In this presentation, I provide a thorough exploration of how dataflow analysis serves as a formidable method for discovering and addressing cybersecurity threats across a wide spectrum of vulner...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240410.mp4
The aim of this discussion is to publicize both the challenge and potential solution for the integration of secure supply chain risk management content into conventional software engineering prog...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240327.mp4
How Cybersecurity relates to various fields of business/ industries – how it works in these fields, different risks and vulnerabilities that are out there, which explains why manufacturing cybe...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240320.mp4
Reputation systems are crucial to online platforms' health. They are prevalent across online marketplaces and social media platforms either visibly (e.g., as star ratings and badges) or invisibly...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240306.mp4
The frequency, materiality, and impact of cybersecurity incidents is at a level that the business world has never seen before. CISOs are at the forefront of this. The speaker has experience with ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240228.mp4
In the realm of risk, cybersecurity is a fairly new idea. Most people currently entering the cybersecurity profession do not remember a time when cybersecurity was not a major concern. Yet at the...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240221.mp4
We must be methodical and intentional about how Artificial Intelligence (AI) systems are designed, developed, deployed, and operationalized, particularly in critical infrastructure contexts. CISA...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240214.mp4
Tensor decomposition is a powerful unsupervised machine learning method used to extract hidden patterns from large datasets. This presentation aims to illuminate the extensive applications and ca...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240207.mp4
In the course of the talk I'll discuss current authentication challenges, the looming problem with cracking public key encryption, and short and medium term recommendations to help folks stay se...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240131.mp4
Exploitations in cybersecurity continue to increase in sophistication and prevalence. The purpose of this talk is to discuss how the evolution of malware has led to increased exploitation and t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240124.mp4
Evil has been lurking in the Internet since its inception. The IETF recognized this, releasing RFC 3514 on the evil bit. Unfortunately it isn't widely adopted, so we have to find our evil...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240117.mp4
The field of cybersecurity is constantly evolving, and Device Fingerprinting (DFP) has emerged as a crucial technique for identifying network devices based on their unique traffic data.This is ne...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20240110.mp4
Advanced Persistent Threat (APT) attacks are increasingly targeting modern factory floors. Recovery from a cyberattack is a complex task that involves identifying the root causes of the attack i...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20231206.mp4
This is a hybrid event. Students are encouraged to attend in person: STEW G52(Suite 050B) Commercial or defense systems are often developed first to meet a mission or customer need. Security of ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20231129.mp4
The challenge of building a security program is that there are too many things you could be doing, and that creates a challenge for security leaders to decide on which things they should do next....
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20231115.mp4
This is a hybrid event. Students are encouraged to attend in person: STEW 209. Operational technology (OT) and industrial control systems (ICS) need innovative cybersecurity solutions that go ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20231108.mp4
During the last several years, there has been growing concern that the development of quantum computers could undermine the public-key cryptography that is a fundamental pillar of security on the...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20231101.mp4
Courtney Falk will discuss his ongoing research into Pod People, the ongoing search-engine optimization spam campaign. This talk combines threat hunting and threat intelligence with real-world ap...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20231025.mp4
The number of software vulnerabilities found in modern computing systems has been on the rise for some time now. As more and more software is being developed, software testing is increasingly bec...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20231018.mp4
Tracking technologies are proliferating at an increasingly high rate in apps, IoT devices, websites, and in a wide range of files. They are not only impacting privacy in wider and more harmful wa...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20231011.mp4
With the ever-accelerating computerization process of once strictly mechanical systems, information security threats are only expected to increase. This rapidly unfolding process calls into quest...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20231004.mp4
This is a hybrid event. Students are encouraged to attend in person: STEW G52(Suite 050B)As the commercial and international space community grows to reach the projected $1T for the global econom...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230927.mp4
Recorded: 09/20/2023 CERIAS Security Seminar at Purdue University Enhancing Software Supply Chain Security in Distributed Systems Christopher Nuland, Red Hat In the aftermath of the transformativ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230920.mp4
As privacy moves from a predominantly compliance-oriented approach to one that is risk-based, privacy risk modeling has taken on increased importance. While a variety of innovative pre-existing o...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230913.mp4
Problem: Cyber threat information is rarely codified and never connected to actual infrastructure that needs cyber protections since infrastructure is also not codified.Solution: Infrastructure E...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230906.mp4
Software Supply Chain is emerging as one of the biggest issues that enterprises are facing these days. SolarWinds, Kaseya, 3CX, the examples are way too many. These attacks rapidly multiplied in ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230830.mp4
Human identity recognition is one of the key mechanisms of ensuring proper asset and information access to individuals. It became an established authentication practice for government, consumer, ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230419.mp4
The roots of software piracy were propelled by the fledgling game market of the 1980's where the PC game supply chains were brittle and copying floppy disks was really easy. This talk will walk...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230412.mp4
Information Flow Tracking (IFT) is a useful tool to reason about security of a system. It can be applied at different levels of abstraction - starting from operating system all the way to gate-le...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230405.mp4
"What Do We Owe One Another In Cybersecurity?" As the cybersecurity ecosystem evolves, we understand more about how interconnected we are: the ripple effects from breaches, the fact that supply c...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230329.mp4
For 35 years, the Internet has been bedeviled by attackers. For about as long, defenders have tried deploying various defenses; these have often been of limited utility. We look back at what has ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230322.mp4
Endpoint security controls have traditionally relied on detecting malicious activity to protect devices from intrusions. But attackers often change their techniques so quickly that detection patt...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230308.mp4
The use of sophisticated digital systems to control complex physical components in real-time has grown at a rapid pace. These applications range from traditional stand-alone systems to highly-net...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230301.mp4
This talk will discuss how we engineer trust among agents, humans, and algorithms to develop solutions to significant practical problems, including Trustworthy AI in multiple applications, Resili...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230222.mp4
Examines Chinese views on the importance of information as the new currency of international power, and discusses how the PLA's restructuring supports PLA efforts at planning for future "informat...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230215.mp4
Increasingly, the United States is becoming more and more dependent on Space-based technologies and systems. Our adversaries are well aware of this and have become much more aggressive in their a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230208.mp4
To secure connected products, developers and manufacturers must use tools and processes that are purpose built to analyze the complex binaries found within connected devices and embedded systems....
