“Sensing with Random Encoding for Enhanced Security in Embedded Systems”

Friday, April 23, 2021 | 12 – 1 pm | REGISTER NOW

Kevin Hutto
Ph.D. Student – Georgia Tech ECE

Co-sponsored by the School of Cybersecurity and Privacy and the Institute for Information Security and Privacy

Abstract:

Embedded systems in physically insecure environments are subject to additional security risk via capture by an adversary. A captured microchip device can be reverse engineered to recover internal buffer data that would otherwise be inaccessible through standard IO mechanisms. We consider an adversary who has sufficient ability to gain all internal bits and logic from a device at the time of capture as an unsolved threat. In this talk we present a novel sensing architecture that enhances embedded system security by randomly encoding sensed values. We randomly encode data at the time of sensing to minimize the amount of plaintext data present on a device in buffer memory. We encode using techniques that are unintelligible to an adversary even with full internal bit knowledge. The encoding is decipherable by a trusted home server, and we show an architecture to perform this decoding. Our experimental results show the proposed architecture meets timing requirements needed to perform communications with a satellite utilizing short-burst data, such as in remote sensing telemetry and tracking applications.

Speaker Bio:

Kevin Hutto is a PhD student at the Georgia Institute of Technology in the school of Electrical and Computer Engineering. Before starting graduate school he spent five years in the US Navy serving as an officer in the engineering department on a nuclear submarine. As a student at Georgia Tech he has been part of Dr. Mooney’s Hardware/Software Codesign for Security group, working to improve security in areas historically overlooked.

Systems & Cryptography Research in Defense of Democracy

April 13, 2021 12:00 p.m | LINK

Mike Specter
Ph.D. candidate in Electrical Engineering and Computer Science at MIT

SCP Seminal Talk
Presented by the School of Cybersecurity and Privacy

Abstract:

In the recent U.S. primary and presidential elections, the COVID-19 pandemic forced states to prepare for the eventuality that voters would not be able to cast their ballots safely in person. As a result, many elections administrators planned to deploy commercial internet voting systems to help facilitate remote participation in the elections. While internet voting has motivated decades of research in cryptography and systems security, the design and security guarantees of the commercially-available internet voting systems were largely unknown and intentionally obfuscated. 

In this talk, I will present my research which provided the first comprehensive security evaluation of the dominant internet voting systems used in U.S. federal elections. My analysis revealed that all such systems suffer from flaws that could allow attackers to expose a voter’s private ballot, change votes, or otherwise influence an election’s outcome. As a direct result of this work, many states altered or canceled plans to use these internet voting systems in the 2020 primary and general elections. 

Central to this research is an understanding of how the economic, regulatory, and technical attributes of actors can result in a misalignment of incentives, ultimately leading to security vulnerabilities in high-stakes systems. Expanding on this theme, I will discuss my work on two similar problem domains — practical deniable messaging protocols and encryption and surveillance — that further demonstrate how an interdisciplinary approach is crucial for solving important societally-relevant problems in cryptography and systems security.

Bio:

Michael A. Specter is a Ph.D. candidate in Electrical Engineering and Computer Science at MIT, advised by Gerald Jay Sussman and Danny Weitzner. His research focuses on systems security and applied cryptography, with an emphasis on problems that have an impact on public policy and society. His interdisciplinary work earned him an Pioneer Award from the Electronic Frontier Foundation, a JD Falk Award from the M3AAWG, and a Google ASPIRE PhD fellowship. His research has been extensively covered in the popular press, including by The New York Times, The New Yorker, CNN, Vice, Bloomberg, Fortune, and The Economist. 

Specter holds Master’s degrees in EECS and Technology Policy from MIT. He has held research internships with both Apple and Google, and, prior to embarking on his Ph.D., he spent five years as a research scientist in MIT’s Lincoln Laboratory where he focused on operating systems security, vulnerability discovery, and reverse engineering in the interest of national security.

“Security as a Whole – An Overview of a Security Management Framework in Today’s Society”

April 9th, 2021 | 12:00pm – 1:00pm EDT | LINK

Dr.Frederick Benaben
Professeur – IMT Mines Albi

Cybersecurity Virtual Lecture Series
Co-sponsored by the School of Cybersecurity and Privacy and the Institute for Information Security and Privacy


Abstract:

The consistency and the concordance of the parallel evolutions of security (as a whole) and society (as a complex system) might be questionable. Do security management practices and tools remain appropriate and efficient for our society’s insane trajectory towards hyper-density and hyper-connection? In order to explore this question, the webinar will focus on presenting a framework for characterizing and formalizing risk and security management before delivering some significant elements of our society’s evolution. By crossing the two and assessing the adequacy of security management approaches to current societal specificities, the needs and avenues of evolution of security will be put forward. The research conducted today and for more than 15 years by Frederick Benaben aims to formalize a systemic vision of risk and crisis management, in order to define and experiment the role that technological innovations can play in the deployment and evolution of information systems dedicated to security management. In his talk, Frederick Benaben will present both a theoretical framework for global security management and technological advances for security management adapted to the evolution of our society. 

