Series
Institute for Information Security & Privacy Cybersecurity Lecture Series

Permanent Link
https://hdl.handle.net/1853/70914
Series Type
Event Series
Description
Associated Organization(s)
Associated Organization(s)
Organizational Unit
Organizational Unit

Filters

2016 - 2019 101
101 1
101 1
101
101
Reset filters

Settings
Start date: 2016 × End date: 2019 ×

Publication Search Results

Now showing 1 - 10 of 101
  • Thumbnail Image
    Item
    Securing Network Function Virtualization
    (Georgia Institute of Technology, 2019-11-22) Yu, Minlan
  • No Thumbnail Available
    Item
    Security Evaluation of Home-Based IoT Deployments
    (Georgia Institute of Technology, 2019-11-15) Alrawi, Omar
    Home-based IoT devices have a bleak reputation regarding their security practices. On the surface, the insecurities of IoT devices seem to be caused by integration problems that may be addressed by simple measures, but this work finds that to be a naive assumption. The truth is, IoT deployments, at their core, utilize traditional compute systems, such as embedded, mobile, and network. These components have many unexplored challenges such as the effect of overprivileged mobile applications on embedded devices. Our work proposes a methodology that researchers and practitioners could employ to analyze security properties for home-based IoT devices. We evaluate 45 devices using our methodology and demonstrate how insecure components affect the overall security of IoT deployment. To make this analysis transparent and easier to adapt by the community, we provide a public portal to share our evaluation data and invite the community to contribute their independent findings at https://YourThings.info.
  • Thumbnail Image
    Item
    Leveraging Side-Channel Signals for Security and Trust
    (Georgia Institute of Technology, 2019-11-08) Sehatbakhsh, Nader
    With the proliferation of computing systems in our world, from servers to internet-of-things devices, side-channel signals have become significantly more available and accessible to measure and leverage. This availability provides both opportunities and security threats. On one hand, these side-channels may “leak” sensitive information about the system, and if exploited by an adversary, it would pose security threats to the system. On the other hand, however, these signals can be leveraged as extra sources of information which can be used for benign and useful purposes such as debugging/profiling, malware/intrusion detection, and security monitoring. Given these opportunities and threats, understanding how these side-channels are created and developing frameworks to leverage them is an important topic. To address these challenges, in this talk, I will describe our new methods and frameworks to identify, quantify, and leverage side-channel signals particularly analog-domain electromagnetic (EM) emanations, and then describe how these analog-domain side-channels can be leveraged for intrusion detection on a variety of embedded and cyber-physical systems. Moreover, I will present our recent work on how side-channels can be leveraged to create a trusted execution environment (TEE) on a resource-constrained device (e.g., an Internet-of-Things device).
  • Thumbnail Image
    Item
    Secure Communication Channel Establishment: TLS 1.3 (Over TCP Fast Open) vs. QUIC
    (Georgia Institute of Technology, 2019-11-01) Boldyreva, Alexandra
    Secure channel establishment protocols such as TLS are some of the most important cryptographic protocols, enabling the encryption of Internet traffic. Reducing the latency (the number of interactions between parties) in such protocols has become an important design goal to improve user experience. The most important protocols addressing this goal are TLS 1.3 over TCP Fast Open (TFO), Google’s QUIC over UDP, and QUIC[TLS] (a new design for QUIC that uses TLS 1.3 key exchange) over UDP. There have been a number of formal security analyses for TLS 1.3 and QUIC, but their security, when layered with their underlying transport protocols, cannot be easily compared. We aim to thoroughly compare the security and availability properties of these protocols. Towards this goal, we develop novel security models that permit “layered” security analysis. In addition to the standard goals of server authentication and data privacy and integrity, we consider the goals of IP spoofing prevention, key exchange packet integrity, secure channel header integrity, and reset authentication, which capture a range of practical threats not usually taken into account by existing security models that focus mainly on the crypto cores of the protocols. Equipped with our new models we provide a detailed comparison of the above three protocols. We hope that our results will help protocol designers in their future protocol analyses and practitioners to better understand the advantages and limitations of novel secure channel establishment protocols. This is a joint work with Shan Chen, Samuel Jero, Matthew Jagielski, and Cristina Nita-Rotaru. It was published at ESORICS 2019 proceedings.
  • Thumbnail Image
    Item
    Machine Learning in Profiled Side-Channel Attacks and Low-Overhead Countermeasures
    (Georgia Institute of Technology, 2019-10-18) Raychowdhury, Arijit
    Computationally secure Cryptographic algorithms, when implemented on physical hardware leak correlated physical signatures (e.g. power supply current, electromagnetic radiation, acoustic, thermal) which could be utilized to break the crypto-engine in linear time. While the existence of such side-channel attacks have been known for decades, the impact of them have been increasing with the proliferation of billions of IoT edge-devices with resource constraints. In this talk I will discuss some of our recent work on profiled attacks that take advantage of the advances in Deep Neural Networks to break AES in a few iterations. In the second half of the talk, I will describe some of the embedded hardware techniques that can provide resiliency against such power side channel attacks.