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230201.mp4
For 5 years, we have experimented with technology, people, and process controls at RELX, all designed to create an integrated framework for phishing mitigation. I'll speak about technology we've ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230125.mp4
The rise of enterprise cloud computing has brought an even greater emphasis on data. According to an analysis compiled by Statista, two zettabytes of data were created, captured, copied, and cons...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230118.mp4
Cybersecurity is inherently complicated due to the dynamic nature of the threats andever-expanding attack surfaces. Ironically,this challenge is exacerbated by the rapid advancement of many new...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20230111.mp4
Whether you're implementing security policy or developing products, considering the human element is critical. Yet security professionals often fall victim to misconceptions and pitfalls that und...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20221207.mp4
The Move Prover (MVP) is a formal verifier for smart contracts written In the Move programming language. MVP has an expressive specification language, and is fast and reliable enough that it can ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20221130.mp4
People face increasing dangers from cyber enemies. At the same time, cyber pros are suffering from stress, burnout and "hamster wheel"syndrome. They experience many difficulties every day in easi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20221116.mp4
Data deidentification aims to provide data owners with edible cake: to allow them to freely use, share, store and publicly release sensitive record data without risking the privacy of any of the ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20221109.mp4
Business executives leverage cybersecurity programs to understand residual risk. That helps them make informed decisions to mitigate risk to an acceptable level. This session provides guidance to...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20221102.mp4
Students: This is a hybrid event. You are encouraged to attend in-person in STEW G-52As computing advances are making profound changes in our society, they also expose us to new security threat...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20221026.mp4
Differential Privacy has become a widely used tool to protect privacy in data science applications. In this talk, I will present two use cases for differential privacy: a) in collection of key-...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20221019.mp4
Often, policy makers and cybersecurity professionals talk about cybersecurity as if cybersecurity is only important insofar as it benefits or protects other assets or values. For example, it is c...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20221012.mp4
Use of Ransomware as a class of malware has exploded in recent years, causing millions in damages to organizations across the world. The damage isn't slowing down. On the contrary, ransomware as ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20221005.mp4
Authentication is a critical part to ensure the identity of a legitimate user. During authentication, an individual's credential is validated with a specific computational technique to determine ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220928.mp4
There is no one bigger game changer in the world than technology and its uptake in every aspect of our lives including our collective future. Cybersecurity has become the top priority across the ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220921.mp4
Students: This is a hybrid event. You are encouraged to attend in person in STEW 050B (G52)Common IT based Cyber techniques do not apply to many parts of the aviation industry. The aviation indus...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220914.mp4
Visual misinformation, including fake, manipulated or out-of-context images and videos, is increasingly common on the Internet and social media platforms. Because of visuals' superior impression,...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220907.mp4
Students: This is a hybrid event. You are encouraged to attend in person in STEW 050B (G52)Space systems provide many critical functions to the military, federal agencies, and infrastructure netw...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220831.mp4
The mission of the Cybersecurity Assurance and Policy (CAP) Center at Morgan State University is to provide the defense and intelligence community with the knowledge, methodology, solutions, and ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220824.mp4
With the rapidproliferation of pervasive electronic devices in our lives, the internet ofthings (IoT) has become a reality and its influence on our day to dayactivities is set to further increase...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220427.mp4
The mobile network (e.g., 4G LTE and 5G NR), the only large-scale wireless network infrastructure on par with the Internet, plays a critical role in interconnecting various mobile devices (e.g., ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220420.mp4
For at least two decades, the U.S. intelligence community and special projects agencies have been exploring the potential of prediction markets and crowd-forecasting platforms to better forecast ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220413.mp4
Automated cyber defense tools require the ability to analyze binary applications, detect vulnerabilities and automatically patch or mitigate those vulnerabilities. The insertion of security mecha...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220406.mp4
The war Russia has waged on Ukraine has seemed largely kinetic, but the most effective weapons weilded thus far have been consumer technologies. Putin has pursued a hybrid warfare strategy, yet t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220323.mp4
What kind of projects does one get to lead at an applied cybersecurity center within the National Institute of Standards and Technology (NIST)?This talk will offer insight on the cybersecurity ch...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220323.mp4
More than half the stored data in the world resides on hard drives. Yes, a 50+ year old technology is storing our photos, music, research, taxes, and more— and nobody blinks an eye. Given that ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220309.mp4
Precis: The United States encountered digital cyberspace with the gradual rise of digital technology, treating cyberspace as an electromagnetic domain. China encountered cyberspace more swiftly, ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220302.mp4
The electric power grid is a complex cyber-physical system that forms the lifeline of a modern society. Its reliable and secure operation is of paramount importance to national security and econo...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220223.mp4
The Metaverse is coming. What is the Metaverse? A massive, infinitely scalable, shared virtual world where land, buildings, bots, avatars and other property can be bought sold and persist. Think ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220216.mp4
The complexities of and losses from a shoddily created cyberspace substrate continue to hollow the economies and national power of consolidated democracies. As China rises as a strategically f...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220209.mp4
Threat modeling is an extremely valuable tool in the secure software development pipeline. Some studies suggest it has greater impact on security posture than other more widely practiced security...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220202.mp4
Cyber-physical systems are delivering an increasing portion of the infrastructure services at the heart of our economy and national security, and you don't have to look far for examples of techno...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220126.mp4
As we begin 2022, the cost, sophistication, and lethality of cyber-breaches continues to rise. Threat actors, especially state-sponsored, and criminal enterprises are taking advantage of the expa...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220119.mp4
This talk explores over 20 years of building the cybersecurity workforce in the United States with a focus on the evolution, progress made, and challenges ahead. About the speaker: Dr. Melissa D...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20220112.mp4
In June 2021, the GFCE and the World Bank came together to identify pathways to bridge the development community to the cybersecurity capacity building community and create mechanisms by which di...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20211208.mp4
"Do Criminals Dream of Electric Sheep?" Such issue is no longer a domain of futurologists and science-fiction writers, but a serious question asked by the EUROPOL alarmed by how emerging Inform...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20211201.mp4
Securing industrial networks has never been more crucial, but it's not as simple as just patching legacy computers or installing commercial tools. Responding to cybersecurity incidents in critica...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20211117.mp4
Having a satisfying cybersecurity career can feel elusive, even for a seasoned cybersecurity professional. In this session, we'll talk about things that all security professionals, of all lev...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20211103.mp4
We introduce password strength information signaling as a novel, yet counter-intuitive, defense mechanism against password cracking attacks. Recent breaches have exposed billions of user password...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20211027.mp4
About the speaker: Amit Yoran is Chairman and Chief Executive Officer of Tenable, overseeing the company's strategic vision and direction. As the threat landscape expands, Amit is leading Tenable...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20211020.mp4
Understanding the evolution of attacker motivations, and the impact to managing risk in enterprise environments is a key to successfully building cyber security programs in today's IT enterprise....