Speaker Bio:

Dr. Frederick Benaben is Full Professor (Industrial Engineering Center, IMT Mines Albi), Adjunct-Professor at Georgia Tech ISyE and Beijing JiaoTong University SEM. At IMT Mines Albi, he is the head of the research axis “Security and Crisis Management”, of the thematic group “Model-Driven Engineering” and Director of the IS/AI Engineering Master Major. He is Director of the IOMEGA-VR Lab (Immersive Technologies for Security) and Co-Director of the International Laboratory SIReN (Sentient Immersive Response Network), between IMT Mines Albi and Georgia Tech ISyE. He works on the use of data to model instable situations and support decision making and security management. Frederick Benaben is the instigator and coordinator of the works on the R-IOSuite platform for crisis management which has been semi-finalist of the 2019 IBM Call4Code competition (one of the 5 selected European software, 25 worldwide, among 5,000+ competitors). Frederick Benaben believes in imagination, in the ideas you draw on the corner of a board, in interdisciplinarity and in hard and collective work for the purpose of applied research.

Imagine All The People On A Trustworthy Internet

Apr. 1, 2021 12:30 p.m | LINK

Marshini Chetty
Assistant Professor, Department of Computer Science University of Chicago

Presented By
GVU Center Distinguished Alumni
Brown Bag Seminar Series

Abstract:

Imagine a world where the Internet caters to all types of users and hosts trustworthy content. Right now, this world seems far off for many reasons. For instance, this world would require us to think more broadly of user needs beyond an `average’ tech-savvy adult user—one who is assumed to be always online with a reliable Internet connection. Moreover, this world would require us to host content that is not misleading or manipulative in some way—content that can be evaluated at face value by various users. To achieve this lofty goal, we first need to deeply understand and catalogue different types of Internet users’ needs and also develop ways to assess and make misleading online content more apparent to end-users.

In this talk, I will present a set of case studies from my research lab that helps further the goal of a trustworthy Internet for all. I will describe various projects geared at understanding a wide variety of Internet users’ needs for online privacy and security in different contexts from children to those in developing contexts. I will also describe work that provides empirical evidence of misleading content online such as `dark patterns’ and disguised advertisements and create solutions to help users to better evaluate this content. These case studies will demonstrate how important it is to study the privacy and security needs of those who do not fit the “average” user mold and demonstrate possible solutions for helping users gain more trust in information on the Internet. I conclude with open questions for imagining an Internet which is more trustworthy and inclusive to all people.

Speaker Bio:

Marshini Chetty is an assistant professor in the Department of Computer Science at the University of Chicago where she directs the Amyoli Internet Research Laboratory (AIR lab). She specializes in human-computer interaction, usable privacy and security, and ubiquitous computing. Her work has won best paper and honorable mention awards at SOUPS, CHI, and CSCW, and she was a co-recipient of the Annual Privacy Papers for Policymakers award. Her research has been featured in the NYTimes, CNN, Washington Journal, BBC, Chicago Tribune, The Guardian, WIRED, and Slashdot. She has received generous funding from the National Science Foundation, through grants and a CAREER award, as well as the National Security Agency, Facebook, and multiple Google Faculty Research Awards. Marshini started her journey in the USA after she completed her MSc., BSc.(Hons), and BSc. in Computer Science at the University of Cape Town, South Africa (her beautiful home country). She received her PhD in Human-Centered Computing from Georgia Institute of Technology where she was advised by Prof. Rebecca Grinter. Marshini subsequently completed a postdoctoral fellowship at the College of Computing with Prof. Keith Edwards. Following another postdoctoral fellowship at ResearchICTAfrica, she also held faculty positions at University of Maryland, College Park, and Princeton University before moving to Chicago.

