The Cybersecurity Lecture Series is a one-hour lecture from a thought leader who is advancing the field of information security and privacy.

Recent Submissions

  • Cloak & Dagger: From Two Android Permissions to Complete Control of the UI Feedback Loop 

    Fratantonio, Yanick (Georgia Institute of Technology, 2017-04-07)
    Although two Android permissions SYSTEM_ALERT_WINDOW and BIND_ACCESSIBILITY_SERVICE have been separately abused to create redressing attacks and accessibility attacks, these previous cyberattacks never could completely ...
  • Exposing Cross-Channel Abuse in Converged Communications Infrastructure with Text-Messaging Scams 

    Srinivasan, Bharat (Georgia Institute of Technology, 2017-03-31)
    Recent convergence of the Internet with the telecommunications infrastructure offers malicious actors the ability to craft cross-channel attacks that leverage both telephony and Internet resources. In this talk, we first ...
  • Human Computing for Handling Strong Corruptions in Authenticated Key Exchange 

    Chen, Shan (Georgia Institute of Technology, 2017-03-10)
    Ph.D. Student Shan Chen presents user authentication and key exchange protocols that can tolerate strong corruptions on the client-side. He will define the security model for Human Authenticated Key Exchange (HAKE) protocols ...
  • Tagging and Tracking of Multi-level Host Events for Transparent Computing 

    Fazzini, Mattia (Georgia Institute of Technology, 2017-02-24)
    Advanced persistent threats (APTs) are characterized by their abilities to render existing security mechanisms ineffective; for example, APT activities can blend in with normal user and program activities to blindside ...
  • Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots 

    Vadrevu, Phani (Georgia Institute of Technology, 2017-01-27)
    In this talk, I present ChromePic, a web browser equipped with a novel forensic engine that aims to greatly enhance the browser’s logging capabilities. ChromePic’s main goal is to enable a fine-grained post-mortem ...
  • Online Tracking: A 1-million-site Measurement and Analysis 

    Narayanan, Arvind (Georgia Institute of Technology, 2017-01-20)
    We present the largest and most detailed measurement of online tracking conducted to date, based on a crawl of the top 1 million websites. We make 15 types of measurements on each site, including stateful (cookie-based) ...
  • Secure Data Outsourcing: Access Pattern Confidentiality in Outsourced Databases 

    Degitz, Alexander (Georgia Institute of Technology, 2017-01-13)
    When sensitive data is outsourced to an untrustworthy cloud storage provider, encryption techniques can be used to enforce data confidentiality. Ideally, such encryption techniques should not only enforce the confidentiality ...
  • ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes 

    Konte, Maria (Georgia Institute of Technology, 2016-11-18)
    Bulletproof hosting Autonomous Systems (ASes)—malicious ASes fully dedicated to supporting cybercrime—provide freedom and resources for a cyber-criminal to operate. Their services include hosting a wide range of illegal ...
  • The Evolution of Modern Malware: Technology Trends and Motivations 

    Smoak, Christopher (Georgia Institute of Technology, 2016-11-04)
    Over the past decade, malware has continued to evolve to adapt to increasing pressure from prevention and detection technologies. Techniques that were relied upon previously are no longer effective, while some persist ...
  • Fault injection as an attack vector against trustworthy embedded systems 

    Schaumont, Patrick (Georgia Institute of Technology, 2016-10-28)
    In the Internet of Things, the cyber-world will use a huge number of small embedded computing elements to control and sense the real world. The integrity and trustworthiness of these embedded systems is crucial; their ...
  • Defending against Advanced Return-Oriented Programming Attacks 

    Polychronakis, Michalis (Georgia Institute of Technology, 2016-10-21)
  • Managing Product Security and Integrity in a Global Supply Chain 

    Kuchynski, Dmitry; Iskander, Yousef (Georgia Institute of Technology, 2016-10-07)
    Cisco is a multi-national corporation that manufactures and sells networking and data center equipment that powers the world’s largest corporations, telecommunications providers, and national infrastructures. A majority ...
  • SEIVE: Cryptographically Enforced Access Control for User Data in Untrusted Clouds 

    Wang, Frank (Georgia Institute of Technology, 2016-09-30)
    Modern web services rob users of low-level control over cloud storage—a user’s single logical data set is scattered across multiple storage silos whose access controls are set by web services, not users. The consequence ...
  • Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX 

    Jang, Yeongjin (Georgia Institute of Technology, 2016-09-23)
    Kernel hardening has been an important topic, as many applications and security mechanisms often consider the kernel their Trusted Computing Base (TCB). Among various hardening techniques, kernel address space layout ...
  • Understanding, Alleviating and Exploiting Electro-Magnetic Side-Channel Signals 

    Prvulovic, Milos (Georgia Institute of Technology, 2016-09-16)
    A side-channel attack is an attack that exploits the low-power electronic signals a device emits even when it’s not connected to the Internet or a network. Such signals can leak sensitive data used in a computational task. ...
  • Towards Measuring and Mitigating Social Engineering Software Download Attacks 

    Nelms, Terry Lee (Georgia Institute of Technology, 2016-09-02)
    Most modern malware infections happen through the browser, typically as the result of a drive-by or social engineering attack. While there have been numerous studies on measuring and defending against drive-by downloads, ...
  • Security Analytics: Bridging large-scale data collection and analysis with human factors to design better defenses 

    Christin, Nicolas (Georgia Institute of Technology, 2016-08-26)
    In this talk, I will argue that understanding incentives of both attackers and targets has become critical to strengthening online security. I will advocate the need for an interdisciplinary research agenda, ranging from ...
  • Cybersecurity and You - Ready or Not, Here It Is! 

    Corliss, John (Georgia Institute of Technology, 2016-04-15)
    John Corliss from the U.S. Department of Homeland Security leads a discussion about strengthening the security and resilience of cyberspace and federal networks as an important part of the homeland security mission.
  • Cyber Security Analytics 

    Wenchel, Adam (Georgia Institute of Technology, 2016-04-01)
    Adam Wenchel from Capital One leads a discussion about information security in the financial sector -- specifically "cyber data lakes" and the use of machine learning to advance cybersecurity analytics capabilities.
  • Cybersecurity Factory 

    Wang, Frank (Georgia Institute of Technology, 2016-03-04)
    Security has become a hot topic given recent hacks of major corporations, like Sony, Home Depot, and Anthem. However, those hacks were easily preventable with the correct technology. The problem is that many times, security ...

View more