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20211013.mp4
Beyond End-to-End Encryption (BE2EE) technology can protect your data in-transit and at-rest in a consistent way: NUTS may help define this new category. Last year, we presented the technology of...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20211006.mp4
This talk covers the state of the Art and Practice in Cybersecurity Metrics. The history ranges from the 1970s through the present. Topics include, but are not limited to: Control Objectives, the...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210929.mp4
Anecdotally, most cybersecurity curricula is based on the technical aspects of protecting, defending, and responding to cyber attacks. While these courses establish a solid foundation in the te...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210922.mp4
In this session we will talk about applying appropriate security controls to Software as a Service (SaaS) offerings. While it may seem like the SaaS vendors have most of the responsibility for se...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210915.mp4
During the height of the pandemic, it's estimated that digital transformation advanced by as much as seven years, opening the door for hybrid and remote working solutions to thrive. But, the incr...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210825.mp4
Rapid progress in machine learning, computer vision and graphics leads to successive democratization of media manipulation capabilities. While convincing photo and video manipulation used to requ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210728.mp4
The Diem blockchain, which was initiated in 2018 by Facebook, includes a novel programming language called Move for implementingsmart contracts. The correctness of Move programs is especially imp...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210721.mp4
Cyberattacks on critical infrastructure such as power plants, dams, and chemical facilities are increasing in both intensity and sophistication, with attackers actively exploiting the cultural di...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210714.mp4
Since the inception of computer/data/cyber/network securitysome fifty years ago, one recurring question has beset our industry: "How do wesecure it?" By its very nature, that question has propaga...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210707.mp4
This talk covers the key lessons learned and root causes from the biggest mega-breaches and the 9,000+ reported breaches over the past 15 years. By analyzing the histories, stories, and deep di...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210630.mp4
Quantum technology will be transformational. When applied, quantum has the power to dramatically improve our society, as well as cause major disruptions on the national security and economic secu...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210623.mp4
Social Engineering is employed in 97% of cybersecurity attacks. This makes social engineering penetration testing an important aspect of cybersecurity. Social engineering penetration testing is a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210616.mp4
Federated learning is an emerging machine learning paradigm to enable many clients (e.g., smartphones, IoT devices, and edge devices) to collaboratively learn a model, with help of a server, with...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210609.mp4
Good research has scientific principles driving it. Analysts begin research with a goal in mind and at the same time, they need their research to have a solid foundation. This talk will cover com...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210602.mp4
Machine Learning appears to have made impressive progress on many tasks including image classification, machine translation, autonomous vehicle control, playing complex games including chess, Go,...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210526.mp4
There is no doubt that cybersecurity has risen up the agenda in terms of visibility and importance. Everybody wants it. But do they really know what they want? What does cybersecurity include...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210428.mp4
While users are responsible for initiating 90%+ of losses, it is not their fault. The entire system is what enables the losses, and the entire system must be designed to prevent them. Drawing les...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210421.mp4
In this talk, we explore security and privacy related to meta-learning, a learning paradigm aiming to learn 'cross-task' knowledge instead of 'single-task' knowledge. For privacy perspective, we...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210414.mp4
Data brokers are the major players in the market of collecting, selling, and sharing online user information. Although their practices have raised tremendous privacy concerns, their data collecti...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210407.mp4
Modern cybercrimes are responsible for $400B dollars of losses on an annual basis. Headlines appear regularly announcing major breaches. Yet few people and businesses understand what happened in ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210331.mp4
The nature of cybersecurity and modern life is such that we feel pressured to run just to keep up, this leaves us no time to look back and reflect on how we got where we are as an industry and ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210324.mp4
The software development process, or software supply chain, is quite complex and involves a number of independent actors. Due to this ever-growing complexity has led to various software supply ch...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210317.mp4
A discussion about where we are in the commercial SDN/NFV world today and where we are headed. What are the next generation threats beyond where we are today and how software definability may b...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210310.mp4
In a growing interdependent market place,it is nearly impossible to develop every part or component in house. Electronics are nearly entirely manufactured offshore. Concerns have risen about t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210303.mp4
Join Caroline Wong, Cobalt.io's head of Security and People, for a unique perspective on the role of humans in cybersecurity. About the speaker: Caroline Wong is the Chief Strategy Officer at�...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210224.mp4
Self-determination is the key to human thriving; it's also the enemy of both dictatorships and monopolies. It's no coincidence that commercial imperatives of tech monopolies create the infrastruc...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210217.mp4
In December 2020, FireEye discovered a supply chain attack against the SolarWinds Orion network management system. The impact of this event has caused the cybersecurity community to reevaluate ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210210.mp4
Over fifty years, I've led a lot of security projects that I thought would change the world. Many of them crashed and burned at great cost in money and reputation. There were some common threads ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210203.mp4
The Internet of Things (IoT) is the notion that nearly everything we use, from gym shorts to streetlights, will soon be connected to the Internet. Industry and financial analysts have predicted t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210127.mp4
Modern end-user computing platforms such as smartphones (e.g., Android and iOS)and smart home systems (e.g., SmartThings and NEST) provide programmable interfaces for third-party integration, ena...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20210120.mp4
Traditionally, security and privacy research focused mostly on technical mechanisms and was based on the naive assumptions that Alice and Bob were capable, attentive, and willing to jump through ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20201209.mp4
The threat of cyber attacks is a growing concern across the world, leading to an increasing need for sophisticated cyber defense techniques that leverage the defender's "home field advantage". We...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20201202.mp4
IP address blocklists are a useful source of information about repeat attackers. Such information can be used to prioritize which traffic to divert for deeper inspection (e.g., repeat offender tr...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20201118.mp4
"Wouldn't it be great if we could download anything, explore anything and build anything without the annoying feeling that you are going to get hacked?" This was a question from my kids, who a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20201111.mp4
The last time you gave to a favorite charity, did you think about their cybersecurity? Do you sit on the board of a nonprofit? Are nonprofits using your cybersecurity solutions? The "wild" of the...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20201104.mp4
Can objects be truly secured independently without resorting to a massive central reference monitor? It's a great question and we will discuss a solution to it called NUTS. During this talk, we...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20201028.mp4
MITRE ATT&CK® seems to be the"next big thing". Every time I hear about it I can't help but wonder, "how doyou prevent all these attacks in the first place? Shouldn't that be the endgame?" To th...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20201021.mp4
Users of social networks are having their accounts subverted. Threat actors are gaining unauthorized access to large numbers of accounts and inserting links to suspicious websites. Shared command...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20201014.mp4
Researchers from academia and industry have identifiedinteresting threat vectors against machine learning systems. These threatsexploit intrinsic vulnerabilities in the system, or vulnerabilities...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20201007.mp4
CERIAS 2020 Annual Security Symposium Virtual Event https://ceri.as/sympClosing Keynote Panel Discussion - "Global Challenges in Security and Privacy Policy:elections, pandemics, and biometric te...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200930.mp4
The TCB has been very precisely defined since 1979, but in practice its implementation and application in today modern software stack is very blurry. This talk describes a very common application...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200923.mp4
The payments ecosystem is evolving fast and making sure the cardholder's digital payment experience is frictionless, smooth and secure has never been more important. With approval rates for digit...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200916.mp4
Protection against HEMP (High-Altitude Electromagnetic Pulse) and GMD (Geomagnetic Disturbance in a CME/Coronal Mass Ejection context) is a nascent science. Until recently, these have only been t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200909.mp4
We face an existential threat of permanent damage to critical physical components in our national infrastructure as a result of their poor resilience against cybersecurity attack. A Programmable ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200902.mp4
From compliance in the classroom to compliance on the street, important lessons that every cybersecurity professional should know. We'll cover proven approaches for compliance and risk assessme...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200826.mp4
Cyber security data in many ways mimics the behavior of organic systems. Individuals or groups compete for limited resources using a variety of strategies, the most effective of which are re-us...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200819.mp4
The last 5 years have seen a marked shift inhow companies view cyber threat intelligence (CTI) as a building block of theirsecurity strategy, but there still is a lot of confusion about how to bu...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200812.mp4
