CERIAS Weekly Security Seminar - Purdue University
1,160 episodes - English - Latest episode: 20 days ago - ★★★★ - 6 ratingsCERIAS -- the Nation's top-ranked interdisciplinary academic education and research institute -- hosts a weekly cyber security, privacy, resiliency or autonomy speaker, highlighting technical discovery, a case studies or exploring cyber operational approaches; they are not product demonstrations, service sales pitches, or company recruitment presentations. Join us weekly...or explore 25 years of archives for the who's-who in cybersecurity.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Osman Ismael, TCB: From Assumption to Assurance
September 23, 2020 20:30 - 51 minutes - 231 MB VideoThe TCB has been very precisely defined since 1979, but in practice its implementation and application in today modern software stack is very blurry. This talk describes a very common application and how to consider its associated TCB, after explosive the problems it will propose an alternative to better release and execute software with unbreakable guarantee. About the speaker: Osman Ismael is CTO and Co-founder of BedRock Systems Inc. Prior to his current role he served 12 years as a foundi...
Warda Zahid Khan, "Authentication: Behind The Scenes When You Click “Check Out”"
September 16, 2020 20:30 - 443 MB VideoThe payments ecosystem is evolving fast and making sure the cardholder’s digital payment experience is frictionless, smooth and secure has never been more important. With approval rates for digital payments at 82% compared to 97% for in-person payments, and globally digital transaction fraud currently four times higher than in-store expected to increase 68% by 2022, intelligence matters more than ever. As more transactions move to the digital world, particularly after COVID-19, on an ...
Warda Zahid Khan, Authentication: Behind The Scenes When You Click "Check Out"
September 16, 2020 20:30 - 53 minutes - 443 MB VideoThe payments ecosystem is evolving fast and making sure the cardholder's digital payment experience is frictionless, smooth and secure has never been more important. With approval rates for digital payments at 82% compared to 97% for in-person payments, and globally digital transaction fraud currently four times higher than in-store expected to increase 68% by 2022, intelligence matters more than ever. As more transactions move to the digital world, particularly after COVID-19, on an ever-inc...
Rich Banta, EMP Threat & Protection
September 09, 2020 20:30 - 54 minutes - 422 MB VideoProtection against HEMP (High-Altitude Electromagnetic Pulse) and GMD (Geomagnetic Disturbance in a CME/Coronal Mass Ejection context) is a nascent science. Until recently, these have only been the concern of Department of Defense insiders, over-the-top "preppers", and physics aficionados. Due to current events and an increasing reliance of all facets of 1st world civilization upon ICT (Information & Communications Technology), the discussion of EMP and GMD protections is moving into the ma...
Rich Banta, "EMP Threat & Protection"
September 09, 2020 20:30 - 422 MB VideoProtection against HEMP (High-Altitude Electromagnetic Pulse) and GMD (Geomagnetic Disturbance in a CME/Coronal Mass Ejection context) is a nascent science. Until recently, these have only been the concern of Department of Defense insiders, over-the-top “preppers”, and physics aficionados. Due to current events and an increasing reliance of all facets of 1st world civilization upon ICT (Information & Communications Technology), the discussion of EMP and GMD protections is moving into the ma...
Roger Schell, "Dramatically Reducing Attack Surface Using Integrity MAC Security Kernel"
September 02, 2020 20:30 - 237 MB VideoWe face an existential threat of permanent damage to critical physical components in our national infrastructure as a result of their poor resilience against cybersecurity attack. A Programmable Logic Controller (PLC) commonly provides the control system for such components, e.g., bulk power generators. Our proof-of-concept implementation dramatically mitigates threats to such cyber-physical systems (CPS) by specifically leveraging what NIST 800-160 calls “highly assured, kernel-based opera...
Roger Schell, Dramatically Reducing Attack Surface Using Integrity MAC Security Kernel
September 02, 2020 20:30 - 58 minutes - 237 MB VideoWe face an existential threat of permanent damage to critical physical components in our national infrastructure as a result of their poor resilience against cybersecurity attack. A Programmable Logic Controller (PLC) commonly provides the control system for such components, e.g., bulk power generators. Our proof-of-concept implementation dramatically mitigates threats to such cyber-physical systems (CPS) by specifically leveraging what NIST 800-160 calls "highly assured, kernel-based operati...
