Now showing items 1-20 of 130

    • Protecting Computer Systems through Eliminating Vulnerabilities 

      Lee, Byoungyoung (Georgia Institute of Technology, 2016-01-29)
      Many system components and network applications are written in unsafe programming languages that are prone to memory corruption vulnerabilities. To combat countless catastrophes from these vulnerabilities, there have ...
    • The Price of Free: Privacy Leakage in Personalized Mobile In‐App Ads 

      Ding, Ren (Georgia Institute of Technology, 2016-02-05)
      ln-app advertising is an essential part of the ecosystem of free mobile applications. On the surface, this creates a win-win situation where app developers can profit from their work without charging the users. Meanwhile, ...
    • How to Make ASLR Win the Clone Wars: Runtime Re‐Randomization 

      Lu, Kangjie (Georgia Institute of Technology, 2016-02-12)
      Existing techniques for memory randomization such as the widely explored Address Space Layout Randomization (ASLR) perform a single, per‐process randomization that is applied before or at the process’ load‐time. The ...
    • Security Applications of Bitcoin 

      Pair, Stephen (Georgia Institute of Technology, 2016-02-26)
    • Cybersecurity Factory 

      Wang, Frank (Georgia Institute of Technology, 2016-03-04)
      Security has become a hot topic given recent hacks of major corporations, like Sony, Home Depot, and Anthem. However, those hacks were easily preventable with the correct technology. The problem is that many times, security ...
    • Cyber Security Analytics 

      Wenchel, Adam (Georgia Institute of Technology, 2016-04-01)
      Adam Wenchel from Capital One leads a discussion about information security in the financial sector -- specifically "cyber data lakes" and the use of machine learning to advance cybersecurity analytics capabilities.
    • Cybersecurity and You - Ready or Not, Here It Is! 

      Corliss, John (Georgia Institute of Technology, 2016-04-15)
      John Corliss from the U.S. Department of Homeland Security leads a discussion about strengthening the security and resilience of cyberspace and federal networks as an important part of the homeland security mission.
    • Security Analytics: Bridging large-scale data collection and analysis with human factors to design better defenses 

      Christin, Nicolas (Georgia Institute of Technology, 2016-08-26)
      In this talk, I will argue that understanding incentives of both attackers and targets has become critical to strengthening online security. I will advocate the need for an interdisciplinary research agenda, ranging from ...
    • Towards Measuring and Mitigating Social Engineering Software Download Attacks 

      Nelms, Terry L. (Georgia Institute of Technology, 2016-09-02)
      Most modern malware infections happen through the browser, typically as the result of a drive-by or social engineering attack. While there have been numerous studies on measuring and defending against drive-by downloads, ...
    • Understanding, Alleviating and Exploiting Electro-Magnetic Side-Channel Signals 

      Prvulovic, Milos (Georgia Institute of Technology, 2016-09-16)
      A side-channel attack is an attack that exploits the low-power electronic signals a device emits even when it’s not connected to the Internet or a network. Such signals can leak sensitive data used in a computational task. ...
    • Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX 

      Jang, Yeongjin (Georgia Institute of Technology, 2016-09-23)
      Kernel hardening has been an important topic, as many applications and security mechanisms often consider the kernel their Trusted Computing Base (TCB). Among various hardening techniques, kernel address space layout ...
    • SEIVE: Cryptographically Enforced Access Control for User Data in Untrusted Clouds 

      Wang, Frank (Georgia Institute of Technology, 2016-09-30)
      Modern web services rob users of low-level control over cloud storage—a user’s single logical data set is scattered across multiple storage silos whose access controls are set by web services, not users. The consequence ...
    • Managing Product Security and Integrity in a Global Supply Chain 

      Kuchynski, Dmitry; Iskander, Yousef (Georgia Institute of Technology, 2016-10-07)
      Cisco is a multi-national corporation that manufactures and sells networking and data center equipment that powers the world’s largest corporations, telecommunications providers, and national infrastructures. A majority ...
    • Defending against Advanced Return-Oriented Programming Attacks 

      Polychronakis, Michalis (Georgia Institute of Technology, 2016-10-21)
    • Fault injection as an attack vector against trustworthy embedded systems 

      Schaumont, Patrick (Georgia Institute of Technology, 2016-10-28)
      In the Internet of Things, the cyber-world will use a huge number of small embedded computing elements to control and sense the real world. The integrity and trustworthiness of these embedded systems is crucial; their ...
    • The Evolution of Modern Malware: Technology Trends and Motivations 

      Smoak, Christopher (Georgia Institute of Technology, 2016-11-04)
      Over the past decade, malware has continued to evolve to adapt to increasing pressure from prevention and detection technologies. Techniques that were relied upon previously are no longer effective, while some persist ...
    • ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes 

      Konte, Maria (Georgia Institute of Technology, 2016-11-18)
      Bulletproof hosting Autonomous Systems (ASes)—malicious ASes fully dedicated to supporting cybercrime—provide freedom and resources for a cyber-criminal to operate. Their services include hosting a wide range of illegal ...
    • Secure Data Outsourcing: Access Pattern Confidentiality in Outsourced Databases 

      Degitz, Alexander (Georgia Institute of Technology, 2017-01-13)
      When sensitive data is outsourced to an untrustworthy cloud storage provider, encryption techniques can be used to enforce data confidentiality. Ideally, such encryption techniques should not only enforce the confidentiality ...
    • Online Tracking: A 1-million-site Measurement and Analysis 

      Narayanan, Arvind (Georgia Institute of Technology, 2017-01-20)
      We present the largest and most detailed measurement of online tracking conducted to date, based on a crawl of the top 1 million websites. We make 15 types of measurements on each site, including stateful (cookie-based) ...
    • Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots 

      Vadrevu, Phani (Georgia Institute of Technology, 2017-01-27)
      In this talk, I present ChromePic, a web browser equipped with a novel forensic engine that aims to greatly enhance the browser’s logging capabilities. ChromePic’s main goal is to enable a fine-grained post-mortem ...