Author: Joshua Preston

Chair’s Message | An Inflection Point for the Curriculum Talks

Feb. 5, 2021

Dear Cybersecurity and Privacy Community,

The most fascinating committee you haven’t heard about may be SCP’s Curriculum Committee. I can see the email now: “Really? Curriculum? DeMillo, you are indeed an academic geek.” Curriculum is important, but I understand that most people would find endless discussions of required courses, assessments, credits, and pre-requisites a little, well, dry. But those are not the things that fascinate me.

I have been attending most of the meetings that committee chairs Profs. Antón and Goodman hold to discuss the degrees SCP will eventually offer, and I’ve noticed that the conversation has evolved recently. Cybersecurity is inherently interdisciplinary, which means that topics covered and skills learned are drawn from diverse fields. A consequence is that the instructors who lecture on those topics and teach those skills are often, intellectually speaking, miles apart. They are trained differently. Standards of scholarship are different, and—most importantly—they are very good at articulating why their work is of central importance. It’s a chasm that is especially apparent in discussions of curriculum. Georgia Tech has two very strong groups: one in the science and engineering of information security and the other in cybersecurity policy.

Practitioners from the technical camp tend to believe their work is clear-cut and unfettered by the messy matters of policy. Those who specialize in policy argue that policy studies have their own methods and standards that can be carried out without a detailed understanding of the underlying technology.

Recently, however, context entered the vocabulary of the curriculum committee. The occasion for this was a mini-seminar that College of Computing Dean Charles Isbell conducted on the origins of the Threads curriculum in computer science, an approach to undergraduate education that led to important curriculum changes nationwide. The Threads curriculum is all about context. Most people learn computing because they want to use computation for some broader purpose (like simulating an imploding star, predicting the behavior of complex markets, analyzing ancient texts, or exploring human intelligence). If you focus on the reason that people want to compute, Dean Isbell argued, you can teach the basics in that context much more effectively and efficiently. 

The implications for SCP are important. The technology of cybersecurity only makes sense in the context of how it is used and regulated by human beings. This helps us to decide which are the important problems to pursue. On the other hand, policies that guide human behavior change with the underlying technology.

If we are successful in weaving together the several cultures that make up cybersecurity and privacy it will likely be due to inflection points like this one.

By the way, this is part of a much longer sermon on how technologies that bump up against regulations are stimulated to innovate in ways that would be unlikely if they simply ignored social, economic, and political constraints. It’s one of the reasons that I keep this book on my bookshelf as a reminder that Nobel Prizes and Turing Awards are often found in that soup.

February may be the shortest month of the year, but there’s no shortage of cybersecurity and privacy activities already underway.

A new key partnership between Georgia Tech and the National Security Innovation Network (NSIN) is now offering students several opportunities, including the month-long Mad Hacks: Fury Code Hackathon, which starts today. Patrick Reynolds, Georgia Tech’s program director for NSIN, hinted that he would love to see participation from Georgia Tech surpass Carnegie Mellon and Berkeley. Our students are always up for a challenge I think. That and there’s a $70K pot total for winners and the chance to continue developing your solutions alongside top experts.

Next week is the (virtual) Atlanta Cybersecurity Summit, where Brendan Saltaformaggio will represent Georgia Tech on the panel “The Future of Cloud Security.” On the same day, Feb. 11, the Sam Nunn School of International Affairs invites Jason Matheny, director of the Center for Security and Emerging Technology at Georgetown University, for a virtual talk on “Security Implications of Emerging Technologies.”

In a few weeks, the institute will be a leading contributor to the Network and Distributed System Security Symposium, Feb. 21-25. You can explore Georgia Tech technical papers along with a visual analysis by the school of all organizations at NDSS.

Georgia Tech also welcomes this month a new interim Chief Information Security Officer, Didier Contis. He is the director of Technology Services for the College of Engineering and started as interim CISO effective Feb. 1. Didier will be a part of the Office of Information Technology’s senior leadership team and report to Daren Hubbard, chief information officer and vice president for Information Technology. Didier was a key member of the Commission on Creating the Next in Education that I co-chaired with Prof. Bonnie Ferri a few years ago. It is good to see him in this new role.

