Now showing items 66-85 of 113

    • New Perspectives on Control-Flow Hijacking Mitigation 

      Burow, Nathan (Georgia Institute of Technology, 2018-09-21)
      Despite over 20 years of research, control-flow hijacking attacks remain the most significant threat to software security. Attackers exploit C/C++ lack of memory and type safety to corrupt code-pointers, thereby hijacking ...
    • The Non-Code Aspects of Cybersecurity and the Globalization of Criminal Evidence 

      Swire, Peter (Georgia Institute of Technology, 2017-10-13)
      In this session, Professor Peter Swire will present two current research topics in cybersecurity. The first addresses the non-code aspects of cybersecurity. Computer scientists are familiar with the seven layers of the ...
    • Online Tracking: A 1-million-site Measurement and Analysis 

      Narayanan, Arvind (Georgia Institute of Technology, 2017-01-20)
      We present the largest and most detailed measurement of online tracking conducted to date, based on a crawl of the top 1 million websites. We make 15 types of measurements on each site, including stateful (cookie-based) ...
    • Open Source Intelligence Applications in Cybersecurity 

      Shields, Thomas (Georgia Institute of Technology, 2018-09-28)
      Open Source Intelligence (OSINT) has rapidly evolved as a prominent yet peculiar member of the intelligence disciplines (INTs). OSINT is valuable in both offensive and defensive cybersecurity applications such as malware ...
    • OSS Police 

      Bijlani, Ashish; Duan, Ruian (Georgia Institute of Technology, 2018-04-12)
      In order to reduce time to market, mobile app developers often focus their efforts on creating new, unique features or workflows, and rely on third-party Open Source Software (OSS) for common elements of app code. ...
    • Out of Control: the expanded attack surface of control systems 

      Beyah, Raheem (Georgia Institute of Technology, 2017-10-06)
      Industrial control system networks used in critical infrastructures, such as the power grid, present a unique set of security challenges. The distributed networks are difficult to physically secure, legacy equipment can ...
    • Phish or Fish 

      Bandhari, Anisha; Tan, Tony Zhaocheng (Georgia Institute of Technology, 2018-04-12)
      Phishing, where an attacker sends an email under false pretenses to trick users into giving up their passwords, is the first step in many high-profile cyber attacks, such as the Democratic National Convention hack of 2016. ...
    • Practical Software Hardening Against Code Reuse Attacks 

      Koo, Hyungjoon (Georgia Institute of Technology, 2018-11-16)
    • The Price of Free: Privacy Leakage in Personalized Mobile In‐App Ads 

      Ding, Ren (Georgia Institute of Technology, 2016-02-05)
      ln-app advertising is an essential part of the ecosystem of free mobile applications. On the surface, this creates a win-win situation where app developers can profit from their work without charging the users. Meanwhile, ...
    • Protect Your Unicorn From Hunters 

      Valtman, Nir (Georgia Institute of Technology, 2019-01-18)
      Information security certifications, frameworks, and regulatory requirements provide a good foundation for startups to build an information security program. Since a security breach could put a startup out of business, ...
    • Protecting Computer Systems through Eliminating Vulnerabilities 

      Lee, Byoungyoung (Georgia Institute of Technology, 2016-01-29)
      Many system components and network applications are written in unsafe programming languages that are prone to memory corruption vulnerabilities. To combat countless catastrophes from these vulnerabilities, there have ...
    • Proving Anything Quickly, Privately, and Elegantly with Secure Computation 

      Kolesnikov, Vladimir (Georgia Institute of Technology, 2018-08-24)
      Secure multi-party computation (MPC) is an area of cryptography which studies computing on encrypted data. In this talk, I will discuss a somewhat surprising MPC technique of proving statements in zero-knowledge (i.e., ...
    • RAIN: Refinable Attack Investigation with On-demand Inter-process Information Flow Tracking 

      Ji, Yang (Georgia Institute of Technology, 2018-04-18)
      As modern attacks become more stealthy and persistent, detecting or preventing them at their early stages becomes virtually impossible. Instead, an attack investigation or provenance system aims to continuously monitor and ...
    • Reflections on Internet Surveillance 

      Weaver, Nicholas (Georgia Institute of Technology, 2020-03-27)
      Six years ago Edward Snowden leaked a massive trove of internal NSA documents detailing the operation of the US government’s electronic surveillance system. The overall systems described a wide-ranging approach of remarkably ...
    • Revocations Are Dead, Long Live Revocations 

      Levin, David (Georgia Institute of Technology, 2018-01-12)
      The importance of the web’s public key infrastructure (PKI) cannot be overstated: it is what allows users to know with whom they are communicating online. Central to its correct operation is the ability to “revoke” ...
    • RFDIDS: Radio Frequency-based Distributed Intrusion Detection System for the Power Grid 

      Shekari, Tohid (Georgia Institute of Technology, 2019-04-19)
      Recently, the number of cyber threats to power systems has increased at an unprecedented rate. For instance, the widespread blackout in Ukrainian power grid on December 2015 was a wakeup call that modern power systems have ...
    • rtCaptcha 

      Uzun, Erkam (Georgia Institute of Technology, 2018-04-12)
      More organizations are turning to facial and voice recognition, or other biometric identifiers, to authenticate users and grant access to their systems. In particular, some services (e.g. Mastercard Identity Check) allow ...
    • rtCaptcha: A Real-Time CAPTCHA Based Liveness Detection System 

      Uzun, Erkam (Georgia Institute of Technology, 2018-03-02)
      Facial/voice-based authentication is becoming increasingly popular (e.g., already adopted by MasterCard and AliPay), because it is easy to use. In particular, users can now authenticate themselves to online services by ...
    • The Scalability of Vulnerability Analysis 

      Bittick, Kennon (Georgia Institute of Technology, 2018-01-26)
      Analyzing software for vulnerabilities is an important capability in ensuring the security of a computing system. As software has become more complex and ubiquitous, however, traditional vulnerability analysis techniques ...
    • Secure Communication Channel Establishment: TLS 1.3 (Over TCP Fast Open) vs. QUIC 

      Boldyreva, Alexandra (Georgia Institute of Technology, 2019-11-01)
      Secure channel establishment protocols such as TLS are some of the most important cryptographic protocols, enabling the encryption of Internet traffic. Reducing the latency (the number of interactions between parties) in ...