► VIDEO |Detecting and Investigating System Intrusions with Provenance Analytics

VIDEO| February 25, 2021 | 11AM EDT

Wajih Hassan,
University of Illinois


Data provenance describes the detailed history of system execution, allowing us to understand how system objects came to exist in their present state and providing means to identify the root cause of system intrusions.

My research leverages provenance analytics to empower system defenders to quickly and effectively detect and investigate malicious behaviors. In this talk, I will first present a provenance-based solution for combating the “Threat Alert Fatigue” problem that currently plagues enterprise security.

Next, I will describe an approach for performing accurate and high-fidelity attack forensics using a novel adaptation of program analysis techniques. I will conclude by discussing the promise of provenance analytics to address open security and auditing problems in complex computing systems and emerging technologies.

Stories of devastating data breaches continue to dominate headlines around the world. Equifax, Target, and Office of Personnel Management are just a few examples of high-profile data breaches over the past decade. Despite a panoply of security products and increasing investment in data security, attackers are continually finding new ways to outsmart defenses to gain access to valuable data, indicating that current security approaches are ineffective.


Wajih Ul Hassan is a doctoral candidate advised by Professor Adam Bates in the Department of Computer Science at the University of Illinois at Urbana-Champaign. His research focuses on securing complex networked systems by leveraging data provenance approaches and scalable system design. He has collaborated with NEC Labs and Symantec Research Labs to integrate his defensive techniques into commercial security products. He received a Symantec Research Labs Graduate Fellowship, a Young Researcher in Heidelberg Laureate Forum, an RSA Security Scholarship, a Mavis Future Faculty Fellowship, a Sohaib and Sara Abbasi Fellowship, and an ACM SIGSOFT Distinguished Paper Award.

► VIDEO | The First Cyber Campaign: Bletchley Park and the ‘Extraordinary’ Conditions for Intelligence Success

VIDEO | February 24, 2021 12 p.m. EDT

Jon Lindsay, University of Toronto

Cosponsored by the School of History and Sociology and the School of Cybersecurity and Privacy


There is a huge literature about Bletchley Park, one of the most stunning success stories in intelligence history. Yet questions remain about how to explain the extent and persistence of British signals intelligence success. This case takes on renewed importance in an era of endemic cyber conflict. Indeed, the cryptologic contest of World War II, a duel between encryption and decryption machines, might be described as the first cyber conflict. This essay develops a practice-based account of the exploitation and protection of the human and machine performances that facilitate organizational control. I infer three necessary but hard to meet conditions for intelligence success and show how Bletchley park met all three of them. First, shared sociotechnical protocols for communication and computation provide the potential for deception. Second, the intelligence agency combines the strengths of both top-down management and bottom-up adaptation. Third, the intelligence target combines the weaknesses of both organizational modes. If these conditions are met, then an organization can construct a secret information channel for collection or influence, but even this success will only ever have an indirect effect on political or military outcomes. Modern intelligence operations in and through global information infrastructure depend on these same conditions, although meeting them is often more difficult. 


Jon R. Lindsay is Assistant Professor at the Munk School of Global Affairs & Public Policy and in the Department of Political Science at the University of Toronto. His research explores the impact of emerging technology on global security. He is the author of Information Technology and Military Power (Cornell University Press, 2020), co-editor of Cross-Domain Deterrence: Strategy in an Era of Complexity (Oxford University Press, 2019) and China and Cybersecurity: Espionage, Strategy, and Politics in the Digital Domain (Oxford University Press, 2015), and has published widely in international relations, technology policy, and science studies. He holds a Ph.D. in Political Science from the Massachusetts Institute of Technology and an M.S. in Computer Science and B.S. in Symbolic Systems from Stanford University. He has also served in the U.S. Navy with operational assignments in Europe, Latin America, and the Middle East.

Security and Privacy of Internet Voting in U.S. Elections

Feb. 19, 2021 | 12 pm EDT | LINK |

Michael A. Specter,
Massachusetts Institute of Technology

Cybersecurity Lecture Series
Presented by the Institute for Information Security and
Privacy and the School of Cybersecurity and Privacy

Abstract: Election security is ​hard​–elections themselves are complex socio-technical systems that encompass cryptography, systems security, and public policy. Providing a transparent, safe, and private voting system remains a complicated problem, motivating a number of research papers in both cryptography and systems security.