I also want to give a shout out to the outgoing CISO, my friend, colleague, and Georgia Tech alumnus Jimmy Lummis. Jimmy worked tirelessly to build the institute’s cybersecurity and privacy culture during his tenure here.

Visit our website for activities and news that I couldn’t squeeze into this space. I received my second Pfizer injection yesterday, so I will be taking a day off from our regular Friday Open Office Hours. Prof. Mustaque Ahamad will be filling in for me. Be sure to ask him about the relationship between policy and technology in cybersecurity.

Sincerely,

Rich DeMillo
Charlotte B. and Roger C. Warren Chair of Computing 
Chair, School of Cybersecurity and Privacy   

Visit me at www.demillo.com
Follow me on Twitter @rad_atl and @richde

► VIDEO | Discovering Ad-driven Social Engineering Campaigns at Scale

VIDEO | January 29, 2021, 12 pm EDT

Presented by Phani Vadrevu
Assistant Professor, University of New Orleans

Abstract  

Malicious ads often use social engineering (SE) tactics to coax users into downloading unwanted software, purchasing fake products or services, or giving up valuable personal information. These ads are often served by low-tier ad networks that may not have the technical means (or simply the will) to patrol the ad content they serve to curtail abuse. This lecture will describe a system for large-scale automatic discovery and tracking of SE Attack Campaigns delivered via Malicious Advertisements (SEACMA). The system aims to be generic, allowing us to study the SEACMA ad distribution problem without being biased towards specific categories of ad-publishing websites or SE attacks. Professor Vadrevu will share thoughts on methods to find potential research ideas to focus on in the area of social engineering and web security drawing from personal experiences.

Speaker Bio

Phani Vadrevu is an Assistant Professor in the Department of Computer Science at the University of New Orleans. He is a member of the UNO Cyber Center, a group of faculty members, full-time researchers, and students focused on solving cybersecurity problems. He is interested in all areas of applied security. His current research interests lie in web security topics like phishing, social engineering attacks, and telephony scams. The work often involves applications of machine learning techniques to solve security problems.

Chair’s Message | A ‘Historic’ Faculty Meeting

January 29, 2021 

Dear Cybersecurity and Privacy community, 

I thought you’d like a peek at the first ever SCP faculty meeting, which took place on Tuesday. These are some of the people who are helping design the programs, labs, courses, and other experiences that will define the home of cybersecurity and privacy at Georgia Tech.  

I’ve attended a lot of faculty meetings in my career. They tend to be business-like. Calling these sessions “faculty meetings” is a little misleading. Everyone who is involved with a department’s operation — not just classroom instructors — is invited. There are committee reports, votes, task assignments. Plans are made for new research proposals. The chair makes administrative announcements. Occasionally, a long simmering dispute will erupt into an actual debate. In short, they are necessary and important gatherings, but they are seldom memorable. I will remember this one. 

Recall that six months ago there was no School of Cybersecurity and Privacy. All the people you see in the screenshot (and the dozen or more others who were there but not on screen) were doing other things in other schools and laboratories that had a piece of Georgia Tech’s cybersecurity action. Now they are designing the school’s curriculum, examining job applications from around the world, deciding which PhD students to admit, and working with our many sponsors and partners. Here are a few of the highlights. 

  • External collaborations and engagement: Gloria Greissman talked about anticipating the needs of external organizations and ensuring we have programs in place to address those needs. 
  • Online Master’s in Cybersecurity: Milton Mueller’s overview of the policy track in the current master’s degree program explained the challenges in blending technical courses with fields that are more focused on legal, governmental, and human problems. 
  • Curriculum: Annie Antón and Sy Goodman presented the first timeline for undergraduate cybersecurity education. The curriculum committee’s aggressive schedule is to have an undergraduate degree ready for the start of the fall semester. 
  • Recruiting: Although we begin with a core of committed faculty members, Wenke Lee, chair of the SCP hiring committee, reports a strong response to ads for new faculty members in many key subspecialties. 
  • Governance: Peter Swire reported on the results of his committee’s analysis of policies used internally and by other institutions related to faculty governance and appointments. 

