Now showing items 61-80 of 116

    • Managing Product Security and Integrity in a Global Supply Chain 

      Kuchynski, Dmitry; Iskander, Yousef (Georgia Institute of Technology, 2016-10-07)
      Cisco is a multi-national corporation that manufactures and sells networking and data center equipment that powers the world’s largest corporations, telecommunications providers, and national infrastructures. A majority ...
    • Meddling Middlemen: Empirical Analysis of the Risks of Data-Saving Mobile Browsers 

      Kondracki, Brian (Georgia Institute of Technology, 2020-09-18)
      Mobile browsers have become one of the main mediators of our online activities. However, as web pages continue to increase in size and streaming media on-the-go has become commonplace, mobile data plan constraints remain ...
    • MLsploit [Judges Remarks] 

      Downing, Evan (Georgia Institute of Technology, 2019-04-16)
      Machine learning is at risk of being attacked. As companies continue to depend on machine learning to solve their problems, more sophisticated attacks are being created to undermine and take advantage of machine learning ...
    • Modern Malware and Secure Techniques for Better Software 

      Odom, Joel (Georgia Institute of Technology, 2017-08-25)
      Modern society depends on reliable computer systems, yet hardly a day passes without news of a new failure of computer security. Whether enticed by profit or by politics, professional hacking organizations rival mainstream ...
    • Multi-layer API Specialization for Attack Surface Reduction 

      Mishra, Shachee (Georgia Institute of Technology, 2020-10-02)
      Code reuse attacks have been a threat to software security since the introduction of non-executable memory protections. Despite significant advances in various types of additional defenses, such as control flow integrity ...
    • Multi-Stakeholder Network Infrastructure Security Concerns 

      Tauber, Tony (Georgia Institute of Technology, 2017-10-27)
      Security concerns with the Internet infrastructure involve a variety of stakeholders both in effect and potential remedies and countermeasures. This talk will discuss some examples.
    • New Perspectives on Control-Flow Hijacking Mitigation 

      Burow, Nathan (Georgia Institute of Technology, 2018-09-21)
      Despite over 20 years of research, control-flow hijacking attacks remain the most significant threat to software security. Attackers exploit C/C++ lack of memory and type safety to corrupt code-pointers, thereby hijacking ...
    • The Non-Code Aspects of Cybersecurity and the Globalization of Criminal Evidence 

      Swire, Peter (Georgia Institute of Technology, 2017-10-13)
      In this session, Professor Peter Swire will present two current research topics in cybersecurity. The first addresses the non-code aspects of cybersecurity. Computer scientists are familiar with the seven layers of the ...
    • Online Tracking: A 1-million-site Measurement and Analysis 

      Narayanan, Arvind (Georgia Institute of Technology, 2017-01-20)
      We present the largest and most detailed measurement of online tracking conducted to date, based on a crawl of the top 1 million websites. We make 15 types of measurements on each site, including stateful (cookie-based) ...
    • Open Source Intelligence Applications in Cybersecurity 

      Shields, Thomas (Georgia Institute of Technology, 2018-09-28)
      Open Source Intelligence (OSINT) has rapidly evolved as a prominent yet peculiar member of the intelligence disciplines (INTs). OSINT is valuable in both offensive and defensive cybersecurity applications such as malware ...
    • OSS Police 

      Bijlani, Ashish; Duan, Ruian (Georgia Institute of Technology, 2018-04-12)
      In order to reduce time to market, mobile app developers often focus their efforts on creating new, unique features or workflows, and rely on third-party Open Source Software (OSS) for common elements of app code. ...
    • Out of Control: the expanded attack surface of control systems 

      Beyah, Raheem (Georgia Institute of Technology, 2017-10-06)
      Industrial control system networks used in critical infrastructures, such as the power grid, present a unique set of security challenges. The distributed networks are difficult to physically secure, legacy equipment can ...
    • Phish or Fish 

      Bandhari, Anisha; Tan, Tony Zhaocheng (Georgia Institute of Technology, 2018-04-12)
      Phishing, where an attacker sends an email under false pretenses to trick users into giving up their passwords, is the first step in many high-profile cyber attacks, such as the Democratic National Convention hack of 2016. ...
    • Practical Software Hardening Against Code Reuse Attacks 

      Koo, Hyungjoon (Georgia Institute of Technology, 2018-11-16)
    • The Price of Free: Privacy Leakage in Personalized Mobile In‐App Ads 

      Ding, Ren (Georgia Institute of Technology, 2016-02-05)
      ln-app advertising is an essential part of the ecosystem of free mobile applications. On the surface, this creates a win-win situation where app developers can profit from their work without charging the users. Meanwhile, ...
    • Protect Your Unicorn From Hunters 

      Valtman, Nir (Georgia Institute of Technology, 2019-01-18)
      Information security certifications, frameworks, and regulatory requirements provide a good foundation for startups to build an information security program. Since a security breach could put a startup out of business, ...
    • Protecting Computer Systems through Eliminating Vulnerabilities 

      Lee, Byoungyoung (Georgia Institute of Technology, 2016-01-29)
      Many system components and network applications are written in unsafe programming languages that are prone to memory corruption vulnerabilities. To combat countless catastrophes from these vulnerabilities, there have ...
    • Proving Anything Quickly, Privately, and Elegantly with Secure Computation 

      Kolesnikov, Vladimir (Georgia Institute of Technology, 2018-08-24)
      Secure multi-party computation (MPC) is an area of cryptography which studies computing on encrypted data. In this talk, I will discuss a somewhat surprising MPC technique of proving statements in zero-knowledge (i.e., ...
    • RAIN: Refinable Attack Investigation with On-demand Inter-process Information Flow Tracking 

      Ji, Yang (Georgia Institute of Technology, 2018-04-18)
      As modern attacks become more stealthy and persistent, detecting or preventing them at their early stages becomes virtually impossible. Instead, an attack investigation or provenance system aims to continuously monitor and ...
    • Reflections on Internet Surveillance 

      Weaver, Nicholas (Georgia Institute of Technology, 2020-03-27)
      Six years ago Edward Snowden leaked a massive trove of internal NSA documents detailing the operation of the US government’s electronic surveillance system. The overall systems described a wide-ranging approach of remarkably ...