Unfortunately, COVID-19, overseas voters, and accessibility concerns have forced the U.S. States to increasingly turn to untested forms of Internet voting to facilitate remote participation. Despite these systems’ newfound importance to the democratic process, there has been little public documentation on their security and privacy properties, a problem worsened by voting system vendors’ record of hostility toward independent security research.

In this talk, Specter will present his research evaluating the security of the dominant Internet voting systems currently used in U.S. federal elections. We will present an introduction to cryptography in remote voting, and show how all U.S.-deployed systems suffer from flaws that could easily undermine an election by exposing any voter’s private ballot, changing their vote, or otherwise control the outcome. As a direct result of this work, many states have altered or canceled plans to use these systems. The talk will conclude with a discussion of emerging challenges at the intersection of applied cryptography, systems security, and public policy.

Bio: Michael A. Specter is a Ph.D. candidate in Electrical Engineering and Computer Science at MIT, advised by Gerry Sussman and Danny Weitzner. He is a member of the Internet Policy Research Initiative, the Caltech/MIT Voting Technology Project, and a research affiliate with Google’s Android Security and Privacy Team. Specter’s doctoral research centers on how to leverage insights from economics, public policy, and law to guide applied cryptography and systems security research. His work has included the discovery of vulnerabilities in ​election​ ​systems​, the development of new cryptographic protocols for ​deniable​ messaging, the analysis of law enforcement’s proposals to regulate encryption​, and improvements to Google’s Linux kernel fuzzer ​Syzkaller​. Specter is a recipient of the ​EFF Pioneer Award​ and the M3AAWG JD Falk Award, and his work has been featured in ​The New York Times​, ​The New Yorker​, ​CNN​, ​Vice​, ​Bloomberg​, ​Fortune​, and ​The Economist​. Most recently, he was a contributor to the EFF-led ​Amicus Brief to the Supreme Court on the need to reform the Computer Fraud and Abuse Act​. He has held research internships at both Google and Apple and holds both a master’s in EECS and in Technology Policy from MIT. Prior to embarking on his Ph.D., Specter was a research scientist in MIT’s Lincoln Laboratory, a research facility affiliated with the U.S. Air Force, where he focused on operating systems security, vulnerability discovery, and reverse engineering in the interest of national security.

Provably Secure Indistinguishability Obfuscation

February 16, 2021, 11 am EDT | Virtual Talk LINK

Aayush Jain
University of California, Los Angeles

Presented by the School of Cybersecurity and Privacy and the School of Computer Science

Abstract: In this talk, we will cover some exciting progress on the problem of Indistinguishability Obfuscation (proposed by Barak et. al. 2001). In a nutshell, an Indistinguishability Obfuscation scheme is an efficient compiler that takes as input a program and outputs a new program with the same input-behavior and only a polynomial slowdown, but in addition, we have the guarantee that the new program reveals minimal information about the original program. 

If realized securely and efficiently, such an obfuscation scheme would have huge consequences to both theory and practice. However, until now we did not know if it exists under any reasonably well-believed conjecture. Our work places iO onto “terra-firma”, by giving a construction that is as secure as several well-studied mathematical problems that are widely believed to be extremely hard to solve. 

In this talk, we will hear about indistinguishability obfuscation, why it is useful, how it can be constructed, and future work.

Bio: Aayush Jain is a final year PhD student, advised by Amit Sahai at UCLA. He is interested in research questions in cryptography and their wonderful connections with related areas in computer science. 

His most notable contribution is the first construction of Program Obfuscation whose security rests upon four well-studied hard problems.  This problem was widely considered to be one of the most consequential open problems in cryptography. His work on this problem has been the subject of an invited tutorial at FOCS 2020, an article in Quanta magazine, and a Simons Institute Workshop. His research is recognized by a Google PhD Fellowship (2018-present), a Dean’s Fellowship (2016), and the 2020 Symantec Outstanding Graduate Research Award at UCLA.