After the virtual gathering, Annie Antón said this was a “historic” first general faculty meeting. I appreciate the sentiment and hope it carries forward as we take the next steps. The meeting was a prelude to the school’s first faculty retreat in February, which will be an important and tangible opportunity for faculty to have a voice in defining the school and its approach to cybersecurity and privacy education and research. 

Thanks for reading and please visit the school online for ways to engage and learn about all the dynamic activities faculty and students are involved in.  

Sincerely,   

Richard DeMillo  
Charlotte B. and Roger C. Warren Chair of Computing 
Chair, School of Cybersecurity and Privacy  

Visit me at www.demillo.com 
Follow me on Twitter @rad_atl and @richde 

Grid Cybersecurity Strategy in an Attacker-Defender Model

January 22, 2021, 12 pm EDT | Virtual Talk LINK

Presented by, Yu-Cheng Chen
Ph.D. student at Georgia Institute of Technology in the School of Electrical and Computer Engineering

Abstract  

With enough computing power and time, an attacker can figure out a password or secret key. This talk addresses modeling the behavior of the attacker and the defender in order to analyze the evolution of cyber-attacks. Chen will introduce an approach that can help cyber-security managers optimize their defense strategies. The analysis provides mathematical proofs and insight into when access controls (such as passwords, internet protocol addresses, and session keys) should be reset to minimize the probability of a successful attack. 

Speaker Bio

Yu-Cheng Chen is a 5th year Ph.D. student at Georgia Institute of Technology in the School of Electrical and Computer Engineering. He graduated from the University of Washington with a double Bachelor’s Degree in Electrical Engineering and Computer Engineering. He also graduated from the University of California, Los Angeles with a Master’s Degree in Electrical Engineering. His research interest is risk assessment in cyber-physical systems.

Chair’s Message | Digital Transformation has a Role in School’s Curriculum

Jan. 22, 2021 

Dear Cybersecurity and Privacy community, 

Digital transformation, accelerated by the pandemic, continues to play out in front of us, forcing organizations to rethink how they operate, and creating space for new industries to innovate in ways that would have been improbable a few years ago.  

During last week’s open office hours, we talked once again about the SolarWinds breach (building on the conversation we had started with Georgia Tech CISO Jimmy Lummis the week before) and how it might affect SCP’s courses and curriculum. I would like to say we were able to wrap the discussion up, but it was soon apparent that vertical industries (new and old) must have a say in how they deal with the vulnerabilities that come with digital transformation.  

I have encouraged the school’s Curriculum Committee to reach out to the university community broadly to gauge the gaps that our classes might fill. If you have ideas to share, please send them directly to me or one of the committee co-chairs, Professors Sy Goodman and Annie Antón. I am hopeful that we can host a roundtable or other events later this year to continue the conversation in person. The Curriculum Committee has set an aggressive schedule for launching new undergraduate courses, so your input right now can have a major impact. These meetings are an excellent way to build community and define our culture. We will continue to meet virtually every Friday afternoon at 1PM EST. You can find the link here.  

January and February tend to be slow months for conferences and symposia. I am taking advantage of this slower pace to ask school committees to accelerate their agendas. You should be hearing more from them in the coming weeks. In the meantime, there will be virtual visits and colloquia from cybersecurity researchers (spoiler alert: some of these visitors are job candidates, so consider attending a talk or two to meet future professors). There will also be some surprise announcements in February that will help cement Atlanta’s growing reputation as the North American cybersecurity hub.  

