www.nassiben.com Open in urlscan Pro
34.149.87.45  Public Scan

Form analysis
0 forms found in the DOM

Text Content

top of page
Skip to Main Content



BEN NASSI

Biography

Publications

Talks

 * 
 * 
 * 
 * 
 * 
 * 


About Me


BIOGRAPHY

Whoami. I am Ben, a BlackHat board member, and an infosec researcher.

I did a postdoc at Cornell Tech (hosted by Tom Ristenpart) and I hold a PhD from
The Ben-Gurion University of the Negev (supervised by Yuval Elovici), on
 "Security and Privacy in the IoT Era".



Interests. I am mostly interested in sci-fi on topics related security and
privacy of systems and end users. My interests have changed throughout the
years, but were mostly focused on three specific layers of systems: 

 * Communication. Security and privacy of drones (SP'19, SP'21, Sensors'22), and
   multi-function printers (TIFS'19).

 * Sensors.  Side-channel attacks for cryptanalysis (CCS'23, SP'24) and speech
   eavesdropping (CCS'21, USENIX Sec'22, WOOT'23, Computer'23).

 * Artficial Inteligence. Security of object detectors (CCS'20, CACM'23,
   AISEC'23) and GenAI models. 

 * Misc. Security of E2EE messaging applications (SP'24), password managers, and
   smartwatches (UbiComp'18, Sensors'22).



Press. My work has been featured in Wired [1,2,3,4,5] Forbes [1,2,3],
ArsTechnica, [1,2,3,4], The Wall Street Journal [1], DeepLearning.AI [1], MIT
Technology Review [1], Fox News [1,2], The Mirror [1], Business Insider [1],
Schneier on Security [1,2,3,4,5,6], Computerphile [1], and Two Minute Paper
[1]. 
The YouTube videos I created to present my studies have been watched by ~600K
viewers [1,2,3,4,5,6,7,8]. 



Speaking. I am a frequent conference speaker at BlackHat (5), SecTor (4), DEFCON
(3), RSAC (2), CodeBlue (2), and additional conferences (here is a YouTube
playlist of my recent talks). 



Accomplishments. In 2023, I led a group of brilliant researchers and together we
won the Pwnie Award for the Best Crypto Attack 23. In 2021, we received the Best
Demo Award from AutoSec'21. Three other of my studies finished as runner-ups in
CSAW'19 and CSAW'20. In 2019, I presented a work of mine to Israel's President
Reuven (Ruvi) Rivlin, and in 2018, a work of mine was presented to Israel's
Prime Minister Binyamin Netanyahu, Cypriot President Nicos Anastasiades and
Greek Prime Minister Alexis Tsipras.



Personal Honors. I received the BGU Dean Award for Excellence in Ph.D. and the
Mid. Way Negev-Faran Scholarship for Excellence Ph.D. Program. My Ph.D.
dissertation was nominated for the SIGSAC Doctoral Dissertation Award 2023.



If you want to work with me on a high-profile/impact research in security and
privacy, send me an email.




ACADEMIC PUBLICATIONS

Publications

2024

ComPromptMized: Unleashing Zero-click Worms that Target GenAI-Powered
Applications                             

Stav Cohen, Ron Bitton, Ben Nassi

[web-page]











Video-Based Cryptanalysis: Extracting Cryptographic Keys from Video Footage of a
Device's Power LED

SP'24, BHUSA'23, DEFCON-31, SecTor'23, RWC'24                               

Ben Nassi, Etay Iluz, Or Cohen, Ofek Vayner, Dudi Nassi, Boris Zadov, Yuval
Elovici

Pwnie Award for the Best Cryptographic Attack 23

[web-page] [pre-print] [conference-version]








Private Hierarchical Governance for Encrypted Messaging
SP'24

Armin Namavari, Barry Wang, Sanketh Menda, Ben Nassi, Nirvan Tyagi, James
Grimmelmann, Amy Zhang, Thomas Ristenpart

Injection Attacks Against End-to-End Encrypted Applications

SP'24

A Fábrega, CO Pérez, A Namavari, B Nassi, R Agarwal, T Ristenpart

[conference-version]

2023

 Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light
Fluctuations

CCS'23

Ben Nassi, Ofek Vayner, Etay Iluz, Dudi Nassi, Jan Jancar, Daniel Genkin, Eran
Tromer, Boris Zadov, Yuval Elovici

Tim Höttges Award in Cybersecurity Research

[pre-print] [conference-version]