QoSient and a DHS independent SOC have been working together on an innovative pilot program called "Elimination of Unmonitored Space" (EUS) that strives to detect and respond to internal cyber...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200729.mp4
The adoption of advanced data technologies is one of the defining characteristics of the connected world. From ML to AI, we are getting a smarter, more personal world. The dystopic view is that n...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200722.mp4
Q & A: https://www.cerias.purdue.edu/site/blog/post/summary_of_july_15th_2020_purdue_seminar_on_control_system_cyber_security/Critical infrastructures such as electric power, oil/gas, water/waste...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200715.mp4
Digital Transformation has fundamentally affected the conduct of elections since 2000. This webinar shares the perspective of a former senior Federal official who worked to help secure US electio...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200701.mp4
Using semi-supervised learning, I propose an anomaly-based network intrusion detection system (NIDS) to detect and classify anomalous and/or malicious traffic. With this proposed machine learning...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200624.mp4
Cyberattacks are increasing in frequency, severity, and sophistication. Target systems are becoming increasingly complex with a multitude of subtle dependencies. Designs and implementations conti...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200617.mp4
Cyber security resources remain limited. Organizations that attempt to broadly protect their data from all cyber threats tend to inefficiently invest these resources, making them slower to adapt ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200429.mp4
Work in the public sector differs from that in the private sector in ways that on the one hand present challenges unique to public sector work but also sometimes produce unexpected rewards also u...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200422.mp4
As more Personally Identifiable Information is collected, stored or created, the specter of customer privacy issues are looming large. Privacy and Security methodologies are starting to be dictat...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200415.mp4
In late 2016, the Mirai Botnet launched the largest DDoSattacks ever recorded. Learn about the teams of researchers racing the stop theattacks, and the criminal groups who were competing to launc...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200408.mp4
Empirical digital forensics examines real-world digital storage media to develop theories about it. We have built a library of real-world data from 4000 copies of secondary-storage devices incl...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200401.mp4
How does an organization know which security controls, applications, or programs to implement, when everything is a threat and every system is vulnerable? Looking at cybersecurity through a risk ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200325.mp4
The upcoming smart transportation systems which consist of connected autonomous vehicles, are poised to transform our everyday life. The sustainability and growth of these systemsto their full po...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200311.mp4
Our reliance on Cyber-Physical Systems (CPS) is growing. As CPS infrastructure becomes exposed to the contested world through networks, CPS security becomes much more important. In a CPS, the cyb...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200304.mp4
A long-standing challenge in analyzing information leaks within mobile apps is to automatically identify the codeoperating on sensitive data. With all existing solutions relying on System APIs (e...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200226.mp4
Imagine a world where data is currency. A world where the majority of the data is owned and traded by 6 international data barons who are constantly at war with each other. In this world, rogue A...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200219.mp4
Distinguished social psychologist Geert Hofstede observed the "dominance of technology over culture is an illusion. The software of the machines may be globalized, but the software of the minds t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200212.mp4
Cellular technologies enable a wide array of critical services, from personal communication, autonomous vehicles and telemedicine to critical infrastructures, such as smart grid electricity distr...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200205.mp4
The Virtual Reality (VR) market could surpass $ 40 Billion by 2020. The U.S. Military recently closed a deal worth $ 480 Million for the Microsoft HoloLens Mixed Reality (MR) device. Oculus has a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200129.mp4
In this talk, we'll explore how internet scan data layered with different open-source tools can start to make sense of what is publicly exposed and potentially a threat. Predominantly, we'll fo...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200122.mp4
Trustworthy operation of industrial control systems depends on secure and real-time code execution on the embedded programmable logic controllers (PLCs). The controllers monitor and control the c...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20200115.mp4
Smartspeakers, such as Amazon Echo, have been adopted by millions of users. However,the privacy impacts of smart speakers have not been well examined. We investigatethe privacy leakage of smart s...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20191204.mp4
Most social platforms offer mechanisms allowing users to delete their posts, and a significant fraction of users exercise this right to be forgotten. However, ironically, users' attempt to reduce...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20191120.mp4
Anyone in this business knows how fun and exciting hacking can be, but also the emotional and physical toll it can take. Mental health is a longstanding dirty secret in the infosec community, and...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20191113.mp4
The Internet of Things (IOT) is a potential massive market. However, the deployment of IOT brings forth many challenges across the dimensions of the business side (efficient supply chain) as well...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20191106.mp4
Cryptocurrencies are the latest in a series of market bubbles that demonstrate irrational exuberance. In this lecture, Mitch Parker, CISO of IU Health, will go over previous market bubbles, and c...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20191030.mp4
GDPR/ NYDFS/ CCPA and other State, Federal and Supra-regional regulations coming online quickly. Governments are driving Security, Privacy & Compliance throughout the world. Since there is not an...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20191023.mp4
Sure, you may know how to subnet a class "C" network into 64 different networks, but how about where to go to learn about technology that has yet to make it into a textbook? Or to find your next ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20191016.mp4
The global impact resulting from the distribution of doctored digital photographs has reached an epidemic proportion. These digitally altered photos are distributed through social media, news out...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20191009.mp4
Nation-state adversaries have shown the ability to disrupt critical infrastructure through cyber-attacks targeting systems of networked, embedded computers. This knowledge raises concern that spa...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20191002.mp4
Consider a scenario where a group of agents, each receiving partially informative private signals, aim to learn the true underlying state of the world that explains their collective observations....
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190911.mp4
While made famous for the work that was done on the physical plastic cards many of carry around in our wallets, Mastercard is thinking way beyond those cards for the future.We'll walk through how...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190904.mp4
This session provides observations regarding the process of moving the datacenter assets of a Top100 bank fully into the cloud. The Golden Rules providing security and assurance will be described...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190828.mp4
Despite over 50 years of intensive research and experimentation, we still are plagued with systems that are fragile, compromised, and impossible to fully trust. There is near-daily news of compro...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190821.mp4
As more disciplines leverage computational and data-driven modeling, the security of campus cyberinfrastructure is becoming increasingly important in order to protect intellectual property and se...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190424.mp4
Learn about common attacks against online accounts, ways to protect your accounts against malicious actors, and the next generation of Identity standards and application architecture. About the s...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190417.mp4
About the speaker: Jim Routh is the Chief Security Officer for CVS Health and leads the Global Security function focused on cyber security for CVS Health businesses and converged security for the...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190410.mp4
Recent reports on how side-channel attacks can be used to obtain secret information stored in Cache memories and how current processors that rely on speculative execution of code aids in these si...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190403.mp4
Within recent years, secure comparison protocols have been proposed using binary decomposition and properties of algebraic fields. These protocols have become increasingly efficient, but their pe...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190327.mp4
In this talk the concept of Cyber Physical Human Systems security in the context of aviation systems will be introduced. The talk will also coverthe proposed security framework involving the dete...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190320.mp4
Most sophisticated cyber attack follow the well-known cyber kill chain. The first step of the cyber kill chain is the reconnaissance phase where attacker probe the network in search of weakness, ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190306.mp4
Nowadays more and more data are gathered for detecting andpreventing cyber attacks. Unique to the cyber securityapplications, learning models face active adversaries that try todeceive learning m...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190227.mp4
ARM possessors are being widely used on mobile devices and smart IoT devices. Despite the best efforts, an operating system is too hard to be absolutely secured on both x86 and ARM platforms. We ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190220.mp4
Information, not just data, is key to today's security challenges. To solve these security challenges requires not only advancing computer science and big data analytics but requires new analysis...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190206.mp4
In application environments like international military coalitions or multi-party relief work in a disaster zone, passing secure messages using a Delay Tolerant Network (DTN) is challenging becau...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190123.mp4
One of the reasons we care about information security is protectingprivacy, and satisfying requirements of privacy law. But whatexactly is meant by privacy? Is security sufficient to providepriva...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190116.mp4
Caller ID spoofing forges the authentic caller identity, thus making the call appear to originate from another user. In this paper, we propose CEIVE (Callee-only inference and verification), an e...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20190109.mp4
Access control systems are known to be vulnerable to anomalies in security policies, such as inconsistency. Android Security model is no exception. This talk presents a new approach aiming to unv...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20181205.mp4
