Latest Sfs Podcast Episodes
Evan Sultanik, In Pursuit of Silent Flaws: Dataflow Analysis for Bugfinding and Triage
CERIAS Weekly Security Seminar - Purdue University - April 10, 2024 20:30 - 53 minutes - Video ★★★★ - 6 ratingsIn this presentation, I provide a thorough exploration of how dataflow analysis serves as a formidable method for discovering and addressing cybersecurity threats across a wide spectrum of vulnerability types. For instance, I'll illustrate how we can employ dynamic information flow tracking to au...
Daniel Shoemaker, Secure Sourcing of COTS Products: A Critical Missing Element in Software Engineering Education
CERIAS Weekly Security Seminar - Purdue University - March 27, 2024 20:30 - 56 minutes - Video ★★★★ - 6 ratingsThe aim of this discussion is to publicize both the challenge and potential solution for the integration of secure supply chain risk management content into conventional software engineering programs. The discipline of software engineering typically does not teach students how to ensure that the ...
Douglas Huelsbeck, The Importance of Security by Design & The Importance of Including Cybersecurity Experts in Your Business Decisions
CERIAS Weekly Security Seminar - Purdue University - March 20, 2024 20:30 - 55 minutes - Video ★★★★ - 6 ratingsHow Cybersecurity relates to various fields of business/ industries – how it works in these fields, different risks and vulnerabilities that are out there, which explains why manufacturing cybersecurity into the design of a product or service is so imperative. In companies today Budget Managers a...
Alejandro Cuevas, The Fault in Our Stars: How Reputation Systems Fail in Practice
CERIAS Weekly Security Seminar - Purdue University - March 06, 2024 21:30 - 1 hour - Video ★★★★ - 6 ratingsReputation systems are crucial to online platforms' health. They are prevalent across online marketplaces and social media platforms either visibly (e.g., as star ratings and badges) or invisibly as signals that feed into recommendation engines. In theory, good behavior (e.g., honest, accurate, h...
Sanket Naik, Modern Enterprise Cybersecurity: A CISO perspective
CERIAS Weekly Security Seminar - Purdue University - February 28, 2024 21:30 - 59 minutes - Video ★★★★ - 6 ratingsThe frequency, materiality, and impact of cybersecurity incidents is at a level that the business world has never seen before. CISOs are at the forefront of this. The speaker has experience with developing cybersecurity products and managing IT infrastructure and security from startup to massive ...
Jennifer Bayuk, Stepping Through Cybersecurity Risk Management A Systems Thinking Approach
CERIAS Weekly Security Seminar - Purdue University - February 21, 2024 21:30 - 1 hour - Video ★★★★ - 6 ratingsIn the realm of risk, cybersecurity is a fairly new idea. Most people currently entering the cybersecurity profession do not remember a time when cybersecurity was not a major concern. Yet at the time of this writing, reliance on computers to run business operations is less than a century old. Pr...
Jonathan (Jono) Spring, On Security Operations for AI Systems
CERIAS Weekly Security Seminar - Purdue University - February 14, 2024 21:30 - 1 hour - Video ★★★★ - 6 ratingsWe must be methodical and intentional about how Artificial Intelligence (AI) systems are designed, developed, deployed, and operationalized, particularly in critical infrastructure contexts. CISA, the UK-NCSC, and our partners advocate a secure by design approach where security is a core requirem...
Maksim Eren, Tensor Decomposition Methods for Cybersecurity
CERIAS Weekly Security Seminar - Purdue University - February 07, 2024 21:30 - 41 minutes - Video ★★★★ - 6 ratingsTensor decomposition is a powerful unsupervised machine learning method used to extract hidden patterns from large datasets. This presentation aims to illuminate the extensive applications and capabilities of tensors within the realm of cybersecurity. We offer a comprehensive overview by encapsul...
William Malik, Multifactor Authentication - The Problem, Recommendations, and Future Concerns
CERIAS Weekly Security Seminar - Purdue University - January 31, 2024 21:30 - 46 minutes - Video ★★★★ - 6 ratingsIn the course of the talk I'll discuss current authentication challenges, the looming problem with cracking public key encryption, and short and medium term recommendations to help folks stay secure. About the speaker: Bill helps clients achieve an effective information security posture spanning ...
Solomon Sonya, Enhancing Cybersecurity via Lessons Learned from the Evolution of Malware
CERIAS Weekly Security Seminar - Purdue University - January 24, 2024 21:30 - 1 hour - Video ★★★★ - 6 ratingsExploitations in cybersecurity continue to increase in sophistication and prevalence. The purpose of this talk is to discuss how the evolution of malware has led to increased exploitation and then discuss ways to enhance the cybersecurity paradigm. About the speaker: Solomon Sonya (@0xSolomonSo...