Protecting Autonomous Cars from Phantom Attacks

Communications of the ACM

Ben Nassi, Yisroel Mirsky, Jacob Shams, Raz Ben-Netanel, Dudi Nassi, Yuval
Elovici

[web-page] [magazine]



The Adversarial Implications of Variable-Time Inference

AISEC'23

Dudi Biton, Aditi Misra, Efrat Levy, Jaidip Kotak, Ron Bitton, Roei Schuster,
Nicolas Papernot, Yuval Elovici, Ben Nassi

[pre-print] [PDF]

The Little Seal Bug: Optical Sound Recovery from Lightweight Reflective Objects

WOOT'23, BlackHat Asia'22                                                       
                                    

Ben Nassi, Raz Swissa, Jacob Shams, Boris Zadov, Yuval Elovici

[web-page] [pre-print] [conference-version]





(Ab) Using images and Sounds for Indirect Instruction Injection in Multi-Modal
LLMs

BHEU'23  

E Bagdasaryan, TY Hsieh, B Nassi, V Shmatikov

[pre-print]



2022

 Lamphone - Real-Time Passive Sound Recovery fr om Light Bulb Vibrations

USENIX Sec'22, BlackHat USA 2020, SecTor'20, CodeBlue'20

Ben Nassi, Yaron Pirotin, Adi Shamir, Yuval Elovici, Boris Zadov

CSAW'19 Runner Up

Runner up Pwnie Award for Most Innovative Research

Runner up Pwnie Award for Most Epic Achievement 
[web-page]  [pre-print]  [conference-version] 















bAdvertisement: Attacking Advanced Driver-Assistance Systems Using Print
Advertisements

EuroS&P Workshops 2022 

Ben Nassi, Jacob Shams, Raz Ben-Netanel, Yuval Elovici

[conference-version]

Towards the Detection of GPS S poofing Attacks against Drones by Analyzing
Camera's Video Stream

MDPI Sensors

Barak Davidovich, Ben Nassi, Yuval Elovici

[journal-version]

Virtual Breathalyzer: Towards the Detection of Intoxication Using Motion Sensors
of Commercial Wearable Device

MDPI Sensors

Ben Nassi, Jacob Shams, Lior Rokach, Yuval Elovici

[web-page] [pre-print] [journal-version]






Optical Speech Recovery From Desktop Speakers

IEEE Computer

Ben Nassi, Yaron Pirutin, Jacob Shams, Raz Swissa, Yuval Elovici, Boris Zadov

[Magazine]

Seeds Don't Lie: An Adaptive Watermarking Framework for Computer Vision Models

Jacob Shams, Ben Nassi, Ikuya Morikawa, Toshiya Shimizu, Asaf Shabtai, Yuval
Elovici

[pre-print]

2021

Glowworm Attack: Optical TEMPEST Sound Recovery via a Device’s Power
Indicator LED

CCS'21, HITB+CyberWeek'21

Ben Nassi, Yaron Pirotin, Yuval Elovici, Boris Zadov 

[web-page] [pre-print] [conference-version]







SoK - Security and Privacy in the Age of Drones

SP'21

Ben Nassi, Asaf Shabtai, Ryusuke Masuoka, Yuval Elovici. 

[web-page] [pre-print] [conference-version]



Detecting Spying Drones

SP Magazine

Raz Ben-Netanel, Ben Nassi, Adi Shamir, Yuval Elovici. 

[web-page] [magazine]

Spoofing Mobileye 630’s Video Camera Using a Projector

AutoSec'21

Ben Nassi, Dudi Nassi, Raz Ben Netanel and Yuval Elovici

[web-page] [conference]



Game of Drones - Detecting Spying Drones Using Time Domain Analysis

CSCML'21

Raz Ben-Netanel, Ben Nassi, Adi Shamir, Yuval Elovici

[web-page] [magazine]

2020

Phantom of the ADAS - Securing Advanced Driver-Assistance Systems from
Split-Second Phantom Attacks

CCS'20,  RSAC 2021, SecTor'21, Car Hacking Village @ DEFCON'29, CyberTech'20

Ben Nassi, Dudi Nassi, Raz Ben-Netanel, Yisroel Morsky, Oleg Drokin, Yuval
Elovici.

AutoSec'21 Best Demo Award Winner

CSAW'20 Runner Up

[web-page] [pre-print] [conference-version]













2019

Drones’ Cryptanalysis - Smashing Cryptography with a Flicker

SP'19, RSAC APJ'19, SecTor'21

Ben Nassi, Raz Ben-Netanel, Adi Shamir, Yuval Elovici. 

