Upcoming Events
Cybersecurity Lecture Series - Sept. 2
Meet academic and industry leaders for intimate discussions about new cyber threats, trends and technologies.
The weekly Cybersecurity Lecture Series is a free, open-to-the-public lecture from a thought leader who is advancing the field of information security and privacy. Invited speakers include executives and researchers from private companies, government agencies, start-up incubators as well as Georgia Tech faculty and students presenting their research.
Held weekly each Friday at Noon through Dec. 2, lectures are open to all -- students, faculty, industry, government, or simply the curious. Students may register for credit under seminar course CS-8001-INF.
Complimentary lunch provided for registered guests. Please bring your own beverage.
Sign up to receive future lecture announcements.
Featuring Terry Nelms on Sept. 2
"Towards Measuring and Mitigating Social Engineering Software Download Attacks"
Most modern malware infections happen through the browser, typically as the result of a drive-by or social engineering attack. While there have been numerous studies on measuring and defending against drive-by downloads, little attention has been dedicated to studying social engineering attacks. In this talk, we present the first systematic study of web-based social engineering (SE) attacks that successfully lured users into downloading malicious and unwanted software. To conduct this study, we collected and reconstructed more than 2,000 examples of in-the- wild SE download attacks from live network traffic. Via a detailed analysis of these attacks, we attained the following results: (i) a categorization system to identify and organize the tactics typically employed by attackers to gain the user’s attention and deceive or persuade them into downloading malicious and unwanted applications; (ii) reconstruction of the web path followed by the victims and observation that a large fraction of SE download attacks are delivered via online advertisement, typically served from “low tier” ad networks; (iii) measurement of the characteristics of the network infrastructure used to deliver such attacks and uncover a number of features that can be leveraged to distinguish between SE and benign (or non-SE) software downloads.
BIO
Terry Nelms is a Director of Research at Pindrop, where he leads a team of applied researchers solving challenging problems in fraud detection and authentication. Prior joining Pindrop, he spent over a decade inventing, designing and developing protection technologies at ISS, IBM and Damballa. His research has produced new security products, patents and publications in top industry and academic conferences. Nelms holds a B.S. and M.S. in Information Systems and a Ph.D. in Computer Science from the Georgia Institute of Technology.
Event Details
Media Contact
Tara La Bouff, tara.labouff@iisp.gatech.edu, 404.769.5408
EVENTS BY SCHOOL & CENTER
School of Computational Science and Engineering
School of Interactive Computing
School of Cybersecurity and Privacy
Algorithms and Randomness Center (ARC)
Center for 21st Century Universities (C21U)
Center for Deliberate Innovation (CDI)
Center for Experimental Research in Computer Systems (CERCS)
Center for Research into Novel Computing Hierarchies (CRNCH)
Constellations Center for Equity in Computing
Institute for People and Technology (IPAT)
Institute for Robotics and Intelligent Machines (IRIM)