How do you assess the cybersecurity status of public and private organization in a State? The NIST has a comprehensive framework for assessing cybersecurity but for small companies with limited e...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20181128.mp4
Threat intelligence is interested in the entire kill chain from tools to victims. Chief among these interests are the threat actors themselves who carry out attacks and campaigns. Many different ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20181114.mp4
This talk will explore the enormous threat landscape presented by the IoT ecosystem and examine the state of IoT security with a bit of humor. We will look at everything from individual devices, ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20181107.mp4
During system call execution, it is common for operating system kernels to read userspace memory multiple times (multi-reads). A critical bug may exist if the fetched userspace memory is subject ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20181031.mp4
Hygiene - it's good for your body and it's good for your computer/network. We will explore the simplicity of cyber hygiene and the insider/outsider threats that take advantage of poor hygiene. It...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20181024.mp4
Cyber security for increasingly mobile clients is an increasing and never ending challenge. Companies of the future are adopting agile systems and cross-functional processes to respond to these c...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20181017.mp4
About the speaker: Jessy Irwin is Head of Security at Tendermint, where she excels at translating complex cybersecurity problems into relatable terms, and is responsible for developing, maintaini...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20181010.mp4
The Linux Audit system is widely used as a causality tracking system in real-world deployments for problem diagnosis and forensic analysis. However, it has poor performance. We perform a comprehe...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180926.mp4
Millions of people spend their day chatting away on their cellphones, ordering groceries from Amazon's Alexa, making calendar appointments with Apple's Siri, or posting on Facebook about the last...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180919.mp4
US cybersecurity experts determined that Russian hacking group Dragonfly targeted the United States and European utilities with a cyber espionage campaign from 2015 – 2017. This government spon...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180905.mp4
The field of Information Security is broad with many career paths. The high demands and low supply for security expertise is constantly in the news. How do we fix this? Many people are either int...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180829.mp4
Embedded systems are used in every aspect of modern life. The Internet of Things is comprised of millions of these interconnected systems many of which are low cost bare-metal systems, executing ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180822.mp4
The field of cyber engineering is relatively new as compared to other engineering disciplines such as software, mechanical, and systems. However, as we consistently hear and read about, cyber has...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180425.mp4
As more and more Personally Identifiable data is collected or created, the specter of customer privacy issues are looming large. Enterprises need to take a long hard look at the information they ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180418.mp4
Over the last three decades, several anonymous communication (AC) protocols have been proposed towards improving users' privacy over the internet. Among those, the Tor protocol has been particula...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180411.mp4
Symposium Closing Keynote - Bits & Bytes, Flesh & Blood, and Adapting for the Next 20 Years About the speaker: Joshua Corman is a Founder of I am The Cavalry (dot org), and formerly served as Chi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180404.mp4
Security is often implemented through bolt-on assessments including periodic testing that only happens once in a release or even annually. Manual security processes can no longer keep up in today...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180328.mp4
The Ripple credit network has emerged as the payment backbone withindisputable advantages for financial institutions and the remittanceindustry. Ripple's market capitalization is currently third ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180321.mp4
C++ relies on object type information for dynamic dispatch and casting. The association of type information to an object is implemented via the virtual table pointer, which is stored in the objec...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180307.mp4
Cryptocurrencies have exploded in popularity in the last few years. These cryptographic systems aim to provide freedom from government-backed fiat currencies. This presentation examines the tradi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180228.mp4
The purpose of this presentation is to show that successful retrocomputing projects and groups which currently exist follow patterns we can use to help low-resource and industrial organizations t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180221.mp4
Trusted computing is the key component in achieving confidentiality and integrity in modern cloud environments. Commodity trusted hardware such as Intel SGX and ARM Trustzone allow programs to ex...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180214.mp4
Eli Lilly's Threat Intelligence team (CTI) was officially established in July of 2016 tasked with several key objectives that would need to be met for the overall Security organization to be succ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180207.mp4
The public health sector cannot deliver efficient and safe patient care without digital interconnectivity among devices. If the healthcare system is connected, but insecure, the interconnectivity...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180131.mp4
Software is an essential component to the operation of business information systems, cyber physical systems, and various personal devices. Despite increased awareness and concern about software s...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180124.mp4
Password leaks have become an unfortunately common occurrence, with billions of records leaked in the past few years. In this work we develop and economic model to help predict how many user pass...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20180117.mp4
Penetration testing, or "Ethical Hacking", is the practice of testing systems, environments, and even employees in the manner of a real-world hacker. As news of security breaches and wide-spread ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20171206.mp4
Security technology has long been relegated as part of the IT stack, but the consistent stream of attacks on our government, corporations, and individuals alike have shown that the relationship b...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20171129.mp4
Intrusive online advertising has given birth to the trend of ad-blockers. Initially dismissed by the online advertising industry as inconsequential, ad-blockers have evolved from a mere plugin to...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20171115.mp4
Internet users around the world are facing censorship. To access blocked websites, they use circumvention services that most commonly consist VPN-like proxies. The censors, in turn, try to block ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20171108.mp4
Rebroadcast from the original Oct. 30 talk.WEST LAFAYETTE, Ind. — Mikhail Atallah, distinguished professor of computer science and a professor of electrical and computer engineering (courtesy),...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20171101.mp4
The Department of Defense has mandated a risk management rather than risk avoidance approach in Cybersecurity. All Department of Defense programs are being directed to the Risk Management Framewo...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20171025.mp4
Protocols satisfying Local Differential Privacy (LDP) enable parties to collect aggregate information about a population while protecting each user's privacy, without relying on a trusted third p...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20171018.mp4
In the last few years breaches at organizations like Yahoo!, Dropbox, Lastpass, AshleyMadison and Adult FriendFinder have exposed billions of user passwords to offline brute-force attacks. Passwo...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20171011.mp4
The proliferation of wearable devices, e.g., smartwatches and activity trackers, with embedded sensors has already shown its great potential on monitoring and inferring human daily activities. In...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20171004.mp4
A vulnerability comes out and you need to know if you are vulnerableso you open up your vulnerability scanner and scan your systems tounderstand what you need to patch but what is that scanner do...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170927.mp4
Unmanned airborne systems (UAS) provide a wide range of capabilities in areas such as agriculture, environmental monitoring, disaster relief, delivery of goods, media & communications and surveil...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170920.mp4
This first portion of the presentation will explore the emerging cyber threats facing the industrial control systems network environments with a focused look at the Power & Utility industry. It w...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170913.mp4
Current and recent events make it clear that cybersecurity requires defense in depth. Software development is both an early opportunity to begin the defense, and the source of many commonly explo...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170906.mp4
We have spent so much time focusing on Red and the images of security ninjas leaping off tall walls with laptops and grappling tools that the role of "blue" has been left in the dark…it's under...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170830.mp4
Operating system level auditing is one of the most important forensics techniques. With operating system level audit systems, e.g., the Linux audit system, investigators can generate attack causa...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170823.mp4
In a provenance-aware system, mechanisms gather and report metadata that describes the history of each object being processed on the system, allowing users to understand how data objects came to ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170426.mp4
As we push computers to "the edge" building an increasingly complex world of interconnected systems and devices, security and privacy continue to dominate the national conversation. The Defense S...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170419.mp4
Users routinely type sensitive data such as passwords, credit card numbers, and even SSN into their mobile phone apps and browsers. Rich functionality combined with weak security mechanisms makes...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170412.mp4
Applications written in C/C++ are prone to memory corruption, which allows attackers to extract secrets or gain control of the system. With the rise of strong control-flow hijacking defenses, non...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170329.mp4
After a series of recent high profile information security breach incidents, the role of Chief Information Officers, particularly their role in information security risk management, has been in a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170322.mp4
Whether it is a spear phishing attack, social engineering, or malware specifically tailored to obtain online banking credentials, hundreds of thousands of dollars are at risk to fund transfer fra...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170308.mp4