CSAW'19 Runner Up

[web-page] [pre-print] [conference-version]







Xerox Day Vulnerability 

TIFS'19, RSAC'20

Ben Nassi, Adi Shamir, Yuval Elovici.

[web-page] [pre-print] [journal-version]






Piping botnet-turning green technology into a water disaster

IoT Village @ DEFCON'26

Ben Nassi, Moshe Sror, Ido Lavi, Yair Meidan, Asaf Shabtai, Yuval Elovici

[web-page] [pre-print]






2018

Handwritten Signature Verification Using Wrist-Worn Devices 

UbiComp'18

Alona Levy, Ben Nassi, Yuval Elovici, Erez Shmueli.

[web-page] [pre-print] [conference-version]





Talks


TALKS & SEMINARS

2024

RWC'24.  Extracting Secret Keys from a Device’s Power LED using COTS Video
Cameras.

Seminar @ MIT.  Extracting Secret Keys from a Device’s Power LED using COTS
Video Cameras. 

Seminar @ Boston University.  Extracting Secret Keys from a Device’s Power LED
using COTS Video Cameras.

Seminar @ Northeastern University.  Extracting Secret Keys from a Device’s Power
LED using COTS Video Cameras. 

2023

BHEU'23. Indirect Prompt Injection into LLMs using Images and Sounds. 

SecTor'23. Video-Based Cryptanalysis: Recovering Cryptographic Keys from
Non-compromised Devices Using Video Footage of a Device’s Power LED. 

DEFCON'31. Video-Based Cryptanalysis: Recovering Cryptographic Keys from
Non-compromised Devices Using Video Footage of a Device’s Power LED 

BHUSA'23. Video-Based Cryptanalysis: Recovering Cryptographic Keys from
Non-compromised Devices Using Video Footage of a Device’s Power LED. 

Seminar @ Stanford University. Video-Based Cryptanalysis: Recovering
Cryptographic Keys from Non-compromised Devices Using Video Footage of a
Device’s Power LED

Seminar @ CISPA. Video-Based Cryptanalysis: Recovering Cryptographic Keys from
Non-compromised Devices Using Video Footage of a Device’s Power LED

Seminar @ Columbia University. When Optical Sensors Meet Low-Power Devices:
Recovering Speech and Cryptographic Keys from Light Emitted from Power LEDs and
Light Bulbs.

Seminar @ HUJI. When Optical Sensors Meet Low-Power Devices: Recovering Speech
and Cryptographic Keys from Light Emitted from Power LEDs and Light Bulbs.

Seminar @ TAU. When Optical Sensors Meet Low-Power Devices: Recovering Speech
and Cryptographic Keys from Light Emitted from Power LEDs and Light Bulbs.

CyberWeek'23. Security and Safety in the Era of Autonomous Cars. 

2022

Seminar @ CE Club, Technion. Finding Darkness in the Light: Recovering Speech
and Cryptographic Keys from Light Emitted from Power LEDs and Light Bulbs.

BHASIA'22. The Little Seal Bug: Optical Sound Recovery from Lightweight
Reflective Objects.

Seminar @ Michigan State University. Towards Electro-optical Sound Eavesdropping

Seminar @ Cornell Tech. Towards Electro-optical Sound Eavesdropping

AI Week'22. Remote Split-second Phantom Attacks on AI of Semi & full Autonomous
Cars. 

2021

HITB+CyberWeek 21. Towards Eletro-Optical Sound Eavesdropping.

SecTor'21. Detecting Illicit Drone Filming.

SecTor'21. Ghost Misdetection Attacks Against Tesla Model X & Mobileye 630 PRO.

Car Hacking Village @ DEFCON 29. Remote Adversarial Phantom Attacks on Tesla &
Mobileye.

RSAC'21. Securing Tesla & Mobileye from Split-Second Phantom Attacks

BHASIA'21. The Motion Sensor Western: The Good, the Bad, and the Ugly.

2020

CodeBlue'20. Drones Cryptanalysis: Detecting Spying Drones.

CodeBlue'20. Lamphone: Real-Time Passive Sound Recovery from Vibration of a
Hanging Light Bulb.

SecTor'20. Lamphone: Real-Time Passive Sound Recovery from Vibration of a
Hanging Light Bulb.

BHUSA'20. Lamphone: Real-Time Passive Sound Recovery from Vibration of a Hanging
Light Bulb.

CyberTech TLV'20. Phantom of the ADAS

RSAC'20. Air-Gapping Is Overrated: Pressing a Red-Button via a Multifunction
Printer.

2019

IoT Village @ DEFCON'26. Attacking Smart Irrigation Systems.



bottom of page