Monthly faculty meetings begin next Tuesday. Remember that SCP faculty members include all instructional staff, tenure-track academic faculty members, research faculty and many professionals in administrative roles. Most have received their invitations by now. If you missed yours, please send Kenya Payton a note and we will get one sent out to you right away. Faculty members should also keep their eyes peeled for a “Save the Date” notice for our first school retreat. 

Another interesting development concerns a new alliance with the National Security Innovation Network. NSIN will offer programs, events, and resources to student entrepreneurs at Georgia Tech. These include fellowships, employment and recruiting events, training workshops, and hackathons, the first of which is scheduled next month. 

I hope you’ll find a free moment to connect with us. In addition to the events mentioned above, check out the weekly virtual cybersecurity lecture series. You can find details on the school’s website.  

Sincerely, 

Richard DeMillo
Charlotte B. and Roger C. Warren Chair of Computing
Chair, School of Cybersecurity and Privacy  

Visit me at www.demillo.com
Follow me on Twitter @rad_atl and @richde     

Securing Democracy in the Fourth Industrial Revolution

January 15, 2021, 12 pm EDT | Virtual Talk LINK

Presented by, L. Jason Anastasopoulos
Assistant Professor in Public Administration and Policy and Political Science at the University of Georgia

Abstract
In this talk I will be discussing some of my research which focuses on designing systems needed to secure democracy and democratic political institutions, such as elections, in the interconnected digital world of the “fourth industrial revolution.” 

Speaker Bio
Jason is an upcoming fellow at the Safra Center for Ethics at Harvard University and an Assistant Professor at the School of Public and International Affairs, the Department of Statistics (by courtesy) and the Institute for Artificial Intelligence at the University of Georgia. was also recently selected to serve as the Microsoft Visiting Professor of Information Technology Policy at Princeton University.

His research uses behavioral and institutional approaches to understand the threats that emerging technologies pose to democratic institutions, international security and international political economy. He also does research on political methodology focusing on text analysis, image analysis, machine learning and causal inference.

His work has been published or accepted for publication in economics, political science, computer science and public policy journals including the Journal of Human Capital, the American Political Science Review, Political Analysis, the Journal of Public Administration Research and Theory, Proceedings of the Association for the Advancement of Artificial Intelligence, Electoral Studies and others.

Chair’s Message | New Challenges and Opportunities in 2021

January 15, 2021 

Dear Cybersecurity and Privacy community,  

Welcome back from the extended holiday break. I hope we can meet face to face in 2021. 

Besides all the political happenings in December, there was a year-end watershed moment for the new School of Cybersecurity and Privacy: the revelation that the ubiquitous SolarWinds Orion software had been breached by exploiting vulnerabilities in its software supply chain. Georgia Tech’s CISO Jimmy Lummis joined me at my open office hours session last Friday to talk about the nature of the attack and its implications for cybersecurity research and education.  Jimmy also offered some insights into how organizations like Georgia Tech managed to shield itself from the attack’s worst effects.  Spoiler alert: luck played a significant role. Thanks to all of you who attended and participated in the fascinating discussion.   

Here’s why I believe SolarWinds is a defining moment for cybersecurity education at Georgia Tech: Tech graduates in large numbers end up in product engineering, business decision-making and policy-formulating positions in myriad vertical industries. All of those industries have vulnerabilities like the one exploited in the SolarWinds attack. Understanding attacks like SolarWinds must be an objective of every major on campus if our graduates are going to be well prepared for the challenges they will encounter in the workplace. This was the same reasoning that led Georgia Tech to be among the first research universities to require a working knowledge of computer science for every major. Now is the time to figure out how to equip all Tech graduates with basic cybersecurity skills. I cannot think of a more important challenge as we launch our design of courses and curricula. Please give us your thoughts on this topic. The Curriculum Committee, led by Professors Annie Antón (Interactive Computing) and Sy Goodman (International Affairs) are hard at work on these questions and your input is important. 

The school has an opportunity to define the template for how students and academic professionals will tackle cybersecurity and privacy challenges today and in the future. 

