Author: vsantoso3

April 13, 2021 12:00 p.m | LINK

Abstract:

In the recent U.S. primary and presidential elections, the COVID-19 pandemic forced states to prepare for the eventuality that voters would not be able to cast their ballots safely in person. As a result, many elections administrators planned to deploy commercial internet voting systems to help facilitate remote participation in the elections. While internet voting has motivated decades of research in cryptography and systems security, the design and security guarantees of the commercially-available internet voting systems were largely unknown and intentionally obfuscated. 

In this talk, I will present my research which provided the first comprehensive security evaluation of the dominant internet voting systems used in U.S. federal elections. My analysis revealed that all such systems suffer from flaws that could allow attackers to expose a voter’s private ballot, change votes, or otherwise influence an election’s outcome. As a direct result of this work, many states altered or canceled plans to use these internet voting systems in the 2020 primary and general elections. 

Central to this research is an understanding of how the economic, regulatory, and technical attributes of actors can result in a misalignment of incentives, ultimately leading to security vulnerabilities in high-stakes systems. Expanding on this theme, I will discuss my work on two similar problem domains — practical deniable messaging protocols and encryption and surveillance — that further demonstrate how an interdisciplinary approach is crucial for solving important societally-relevant problems in cryptography and systems security.

Bio:

Michael A. Specter is a Ph.D. candidate in Electrical Engineering and Computer Science at MIT, advised by Gerald Jay Sussman and Danny Weitzner. His research focuses on systems security and applied cryptography, with an emphasis on problems that have an impact on public policy and society. His interdisciplinary work earned him an Pioneer Award from the Electronic Frontier Foundation, a JD Falk Award from the M³AAWG, and a Google ASPIRE PhD fellowship. His research has been extensively covered in the popular press, including by The New York Times, The New Yorker, CNN, Vice, Bloomberg, Fortune, and The Economist. 

Specter holds Master’s degrees in EECS and Technology Policy from MIT. He has held research internships with both Apple and Google, and, prior to embarking on his Ph.D., he spent five years as a research scientist in MIT’s Lincoln Laboratory where he focused on operating systems security, vulnerability discovery, and reverse engineering in the interest of national security.

April 9th, 2021 | 12:00pm – 1:00pm EDT | LINK

---

Abstract:

The consistency and the concordance of the parallel evolutions of security (as a whole) and society (as a complex system) might be questionable. Do security management practices and tools remain appropriate and efficient for our society’s insane trajectory towards hyper-density and hyper-connection? In order to explore this question, the webinar will focus on presenting a framework for characterizing and formalizing risk and security management before delivering some significant elements of our society’s evolution. By crossing the two and assessing the adequacy of security management approaches to current societal specificities, the needs and avenues of evolution of security will be put forward. The research conducted today and for more than 15 years by Frederick Benaben aims to formalize a systemic vision of risk and crisis management, in order to define and experiment the role that technological innovations can play in the deployment and evolution of information systems dedicated to security management. In his talk, Frederick Benaben will present both a theoretical framework for global security management and technological advances for security management adapted to the evolution of our society. 

Speaker Bio:

Dr. Frederick Benaben is Full Professor (Industrial Engineering Center, IMT Mines Albi), Adjunct-Professor at Georgia Tech ISyE and Beijing JiaoTong University SEM. At IMT Mines Albi, he is the head of the research axis “Security and Crisis Management”, of the thematic group “Model-Driven Engineering” and Director of the IS/AI Engineering Master Major. He is Director of the IOMEGA-VR Lab (Immersive Technologies for Security) and Co-Director of the International Laboratory SIReN (Sentient Immersive Response Network), between IMT Mines Albi and Georgia Tech ISyE. He works on the use of data to model instable situations and support decision making and security management. Frederick Benaben is the instigator and coordinator of the works on the R-IOSuite platform for crisis management which has been semi-finalist of the 2019 IBM Call4Code competition (one of the 5 selected European software, 25 worldwide, among 5,000+ competitors). Frederick Benaben believes in imagination, in the ideas you draw on the corner of a board, in interdisciplinarity and in hard and collective work for the purpose of applied research.