Jeremiah Sahlberg, From Compliance in the Classroom to Compliance on the Street, Important Lessons That Every Cybersecurity Professional Must Know
August 26, 2020 20:30 - 50 minutes - 280 MB VideoFrom compliance in the classroom to compliance on the street, important lessons that every cybersecurity professional should know. We'll cover proven approaches for compliance and risk assessment for a variety of industries, and present specific scenarios and strategies for addressing real challenges facing organizations with PCI, HITRUST, FedRAMP, CMMC and Privacy. Below are some of the examples that we will cover. Scope creep (All)Setting deadlines and addressing missing evidence (All)Buil...
Jeremiah Sahlberg, "From Compliance in the Classroom to Compliance on the Street, Important Lessons That Every Cybersecurity Professional Must Know"
August 26, 2020 20:30 - 280 MB VideoFrom compliance in the classroom to compliance on the street, important lessons that every cybersecurity professional should know. We’ll cover proven approaches for compliance and risk assessment for a variety of industries, and present specific scenarios and strategies for addressing real challenges facing organizations with PCI, HITRUST, FedRAMP, CMMC and Privacy. Below are some of the examples that we will cover. Scope creep (All) Setting deadlines and addressing missing evidence (...
Elena Peterson, Flexible and Adaptive Malware Identification Using Techniques from Biology
August 19, 2020 17:00 - 59 minutes - 235 MB VideoCyber security data in many ways mimics the behavior of organic systems. Individuals or groups compete for limited resources using a variety of strategies, the most effective of which are re-used and refined in later ‘generations'. Traditionally this behavior has made detection of malware very difficult because 1) recognition systems are often built on exact matching to a pattern that can only be ‘learned' after a malicious entity reveals itself and 2) the enormous volume and variation in be...
Elena Peterson, "Flexible and Adaptive Malware Identification Using Techniques from Biology"
August 19, 2020 17:00 - 235 MB VideoCyber security data in many ways mimics the behavior of organic systems. Individuals or groups compete for limited resources using a variety of strategies, the most effective of which are re-used and refined in later ‘generations’. Traditionally this behavior has made detection of malware very difficult because 1) recognition systems are often built on exact matching to a pattern that can only be ‘learned’ after a malicious entity reveals itself and 2) the enormous volume and variation in ...
Shimon Modi, "Value of Cyber Threat Intelligence in Modern Security Operations"
August 12, 2020 17:00 - 206 MB VideoThe last 5 years have seen a marked shift inhow companies view cyber threat intelligence (CTI) as a building block of theirsecurity strategy, but there still is a lot of confusion about how to build aprogram that provides utility. At its core CTI aims to provide informationabout motivations, methods and characteristics of attackers. In today’s rapidlyevolving threat landscape having timely access to CTI can be of significantvalue to security analysts. By looking beyond your own four walls o...
Shimon Modi, Value of Cyber Threat Intelligence in Modern Security Operations
August 12, 2020 17:00 - 57 minutes - 206 MB VideoThe last 5 years have seen a marked shift inhow companies view cyber threat intelligence (CTI) as a building block of theirsecurity strategy, but there still is a lot of confusion about how to build aprogram that provides utility. At its core CTI aims to provide informationabout motivations, methods and characteristics of attackers. In today's rapidlyevolving threat landscape having timely access to CTI can be of significantvalue to security analysts. By looking beyond your own four walls org...
Carter Bullard, Network Awareness and Predictive Cyber Analytics
July 29, 2020 17:00 - 57 minutes - 251 MB VideoQoSient and a DHS independent SOC have been working together on an innovative pilot program called "Elimination of Unmonitored Space" (EUS) that strives to detect and respond to internal cyber threats through pervasive network sensing and sense-making in an enterprise network. Modeled after the NSA's Integrated Active Cyber Defense (IACD) architecture and the US DoD CENTAUR / Acropolis programs, the effort has developed a strategy for scalable development and deployment of new predictive cy...
Carter Bullard, "Network Awareness and Predictive Cyber Analytics"
July 29, 2020 17:00 - 251 MB VideoQoSient and a DHS independent SOC have been working together on an innovative pilot program called “Elimination of Unmonitored Space” (EUS) that strives to detect and respond to internal cyber threats through pervasive network sensing and sense-making in an enterprise network. Modeled after the NSA’s Integrated Active Cyber Defense (IACD) architecture and the US DoD CENTAUR / Acropolis programs, the effort has developed a strategy for scalable development and deployment of new predictive ...