As an example, this month the Online Master of Science in Cybersecurity turns two years old. Within that period, the program has grown to enroll almost 1,000 students, with 11 graduates so far.  

Many of the students in the program are working professionals and through their studies they have provided tangible security benefits to their employers. Student Michael Nichols of Murrieta, Calif., shared one such example:  

“Just recently my company was being hit with network-crippling DDOS attacks. It just so happened that we were studying these types of attacks in my CS 6035 class at the same time. With the knowledge I gained, I was more clearly able to communicate what exactly was going on to upper management and recommended appropriate actions,” Nichols said. 

Other students have shared testimonials and you can read about those on the school’s new homepage at https://scp.cc.gatech.edu. I hope you’ll note the diversity represented among the students, something we can be proud of and continue to grow. 

Many of you said you enjoyed my conversation with OneTrust founder and CEO Kabir Barday in November. Thanks to Jennifer Whitlow and her team for hosting; an edited version has been posted here. Feel free to share this link on your own social networks. 

With new beginnings come new opportunities, and we have a wealth of them in front of us. But there are also an equal number of challenges to address. I hope to meet you on the journey as we work through both together, and please remember to make your voices heard by reaching out to the school’s Executive Committee, chaired by Mustaque Ahamad. 

Sincerely, 

Richard DeMillo
Charlotte B. and Roger C. Warren Chair of Computing
Chair, School of Cybersecurity and Privacy  

Visit me at www.demillo.com
Follow me on Twitter @rad_atl and @richde     

Cybersecurity Expert and Alum Raheem Beyah Named Engineering Dean

Beyah is one of the founders and a faculty member for the School of Cybersecurity and Privacy, the institute’s newest academic unit.

Jan. 4, 2021

Raheem Beyah has been selected as Georgia Tech’s new dean of the College of Engineering. Beyah is currently Georgia Tech’s vice president for Interdisciplinary Research, executive director of the Online Master of Science in Cybersecurity program, and is the Motorola Foundation Professor in the School of Electrical and Computer Engineering (ECE) at Tech. He will begin his duties as dean on Jan. 15. Beyah is replacing Steven McLaughlin in that position. McLaughlin assumed duties as Georgia Tech’s provost and executive vice president for Academic Affairs on Oct. 1, 2020.

Raheem Beyah

“We are fortunate to have the largest and one of the best engineering programs in the nation, in large part due to the teaching, research, and national leadership of our faculty. Raheem Beyah is collaborative, visionary, innovative, and committed to people. I look forward to working even more closely with him in his new leadership role in the College of Engineering,” said Steven McLaughlin.

Beyah is a Georgia Tech alumnus. He earned his master’s and Ph.D. in electrical and computer engineering from Georgia Tech in 1999 and 2003, respectively. He received his Bachelor of Science in Electrical Engineering from North Carolina Agricultural and Technical State University in 1998. A native Atlantan, he is a graduate of the Atlanta Public Schools system.

Beyah also leads the Communications Assurance and Performance Group and is affiliated with the Institute for Information Security and Privacy. He is co-founder and board chair of Fortiphyd Logic Inc., an industrial cybersecurity company. He serves as Institute data security lead. He is co-founder and a steering committee member of the Academic and Research Leadership Network.

He has held several additional leadership roles at Tech, including serving as interim Steve W. Chaddick ECE School Chair during the 2017-18 academic year, ECE’s associate chair for Strategic Initiatives and Innovation (2016-18), and chair of ECE’s Computer Systems and Software Technical Interest Group (2015-17).  He received the National Science Foundation CAREER award in 2009 and was selected for the Defense Advanced Research Project Agency (DARPA) Computer Science Study Panel in 2010. He is a member of the American Association for the Advancement of Science (AAAS), the American Society for Engineering Education (ASEE), a lifetime member of the National Society of Black Engineers (NSBE), a senior member of the Institute of Electrical and Electronics Engineers (IEEE), and an Association for Computing Machinery (ACM) distinguished scientist.