Apr. 1, 2021 12:30 p.m | LINK

Abstract:

Imagine a world where the Internet caters to all types of users and hosts trustworthy content. Right now, this world seems far off for many reasons. For instance, this world would require us to think more broadly of user needs beyond an `average’ tech-savvy adult user—one who is assumed to be always online with a reliable Internet connection. Moreover, this world would require us to host content that is not misleading or manipulative in some way—content that can be evaluated at face value by various users. To achieve this lofty goal, we first need to deeply understand and catalogue different types of Internet users’ needs and also develop ways to assess and make misleading online content more apparent to end-users.

In this talk, I will present a set of case studies from my research lab that helps further the goal of a trustworthy Internet for all. I will describe various projects geared at understanding a wide variety of Internet users’ needs for online privacy and security in different contexts from children to those in developing contexts. I will also describe work that provides empirical evidence of misleading content online such as `dark patterns’ and disguised advertisements and create solutions to help users to better evaluate this content. These case studies will demonstrate how important it is to study the privacy and security needs of those who do not fit the “average” user mold and demonstrate possible solutions for helping users gain more trust in information on the Internet. I conclude with open questions for imagining an Internet which is more trustworthy and inclusive to all people.

Speaker Bio:

Marshini Chetty is an assistant professor in the Department of Computer Science at the University of Chicago where she directs the Amyoli Internet Research Laboratory (AIR lab). She specializes in human-computer interaction, usable privacy and security, and ubiquitous computing. Her work has won best paper and honorable mention awards at SOUPS, CHI, and CSCW, and she was a co-recipient of the Annual Privacy Papers for Policymakers award. Her research has been featured in the NYTimes, CNN, Washington Journal, BBC, Chicago Tribune, The Guardian, WIRED, and Slashdot. She has received generous funding from the National Science Foundation, through grants and a CAREER award, as well as the National Security Agency, Facebook, and multiple Google Faculty Research Awards. Marshini started her journey in the USA after she completed her MSc., BSc.(Hons), and BSc. in Computer Science at the University of Cape Town, South Africa (her beautiful home country). She received her PhD in Human-Centered Computing from Georgia Institute of Technology where she was advised by Prof. Rebecca Grinter. Marshini subsequently completed a postdoctoral fellowship at the College of Computing with Prof. Keith Edwards. Following another postdoctoral fellowship at ResearchICTAfrica, she also held faculty positions at University of Maryland, College Park, and Princeton University before moving to Chicago.

► VIDEO | March 26th, 2021 | 12:00pm – 1:00pm EDT

---

Abstract:

This talk examines the problem of privacy-preserving approximate kNN search in an outsourced environment — the client sends the encrypted data to an untrusted server and later can perform secure approximate kNN search and updates. We design a security model and propose a generic construction based on locality-sensitive hashing, symmetric encryption, and an oblivious man. The construction provides very strong security guarantees, not only hiding the information about the data, but also the access, query, and volume patterns. 

Speaker Bio:

Tianxin Tang is a Ph.D. candidate in Computer Science. She is interested in privacy-preserving techniques from the provable-security perspective, and her research primarily focuses on encrypted databases.

Mar. 25, 2021 | 1 pm EDT | LINK

Luyi Xing,
Indiana University Bloomington

SCP Seminal Talk
Presented by the School of Cybersecurity and Privacy

---

Title: Safeguarding IoT Protocols: New Challenges and Verifiable Solutions

Abstract: The cloud-centered IoT infrastructure has emerged to help IoT manufacturers connect their devices to their users. In the infrastructure, IoT protocols determine how IoT devices communicate with users and how they are access-controlled. However, IoT protocols come with fundamental security challenges, and can hardly guide the implementation of trusted IoT systems. In this talk, I will introduce the latest security analysis on IoT protocols in the context of real-world systems, and new insights and techniques to safeguard IoT systems. 

