Speakers
Daniel Gruss
Graz University of Technology
Marius Münch
University of Birmingham
Stjepan Picek
Radboud University
Phillip Rieger
Graz University of Technology
Lea Schönherr
CISPA Helmholtz Center for Information Security
Shweta Shinde
ETH Zurich
Daniel Gruss
Graz University of Technology
Daniel Gruss (@lavados) is a University Professor at Graz University of Technology. He loves teaching and research of system-level topics including side channels and transient execution attacks. He implemented the first remote fault attack running in a website, known as Rowhammer.js. His research team was one of the teams that found the Meltdown and Spectre bugs published in early 2018. In 2023, he received an ERC Starting Grant to research the sustainability of security. He frequently speaks at top international venues.
Phillip Rieger
Graz University of Technology
Starting in September 2026, Phillip Rieger joins TU Graz as Assistant Professor for Secure AI Systems. His research includes the security of generative AI, applications of AI for system security, and the security and privacy of distributed learning, with particular emphasis on paradigms such as Federated Learning and Split Learning. A major focus of his work is the detection and mitigation of poisoning and backdoor attacks in collaborative machine learning systems. His research has explored these threats from multiple perspectives, including the analysis of model representations in alternative feature domains, behavior-based detection of hidden backdoors, privacy-preserving validation mechanisms, and the use of trusted hardware and cryptographic techniques to strengthen the security of distributed learning systems and detect well-hidden backdoors. Before joining TU Graz, he received his PhD in Computer Science from TU Darmstadt, where he was a researcher in the Secure Systems Lab and worked on adversarially robust machine learning, AI security, and privacy-preserving learning systems.
Shweta Shinde
ETH Zurich
Shweta Shinde is an Assistant Professor in the Department of Computer Science at ETH Zürich, where she leads the Secure & Trustworthy Systems (SECTRS) group. Her research focuses on building fundamentally secure large-scale systems. She has a track record of uncovering real-world vulnerabilities in confidential computing environments based on insights that emerge from the understanding gained through her work to secure them. Her defensive research has translated into deployed solutions, with real-world impact extending well beyond the academic setting. Prior to joining ETH Zürich, she was a postdoctoral scholar at the University of California, Berkeley, and completed her PhD at the National University of Singapore.
Sahar Abdelnabi
Sahar Abdelnabi is an AI security researcher at Microsoft. She completed her PhD at CISPA Helmholtz Center for Information Security, advised by Prof. Dr. Mario Fritz, and obtained her MSc degree at Saarland University.
She is interested in the broad intersection of machine learning with security, safety, and sociopolitical aspects. This includes the following areas: 1) Understanding, probing, and mitigating the failure modes of machine learning models, their biases, and their misuse scenarios. 2) How machine learning models could amplify or help counter existing societal and safety problems (e.g., misinformation, biases, stereotypes, cybersecurity risks, etc.). 3) Emergent safety challenges posed by new foundation and large language models.
(mobile) Sahar Abdelnabi
Sahar Abdelnabi is an AI security researcher at Microsoft. She completed her PhD at CISPA Helmholtz Center for Information Security, advised by Prof. Dr. Mario Fritz, and obtained her MSc degree at Saarland University.
She is interested in the broad intersection of machine learning with security, safety, and sociopolitical aspects. This includes the following areas: 1) Understanding, probing, and mitigating the failure modes of machine learning models, their biases, and their misuse scenarios. 2) How machine learning models could amplify or help counter existing societal and safety problems (e.g., misinformation, biases, stereotypes, cybersecurity risks, etc.). 3) Emergent safety challenges posed by new foundation and large language models.