Prior to becoming a faculty member at Georgia Tech, Beyah was an assistant professor in the Department of Computer Science at Georgia State University, a research engineer with ECE at Tech, and a consultant with Andersen Consulting (now Accenture). He has served as guest editor for a number of journals and magazines, including IEEE Network Magazine and IEEE Communications Magazine, and as associate editor of several journals in the field.

He has been named to Atlanta Magazine’s “Atlanta 500,” the Atlanta Business Chronicle’s “Up & Comers: 40 Under 40,” and Georgia Trend Magazine’s “40 Best and Brightest Under 40.” Active in the community, he is a graduate of Leadership Atlanta, Leadership Georgia, and L.E.A.D Atlanta.

Leading the 19-member College of Engineering Dean Search Committee was Ayanna Howard, professor and chair, School of Interactive Computing. “We are very grateful to Dr. Howard and all of the members of the search committee for their thorough work on a short timeline and during a challenging semester,” said McLaughlin.

The Georgia Tech College of Engineering continues to be recognized as an elite engineering school and one of the top public institutions in the nation. The undergraduate engineering program at the College is ranked No. 4, and the graduate program is ranked No. 8 in the latest America’s Best Colleges edition of U.S. News & World Report. All of the programs, both graduate and undergraduate, offered by the nation’s largest and most diverse engineering college placed among the top 10 in their respective areas. The College is also ranked No. 1 in doctoral degrees awarded to African Americans (Diverse: Issues in Higher Education) and is the largest producer of engineering degrees awarded to women and underrepresented minority students, according to the American Society of Engineering Education and Diverse: Issues in Higher Education.

Georgia Tech’s College of Engineering has more than 150 interdisciplinary research centers and labs. The College occupies more than a million square feet of research and office space on Georgia Tech’s campus. It had more than $270 million in research expenditures in fiscal year 2019. More than one-third of its undergraduate students participate in research.

As one of the most research-intensive academic institutions in the nation, Georgia Tech is committed to the idea that technology, the science that supports it, the scholarship that guides it, and the leadership that deploys it can help improve the human condition. 

About the Georgia Institute of Technology

The Georgia Institute of Technology is a top 10 public research university with nearly 40,000 students who study in person at the main campus in Atlanta, at Georgia Tech-Lorraine in France, at Georgia Tech-Shenzhen in China, as well as through distance and online learning.

Students represent 50 states and 149 countries. Its engineering and computing Colleges are the largest and among the highest-ranked in the nation, and the Institute also offers outstanding programs in business, design, liberal arts, and sciences. With more than $1 billion annually in research awards across all six Colleges and the Georgia Tech Research Institute (GTRI), Georgia Tech is among the nation’s most research-intensive universities. It is an engine of economic development for the state of Georgia, the Southeast, and the nation.

Georgia Tech’s mission is to develop leaders who advance technology and improve the human condition. Its mission and strategic plan are focused on making a positive impact in the lives of people everywhere. For more than 135 years, the people of Georgia Tech have dared to imagine and then create solutions for a better future. The innovative culture and leadership continue, for Progress and Service for all.

Test_featured image

As part of a new entrepreneurship initiative, the College of Computing is hosting a monthly virtual speaker series with various alumni and faculty around different topics. Rich DeMillo, chair of the School of Cybersecurity and Privacy, will host a fireside chat on entrepreneurship and cybersecurity with Kabir Barday, CS 09, founder and CEO of OneTrust on Nov. 19, 7 p.m. EDT. The talks are open for GT Computing students and alumni to participate, and start with a fireside chat followed by audience Q&A.

Chair’s Message | Curriculum is Paramount

Dec. 4, 2020 

Dear Cybersecurity and Privacy community, 

You may have missed it in my message before Thanksgiving week, so it bears repeating: the whole point of a school at Georgia Tech is education. We are used to thinking about education in familiar terms: lectures, exams, grades, credits, degrees, semesters. And curriculum. I hope you noticed the emphasis on the word curriculum. It’s the one thing we professors like to hang our hats on when we talk about education.  

