Preliminary schedule, subject to further changes.

Tuesday, May 21

08:30 – 09:00  Door Open and Registration

09:00 – 09:15  Introduction and welcome by the PhD school chairs

09:15 – 10:45Tutorial I (1) – The eBPF Adventure: Exploring Linux’s Hidden Superpowers 

by Sebastiano Miano and Angelo Tulumello. In this tutorial, we will dive into the exciting world of eBPF, a technology that’s changing how we interact with Linux systems. We will start with a quick history lesson on eBPF, showing its journey from a simple idea to a major game-changer. We’ll explain what eBPF is, why it matters, and how it works, including the tools you need to create eBPF programs. It’s a perfect mix of background knowledge and technical details to get everyone up to speed. Then, we’ll roll up our sleeves for some hands-on fun. You’ll get to try out eBPF yourself through exercises that cover everything from managing network traffic to improving system monitoring. Whether you’re interested in speeding up data processing or keeping a closer eye on system operations, these exercises will show you eBPF’s power and flexibility. It’s a chance to see theory in action and learn by doing. We wrap up by looking ahead at the challenges and opportunities for eBPF. What’s next for this technology, and how can researchers and developers contribute to its growth? This part of the tutorial invites you to think about the future of eBPF and where your work could make an impact. It’s not just about what eBPF can do now, but what it could do tomorrow.

10:45 – 11:15   Coffee Break

11:15 – 12:45Tutorial I (2) – The eBPF Adventure: Exploring Linux’s Hidden Superpowers 

12:45 – 14:00   Lunch Break & Poster Session: Group 1

14:00 – 15:30 Tutorial II (1) – Man-in-the-middle attacks against IoT devices 

by Vincenzo De Angelis. Due to their proliferation, implementing security features in IoT devices is becoming a primary concern. In this tutorial, we discuss the problems arising when an adversary is in the middle of the communication between the IoT device and the application controlling it. Specifically, we first focus on a particular class of attacks called replay attacks, in which the adversary captures the commands exchanged between the application and the device and replays them at a later time with the aim of triggering certain functionalities without the users’ consent (e.g., opening a door). Subsequently, we delve into MQTT, a widely adopted protocol in IoT that is inherently susceptible to MITM attacks since the communication is mediated by a broker. We discuss the main challenges of this protocol and potential strategies to preserve the integrity of messages in the presence of an untrusted broker. Finally, the laboratory part of the tutorial involves the execution of a MITM attack on a real-life IoT app to bypass its authentication protocol and obtain users’ credentials (CVE-2023-34829).

15:30 – 16:00   Coffee Break

16:00 – 17:30Tutorial II (2) – Man-in-the-middle attacks against IoT devices

18:00 – 22:00PhD Social Event (stay tuned!)

Wednesday, May 22

09:00 – 10:30Tutorial III (1) – Network Traffic Analysis via Machine and Deep Learning: From Theory to Practice

by Antonio Montieri. The tutorial will explore advanced topics in data-driven approaches for network traffic classification focusing on network intrusion detection and attack classification. The core of the tutorial will be a “hands-on” session that will guide the students toward the actual design, implementation, and performance evaluation of traffic classifiers, exploiting the tools provided by state-of-the-art (Python) frameworks. Datasets will encompass traffic data from real network scenarios (e.g., attacks against IoT devices, mobile-app traffic).

10:30 – 11:00   Coffee Break

11:00 – 12:30Tutorial III (2) – Network Traffic Analysis via Machine and Deep Learning: From Theory to Practice

12:30 – 14:00   Lunch Break & Poster Session: Group 2

14:00 – 15:30Tutorial IV (1) – Trace the Wumpus

by Johann Schlamp. We will revive a text-based adventure game from 1973 that can be played using standard traceroute. Our task is to implement a Python-based network emulation that serves as the game’s backend. In this tutorial, you will experience first-hand how active network measurements turn up at the receiver side. You will also learn how to use raw sockets in IPv6 and how to hunt down a Wumpus using crooked arrows.

15:30 – 16:00   Coffee Break

16:00 – 17:30 Tutorial IV (2) – Trace the Wumpus

17:30 – 18:15   Interactive session between PhD participants and lecturers

18:15 – 18:30   PhD school closing and Poster Awards

20:00 – 22:00   TMA Conference Opening Cocktail (stay tuned!)