“Voice Biometrics and Emerging Security Threats in the Voice Channel”

Friday, April 2, 2021 | 12 – 1 pm | REGISTER NOW

Elie Khoury
Director of Research, Pindrop

Cybersecurity Virtual Lecture Series – Co-sponsored by the School of Cybersecurity and Privacy and the Institute for Information Security and Privacy

Abstract:

Voice Biometrics is the automated recognition of individuals based on their voice characteristics that are both biological and behavioral. Voice Biometrics is currently deployed in many real world applications for personalization like voice assistants (e.g. Alexa and Google Home) or authentication and fraud prevention (e.g. in call centers). During this talk, we’re going to describe how a voice biometrics system works, what are its main different components? How deep learning is helping this task? What are the current research challenges? In covid-19 era, how does wearing a mask affect the accuracy of voice biometrics? Additionally, we will focus on the emerging threats in the voice channel including deepfakes and replay attacks. We will finally describe our attempts to secure voice biometrics against those vulnerabilities.

Speaker Bio:

Dr. Elie Khoury is a Director of Research at Pindrop. He received his Master degree and his Ph.D from the University of Toulouse (France) in 2006 and 2010, respectively. Before joining Pindrop, He occupied research roles at Google (USA), Idiap Research Institute (Switzerland), University of Eastern Finland (Finland), University of Maine (France), Columbia University (USA), and Institut de Recherche en Informatique de Toulouse (France). His research interests include biometrics, mainly speaker and face recognition and anti-spoofing. His research work was published in top conferences and journals in the field of Biometrics, speech and image processing. Dr. Khoury is a regular scientific committee member at IEEE ICASSP, Interspeech and Odyssey.

► VIDEO | Privacy-Preserving Approximate k-Nearest-Neighbors Search that Hides Access, Query and Volume Patterns

► VIDEO | March 26th, 2021 | 12:00pm – 1:00pm EDT

Tianxin Tang,
Ph.D. Candidate, Computer Science at Georgia Tech

Cybersecurity Virtual Lecture Series
Co-sponsored by the School of Cybersecurity and Privacy and the Institute for Information Security and Privacy


Abstract:

This talk examines the problem of privacy-preserving approximate kNN search in an outsourced environment — the client sends the encrypted data to an untrusted server and later can perform secure approximate kNN search and updates. We design a security model and propose a generic construction based on locality-sensitive hashing, symmetric encryption, and an oblivious man. The construction provides very strong security guarantees, not only hiding the information about the data, but also the access, query, and volume patterns. 

Speaker Bio:

Tianxin Tang is a Ph.D. candidate in Computer Science. She is interested in privacy-preserving techniques from the provable-security perspective, and her research primarily focuses on encrypted databases.

Safeguarding IoT Protocols: New Challenges and Verifiable Solutions

Mar. 25, 2021 | 1 pm EDT | LINK

Luyi Xing,
Indiana University Bloomington

SCP Seminal Talk
Presented by the School of Cybersecurity and Privacy


Title: Safeguarding IoT Protocols: New Challenges and Verifiable Solutions

Abstract: The cloud-centered IoT infrastructure has emerged to help IoT manufacturers connect their devices to their users. In the infrastructure, IoT protocols determine how IoT devices communicate with users and how they are access-controlled. However, IoT protocols come with fundamental security challenges, and can hardly guide the implementation of trusted IoT systems. In this talk, I will introduce the latest security analysis on IoT protocols in the context of real-world systems, and new insights and techniques to safeguard IoT systems. 

Bio: Luyi Xing is an Assistant Professor of Computer Science at Indiana University Bloomington. Before joining IU, he worked for three years in the industry, focusing on engineering large, distributed systems at AWS, Amazon. His primary research interest is security analysis on protocols and systems related to IoT, mobile, and cloud, and building trusted, verifiable systems and security tools. His research has been featured by large media agencies in the world, including CNN, Time, and Fox News. He received the third-place award in the National Security Innovation Competition (2014) of the Department of Homeland Security, and the CSAW Best Applied Research Paper Award (2016, 2015)

Vaccine Passports, COVID Surveillance, and Social Justice

March 24th, 2021 | 11:00am – 12:15pm EDT | Register
Sponsored by ETHIC Georgia Tech Ethics, Technology, and Human Interaction Center

Invited Panelists

Effy Vayena
Swiss Federal Institute of Technology in Zürich (ETH Zürich) Joseph A
Joseph Ali
Johns Hopkins University

Moderators

Justin Biddle (GT Public Policy) and Nassim Parvin (GT LMC )


Abstract:

The COVID-19 pandemic has led to transformations in technologies for public health surveillance. These include the emergence of vaccine passports, which certify vaccination status and structure access to societal goods, and digital tools for tracking individuals who test positive for the virus or come in contact with someone who tests positive. Many discussions of the ethics of surveillance technologies focus on privacy issues — which are, indeed, important. However, public health surveillance tools raise a host of additional ethical and social justice issues including disparity in access to services, racial and economic discrimination, global inequality, governance and accountability, and individual and collective autonomy. This panel will explore these issues.