When pressed, most people would say that a curriculum is the prescribed sequence of courses leading to a defined academic goal (like a degree). The problem is that degrees — or grades or even courses for that matter — are not educational outcomes. A degree, for example, does not measure whether material has been mastered. Most of the time a degree doesn’t even ensure proficiency in basic skills. A simple listing of courses commoditizes learning. The same series of courses can lead to wildly different educational outcomes. A list of courses doesn’t define how subjects are learned or the units of achievement. It doesn’t define what is excluded or what subjects are implicit. Nor does it define how students experience learning. In other words, the one thing we professors like to hang our hats on doesn’t say much about how we plan to shape a student’s learning. 

The reason I am (painfully) telling you how little real meaning is packed into the word curriculum is that our school now has a Curriculum Committee, and, evidently, the first thing that the committee must do is articulate a vision for the SCP learning experience. That’s not a clerical task. I expect they will talk to a lot of people over the coming weeks or months. They will spark conversations. There will be strong opinions stated forcefully. I hope there will be arguments about what we stand for.    

Here’s an example: I believe that cybersecurity requires an active learning experience called project-based learning (PBL). Internships, for example, are one way to approach PBL. Some universities, like tiny Olin College of Engineering (@OlinCollege) have thrown out traditional lecture-based courses entirely in favor of projects where students must demonstrate skills mastery to make progress through the curriculum. There’s a mountain of data that points to the superiority of active learning, but it’s messy. Stanford Dean of Education Dan Schwartz calls it a “pile of goo.” 

I’ve asked our new curriculum committee to not be deterred by all this ambiguity. We don’t have to resolve issues right away. We do have to begin the conversations though. We will begin that process right after the winter holidays. It’s not often that educators get to start with a blank sheet of paper. I hope you will all find a way to make your voices heard. 

Final exams and the end of this nonstandard semester are upon us, but professional activities will continue. 

Next week, at the Annual Computer Security Applications Conference, a research team from Georgia Tech, led by CS Professor Wenke Lee and ECE Asst. Professor Brendan Saltaformaggio, will demonstrate via simulation the vulnerability of stock markets to being manipulated by a botnet of compromised brokerage accounts. In a paper co-authored by CS Professor Mustaque Ahamad, researchers explore whether it is possible to build a practical collaborative phone blacklisting system that makes use of mechanisms to provide privacy guarantees to participants who collaborate to detect spam callers. Also accepted in the technical program is “A Flexible Framework for Expediting Bug Finding by Leveraging Past (Mis-)Behavior to Discover New Bugs” co-authored by ECE Assoc. Professor Manos Antonakakis. Georgia Tech, as at CCS 2020, is a leader in the technical program.  

I encourage all GT faculty and researchers to please continue sharing with the school their efforts in cybersecurity and privacy. This will give us a broader perspective of the institute’s larger body of work. The school ultimately is a resource for Georgia Tech’s total cybersecurity and privacy efforts. We want to be able to make connections across campus no matter where you work or study.   

A cybersecurity milestone for the institute that we can all celebrate will take place one week from today. At the fall commencement ceremony on Dec. 11, students from the Online Master of Science in Cybersecurity degree program’s first official cohort will receive their degrees. We are excited to share more about these graduates next week and celebrate with them. 

Also, just for fun and to finish out your busy finals schedule, the school created an interactive chart from Cybersecurity Ventures’ list of ‘hacker’ movies. You might find some old friends or new films worth checking out.  

This is my final letter of the semester and today at 1 p.m. EDT is the last open office hour I’ll hold this semester. All are welcome and if any of our soon-to-be graduates want to come by it would be a treat to hear about what comes next for you.  

Please have a safe holiday season. I will be back with more news and other thoughts about our new school in January.  

Sincerely,     

Richard DeMillo
Charlotte B. and Roger C. Warren Chair of Computing
Chair, School of Cybersecurity and Privacy  

Visit me at www.demillo.com
Follow me on Twitter @rad_atl and @richde