Leigh Metcalf, Grep for Evil
CERIAS Weekly Security Seminar - Purdue University - January 17, 2024 21:30 - 1 hour - Video ★★★★ - 6 ratingsEvil has been lurking in the Internet since its inception. The IETF recognized this, releasing RFC 3514 on the evil bit. Unfortunately it isn't widely adopted, so we have to find our evil in other ways. Grepping is a time honored way of finding needles in haystacks, so let's see how much evil ...
Sandhya Aneja, Invisible Signatures: Device Fingerprinting in a Connected World
CERIAS Weekly Security Seminar - Purdue University - January 10, 2024 21:30 - 54 minutes - Video ★★★★ - 6 ratingsThe field of cybersecurity is constantly evolving, and Device Fingerprinting (DFP) has emerged as a crucial technique for identifying network devices based on their unique traffic data.This is necessary to protect against sophisticated cyber-attacks. However,automating device classification is co...
Mu Zhang, Backtracking Intrusions in Modern Industrial Internet of Things
CERIAS Weekly Security Seminar - Purdue University - December 06, 2023 21:30 - 51 minutes - Video ★★★★ - 6 ratingsAdvanced Persistent Threat (APT) attacks are increasingly targeting modern factory floors. Recovery from a cyberattack is a complex task that involves identifying the root causes of the attack in order to thoroughly cleanse the compromised systems and remedy all vulnerabilities. As a result, the ...
Robert Denz, Mind the Gap: Vulnerabilities and Opportunities for Cyber R&D at the Edge
CERIAS Weekly Security Seminar - Purdue University - November 29, 2023 21:30 - 49 minutes - Video ★★★★ - 6 ratingsThis is a hybrid event. Students are encouraged to attend in person: STEW G52(Suite 050B) Commercial or defense systems are often developed first to meet a mission or customer need. Security of many of these systems is often developed at a component level by each components product team. The prod...
Andy Ellis, How to Build and Measure a Corporate Security Program
CERIAS Weekly Security Seminar - Purdue University - November 15, 2023 21:30 - 54 minutes - Video ★★★★ - 6 ratingsThe challenge of building a security program is that there are too many things you could be doing, and that creates a challenge for security leaders to decide on which things they should do next.All too often companies pivot from fighting one fire to another fire. They end up cobbling together a ...
Wen Masters, Cyber Risk Analysis for Critical Infrastructure
CERIAS Weekly Security Seminar - Purdue University - November 08, 2023 21:30 - 39 minutes - Video ★★★★ - 6 ratingsThis is a hybrid event. Students are encouraged to attend in person: STEW 209. Operational technology (OT) and industrial control systems (ICS) need innovative cybersecurity solutions that go beyond compliance-based security controls in order to be more resilient against increasing cyber threats...
Steve Lipner, Thinking About the Future of Encryption
CERIAS Weekly Security Seminar - Purdue University - November 01, 2023 20:30 - 1 hour - Video ★★★★ - 6 ratingsDuring the last several years, there has been growing concern that the development of quantum computers could undermine the public-key cryptography that is a fundamental pillar of security on the Internet. Recently, the U.S. Government's National Institute of Standards and Technology has released...
Courtney Falk, The Bride of the Pod People
CERIAS Weekly Security Seminar - Purdue University - October 25, 2023 20:30 - 59 minutes - Video ★★★★ - 6 ratingsCourtney Falk will discuss his ongoing research into Pod People, the ongoing search-engine optimization spam campaign. This talk combines threat hunting and threat intelligence with real-world applications including insights into how cybercriminals work and how organizations can collaborate. All ...
Derek Dervishian, Fuzzing: Understanding the Landscape
CERIAS Weekly Security Seminar - Purdue University - October 18, 2023 20:30 - 55 minutes - Video ★★★★ - 6 ratingsThe number of software vulnerabilities found in modern computing systems has been on the rise for some time now. As more and more software is being developed, software testing is increasingly becoming an important part of the software development cycle, with the goal of rooting out any and all vu...
Rebecca Herold, Sorting Surveillance Benefits from Harms
CERIAS Weekly Security Seminar - Purdue University - October 11, 2023 20:30 - 1 hour - Video ★★★★ - 6 ratingsTracking technologies are proliferating at an increasingly high rate in apps, IoT devices, websites, and in a wide range of files. They are not only impacting privacy in wider and more harmful ways, but they have also extended far beyond the digital world and are also impacting physical safety. S...