Bio: Luyi Xing is an Assistant Professor of Computer Science at Indiana University Bloomington. Before joining IU, he worked for three years in the industry, focusing on engineering large, distributed systems at AWS, Amazon. His primary research interest is security analysis on protocols and systems related to IoT, mobile, and cloud, and building trusted, verifiable systems and security tools. His research has been featured by large media agencies in the world, including CNN, Time, and Fox News. He received the third-place award in the National Security Innovation Competition (2014) of the Department of Homeland Security, and the CSAW Best Applied Research Paper Award (2016, 2015)

► VIDEO | March 19th, 2021 | 12:00pm – 1:00pm EDT

---

Abstract:

Cybersecurity is inherently complicated due to the dynamic nature of the threats and ever-expanding attack surfaces. Ironically, this challenge is exacerbated by the rapid advancement of many new technologies like Internet of Things (IoT) devices, 5G infrastructure, cloud-based computing, etc. This is where artificial intelligence (AI) and machine learning (ML) techniques can be called into service, and provide potential solutions in terms of threat detection and mitigation responses in a rapidly changing environment. Contrarily humans are often limited by their innate inability to process information and fail to recognize/respond to attack patterns in the multi-dimensional, multi-faceted world. The recent DARPA AlphaDogFight has proven machines can defeat even the best human pilot in air-to-air combat. This prompted our engineers to develop a minimum viable product (MVP) that demonstrates the value of a deep reinforcement learning (DRL) architecture in a simulated cyber wargaming environment. By using our simulation framework, we essentially “trained” the machine to produce the optimum combination/permutation of cyber attack vectors in a given scenario. This cyber wargaming engine allows our analysts to examine tactics, techniques, and procedures (TTPs) potentially employed by our adversaries.

Speaker Bio:

Ambrose Kam is a Lockheed Martin Fellow with over 25 years of experience in the Department of Defense (DoD) industry. He is one of the earliest pioneers at applying modeling, simulation, and operations analysis techniques to threat modeling and cyber resiliency assessment. He regularly gives lectures at MIT, Georgia Tech, and industry consortiums like the Military Operations Research Society (MORS) and National Defense Industry Association (NDIA). Ambrose has been quoted in major publications including Forbes, The Economist, etc, and has co-authored a book in Simulation and Wargames. As a subject matter expert, he represents Lockheed Martin in industry standards organizations like ISO, LOTAR, and INCITS. His most recent efforts in wargaming, Machine Learning/Deep Learning, Cyber Digital Twin, and Blockchain earned him patents and trade secret awards. In 2017, Ambrose won the prestigious Asian American Engineer of the Year (AAEOY) award for his technical leadership and innovations. He holds several advanced degrees from MIT and Cornell University as well as a Bachelor of Science degree from the University at Buffalo.

Time: Thursday, March 18, 2021 7PM EST

Presented by The College of Computing

REGISTER NOW

Georgia Tech’s College of Computing is home to a thriving startup culture that embraces those not content with just having a good idea. This entrepreneurial spirit is embodied in the College’s students, alumni, and faculty who have turned scores of good ideas into successful business ventures.To highlight these entrepreneurs and inspire those that follow, GT Computing has established the John P. Imlay Jr. Series on Entrepreneurship. This series began in 2019 with profiles of GT Computing students, alumni, and faculty that are shaping the College’s entrepreneurial culture. In fall 2020, we expanded the initiative to include a monthly speaker series.We invite you to join us on Thursday, March 18 at 7pm EST for a fireside chat with Georgia Tech alumni Mark Buffington (BS MGT ’93) and Paul Judge (PhD CS ’02) of Panoramic Ventures. Paul has been part of several cybersecurity companies. In addition to his involvement in Pindrop, he co-founded Purewire (acquired by Barracuda) and was CTO at Cyphertrust which was acquired eventually by McAfee.The evening will begin with a conversation between Mark, Paul, and Dr. Charles Isbell, Dean and John P. Imlay Jr. Chair, about how they plan to change the entrepreneurship landscape in Atlanta and why it is important to them to focus on underserved regions and overlooked founders. We will conclude the event with questions from the audience. 

REGISTER NOW
Registration will remain open until noon on March 18. All registrants will be emailed information on how to join the live stream directly from the BlueJeans virtual event platform.