Malicious payload injection attacks have been a serious threat to software for decades. Unfortunately, protection against these attacks remains challenging due to the ever increasing diversity an...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170222.mp4
In this talk, we will leverage the framework of game theory to understand the effects of decentralized decision-making on the robustness and security of large-scale networked systems. In the firs...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170215.mp4
Large corporations evolve over time. The technology they produce, the services they provide, the working practices and the IT that supports are changing at an ever increasing rate. From its forma...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170208.mp4
The threat landscape is changing significantly; complexity and rate of attacks is ever increasing, and the network defender does not have enough resources (people, technology, intelligence, and c...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170201.mp4
BGP enables as a network of networks, and is also a network of trust. The most clear instantiation of that trust is the updating of router tables based on unsubstantiated announcements. The posit...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170125.mp4
Cybersecurity threats are constantly evolving and becoming more sophisticated. This has been observed through advanced spear phishing campaigns, increase in ransomware families/variants and the u...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170118.mp4
Differential privacy aims at learning information about the population as a whole, while protecting the privacy of each individual. With its quantifiable privacy and utility guarantees, different...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20170111.mp4
Processor caches and memory chips are hardware components used by all software programs on a computer system. They are designed, and thereafter fine-tuned over the years, for better performance a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20161207.mp4
Abhilasha Bhargav-Spantzel, Intel
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20161130.mp4
Over the past decade, the Advanced Persistent Threat (APT) has risen to forefront of cybersecurity threats. APTs are a major contributor to the billions of dollars lost by corporations around the...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20161116.mp4
Configuration is the glue for logically integrating cyber infrastructure components to satisfy end-to-end requirements on security and functionality. Every component has a finite number of config...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20161109.mp4
The paper will briefly review the achievements of natural language information assurance and security, a Purdue-native innovative stand of research and applications, from NL watermarking and tamp...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20161026.mp4
A typical computer user today manages passwords for many different online accounts. Users struggle with this task ---often forgetting their passwords or adopting insecure practices, such as using...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20161019.mp4
Failing to properly isolate components in the same address space has resulted in a substantial amount of vulnerabilities. Enforcing the least privilege principle for memory accesses can selective...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20161012.mp4
Communications Security, Computer Security, Information Security, Information Assurance, Information Operations, Cyber Security: through a 35-year career at the National Security Agency, and now ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20161005.mp4
Cyber-liability insurance has grown from a niche product into a multi-billion-dollar market in less than a decade. It has also become a negotiating point in technology-related contracts and a buz...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160928.mp4
Over the last seven years we have been observing a tremendous growth of crypto-currencies such as Bitcoin and IOU credit networks such as Ripple. Their decentralized and pseudonymous nature, abil...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160921.mp4
In this presentation the speaker will give an introduction to the GM product cybersecurity organization and the efforts that is being undertaken by this organization to drive a better product cyb...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160914.mp4
I will be discussing Improving Outcomes with Services. Including a deep dive into Advanced Threat Analytics and how Cisco Active Threat Analytics (ATA) integrates deep expertise with cutting-edge...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160907.mp4
Current general-purpose CPUs are multicores, offering multiple computing units within a single chip. The performance of programs on these architectures, however, does not necessarily increase pro...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160831.mp4
Applications are only as secure as the network architecture and operating systems in which they operate. It is only a matter of time before services, networks, or applications are targeted by bad...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160824.mp4
In this work we present a simple, yet effective and practical, scheme to improve the security of stored password hashes, rendering their cracking detectable and insuperable at the same time. We u...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160427.mp4
Annual Symposium 2016 Tech TalkKelley Misata, Ph.D. Candidate, Interdisciplinary Information Security - Purdue University About the speaker: Kelley Misata is a strategic leader who combines over ...
https://www.cerias.purdue.edu/assets/symposium/video/2016/Symposium_2016_Kelley_Misata.mp4
Dickie George spent 41 years working for the National Security Agency as a cryptographer. As a member of the Intelligence Community, you learn to live as a target. However the world has changed �...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160420.mp4
A credit network models trust between agents in a distributed environment and enables payments between arbitrary pairs of agents. With their flexible design and robustness against intrusion, cred...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160413.mp4
Several newly emerged wireless technologies (e.g., Internet-of-Things)---extensively backed by the tech industry---are being widely adopted and have resulted in a proliferation of diverse smart a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160406.mp4
Using the Internet is a risky venture: cybercriminals could be lurking behind any email or in any web page, just waiting to compromise your machine. Practicing and researching cybersecurity is ab...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160330.mp4
Recent concerns about government surveillance have focused attention on secure communication tools for the masses. The security properties of these tools receive more attention than their usabili...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160323.mp4
Private information retrieval (PIR) is a way for clients to query a remote database without the database holder learning the clients' query terms or the responses they generate. Compelling applic...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160309.mp4
Traditional approaches to securing systems tend to be fixed and mostly non adaptive. The Policy that defines the security posture is in some sense "hardcoded". In this talk, we focus on approache...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160302.mp4
User authentication and identity management are the first-gate defense and access protection for cyber systems. Authentication failures, including post-authentication attacks, have caused constan...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160224.mp4
Which song will Smith listen to next? Which restaurant will Alice go to tomorrow? Which product will John click next? These applications have in common the prediction of user trajectories that ar...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160217.mp4
The Indiana Information Sharing and Analysis Center (IN-ISAC) is an entity developed by the State of Indiana and key partners to mitigate cybersecurity risks for the State of Indiana. The IN-ISAC...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160210.mp4
Modern Cryptography provides algorithmic solutions to securely compute over the private data of mutually distrustful parties. These solutions require algorithmic or physical building blocks such ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160203.mp4
Technological advances and novel applications, such as sensors, cyber-physical systems, smart mobile devices, cloud systems, data analytics, and social networks, are making possible to capture, a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160127.mp4
The computer science community has had a growing research focus in Privacy over the last decade. Much of this has really focused on confidentiality: Anonymization, computing on encrypted data, ac...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160120.mp4
Threat-driven security is a systematic system-level approach that is driven by a clear understanding of the security need – it is not arbitrary application of security technologies based on the...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20160113.mp4
Making conflicting statements to others, or equivocation, is a simple yet remarkably powerful tool of malicious participants in distributed systems of all kinds. In distributed computing protocol...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20151209.mp4
Females are significantly less likely to pursue tech-focused careers, and have significantly lower self-efficacy in technical domains. Despite initiatives to increase female participation in STEM...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20151202.mp4
In many envisioned drone-based applications, drones will communicate with many different smart objects, such as sensors and embedded devices. Securing such communications requires an effective an...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20151118.mp4
Is it possible for Alice to compute a result and for Bob to be convinced of its correctness without having to reexecute the computation? What if the computation is performed over sensitive data t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20151111.mp4
Secure multiparty computation (MPC) and differential privacy are two notions of privacy that deal respectively with how and what functions can be privately computed. In this talk, I will first gi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20151104.mp4
This presentation is a detailed case study of the Authur Pendragon cyberthreat that occurred at The University of Alabama on September 21, 2014.The Authur Pendragon threat instigated mass fear, s...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20151028.mp4
Privacy has been a hot issue since early 2000s, in particular with the rise of social network and data outsourcing. Data privacy is a big concern in data outsourcing because it involves sharing p...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20151021.mp4
Private record linkage protocols allow multiple parties to exchange matching records, which refer to the same entities or have similar values, while keeping the non-matching ones secret. Conventi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20151014.mp4
Mobile malware is a growing menace, even though many Cybersecurity practitioners don't fully grasp the situation. This presentation will address the Five W's of mobile malware, namely: Who is dev...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20151007.mp4
While designing computer systems and their underlying protocols, architects impose functionality, security, and privacy requirements or policies with which the designed systems and protocols shou...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150930.mp4
Currently cyberinfrastructures are facing increasinglystealthy attacks that implant malicious payloads under thecover of benign programs. Existing attack detection approachesbased on statistical ...