  • Thumbnail Image
    Item
    Cyber Science: The Third Frontier
    (Georgia Institute of Technology, 2019-10-11) Johnson-Bey, Charles
    Over the last several decades Data Security became Information Security which then rolled into Cyber Security. All along this journey cyber has become defined as “Us versus Them”; electronic cyber-attack and cyber-defense illustrates the current entire domain of Cyber Security. Significant investment has gone into protecting networks, training staff to operate expensive architecture, and ultimately changing how business operations are conducted. Attacks are common place and resources in high demand. However, much of these capabilities required the development of unique methods to deal with chaotic information, to pick up subtle data changes, and to fine tune networks and computer systems. There is a possibility of expanding these capabilities from a two-tier war fighting model (Cyber Defense and Cyber Offense) over to a new third tier, Cyber Science. This enables cyber capabilities to provide profit back to a business instead of being a sunk cost (re. insurance policy of sorts). We envision a near future that allows Cyber engineering to build new solutions that aren’t mired in “Us versus Them” but is used for the betterment of society. These take the form of new quantum-based data structures, new approaches to biologic science analytics, new ways to connect the worlds of IOT, MTM, and humans, and more. We explore where this makes sense and highlight a possible way to engage cyber engineering groups into a profit center.
  • Thumbnail Image
    Item
    The Growing Importance of the Non-Code Aspects of Cybersecurity
    (Georgia Institute of Technology, 2019-10-04) Swire, Peter
    According to the National Initiative for Cybersecurity Education, half of the cybersecurity specialties now involve primarily non-code work. This lecture draws on the "Pedagogic Cybersecurity Framework" published in 2018 in the Communications of the ACM. It extends the OSI stack to layer 8 (organizations), layer 9 (government), and layer 10 (international), showing the broader range of subject-matter expertise that organizations now need for effective cybersecurity. The lecture will also extend the PCF to privacy as well as cybersecurity.
  • Thumbnail Image
    Item
    Simulation-Based Cyber Wargaming
    (Georgia Institute of Technology, 2019-09-27) Kam, Ambrose
    Cyber threats are rampant and their potential damages to enterprises continue to soar over time. Hence, cyber resilience techniques need to be examined and assessed for their effectiveness before deployment. Red Teaming and vulnerability scans are useful tools but they do not effectively address zero-day threats. Risk analysis and resilience assessments should be performed relative to existing and emergent attack vectors. Simulations would be the next best thing to answer the What-If questions. Wargaming is increasingly popular not just for Defense Industry but also in commercial enterprises. Industries are turning to simulation-based cyber wargaming to discover new tactics, techniques and processes (TTP) that enhances mission resiliency. Additionally, cyber wargaming can be an useful tool for operator training.
  • Thumbnail Image
    Item
    Can Data Provenance Put an End to the Data Breach?
    (Georgia Institute of Technology, 2019-09-13) Bates, Adam
    In a provenance-aware system, mechanisms gather and report metadata that describes the history of each data object being processed, allowing us to understand how objects came to exist in their present state. Excitingly, we can also use provenance to trace the actions of system intruders, enabling smarter and faster incident response. In this talk, I will describe our efforts to manage and analyze attack provenance in today’s massive distributed environments. First, I will explain how grammar induction techniques can be applied to provenance graphs in order to eliminate redundancy in distributed logs and correlate events across a network. Next, I will share our recent results on combatting the problem of intrusion detection “alert fatigue” through a provenance-based triage technique. I will conclude by discussing some of the opportunities and challenges that are guiding our continued work in this space. By addressing key security and performance issues, this work is paving the way for the further proliferation of secure provenance capabilities.
  • Thumbnail Image
    Item
    Trusting Smart Cities: Risk Factors and Implications
    (Georgia Institute of Technology, 2019-09-06) Loper, Margaret
    In the coming decades, we will live in a world surrounded by tens of billions of devices that will interoperate and collaborate in an effort to deliver personalized and autonomic services. This paradigm of objects and things ubiquitously surrounding us is called the Internet of Things (IoT). Cities may be the first to benefit from the IoT, but reliance on these machines to make decisions has profound implications for trust. Trusting smart cities refers to the confidence and belief of smart city installations to be capable of operating securely, reliably, and accountably. In order to understand how trust applies to smart cities, we introduce formal definitions of trust and risk, and present three risk factors that capture the range of issues that must be considered when deploying smart city technologies. Building on these risk factors, a threat analysis matrix for capturing how well smart cities are addressing these risks is proposed.