► VIDEO | To Err.Is Human: Characterizing the Threat of Unintended URLs in Social Media

VIDEO | February 12, 2021, 12 pm EDT

Beliz Kaleli
Ph.D. Researcher, Boston University


To make their services more user friendly, online social media platforms automatically identify text that corresponds to URLs and render it as clickable links. In this paper, we show that the techniques used by such services to recognize URLs are often too permissive and can result in unintended URLs being displayed in social network messages. Among others, we show that popular platforms (such as Twitter) will render text as a clickable URL if a user forgets a space after a full stop at the end of a sentence, and the first word of the next sentence happens to be a valid Top Level Domain. Attackers can take advantage of these unintended URLs by registering the corresponding domains and exposing millions of Twitter users to arbitrary malicious content. To characterize the threat that unintended URLs pose to social media users, we perform a large-scale study of unintended URLs in tweets over a period of 7 months. By designing a classifier capable of differentiating between intended and unintended URLs posted in tweets, we find more than 26K unintended URLs posted by accounts with tens of millions of followers. As part of our study, we also register 45 unintended domains and quantify the traffic that attackers can get by merely registering the right domains at the right time. Finally, due to the severity of our findings, we propose a lightweight browser extension that can, on the fly, analyze the tweets that users compose and alert them of potentially unintended URLs and raise a warning, allowing users to fix their mistakes before the tweet is posted.

Speaker Bio

Beliz graduated from the Electrical and Electronics Engineering school of Middle East Technical University. After a year in the industry as a software engineer, she began pursuing her Ph.D. at Boston University. Beliz is currently in her sixth semester and has published three papers in the area of web security. Since declaring cybersecurity as her area of interest she has worked closely with Dr. Manuel Egele and Dr. Gianluca Stringhini in their security lab, (SeclaBU) at Boston University.

► VIDEO | Foundations of Blockchain Systems

VIDEO | February 11, 2021, 12 pm EDT |

Julian Loss
University of Maryland

Abstract: One of the most successful applications of modern cryptography has been its use in electronic and digital payment systems. In traditional systems, a trusted authority handles all payments (e.g., a bank or a credit card company). More recently, blockchain systems have emerged as a trust-free and increasingly popular alternative.

In a blockchain system, users jointly emulate the trusted authority by running a distributed protocol to agree on the transaction history of users (i.e., the blockchain). Making blockchain systems a secure and scalable environment poses many new and fascinating challenges that require solutions from both cryptography and distributed computing. In my talk, I will explain the different areas of my research and their importance as components that make up a blockchain system. For each of these areas, I will also list some of the open questions that I plan to work on in the near future.

Bio: Julian Loss obtained his MSc in computer science from ETH Zurich in 2016 and his Ph.D. from the Ruhr University of Bochum in 2019. He is currently a postdoc at the University of Maryland in the group of Jonathan Katz. His interests include classic cryptographic primitives such as digital signatures and multi-party computation as well as blockchain/consensus protocols.

► VIDEO | Zero-Knowledge for Everything and Everyone

VIDEO | February 5, 2021, 12 pm EDT

Presented by, David Heath
Ph.D. Researcher, Georgia Tech


Zero-Knowledge (ZK) Proofs are important cryptographic objects that allow an untrusted prover to demonstrate to an untrusted verifier the truth of some statement while revealing nothing additional. ZK can potentially be used for complex applications, such as allowing a company to securely conduct an external audit of its records or allowing a code bounty hunter to prove the existence of a software bug without directly showing the vulnerability. Unfortunately, complex ZK applications are difficult to build in practice; existing ZK protocols require statements to be encoded as circuits, and it is difficult to express complex statements as simple circuits. To bring complex ZK applications to practice, developers need a more expressive design language. 

Rather than providing a new design language, we provide an infrastructure that allows existing languages to run in ZK. In this talk, David will present a ‘ZK machine’, a low-level simulated processor that executes arbitrary assembly code in ZK. David will describe the machine, focusing on the inherent challenges and our corresponding solutions. We will explain how we can take off-the-shelf ANSI C programs, compile them to our custom assembly language, and efficiently run this assembly in a ZK protocol. Our system is practical and efficient; for example, it can prove the existence of a CVE-reported bug in gzip in 6.3 seconds. 

The talk will be suitable even for those without cryptographic background. This research was done in collaboration with David’s advisor, Professor Vlad Kolesnikov, as well as Professor David Devecsery and his student Yibin Yang.