Sam Curry and Alon Kaufman, The Ghost in the Machine: Reconciling AI and Trust in the Connected World
July 22, 2020 17:00 - 1 hour - 108 MB VideoThe adoption of advanced data technologies is one of the defining characteristics of the connected world. From ML to AI, we are getting a smarter, more personal world. The dystopic view is that not only Big Brother but many parties can monitor, control and manipulate us. What are the implications for trust? The need for privacy-enforcing technologies is now, not after the ghost is in the machine.What will you learn from attending?· How machine learning & AI play into conversations aro...
Sam Curry and <span>Alon Kaufman</span>, "The Ghost in the Machine: Reconciling AI and Trust in the Connected World"
July 22, 2020 17:00 - 108 MB VideoThe adoption of advanced data technologies is one of the defining characteristics of the connected world. From ML to AI, we are getting a smarter, more personal world. The dystopic view is that not only Big Brother but many parties can monitor, control and manipulate us. What are the implications for trust? The need for privacy-enforcing technologies is now, not after the ghost is in the machine. What will you learn from attending? · How machine learning & AI play into conversatio...
Joe Weiss, "Cyber Security of Control Systems: The Second Coming of the Maginot Line"
July 15, 2020 17:00 - 238 MB VideoQ & A: https://www.cerias.purdue.edu/site/blog/post/summary_of_july_15th_2020_purdue_seminar_on_control_system_cyber_security/ Critical infrastructures such as electric power, oil/gas, water/wastewater,pipelines, transportation, and manufacturing utilize process control and safetysystems to monitor, control, and assure safe operating conditions. Controlsystems consist of Internet protocol (IP) networks and HMIs to provide operatorinput and big data analytics. These systems have been desig...
Joe Weiss, Cyber Security of Control Systems: The Second Coming of the Maginot Line
July 15, 2020 17:00 - 1 hour - 238 MB VideoQ & A: https://www.cerias.purdue.edu/site/blog/post/summary_of_july_15th_2020_purdue_seminar_on_control_system_cyber_security/Critical infrastructures such as electric power, oil/gas, water/wastewater,pipelines, transportation, and manufacturing utilize process control and safetysystems to monitor, control, and assure safe operating conditions. Controlsystems consist of Internet protocol (IP) networks and HMIs to provide operatorinput and big data analytics. These systems have been designed w...
Jim Richberg, "Election Security in the Age of COVID-19: Risk Management in the face of a “Perfect Storm”"
July 01, 2020 17:00 - 229 MB VideoDigital Transformation has fundamentally affected the conduct of elections since 2000. This webinar shares the perspective of a former senior Federal official who worked to help secure US elections against foreign interference during a 30+ year career in the US Government and who now works as a Chief Information Security Officer for a leading global cyber and network security company. This presentation will provide both background knowledge applicable to a general audience as well as advice...
Jim Richberg, Election Security in the Age of COVID-19: Risk Management in the face of a "Perfect Storm"
July 01, 2020 17:00 - 1 hour - 229 MB VideoDigital Transformation has fundamentally affected the conduct of elections since 2000. This webinar shares the perspective of a former senior Federal official who worked to help secure US elections against foreign interference during a 30+ year career in the US Government and who now works as a Chief Information Security Officer for a leading global cyber and network security company. This presentation will provide both background knowledge applicable to a general audience as well as advice a...
Nandi Leslie, "Using Machine Learning for Network Intrusion Detection"
June 24, 2020 17:00 - 178 MB VideoUsing semi-supervised learning, I propose an anomaly-based network intrusion detection system (NIDS) to detect and classify anomalous and/or malicious traffic. With this proposed machine learning approach, we detect botnet traffic and distinguish it from the normal and background traffic in the IPv4 flow datasets. I evaluate the prediction performance results for the flow-based NIDS algorithms. I show an improvement in detection accuracy and reduction in error rates, when compared wit...
Nandi Leslie, Using Machine Learning for Network Intrusion Detection
June 24, 2020 17:00 - 56 minutes - 178 MB VideoUsing semi-supervised learning, I propose an anomaly-based network intrusion detection system (NIDS) to detect and classify anomalous and/or malicious traffic. With this proposed machine learning approach, we detect botnet traffic and distinguish it from the normal and background traffic in the IPv4 flow datasets. I evaluate the prediction performance results for the flow-based NIDS algorithms. I show an improvement in detection accuracy and reduction in error rates, when compared with sig...
Sami Saydjari, A Principled Approach to Cybersecurity Engineering
June 17, 2020 17:00 - 59 minutes - 148 MB VideoCyberattacks are increasing in frequency, severity, and sophistication. Target systems are becoming increasingly complex with a multitude of subtle dependencies. Designs and implementations continue to exhibit flaws that could be avoided with well-known computer-science and engineering techniques. Cybersecurity technology is advancing, but too slowly to keep pace with the threat. In short, cybersecurity is losing the escalation battle with cyberattack. The results include mounting damages in ...