Khaled Serag, Vulnerability Identification and Defense Construction in Cyber-Physical Systems
CERIAS Weekly Security Seminar - Purdue University - October 04, 2023 20:30 - 52 minutes - Video ★★★★ - 6 ratingsWith the ever-accelerating computerization process of once strictly mechanical systems, information security threats are only expected to increase. This rapidly unfolding process calls into question whether we could promptly cope with the security threats it entails. Unfortunately, a commonly obs...
Scott Sage, Erin Miller, How the Cyberspace Domain has Changed the Game for the Space Domain
CERIAS Weekly Security Seminar - Purdue University - September 27, 2023 20:30 - 53 minutes - Video ★★★★ - 6 ratingsThis is a hybrid event. Students are encouraged to attend in person: STEW G52(Suite 050B)As the commercial and international space community grows to reach the projected $1T for the global economy, the vast domain of space becomes increasingly congested and contested. In this Seminar the Space In...
Christopher Nuland, Enhancing Software Supply Chain Security in Distributed Systems
CERIAS Weekly Security Seminar - Purdue University - September 20, 2023 20:30 - 1 hour - Video ★★★★ - 6 ratingsRecorded: 09/20/2023 CERIAS Security Seminar at Purdue University Enhancing Software Supply Chain Security in Distributed Systems Christopher Nuland, Red Hat In the aftermath of the transformative 2020Solarwinds breach, securing software supply chains has surged to the forefront of modern softwar...
Stuart Shapiro, MITRE PANOPTIC™ Privacy Threat Model
CERIAS Weekly Security Seminar - Purdue University - September 13, 2023 20:30 - 53 minutes - Video ★★★★ - 6 ratingsAs privacy moves from a predominantly compliance-oriented approach to one that is risk-based, privacy risk modeling has taken on increased importance. While a variety of innovative pre-existing options are available for privacy consequences and a few for vulnerabilities, privacy threat models, pa...
Rita Foster, Cyber defender's plead - If it's not codified – Please go away
CERIAS Weekly Security Seminar - Purdue University - September 06, 2023 20:30 - 52 minutes - Video ★★★★ - 6 ratingsProblem: Cyber threat information is rarely codified and never connected to actual infrastructure that needs cyber protections since infrastructure is also not codified.Solution: Infrastructure Expression (IX) – Five use cases for the IX tools with methods using graph theoretics and machine learn...
Dr. Anand Singh, The State of Software Supply Chain Security
CERIAS Weekly Security Seminar - Purdue University - August 30, 2023 20:30 - 1 hour - Video ★★★★ - 6 ratingsSoftware Supply Chain is emerging as one of the biggest issues that enterprises are facing these days. SolarWinds, Kaseya, 3CX, the examples are way too many. These attacks rapidly multiplied in 2022.In this presentation, we will discuss the trending of software supply chain issues, the federal m...
Marina Gavrilova, Advancements and New Developments in Biometric Privacy, Security and Ethics
CERIAS Weekly Security Seminar - Purdue University - April 19, 2023 20:30 - 50 minutes - Video ★★★★ - 6 ratingsHuman identity recognition is one of the key mechanisms of ensuring proper asset and information access to individuals. It became an established authentication practice for government, consumer, financial and recreational institutions in modern society. Biometrics are also increasingly used in a ...
Kelly FitzGerald, Don't Copy That Floppy!: A History of Anti-cracking Controls in Early Video Games and Its Economic Impact
CERIAS Weekly Security Seminar - Purdue University - April 12, 2023 20:30 - 43 minutes - Video ★★★★ - 6 ratingsThe roots of software piracy were propelled by the fledgling game market of the 1980's where the PC game supply chains were brittle and copying floppy disks was really easy. This talk will walk through the history and evolution anti-cracking controls as video games moved from bedroom game develo...
Sayak Ray, Pre-Silicon Hardware Security Analysis through Information Flow Tracking - Current Industry Applications and Research Questions
CERIAS Weekly Security Seminar - Purdue University - April 05, 2023 20:30 - 51 minutes - Video ★★★★ - 6 ratingsInformation Flow Tracking (IFT) is a useful tool to reason about security of a system. It can be applied at different levels of abstraction - starting from operating system all the way to gate-level circuits through various representations of software and hardware. In this talk, we will focus on ...
Wendy Nather, CERIAS Security Symposium Closing Keynote
CERIAS Weekly Security Seminar - Purdue University - March 29, 2023 20:30 - 58 minutes - Video ★★★★ - 6 ratings"What Do We Owe One Another In Cybersecurity?" As the cybersecurity ecosystem evolves, we understand more about how interconnected we are: the ripple effects from breaches, the fact that supply chains aren't discrete lines but rather a web, and that mapping our vulnerabilities is harder than we t...