Speaker Bio

David Heath is a fifth-year Ph.D. student in Cryptography at Georgia Tech. His research focuses on Secure Multiparty Computation (MPC), a subfield of cryptography that allows users to securely compute over their private data. David’s research improves MPC both by increasing protocol performance and by constructing tools that make MPC more accessible. David is interested in providing end-to-end toolchains for developers that enable users to access cutting-edge cryptographic techniques without needing expertise in the field. David studies under Vlad Kolesnikov, Associate Professor of Cryptography at Georgia Tech.

► VIDEO | Discovering Ad-driven Social Engineering Campaigns at Scale

VIDEO | January 29, 2021, 12 pm EDT

Presented by Phani Vadrevu
Assistant Professor, University of New Orleans


Malicious ads often use social engineering (SE) tactics to coax users into downloading unwanted software, purchasing fake products or services, or giving up valuable personal information. These ads are often served by low-tier ad networks that may not have the technical means (or simply the will) to patrol the ad content they serve to curtail abuse. This lecture will describe a system for large-scale automatic discovery and tracking of SE Attack Campaigns delivered via Malicious Advertisements (SEACMA). The system aims to be generic, allowing us to study the SEACMA ad distribution problem without being biased towards specific categories of ad-publishing websites or SE attacks. Professor Vadrevu will share thoughts on methods to find potential research ideas to focus on in the area of social engineering and web security drawing from personal experiences.

Speaker Bio

Phani Vadrevu is an Assistant Professor in the Department of Computer Science at the University of New Orleans. He is a member of the UNO Cyber Center, a group of faculty members, full-time researchers, and students focused on solving cybersecurity problems. He is interested in all areas of applied security. His current research interests lie in web security topics like phishing, social engineering attacks, and telephony scams. The work often involves applications of machine learning techniques to solve security problems.

Grid Cybersecurity Strategy in an Attacker-Defender Model

January 22, 2021, 12 pm EDT | Virtual Talk LINK

Presented by, Yu-Cheng Chen
Ph.D. student at Georgia Institute of Technology in the School of Electrical and Computer Engineering


With enough computing power and time, an attacker can figure out a password or secret key. This talk addresses modeling the behavior of the attacker and the defender in order to analyze the evolution of cyber-attacks. Chen will introduce an approach that can help cyber-security managers optimize their defense strategies. The analysis provides mathematical proofs and insight into when access controls (such as passwords, internet protocol addresses, and session keys) should be reset to minimize the probability of a successful attack. 

Speaker Bio

Yu-Cheng Chen is a 5th year Ph.D. student at Georgia Institute of Technology in the School of Electrical and Computer Engineering. He graduated from the University of Washington with a double Bachelor’s Degree in Electrical Engineering and Computer Engineering. He also graduated from the University of California, Los Angeles with a Master’s Degree in Electrical Engineering. His research interest is risk assessment in cyber-physical systems.

Securing Democracy in the Fourth Industrial Revolution

January 15, 2021, 12 pm EDT | Virtual Talk LINK

Presented by, L. Jason Anastasopoulos
Assistant Professor in Public Administration and Policy and Political Science at the University of Georgia

In this talk I will be discussing some of my research which focuses on designing systems needed to secure democracy and democratic political institutions, such as elections, in the interconnected digital world of the “fourth industrial revolution.” 

Speaker Bio
Jason is an upcoming fellow at the Safra Center for Ethics at Harvard University and an Assistant Professor at the School of Public and International Affairs, the Department of Statistics (by courtesy) and the Institute for Artificial Intelligence at the University of Georgia. was also recently selected to serve as the Microsoft Visiting Professor of Information Technology Policy at Princeton University.

His research uses behavioral and institutional approaches to understand the threats that emerging technologies pose to democratic institutions, international security and international political economy. He also does research on political methodology focusing on text analysis, image analysis, machine learning and causal inference.

His work has been published or accepted for publication in economics, political science, computer science and public policy journals including the Journal of Human Capital, the American Political Science Review, Political Analysis, the Journal of Public Administration Research and Theory, Proceedings of the Association for the Advancement of Artificial Intelligence, Electoral Studies and others.