Sami Saydjari, "A Principled Approach to Cybersecurity Engineering"
June 17, 2020 17:00 - 148 MB VideoCyberattacks are increasing in frequency, severity, and sophistication. Target systems are becoming increasingly complex with a multitude of subtle dependencies. Designs and implementations continue to exhibit flaws that could be avoided with well-known computer-science and engineering techniques. Cybersecurity technology is advancing, but too slowly to keep pace with the threat. In short, cybersecurity is losing the escalation battle with cyberattack. The results include mounting damages i...
Corey Maypray, Proactive Endpoint and Network Security Operations. Detecting the Unknown Known
April 29, 2020 20:30 - 1 hour - 383 MB VideoCyber security resources remain limited. Organizations that attempt to broadly protect their data from all cyber threats tend to inefficiently invest these resources, making them slower to adapt to the changing trends and techniques of cyber threats. – Carnegie Mellon. This talk will discuss some of the basic principles of Cyber threat intelligence, and how proactive collection of information can enable an enterprise to protect its most critical assets. We will then dive into the main focus o...
Corey Maypray, "Proactive Endpoint and Network Security Operations. Detecting the Unknown Known"
April 29, 2020 20:30 - 383 MB VideoCyber security resources remain limited. Organizations that attempt to broadly protect their data from all cyber threats tend to inefficiently invest these resources, making them slower to adapt to the changing trends and techniques of cyber threats. – Carnegie Mellon. This talk will discuss some of the basic principles of Cyber threat intelligence, and how proactive collection of information can enable an enterprise to protect its most critical assets. We will then dive into the main foc...
Bruce Coffing, Public Sector Cyber Security 2020: Challenges and Rewards
April 22, 2020 20:30 - 55 minutes - 315 MB VideoWork in the public sector differs from that in the private sector in ways that on the one hand present challenges unique to public sector work but also sometimes produce unexpected rewards also unique to public sector work. Mr. Coffing will share some of his experiences gained over the last eighteen months leading cybersecurity for the nation's third largest municipality as well as over the course of a 25+ year career in information technology and cyber security. About the speaker: Bruce Cof...
Bruce Coffing, "Public Sector Cyber Security 2020: Challenges and Rewards"
April 22, 2020 20:30 - 315 MB VideoWork in the public sector differs from that in the private sector in ways that on the one hand present challenges unique to public sector work but also sometimes produce unexpected rewards also unique to public sector work. Mr. Coffing will share some of his experiences gained over the last eighteen months leading cybersecurity for the nation’s third largest municipality as well as over the course of a 25+ year career in information technology and cyber security.
Leon Ravenna, "Everyone Wants to Help You: Understanding the Issues and Surviving with a Multitude of Regulatory Authorities"
April 15, 2020 20:30 - 457 MB VideoAs more Personally Identifiable Information is collected, stored or created, the specter of customer privacy issues are looming large. Privacy and Security methodologies are starting to be dictated by those in State houses, Congress and Supra-regional governments. Enterprises need to take a long hard look at the information they are capturing and how they secure it to determine whether the potential value outweighs the potential risk. - How do your current Security and Privacy practic...
Leon Ravenna, Everyone Wants to Help You: Understanding the Issues and Surviving with a Multitude of Regulatory Authorities
April 15, 2020 20:30 - 51 minutes - 457 MB VideoAs more Personally Identifiable Information is collected, stored or created, the specter of customer privacy issues are looming large. Privacy and Security methodologies are starting to be dictated by those in State houses, Congress and Supra-regional governments. Enterprises need to take a long hard look at the information they are capturing and how they secure it to determine whether the potential value outweighs the potential risk. - How do your current Security and Privacy practices match...
Elliott Peterson, "Mirai - DDoS and the Criminal Ecosystem"
April 08, 2020 20:30 - 375 MB VideoIn late 2016, the Mirai Botnet launched the largest DDoSattacks ever recorded. Learn about the teams of researchers racing the stop theattacks, and the criminal groups who were competing to launch ever largerattacks. The presenter will discuss roles played by educational institutions aswell as the impact to the IoT landscape.
