Abstract: With the fast development of Internet Finance, the requirement of identity authentication is increasingly dramatically. As a basis of Internet Finance, it is essential to satisfy the strict regulatory requirements for real name, even real person. Traditional identity authentication such as password, token cannot meet the demands of fast-growing Internet fiancé due to their disadvantages, i.e., easy to forget, inclined to be attacked and hard to bring. Therefore, biometric authentication has become the inevitable trend for identity authentication in Internet finance. In this talk, we first identify the requirements of biometric authentication in different Internet finance scenarios. Second, we illustrate the typical biometric authentication modes including local biometric verification mode and remote biometric verification mode. Third, we analyze the key technologies used in biometric authentication like liveness detection. Finally, we introduce Internet finance authentication alliance (IFAA), namely, a booming industry alliance for biometric authentication.
Bio: Hongwei Luo is the senior standardization expert in Ant Financial Services Group. He received his B.Sc. and M.A.Sc degrees from Beijing University of Posts and Telecommunications (BUPT), China, in 1998 and 2003, respectively. He has been a visiting scholar in University of Waterloo from 2011 to 2012. He is dedicated to standardization ecosystem in order for the development of Internet finance. Meanwhile, he is strengthen the application of relevant standards to satisfy compliance requirements of services. Currently, he is a member of biometrics subcommittee of national information technology standardization technical committee (NITS), a member of technology management committee of China Communications Standards Association (CCSA) and a delegate to ISO TC60 and ISO/IEC JTC 1 SC 27/SC 37. He has also been a rapporteur in ITU-T and the chairman of terminal group in CCSA.

Abstract: In this talk, I will describe the core consensus protocol behind Thunder Token. Thunder is a fast and high throughput blockchain that supports EVM smart contracts. Right now, major blockchains like Bitcoin and Ethereum have all reached throughput bottleneck which drives up transaction fees. Since Cryptokitties, Ethereum transaction fees have been as high as millions of USD per day. Thunder Tokens will allow the existing DApp demand (most of which use EVM) to readily migrate with little to no modification. Thunder Token is enabled by a new paradigm in large-scale consensus. Our consensus protocol combines 1) a slow chain, which can be any standard blockchain such as Ethereum or a proof-of-stake blockchain, and 2) a fast path where a committee of stakeholders and a special party called an accelerator perform voting. Almost all the time, transactions are confirmed on the fast path instantly without waiting for the slowchain to grow. When the fast path fails, there is a provably secure mechanism to fall back to the slowchain and from there one can bootstrap the fast path. The accelerator’s only job is to speed up transaction confirmation, and even a malicious accelerator cannot harm security or decentralization. Joint work with Rafael Pass.
Bio: Elaine Shi is an Associate Professor at Cornell University and a co-founder of IC3. She is a co-inventor of Thunder's core consensus protocol. Elaine was a co-author of the first peer-reviewed publication on Bitcoin, and the first peer-reviewed publication on smart contracts. She is also the first to teach smart contract programming. Elaine has won numerous awards for her research, such as the Packard Fellowship, the Sloan Fellowship, and numerous other best paper awards.

Abstract: The Internet of things (IoT) is the network of every objects embedded with electronics, software, sensors, actuators, and connectivity which enables these objects to send and receive data. It is estimated that there will be 25 to 200 billion connected devices by 2020 and IoT could contribute US$11 trillion in global economy by 2025. This growth of network-connected devices and services will create immense opportunities and benefits for our society we cannot even predict today. A smart home enables its residents to adjust room temperature before they get home and a smart washing machine automatically orders detergent before it runs out. Sensors on a car can notify drivers of dangerous road conditions and networked cars will notify first responders when an accident happens.
IoT security and privacy, however, has not kept up with the rapid pace of innovation and deployment, creating substantial privacy, safety and economic risks. IoT security incidents are reported almost daily, from theft of sensitive data and loss of consumer privacy, interruption of business operations, slowdown of internet functionality through large-scale distributed denial-of-service attacks, and disruptions to power grids. In this talk we will provide an in-depth analysis on the challenging nature of IoT security, and elaborate what are the weakest links in the chain of IoT security. The talk will share some of the recent research results in IoT security, and identify some important but challenging research directions in IoT security.
Bio: Robert Deng is AXA Chair Professor of Cybersecurity, Director of the Secure Mobile Centre, and Dean of Postgraduate Research Programmes, Singapore Management University (SMU). His research interests are in the areas of data security and privacy, network security and Internet of Things security. He received the Outstanding University Researcher Award from National University of Singapore, Lee Kuan Yew Fellowship for Research Excellence from SMU, and Asia-Pacific Information Security Leadership Achievements Community Service Star from International Information Systems Security Certification Consortium. His professional services include the editorial boards of IEEE Security & Privacy Magazine, IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Information Forensics and Security, Steering Committee Chair of the ACM Asia Conference on Computer and Communications Security, and member of Scientific Advisory Committee of Huawei Research Singapore.

Abstract: Pointed by PWC, “Cyberattacks will be more powerful because of AI—but so will cyber defense.” AI -- as a wider definition which includes machine learning and deep learning -- is empowering cyber defense. Already, scalable machine learning techniques combined with cloud technology are analyzing enormous amount of data and powering real-time threat detection and analysis. AI capabilities can also quickly identify “hot spots” where cyberattacks are surging and provide cybersecurity intelligence reports. Many companies in security industry have tried to move from a purely “signature-based” system to a machine learning system that tries to interpret actions and events and learns from a variety of sources what is safe and what is not. We mostly see the obvious use cases of applying AI in cyber security are on the endpoint, in the network, fraud or at the SIEM, for example, MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) developed a system called AI2, an adaptive machine learning security platform that helped to filter data and pass it onto the human analysts to reduce alerts down.
We do believe that AI will have a growing impact on cybersecurity technology and can act as a strong driving force to facilitate security vendors to become more powerful when fighting against the more complex cyberattacks.
Bio: Yubin Yang is the CTO and SVP of Bluedon Information Technologies Co., Ltd. He previously earned his Master degree in Computer Engineering from University of New South Wales in Australia in 1999. He is the member of Cloud Security Alliance China Chapter, China Cloud Computing Expert Committee and Computer Federation(CCF). He has been serving as the chairman of CCF Young Computer Scientists & Engineers Guangzhou Forum since 2016. Now he is engaged in the cutting-edge technological innovation, strategic plan, and R&D in such fields as information security, cloud computing, mobile internet, network emergency system. 。