. See our "L1RP" solution here
.
- March 2022. The Formal Methods for Security Network
(FM-SEC) is back! Check out our amazing speakers and join us
here !
- November 2021. The TimeTrust work on mobile payments
got a $10,000 bounty from Google! Read our IEEE S&P paper here
- October 2021. The TimeTrust work on ApplePay and Visa
made the front pages of the BBC, and of most world-wide media outlets
! Read our IEEE S&P paper here !
- July 2021. As of October 2021, I will be a Royal
Society Leverhulme Senior Reseach Fellow!
- July 2019. The EPSRC-funded project AutoPass has now started! This is to devise new techniques for the formal
verification of privacy.
- April 2019. Our TimeTrust project, part of RISE, has now started! This is on using (hardware)
roots of trust to combat attack of proximity frauds, timing attacks
and privacy breaches in ubiquitous ICT such as contactless payments!
We partner with Univ. of Birmingham, Visa, Mastercard, HP Labs and
Consult Hyperion!
- Jan 2019. As our TimeTrust project is part of RISE, Univ. of Surrey is
hosting a RISE-sponsored training course on
Physical Attacks and Countermeasures for Embedded and IoT Systems
(11-14 March 2019); see more
details here.
- November 2018. Our project with Univ. of Birmingham,
Consult Hyperion, Visa, Mastercard, and HP Labs, on enhanced relay-counteraction via
(hardware) roots
of trust will be funded as part of RISE.
- June 2018. I am co-organising the 8th Workshop on
Cryptography, Robustness, and Provably
Secure Schemes for Female Young Researchers (CrossFyre) , in Guildford, UK. Consider attending.
- February 2018. I am co-organising the FutureDB workshop, on relay
attacks and countermeasures. Consider attending!
- October 2017. I've become a Fellow of the UK's Higher Education
Academy (FHEA).
- June 2017. I've taken up a lectureship in secure systems
at University of
Surrey.
- March 2017. I was selected to give Spotlight talk at the
NCSC-led Cyber
UK in Practice 2017!
- October 2016. I moved to University of Surrey, as
member of the Secure Systems group.
- September 2016. I received the Romberg Grant of
the selective Heidelberg Laureate Forum.
- March 2016. I was an invited speaker at a FinTech Research Showcase by Imperial College
London.
- June 2015. After some two years focused on teaching and consultancy in IT security,
I have now come back to research in cybersecurity, its design, analysis and verification;
I am a MSCA fellow at Imperial College
London.
- May 2014. Moving back to the UK, I took up the role of security architect at Akamai, focusing on web
application security.
- August 2013. I joined HEIG-VD as a Professor, in their security group!
- April 2013. I am an invited participant to the Dagstuhl seminar on the verification of multiagent systems (VaToMAS)!
- February 2013. We are organising ACNS 2014 in Lausanne, Switzerland!
- April 2013. I am an invited participant to the 2013 Early Symmetric Crypto seminar (ESC 2013)!
- August 2012. I have started my role as deputy director of LASEC!
- March 2012. In MICS, we encourage joung women into postgraduate studies: I supervised Mrs. Bogos through her MICS summer internship for female undergraduates and it resulted in a publication!
- October 2011. I have obtained an one year funding-extension
under MICS, for my research on the security of wireless systems, under SECU!
- October 2011. I have obtained equipment for applied research through Google's 2011 EMEA AndroidEDU programme!