Elliott Peterson, Mirai - DDoS and the Criminal Ecosystem
April 08, 2020 20:30 - 1 hour - 375 MB VideoIn late 2016, the Mirai Botnet launched the largest DDoSattacks ever recorded. Learn about the teams of researchers racing the stop theattacks, and the criminal groups who were competing to launch ever largerattacks. The presenter will discuss roles played by educational institutions aswell as the impact to the IoT landscape. About the speaker: Elliott Peterson is a Special Agent assigned to the FBI'sAnchorage Field Office. A member of Anchorage's Computer Intrusion Squad, he isresponsible ...
Neil Rowe, "Empirical Digital Forensics"
April 01, 2020 20:30 - 313 MB VideoEmpirical digital forensics examines real-world digital storage media to develop theories about it. We have built a library of real-world data from 4000 copies of secondary-storage devices including purchased ones. One project looked at patterns of malware to determine where they were most likely to appear. A recent project examined software versions, including malicious ones, and tried to distinguish normal software evolution from abnormal. Other projects rated the value of files and a...
Neil Rowe, Empirical Digital Forensics
April 01, 2020 20:30 - 52 minutes - 313 MB VideoEmpirical digital forensics examines real-world digital storage media to develop theories about it. We have built a library of real-world data from 4000 copies of secondary-storage devices including purchased ones. One project looked at patterns of malware to determine where they were most likely to appear. A recent project examined software versions, including malicious ones, and tried to distinguish normal software evolution from abnormal. Other projects rated the value of files and art...
Nick Sturgeon, Cyber Risk Management 101
March 25, 2020 20:30 - 1 hour - 158 MB VideoHow does an organization know which security controls, applications, or programs to implement, when everything is a threat and every system is vulnerable? Looking at cybersecurity through a risk management lens is one way of reducing the noise of the threat environment. This presentation will discuss why having a Cyber Risk Management (CRM) program is a critical piece to an effective cybersecurity program. This presentation discuss the various Cyber Risk Management frameworks, the building bl...
Nick Sturgeon, "Cyber Risk Management 101"
March 25, 2020 20:30 - 158 MB VideoHow does an organization know which security controls, applications, or programs to implement, when everything is a threat and every system is vulnerable? Looking at cybersecurity through a risk management lens is one way of reducing the noise of the threat environment. This presentation will discuss why having a Cyber Risk Management (CRM) program is a critical piece to an effective cybersecurity program. This presentation discuss the various Cyber Risk Management frameworks, the b...
Vireshwar Kumar, Security and Privacy of Connected Autonomous Vehicles
March 11, 2020 20:30 - 57 minutes - 351 MB VideoThe upcoming smart transportation systems which consist of connected autonomous vehicles, are poised to transform our everyday life. The sustainability and growth of these systemsto their full potential will significantly depend on the robustness of these systems against securityand privacy threats. Unfortunately, the communication protocols employed in these systems lackmainstream network security capabilities due to energy constraints of the deployed platforms andbandwidth constraints of th...
Vireshwar Kumar, "Security and Privacy of Connected Autonomous Vehicles"
March 11, 2020 20:30 - 351 MB VideoThe upcoming smart transportation systems which consist of connected autonomous vehicles, are poised to transform our everyday life. The sustainability and growth of these systemsto their full potential will significantly depend on the robustness of these systems against securityand privacy threats. Unfortunately, the communication protocols employed in these systems lackmainstream network security capabilities due to energy constraints of the deployed platforms andbandwidth constraints of ...
Matt Mickelson, "Physics-Based Approaches for creating Cyber Resilient Systems"
March 04, 2020 21:30 - 355 MB VideoOur reliance on Cyber-Physical Systems (CPS) is growing. As CPS infrastructure becomes exposed to the contested world through networks, CPS security becomes much more important. In a CPS, the cyber components manage the physical components. We propose that the overall goal for CPS resiliency is to have the physical systems behave properly regardless of fault and disruption. Our approach to CPS resiliency focuses on the physical components. Specifically, the inertia of the physical component...
Matt Mickelson, Physics-Based Approaches for creating Cyber Resilient Systems
March 04, 2020 21:30 - 52 minutes - 355 MB VideoOur reliance on Cyber-Physical Systems (CPS) is growing. As CPS infrastructure becomes exposed to the contested world through networks, CPS security becomes much more important. In a CPS, the cyber components manage the physical components. We propose that the overall goal for CPS resiliency is to have the physical systems behave properly regardless of fault and disruption. Our approach to CPS resiliency focuses on the physical components. Specifically, the inertia of the physical components ...
