The Institute for Information Security & Privacy connects government, industry, and academia to solve the grand challenges of cybersecurity. By leveraging the intellectual capital from Georgia Tech's colleges and research labs, along with help from external partners, we address vital solutions to national security, economic continuity, and individual safety. The Institute for Information Security & Privacy provides a gateway to faculty, students, and scientists and a central location for national and international collaboration.

Collections in this community

Recent Submissions

  • Managing Product Security and Integrity in a Global Supply Chain 

    Kuchynski, Dmitry; Iskander, Yousef (Georgia Institute of Technology, 2016-10-07)
    Cisco is a multi-national corporation that manufactures and sells networking and data center equipment that powers the world’s largest corporations, telecommunications providers, and national infrastructures. A majority ...
  • SEIVE: Cryptographically Enforced Access Control for User Data in Untrusted Clouds 

    Wang, Frank (Georgia Institute of Technology, 2016-09-30)
    Modern web services rob users of low-level control over cloud storage—a user’s single logical data set is scattered across multiple storage silos whose access controls are set by web services, not users. The consequence ...
  • Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX 

    Jang, Yeongjin (Georgia Institute of Technology, 2016-09-23)
    Kernel hardening has been an important topic, as many applications and security mechanisms often consider the kernel their Trusted Computing Base (TCB). Among various hardening techniques, kernel address space layout ...
  • Understanding, Alleviating and Exploiting Electro-Magnetic Side-Channel Signals 

    Prvulovic, Milos (Georgia Institute of Technology, 2016-09-16)
    A side-channel attack is an attack that exploits the low-power electronic signals a device emits even when it’s not connected to the Internet or a network. Such signals can leak sensitive data used in a computational task. ...
  • Towards Measuring and Mitigating Social Engineering Software Download Attacks 

    Nelms, Terry Lee (Georgia Institute of Technology, 2016-09-02)
    Most modern malware infections happen through the browser, typically as the result of a drive-by or social engineering attack. While there have been numerous studies on measuring and defending against drive-by downloads, ...
  • Security Analytics: Bridging large-scale data collection and analysis with human factors to design better defenses 

    Christin, Nicolas (Georgia Institute of Technology, 2016-08-26)
    In this talk, I will argue that understanding incentives of both attackers and targets has become critical to strengthening online security. I will advocate the need for an interdisciplinary research agenda, ranging from ...
  • Cybersecurity and You - Ready or Not, Here It Is! 

    Corliss, John (Georgia Institute of Technology, 2016-04-15)
    John Corliss from the U.S. Department of Homeland Security leads a discussion about strengthening the security and resilience of cyberspace and federal networks as an important part of the homeland security mission.
  • Cyber Security Analytics 

    Wenchel, Adam (Georgia Institute of Technology, 2016-04-01)
    Adam Wenchel from Capital One leads a discussion about information security in the financial sector -- specifically "cyber data lakes" and the use of machine learning to advance cybersecurity analytics capabilities.
  • Cybersecurity Factory 

    Wang, Frank (Georgia Institute of Technology, 2016-03-04)
    Security has become a hot topic given recent hacks of major corporations, like Sony, Home Depot, and Anthem. However, those hacks were easily preventable with the correct technology. The problem is that many times, security ...
  • Security Applications of Bitcoin 

    Pair, Stephen (Georgia Institute of Technology, 2016-02-26)
  • How to Make ASLR Win the Clone Wars: Runtime Re‐Randomization 

    Lu, Kangjie (Georgia Institute of Technology, 2016-02-12)
    Existing techniques for memory randomization such as the widely explored Address Space Layout Randomization (ASLR) perform a single, per‐process randomization that is applied before or at the process’ load‐time. The ...
  • Protecting Computer Systems through Eliminating Vulnerabilities 

    Lee, Byoungyoung (Georgia Institute of Technology, 2016-01-29)
    Many system components and network applications are written in unsafe programming languages that are prone to memory corruption vulnerabilities. To combat countless catastrophes from these vulnerabilities, there have ...
  • The Price of Free: Privacy Leakage in Personalized Mobile In‐App Ads 

    Ding, Ren (Georgia Institute of Technology, 2016-02-05)
    ln-app advertising is an essential part of the ecosystem of free mobile applications. On the surface, this creates a win-win situation where app developers can profit from their work without charging the users. Meanwhile, ...