Cybersecurity Lecture Series

 

Come face to face with real solutions

Meet academic and industry leaders for intimate discussions about new cyber threats, trends and technologies.

The Cybersecurity Lecture Series at Georgia Tech is a free, one-hour lecture from a thought leader who is advancing the field of information security and privacy. Invited speakers include executives and researchers from Fortune 500 companies, federal intelligence agencies, start-ups and incubators, as well as Georgia Tech faculty and students presenting their research. Lectures are open to all -- students, faculty, industry, government, or simply the curious. Students may register for credit under seminar course CS-8001-INF.

 

Inquire about speaking.

Sponsor the series.

 

Schedule

 

Join us Fridays at Noon at Georgia Tech

Sign up to receive the Spring '18 schedule and future alerts.

Klaus Advanced Computing Building
Room KACB #2447
266 Ferst Drive

unless otherwise noted.

 
Next event: Jan. 19

Brendan Saltaformaggio, CyFi Lab, Georgia Tech

 

"Convicted by Memory: Recovering Spatial-Temporal Digital Evidence from Memory Images"
Memory forensics is becoming a crucial capability in modern cyber forensic investigations. In particular, memory forensics can reveal "up to the minute" evidence of a device's usage, often without requiring a suspect's password to unlock the device, and it is oblivious to any persistent storage encryption schemes. Prior to my work, researchers and investigators alike considered raw data-structure recovery the ultimate goal of memory forensics. This, however, was far from sufficient as investigators were still largely unable to understand the content of the recovered evidence; hence, unlocking the true potential of such evidence in memory images remained an open research challenge.

In this talk, I will focus on my research efforts which break from traditional data-recovery-oriented forensics and instead leverage program analysis to automatically locate, reconstruct, and render spatial-temporal evidence from memory images. I will describe the evolution of this work, starting with the reuse of binary program components to overcome the burden of recovering and understanding highly probative data structures, e.g., photos, chat contents, and edited documents. Then, shifting away from the recovery of data structures, I will introduce spatial-temporal evidence recovery, culminating in the instrumentation of program executions to recreate full sequences of previous smartphone app screens, all from only a single snapshot of a device's memory. Finally, to highlight the role of memory forensics in my overall research agenda, I will briefly present my ongoing and future work in integrated cyber/cyber-physical attack defense and forensics.

 

Coming Up
Jan. 26 - Kennon Bittick, CIPHER Lab, Georgia Tech Research Institute

Feb. 2 - Jerry Perullo, CISO, Intercontinental Exchange

 

 

 

 

 

 

 

 

 

Recent Highlights

 

Dave Levin, of the University of Maryland, presented "Revocations Are Dead. Long Live Revocations" on Jan. 12.

 

Energy & Cybersecurity

"Energy System Cybersecurity and Operational Reliability"
Sakis Meliopoulos, Institute for Information Security & Privacy

“Out of Control: the expanded attack surface of control systems” [Video]
Raheem Beyah, Georgia Tech School of Electrical & Computer Engineering

 

Internet & Infrastructure

"Multi-stakeholder Network Security Concerns" [Article]
Tony Tauber, Comcast

"Security and Privacy Issues of Modern Web Browsers" [Video]
Nick Nikiforakis, Stony Brook University

 

Public Policy

“The Domestic Benefits of Subversive Foreign Propaganda: The RT (Russia Today) News Network and Geopolitical Muckraking” [Video]
Hans Klein, Georgia Tech School of Public Policy

“The Non-Code Aspects of Cybersecurity and the Globalization of Criminal Evidence” [Slides] [Video]
Peter Swire, Institute for Information Security & Privacy

“What Can Social Science Contribute to Cybersecurity Attribution Research?”
Milton Mueller, Georgia Tech School of Public Policy

"What Constitutes an Act of War in Cyberspace?"
Holly Dragoo, CIPHER Laboratory, Georgia Tech Research Institute [Video]

 

Software, Systems & Hardware

"Why Memory Corruption is Hard" [Video]
Mathias Payer, Purdue University

"Can Trust Be Delivered As a Service?"
Margaret Loper, Institute for Information Security & Privacy

"Tracing the Arc of Smartphone Application Security"
Patrick McDaniel, professor and director, Institute for Network and Security Research, The Pennsylvania State University

 

Threat and Fraud Detection

"Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud" [Video]
Terry Nelms, Pindrop Security

“Modern Malware and Secure Techniques for Better Software” [Video]
Joel Odom, CIPHER Lab, Georgia Tech Research Institute

Tudor Dumitras, assistant professor, University of Maryland
"Automatic Feature Engineering: Learning to Detect Malware by Mining the Scientific Literature" [Video]

Past Lectures

 

Video and slides are available from speakers who permitted their presentations to be shared. Recorded lectures are courtesy of the Georgia Tech Library System.