https://www.cerias.purdue.edu//assets/video/secsem/secsem_20150923.mp4
Low signal-to-noise data processing algorithms forimproved detection, tracking, discrimination and situationalthreat assessment are a key research challenge. As sensortechnologies progress, the n...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150916.mp4
In cyber-attack analysis, it is often highly desirable to understand the meaning of an unknown file or network message in the absence of their consumer (i.e. the program that parses and understan...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150909.mp4
While smartphones and mobile apps have been an essential part of our lives, privacy is a serious concern. Previous mobile privacy related research efforts have largely focused on predefined known...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150902.mp4
Network transport protocols, like TCP, underlie the vast majority of Internet communication, from email to web browsing to instant messaging to file transfer. Despite their importance, these prot...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150826.mp4
For years, legal wiretapping was straightforward: the officer doing the intercept connected a tape recorder or the like to a single pair of wires. By the 1990s, though, the changing structure of ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150429.mp4
"Increasing robustness and resilience: assessing disruptions and dependencies in analysis of System-of-Systems alternatives"Researchers: Prof. Daniel Delaurentis, Karen Marais, Navindran Davendra...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150422.mp4
Secure Multiparty Computation offers cryptographically strong guarantees on the secrecy of data used in collaborative computing among untrusted parties. It has many important applications ranging...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150415.mp4
Rebecca will provide a brief discussion of the general consideration of what "privacy" and "personal information" really are, in addition to important factors when making privacy risk assessment....
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150408.mp4
Location-based social networks (LBSNs) feature location-based friend discovery services attracting hundreds of millions of active users world-wide. While leading LBSN providers claim the well-pro...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150401.mp4
We will discuss how the known practives and inspirations of the past can enlighten our path forward into the uncertain seas of Big Data, Clouds and Things that absorb data and even talk back. Pri...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150325.mp4
Mobile application vetting is pivotal to preserve the integrity of mobile platforms. Existing frameworks typically rely on virtual environments which are easily detected by malware. Advanced malw...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150311.mp4
Research on new technologies to help security analysts defend networks and systems from attacks has unique challenges --- the ad-hoc nature of attacks and their mitigation makes formal modeling e...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150304.mp4
Installing security-relevant software updates is one of the best computer protection mechanisms available to end users. Unfortunately, users frequently decide not to install future updates, regar...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150225.mp4
Data collected by organizations and agencies are a key resource intoday's information age. The use of sophisticated data mining techniquesmakes it possible to extract relevant knowledge that can ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150218.mp4
Programs are full of bugs, leading to vulnerabilities. We'll discusspower and limitations of code-pointer integrity (CPI), a strong butpractical security policy that enforces memory safety for al...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150211.mp4
Individuals have the privacy expectation that organizations (e.g., bank, hospital) that collect personal information from them will not share these personal information with mischievous parties. ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150204.mp4
The "pay-as-you-go" cloud computing model has strong potential for efficiently supporting big data analysis jobs expressed via data-flow languages such as Pig Latin. Due to security concerns — ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150128.mp4
Cloud computing is a key technology for storing, managing and analyzing big data. However, such large, complex, and growing data, typically collected from various data sources, such as sensors an...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150121.mp4
The Building Security in Maturity Model V (BSIMM-V) is an industry-driven maturity model dedicated to software security, which specifies a set of activities designed to foster an improved securit...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20150114.mp4
This presentation will discuss how program analysis can be used in security applications. Three sample applications will be discussed:binary transformation that can mutate and instrument off-the-...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20141210.mp4
A great deal of discussion about privacy focuses on the technicaldetails of metadata, data in motion, data at rest, etc -- details which are designed to obscure the basic discussion rather than t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20141119.mp4
In my talk I will be describing new techniques developed at RSA Labs to analyze massive log data commonly collected by large enterprises to detect and identify suspicious activity. Unlike common ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20141112.mp4
Network Operations Center and Security Operations Center (NOC / SOC) teams have complex and challenging cognitive tasks that are crucial to the IT health of the organization, but existing tools a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20141105.mp4
The Healthcare Industry; Rapid Growth, Increased RiskWhy the Healthcare Industry is behind the curve on Security and PrivacyHow the Trust Factor affects Adoption of Technology InnovationHealthcar...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20141029.mp4
Graphics Processing Units (GPUs) have evolved from very specialized,idiosyncratic hardware intended to execute specialized graphics workloadsto semi-autonomous "supercomputers" that can be progra...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20141022.mp4
About the speaker: Dr. Elliott's teaching and research interests are in the field of biometrics. He currently leads a team of graduate and undergraduate students who work in the area of biometric...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20141008.mp4
Throughout the world, companies are finding that data breaches have become as common as a cold but far more expensive to treat. With the exception of Germany, companies had to spend more on their...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20141001.mp4
There are various forms and types of intelligence but this topic isn't about how smart you are. It is about how smart you are in figuring out the risks and various impacts against your organizati...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140924.mp4
Periodic Mobile Forensics (PMF) is a MITRE research project investigating user behavioral measurement on mobile devices by applying both traditional and mobile forensics processes. We applied our...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140917.mp4
Memory corruption (e.g., buffer overflows, random writes, memoryallocation bugs, or uncontrolled format strings) is one of the oldestand most exploited problems in computer science. These problem...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140910.mp4
State-of-the-art memory forensics involves signature-based scanning of memory images to uncover data structure instances of interest to investigators. A largely unaddressed challenge is that inve...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140903.mp4
In our ever connected society, security has become an essential component for all facets of life. Businesses, government, academics, and individually, all facets have a need to protect and secure...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140430.mp4
Considering that most consumers do not read Privacy Policies and Terms of Service agreements before accepting them, considerable informational asymmetry exists between consumers and cloud service...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140416.mp4
As the field of determined and increasingly sophisticated adversaries multiplies, the confidence in the integrity of deployed computing devices magnifies. Given the ubiquitous connectivity, subst...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140409.mp4
Philip Ritchey & Mohammed Almeshekah, Purdue University
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140402.mp4
About the speaker: As a security strategist and philosopher serving in the IT Security space, Joshua Corman's cross-domain research highlights adversaries, game theory and motivational structures...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140326.mp4
The desire to compute on sensitive data without revealing it has led to several decades of research in the area of secure multi-party computation. Today, cloud computing serves as a major motivat...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140312.mp4
Security research domain has recently witnessed tremendous growth in respect to all aspects of information access and sharing. There has been notable progress in developing successful approaches ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140305.mp4
As computing shifts to a service-oriented world, a key need is to deliver an always-on experience to the end-users. However, providing a 24x7x365 available service is challenging because failures...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140226.mp4
This talk will examine several technical questions related to the NSA's program that collects data about a substantial fraction of all domestic phone calls. How effective is such a program likely...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140219.mp4
As more and more Internet-based attacks arise, organizations are respondingby deploying an assortment of security products that generate situationalintelligence in the form of logs. These logs of...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140212.mp4
Storage and computation outsourcing to cloud servers has become very popular due to the large volume of data that needs to be hosted at cloud servers and the intent to employ servers to perform c...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20140129.mp4
Marina Kaljurand, Republic of Estonia
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20131204.mp4