► VIDEO | “Applying Deep Reinforcement Learning (DRL) in a Cyber Wargaming Engine”

► VIDEO | March 19th, 2021 | 12:00pm – 1:00pm EDT

Ambrose Kam,
Chief Engineer, Cyber Innovations at Lockheed Martin

Virtual Cybersecurity Lecture Series
Co-sponsored by the School of Cybersecurity and Privacy and the Institute for Information Security and Privacy


Abstract:

Cybersecurity is inherently complicated due to the dynamic nature of the threats and ever-expanding attack surfaces. Ironically, this challenge is exacerbated by the rapid advancement of many new technologies like Internet of Things (IoT) devices, 5G infrastructure, cloud-based computing, etc. This is where artificial intelligence (AI) and machine learning (ML) techniques can be called into service, and provide potential solutions in terms of threat detection and mitigation responses in a rapidly changing environment. Contrarily humans are often limited by their innate inability to process information and fail to recognize/respond to attack patterns in the multi-dimensional, multi-faceted world. The recent DARPA AlphaDogFight has proven machines can defeat even the best human pilot in air-to-air combat. This prompted our engineers to develop a minimum viable product (MVP) that demonstrates the value of a deep reinforcement learning (DRL) architecture in a simulated cyber wargaming environment. By using our simulation framework, we essentially “trained” the machine to produce the optimum combination/permutation of cyber attack vectors in a given scenario. This cyber wargaming engine allows our analysts to examine tactics, techniques, and procedures (TTPs) potentially employed by our adversaries.

Speaker Bio:

Ambrose Kam is a Lockheed Martin Fellow with over 25 years of experience in the Department of Defense (DoD) industry. He is one of the earliest pioneers at applying modeling, simulation, and operations analysis techniques to threat modeling and cyber resiliency assessment. He regularly gives lectures at MIT, Georgia Tech, and industry consortiums like the Military Operations Research Society (MORS) and National Defense Industry Association (NDIA). Ambrose has been quoted in major publications including Forbes, The Economist, etc, and has co-authored a book in Simulation and Wargames. As a subject matter expert, he represents Lockheed Martin in industry standards organizations like ISO, LOTAR, and INCITS. His most recent efforts in wargaming, Machine Learning/Deep Learning, Cyber Digital Twin, and Blockchain earned him patents and trade secret awards. In 2017, Ambrose won the prestigious Asian American Engineer of the Year (AAEOY) award for his technical leadership and innovations. He holds several advanced degrees from MIT and Cornell University as well as a Bachelor of Science degree from the University at Buffalo.

John P. Imlay Jr. Series on Entrepreneurship: Fireside Chat with Georgia Tech alumni Mark Buffington (BS MGT ’93) and Paul Judge (PhD CS ’02)

Time: Thursday, March 18, 2021 7PM EST

Presented by The College of Computing

REGISTER NOW

Georgia Tech’s College of Computing is home to a thriving startup culture that embraces those not content with just having a good idea. This entrepreneurial spirit is embodied in the College’s students, alumni, and faculty who have turned scores of good ideas into successful business ventures.To highlight these entrepreneurs and inspire those that follow, GT Computing has established the John P. Imlay Jr. Series on Entrepreneurship. This series began in 2019 with profiles of GT Computing students, alumni, and faculty that are shaping the College’s entrepreneurial culture. In fall 2020, we expanded the initiative to include a monthly speaker series.We invite you to join us on Thursday, March 18 at 7pm EST for a fireside chat with Georgia Tech alumni Mark Buffington (BS MGT ’93) and Paul Judge (PhD CS ’02) of Panoramic Ventures. Paul has been part of several cybersecurity companies. In addition to his involvement in Pindrop, he co-founded Purewire (acquired by Barracuda) and was CTO at Cyphertrust which was acquired eventually by McAfee.The evening will begin with a conversation between Mark, Paul, and Dr. Charles Isbell, Dean and John P. Imlay Jr. Chair, about how they plan to change the entrepreneurship landscape in Atlanta and why it is important to them to focus on underserved regions and overlooked founders. We will conclude the event with questions from the audience. 

REGISTER NOW
Registration will remain open until noon on March 18. All registrants will be emailed information on how to join the live stream directly from the BlueJeans virtual event platform.