 

 

 

Thank You to Our Spring '17 Speakers

Alexander Degitz, Exchange Research Scholar, Georgia Tech
"Secure Data Outsourcing: Access Pattern Confidentiality in Outsourced Databases"

Arvind Narayanan, assistant professor of computer science, Princeton University
"Online Tracking: A 1-million-site Measurement and Analysis" [Video]

Phani Vadrevu, Ph.D. student, University of Georgia
NDSS'17 Conference Preview: "Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots" [Video]

Kangjie Lu, Ph.D. candidate, Georgia Tech, School of Computer Science
"Defeating Advanced Memory-Error Exploits by Preventing Information Leaks"

Yeongjin Jang, Ph.D. candidate, Georgia Tech, School of Computer Science
"Protecting Computing Systems from Emerging Attacks"

Tianxin Tang, Ph.D. student, Georgia Tech, School of Computer Science
"Keyless Fuzzy Search for Data-based Access Control"

Mattia Fazzini, Ph.D. student, Georgia Tech, School of Computer Science
"Tagging and Tracking of Multi-level Host Events for Transparent Computing" [Video]

Shan Chen, Ph.D. student, Georgia Tech, School of Computer Science
"Human Computing for Handling Strong Corruptions in Authenticated Key Exchange" [Video]

David Formby, Ph.D candidate, Georgia Tech, School of Electrical & Computer Engineering
"Out of Control: Ransomware for Industrial Control Systems" 

Bharat Srinivasan, Ph.D. student, Georgia Tech, School of Computer Science
"Exposing Cross-Channel Abuse in Converged Communications Infrastructure with Text-Messaging Scams" [Video]

Yanick Fratantonio, Ph.D. candidate, University of California, Santa Barbara
"Cloak & Dagger: From Two Android Permissions to Complete Control of the UI Feedback Loop"

Brandon Eames, technical lead, Sandia National Laboratories
"On Trust Analysis for Microelectronics-Based Systems"

James Plusquellic, professor of electrical engineering, University of New Mexico
"Hardware-Based Security and Trust For IoT and Supply Chain Authentication" [Video]

Thank you to our Fall '16 Speakers

Nicolas Christin, associate research professor, Carnegie Mellon University CyLab
"Security Analytics: Bridging large-scale data collection and analysis with human factors to design better defenses" [Video]

Terry Nelms, Pindrop
"Towards Measuring and Mitigating Social Engineering Software Download Attacks" [Video]

Curtis Walker, Draper Laboratory
"Myths of Computer Security"

Milos Prvulovic, professor, Georgia Tech School of Computer Science
"Understanding, Alleviating and Exploiting Electro-Magnetic Side-Channel Signals" [Video]

Yeongjin Jang, PhD student, Georgia Tech School of Computer Science
"Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX" [Video]

Frank Wang, PhD student, MIT & Cybersecurity Factory
"Cryptographically Enforced Access Control for User Data in Untrusted Clouds" [Presentation Slides[Video]

Yousef Iskander, hardware security researcher, and Dmitry Kuchynski, security principal, Cisco Security Group
"Managing Product Security and Integrity in a Global Supply Chain" [Video]

Malachi G. Jones, embedded security researcher, Booz Allen Dark Labs
"Automating Analysis and Exploitation of Embedded Device Firmware"  [Presentation Slides]

Michalis Polychronakis, assistant professor, Stony Brook University
"Defending against Advanced Return-Oriented Programming Attacks"  [Video]

Patrick Schaumont, professor, Virginia Tech
"Fault Injection as an Attack Vector Against Trustworthy Embedded Systems"  [Video]

Chris Smoak, division chief, GTRI Cyber Technology & Information Security Laboratory
"The Evolution of Modern Malware: Technology Trends and Motivations” [Video]

Jeff Reava, CISSP, CISM, CISA; director of information security operations, Jackson National Life Insurance Company
"Leveraging Information Symmetry and Asymmetry for Effective Cyber Defense”  [Presentation Slides]

Maria Konte, post-doctoral fellow, Georgia Tech School of Computer Science
“ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes” [Video]

Ling Liu, professor, Georgia Tech School of Computer Science
"The Evolution of Data Privacy: From Concept to Execution"

Thank you to our Spring '16 speakers

Wenke Lee, professor, College of Computing
Stephen Pair, CEO, BitPay  [Video]
Frank Wang, coordinator, The Cybersecurity Factory  [Video]
Sivakumar "Siva" Raghupathy, director, CREATE-X
Adam Wenchel, VP for Security & Tech Analytics, Capital One  [Video]
Kyle Grossman and Jim Schwoebel, co-founders, CyberLaunch
John Corliss, senior computer scientist, U.S. Department of Homeland Security  [Video]
Tim Junio, co-founder and CEO, Qadium Inc.

And Graduate Students:

Byoungyoung Lee  [Video]
Kangjie Liu
David Formby
Chengyu Song
and Ren Ding  [Video]