Yuhong Nan, Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps
February 26, 2020 21:30 - 33 minutes - 225 MB VideoA long-standing challenge in analyzing information leaks within mobile apps is to automatically identify the codeoperating on sensitive data. With all existing solutions relying on System APIs (e.g., IMEI, GPS location) or features of user interfaces (UI), the content from app servers, like user's Facebook profile, payment history, fall through the crack. In this talk, I will introduce ClueFinder, a novel semantics-driven solution for automatic discovery of sensitive user data, including thos...
Yuhong Nan, "Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps"
February 26, 2020 21:30 - 225 MB VideoA long-standing challenge in analyzing information leaks within mobile apps is to automatically identify the code operating on sensitive data. With all existing solutions relying on System APIs (e.g., IMEI, GPS location) or features of user interfaces (UI), the content from app servers, like user’s Facebook profile, payment history, fall through the crack. In this talk, I will introduce ClueFinder, a novel semantics-driven solution for automatic discovery of sensitive user data, inc...
Doug Rapp, "Security, Ethics and the End of the World as We Know It"
February 19, 2020 21:30 - 420 MB VideoImagine a world where data is currency. A world where the majority of the data is owned and traded by 6 international data barons who are constantly at war with each other. In this world, rogue AI persecutes whole segments of the population while nations become Petri dishes for mind control. Most people move about daily life oblivious to the knowledge that someone is controlling them, telling them where to go, what to buy, and even how to vote. If you object, millions of cameras track you ...
Doug Rapp, Security, Ethics and the End of the World as We Know It
February 19, 2020 21:30 - 1 hour - 420 MB VideoImagine a world where data is currency. A world where the majority of the data is owned and traded by 6 international data barons who are constantly at war with each other. In this world, rogue AI persecutes whole segments of the population while nations become Petri dishes for mind control. Most people move about daily life oblivious to the knowledge that someone is controlling them, telling them where to go, what to buy, and even how to vote. If you object, millions of cameras track you an...
Char Sample, The Role of Culture in Cybersecurity
February 12, 2020 21:30 - 54 minutes - 325 MB VideoDistinguished social psychologist Geert Hofstede observed the "dominance of technology over culture is an illusion. The software of the machines may be globalized, but the software of the minds that use them is not." The role of culture in the thought process is so prevalent, yet unstated, that many cultural beliefs and biases are accepted as truths. These cultural beliefs and biases are commonly infused into behavioral norms identifying behaviors that can be observed. While historically,t...
Char Sample, "The Role of Culture in Cybersecurity"
February 12, 2020 21:30 - 325 MB VideoDistinguished social psychologist Geert Hofstede observed the “dominance of technology over culture is an illusion. The software of the machines may be globalized, but the software of the minds that use them is not.” The role of culture in the thought process is so prevalent, yet unstated, that many cultural beliefs and biases are accepted as truths. These cultural beliefs and biases are commonly infused into behavioral norms identifying behaviors that can be observed. While histor...
Syed Rafiul Hussain, Automated Reasoning of Security and Privacy of Cellular Networks
February 05, 2020 21:30 - 54 minutes - 308 MB VideoCellular technologies enable a wide array of critical services, from personal communication, autonomous vehicles and telemedicine to critical infrastructures, such as smart grid electricity distribution. Unfortunately, security and user privacy for such complex networks are often considered as afterthoughts. These lead to inadequate security evaluation early on the development cycle that fails to identify missing security and privacy guarantees in protocol designs. To make matters worse, uns...
Syed Rafiul Hussain, "Automated Reasoning of Security and Privacy of Cellular Networks"
February 05, 2020 21:30 - 308 MB VideoCellular technologies enable a wide array of critical services, from personal communication, autonomous vehicles and telemedicine to critical infrastructures, such as smart grid electricity distribution. Unfortunately, security and user privacy for such complex networks are often considered as afterthoughts. These lead to inadequate security evaluation early on the development cycle that fails to identify missing security and privacy guarantees in protocol designs. To make matters worse, un...
Abe Baggili, Immersive Virtual Insanity: Exploring Immersive Virtual Reality Security and Forensics
January 29, 2020 21:30 - 59 minutes - 381 MB VideoThe Virtual Reality (VR) market could surpass $ 40 Billion by 2020. The U.S. Military recently closed a deal worth $ 480 Million for the Microsoft HoloLens Mixed Reality (MR) device. Oculus has already released the first immersive VR system that is mobile with no wires and no need for a high-end gaming PC for $399. While these are exciting times, an important question needs to be investigated: Are we ensuring the security and privacy of these systems? In this talk I will present various exper...