Browsing Institute for Information Security & Privacy Cybersecurity Lecture Series by Title
Now showing items 75-94 of 118
-
Phish or Fish
(Georgia Institute of Technology, 2018-04-12)Phishing, where an attacker sends an email under false pretenses to trick users into giving up their passwords, is the first step in many high-profile cyber attacks, such as the Democratic National Convention hack of 2016. ... -
Practical Software Hardening Against Code Reuse Attacks
(Georgia Institute of Technology, 2018-11-16) -
The Price of Free: Privacy Leakage in Personalized Mobile In‐App Ads
(Georgia Institute of Technology, 2016-02-05)ln-app advertising is an essential part of the ecosystem of free mobile applications. On the surface, this creates a win-win situation where app developers can profit from their work without charging the users. Meanwhile, ... -
Protect Your Unicorn From Hunters
(Georgia Institute of Technology, 2019-01-18)Information security certifications, frameworks, and regulatory requirements provide a good foundation for startups to build an information security program. Since a security breach could put a startup out of business, ... -
Protecting Computer Systems through Eliminating Vulnerabilities
(Georgia Institute of Technology, 2016-01-29)Many system components and network applications are written in unsafe programming languages that are prone to memory corruption vulnerabilities. To combat countless catastrophes from these vulnerabilities, there have ... -
Proving Anything Quickly, Privately, and Elegantly with Secure Computation
(Georgia Institute of Technology, 2018-08-24)Secure multi-party computation (MPC) is an area of cryptography which studies computing on encrypted data. In this talk, I will discuss a somewhat surprising MPC technique of proving statements in zero-knowledge (i.e., ... -
RAIN: Refinable Attack Investigation with On-demand Inter-process Information Flow Tracking
(Georgia Institute of Technology, 2018-04-18)As modern attacks become more stealthy and persistent, detecting or preventing them at their early stages becomes virtually impossible. Instead, an attack investigation or provenance system aims to continuously monitor and ... -
Reflections on Internet Surveillance
(Georgia Institute of Technology, 2020-03-27)Six years ago Edward Snowden leaked a massive trove of internal NSA documents detailing the operation of the US government’s electronic surveillance system. The overall systems described a wide-ranging approach of remarkably ... -
Revocations Are Dead, Long Live Revocations
(Georgia Institute of Technology, 2018-01-12)The importance of the web’s public key infrastructure (PKI) cannot be overstated: it is what allows users to know with whom they are communicating online. Central to its correct operation is the ability to “revoke” ... -
RFDIDS: Radio Frequency-based Distributed Intrusion Detection System for the Power Grid
(Georgia Institute of Technology, 2019-04-19)Recently, the number of cyber threats to power systems has increased at an unprecedented rate. For instance, the widespread blackout in Ukrainian power grid on December 2015 was a wakeup call that modern power systems have ... -
rtCaptcha
(Georgia Institute of Technology, 2018-04-12)More organizations are turning to facial and voice recognition, or other biometric identifiers, to authenticate users and grant access to their systems. In particular, some services (e.g. Mastercard Identity Check) allow ... -
rtCaptcha: A Real-Time CAPTCHA Based Liveness Detection System
(Georgia Institute of Technology, 2018-03-02)Facial/voice-based authentication is becoming increasingly popular (e.g., already adopted by MasterCard and AliPay), because it is easy to use. In particular, users can now authenticate themselves to online services by ... -
The Scalability of Vulnerability Analysis
(Georgia Institute of Technology, 2018-01-26)Analyzing software for vulnerabilities is an important capability in ensuring the security of a computing system. As software has become more complex and ubiquitous, however, traditional vulnerability analysis techniques ... -
Secure Communication Channel Establishment: TLS 1.3 (Over TCP Fast Open) vs. QUIC
(Georgia Institute of Technology, 2019-11-01)Secure channel establishment protocols such as TLS are some of the most important cryptographic protocols, enabling the encryption of Internet traffic. Reducing the latency (the number of interactions between parties) in ... -
Secure Data Outsourcing: Access Pattern Confidentiality in Outsourced Databases
(Georgia Institute of Technology, 2017-01-13)When sensitive data is outsourced to an untrustworthy cloud storage provider, encryption techniques can be used to enforce data confidentiality. Ideally, such encryption techniques should not only enforce the confidentiality ... -
Securing FPGA-Accelerated Cloud Infrastructures
(Georgia Institute of Technology, 2020-11-13)Cloud FPGAs have been gaining popularity in recent years due to the ability of users to request FPGA resources quickly, flexibly, and on-demand. However, as public cloud providers make FPGAs available to many, potentially ... -
Securing Network Function Virtualization
(Georgia Institute of Technology, 2019-11-22) -
Security along SoC Design Lifecycle: Current Practices and Challenges Ahead
(Georgia Institute of Technology, 2018-09-07)System-on-chip (SoC) security has received significant attention in the past several years due mainly to its prevalence in the internet of things (IoT) devices, cyber-physical systems, and embedded computing systems. ... -
Security Analytics: Bridging large-scale data collection and analysis with human factors to design better defenses
(Georgia Institute of Technology, 2016-08-26)In this talk, I will argue that understanding incentives of both attackers and targets has become critical to strengthening online security. I will advocate the need for an interdisciplinary research agenda, ranging from ... -
Security and Privacy Issues of Modern Web Browsers
(Georgia Institute of Technology, 2017-09-22)The modern web, as users experience it, bears little resemblance to the original world wide web invented by Tim Berners-Lee. Static, stateless, HTML pages with text and the occasional pixelated images gave way to dynamic, ...