The Institute for Information Security & Privacy connects government, industry, and academia to solve the grand challenges of cybersecurity. By leveraging the intellectual capital from Georgia Tech's colleges and research labs, along with help from external partners, we address vital solutions to national security, economic continuity, and individual safety. The Institute for Information Security & Privacy provides a gateway to faculty, students, and scientists and a central location for national and international collaboration.

Collections in this community

Recent Submissions

  • Human Computing for Handling Strong Corruptions in Authenticated Key Exchange 

    Chen, Shan (Georgia Institute of Technology, 2017-03-10)
    Ph.D. Student Shan Chen presents user authentication and key exchange protocols that can tolerate strong corruptions on the client-side. He will define the security model for Human Authenticated Key Exchange (HAKE) protocols ...
  • Tagging and Tracking of Multi-level Host Events for Transparent Computing 

    Fazzini, Mattia (Georgia Institute of Technology, 2017-02-24)
    Advanced persistent threats (APTs) are characterized by their abilities to render existing security mechanisms ineffective; for example, APT activities can blend in with normal user and program activities to blindside ...
  • Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots 

    Vadrevu, Phani (Georgia Institute of Technology, 2017-01-27)
    In this talk, I present ChromePic, a web browser equipped with a novel forensic engine that aims to greatly enhance the browser’s logging capabilities. ChromePic’s main goal is to enable a fine-grained post-mortem ...
  • Online Tracking: A 1-million-site Measurement and Analysis 

    Narayanan, Arvind (Georgia Institute of Technology, 2017-01-20)
    We present the largest and most detailed measurement of online tracking conducted to date, based on a crawl of the top 1 million websites. We make 15 types of measurements on each site, including stateful (cookie-based) ...
  • Secure Data Outsourcing: Access Pattern Confidentiality in Outsourced Databases 

    Degitz, Alexander (Georgia Institute of Technology, 2017-01-13)
    When sensitive data is outsourced to an untrustworthy cloud storage provider, encryption techniques can be used to enforce data confidentiality. Ideally, such encryption techniques should not only enforce the confidentiality ...
  • ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes 

    Konte, Maria (Georgia Institute of Technology, 2016-11-18)
    Bulletproof hosting Autonomous Systems (ASes)—malicious ASes fully dedicated to supporting cybercrime—provide freedom and resources for a cyber-criminal to operate. Their services include hosting a wide range of illegal ...
  • The Evolution of Modern Malware: Technology Trends and Motivations 

    Smoak, Christopher (Georgia Institute of Technology, 2016-11-04)
    Over the past decade, malware has continued to evolve to adapt to increasing pressure from prevention and detection technologies. Techniques that were relied upon previously are no longer effective, while some persist ...
  • Fault injection as an attack vector against trustworthy embedded systems 

    Schaumont, Patrick (Georgia Institute of Technology, 2016-10-28)
    In the Internet of Things, the cyber-world will use a huge number of small embedded computing elements to control and sense the real world. The integrity and trustworthiness of these embedded systems is crucial; their ...
  • Defending against Advanced Return-Oriented Programming Attacks 

    Polychronakis, Michalis (Georgia Institute of Technology, 2016-10-21)
  • Managing Product Security and Integrity in a Global Supply Chain 

    Kuchynski, Dmitry; Iskander, Yousef (Georgia Institute of Technology, 2016-10-07)
    Cisco is a multi-national corporation that manufactures and sells networking and data center equipment that powers the world’s largest corporations, telecommunications providers, and national infrastructures. A majority ...
  • SEIVE: Cryptographically Enforced Access Control for User Data in Untrusted Clouds 

    Wang, Frank (Georgia Institute of Technology, 2016-09-30)
    Modern web services rob users of low-level control over cloud storage—a user’s single logical data set is scattered across multiple storage silos whose access controls are set by web services, not users. The consequence ...
  • Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX 

    Jang, Yeongjin (Georgia Institute of Technology, 2016-09-23)
    Kernel hardening has been an important topic, as many applications and security mechanisms often consider the kernel their Trusted Computing Base (TCB). Among various hardening techniques, kernel address space layout ...
  • Understanding, Alleviating and Exploiting Electro-Magnetic Side-Channel Signals 

    Prvulovic, Milos (Georgia Institute of Technology, 2016-09-16)
    A side-channel attack is an attack that exploits the low-power electronic signals a device emits even when it’s not connected to the Internet or a network. Such signals can leak sensitive data used in a computational task. ...
  • Towards Measuring and Mitigating Social Engineering Software Download Attacks 

    Nelms, Terry Lee (Georgia Institute of Technology, 2016-09-02)
    Most modern malware infections happen through the browser, typically as the result of a drive-by or social engineering attack. While there have been numerous studies on measuring and defending against drive-by downloads, ...
  • Security Analytics: Bridging large-scale data collection and analysis with human factors to design better defenses 

    Christin, Nicolas (Georgia Institute of Technology, 2016-08-26)
    In this talk, I will argue that understanding incentives of both attackers and targets has become critical to strengthening online security. I will advocate the need for an interdisciplinary research agenda, ranging from ...
  • Cybersecurity and You - Ready or Not, Here It Is! 

    Corliss, John (Georgia Institute of Technology, 2016-04-15)
    John Corliss from the U.S. Department of Homeland Security leads a discussion about strengthening the security and resilience of cyberspace and federal networks as an important part of the homeland security mission.
  • Cyber Security Analytics 

    Wenchel, Adam (Georgia Institute of Technology, 2016-04-01)
    Adam Wenchel from Capital One leads a discussion about information security in the financial sector -- specifically "cyber data lakes" and the use of machine learning to advance cybersecurity analytics capabilities.
  • Cybersecurity Factory 

    Wang, Frank (Georgia Institute of Technology, 2016-03-04)
    Security has become a hot topic given recent hacks of major corporations, like Sony, Home Depot, and Anthem. However, those hacks were easily preventable with the correct technology. The problem is that many times, security ...
  • Security Applications of Bitcoin 

    Pair, Stephen (Georgia Institute of Technology, 2016-02-26)
  • How to Make ASLR Win the Clone Wars: Runtime Re‐Randomization 

    Lu, Kangjie (Georgia Institute of Technology, 2016-02-12)
    Existing techniques for memory randomization such as the widely explored Address Space Layout Randomization (ASLR) perform a single, per‐process randomization that is applied before or at the process’ load‐time. The ...

View more