Use of graph-structured data models is on the rise -- in graph databases, in representing biological and healthcare data as well as geographical data.In order to secure graph-structured data, and...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20131120.mp4
It was once said that the last time one had full control of their software was right before they released it. This is ever more important as organizations move applications and services into a pu...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20131113.mp4
The purpose of this study is to identify several areas of forensic interest within the Yahoo! Messenger application, which are of forensic significance. This study focuses on new areas of interes...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20131106.mp4
Data collected by organizations and agencies are a key resourcein today's information age. The use of sophisticated data mining techniquesmakes it possible to extract relevant knowledge that can ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20131030.mp4
What are Systems of Systems? Why are we interested in them? What about them vex us? These topics will be addressed in this overview talk along with emphasis on the analysis of vulnerabilities in ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20131023.mp4
The DARPA Detection and Computational Analysis of Psychological Signals (DCAPS) program provided initial funding for the Durkheim Project. While DCAPS as a whole addressed PTSD, the Durkheim Proj...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130925.mp4
The Facebook security team will share how we approach the securitychallenges involved in protecting the identities of over a billion userson our site. This talk is partly about our culture, and p...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130918.mp4
In 2011 the National Institute of Standard and Technology (NIST) released a draft of special publication 800-155. This document provides a more detailed description than the Trusted Platform Modu...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130904.mp4
The university environment has unique challenges for information security. Just as corporate networks have exploded in size, services, users, and devices, university networks also have a continua...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130828.mp4
To hide information within a picture we usually replace the least significant bits. This approach is no longer available if there is only 1 bit/pixel like for Quick Response Codes we meet everyda...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130821.mp4
The Identity-Based Internet Protocol (IBIP) Network project is experimenting with a new enterprise oriented network architecture using standard Internet Protocol to encode identity (ID) informati...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130424.mp4
The growing demand for cloud services is driving the need to deliver an always-on and safe user experience in accessing their data and applications. Examples include web search, social networking...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130417.mp4
Laws and regulations safeguard citizens' security and privacy. For example, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) governs the security and privacy of electronic ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130327.mp4
In January 2012, MITRE performed a real-time, red team/blue team cyber-wargame experiment. This presented the opportunity to blend cyber-warfare with traditional mission planning and execution, i...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130320.mp4
Recent advances in DNA sequencing technologies have put ubiquitous availability of whole human genomes within reach. It is no longer hard to imagine the day when everyone will have the means to o...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130306.mp4
Smart electric meters are meters that can measure electric usage with a pretty high frequency. Smart electric meters pose a substantial threat to the privacy of individuals in their own homes. Co...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130220.mp4
Plagiarism is the copying of another party's ideas and passing them off as your own. In the world of smartphone app-markets, this is usually followed by confusion for the buyers (users) and lost ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130213.mp4
One of Android's main defense mechanisms against malicious apps is a risk communication mechanism which, before a user installs an app, warns the user about the permissions the app requires, trus...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130206.mp4
This paper presents a meaning-based method to spam filtering by distinguishing text without content from text with little content from text with normal content, based on the amount of meaning tha...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130130.mp4
We interact with location-aware devices on a daily basis. Such devices range from GPS-enabled cell-phones and tablets, to navigation systems. Each device can report a multitude of location data t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20130123.mp4
Services like online banking require high confidentiality due to the sensitivity of the data being transfered. As a result, online users have turned to anonymity services which offer identity pro...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20121205.mp4
In this talk, we focus on a class of buffer overflow vulnerabilities that occur due to the "placement new" expression in C++. "Placement new" facilitates placement of an object/array at a specifi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20121128.mp4
An essential part of security is controlling access. Traditional access control depends on the a person's ability to prove their identity and the access control system's ability to verify their i...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20121114.mp4
Today, the publication of microdata poses a privacy threat. Vast research has striven to define the privacy condition that microdata should satisfy before it is released, and devise algorithms to...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20121107.mp4
Perceived risk is informed by a myriad of affectiveassessments, nine of which have been examined rigorously for offlinerisk decisions. Is the risk voluntarily taken? Is the impact of therisk imme...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20121031.mp4
Android Phones are becoming more pervasive at MITRE's customers without any means of measuring malicious user or application behavior. More sensitive information is becoming accessible on these p...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20121024.mp4
In this talk EJ will be speaking about a security development lifecycle necessary to address vulnerabilities in complex systems. The need for software security is clear in today's cyber world. He...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20121017.mp4
Over the past two decades, the Internet has become an essential tool in the lives of millions of people. Unfortunately, this success has also attracted cybercriminals who exploit the Internet as ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20121010.mp4
Smartphone security research has become very popular in response to the rapid, world-wide adoption of new platforms such as Android and iOS. Smartphones are characterized by their ability run thi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20121003.mp4
The detection of malicious activity can occur at many places within an enterprise. One area that is a natural extension of perimeter based approaches is that of internal network monitoring. This ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120926.mp4
Identifying and removing malicious insiders from a network is a topic ofactive research. Vehicular ad hoc networks (VANETs) may suffer frominsider attacks; that is, an attacker may use authorized...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120919.mp4
Deloitte Security & Privacy will present on recent trends in cyber security consulting, including how industry and regulatory trends are driving change to information security practices. The pres...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120912.mp4
Why do we implement systems and application with poor security characteristics? This talk looks at the evolution of network security as a consequence of productive change. Specifically, we will l...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120905.mp4
Long-range research into information assurance and security has seen peaks and valleys over the past three decades, mirroring larger trends including the explosive growth of Internet services and...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120829.mp4
The recent and new concept of "Cloud Brokers" and Brokerage came to light with the recent release of the GSA Cloud Broker RFI. What does that mean for the cloud professionals of today (skills the...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120822.mp4
Differential privacy is a very powerful approach to protecting individual privacy in data-mining; it's also an approach that hasn't seen much application outside academic circles. There's a reaso...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120425.mp4
Many security professionals look to software on hardrives as the source of compromise. To detect compromises, they use systems to check the hashes of all files on disk, When a machine is compromi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120418.mp4
The proliferation of social networks, where individuals share private information, has caused, in the last few years, a growth in the volume of sensitive data being stored in these networks. As u...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120411.mp4
Group key management (GKM) is a fundamental building block in any secure group communication applications. In fact, successful management of group keys is critical to the security of any cryptosy...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120328.mp4
There is a long history of supply chain management, from which many related policies, practices, processes, and enabling artifacts have been developed and employed by those business enterprises t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120321.mp4
Assessing the trustworthiness of location data corresponding toindividuals is essential in several applications, such as forensicscience and epidemic control. To obtain accurate and trustworthylo...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120307.mp4
With the advent of cloud computing, our view of cryptographic protocols has changed dramatically. In this talk, I will give an overview of some of the newer challenges that we face in cloud crypt...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120229.mp4
US Government, Department of Defense, and Enterprise computer systems must be trusted to protect data with varying levels of sensitivity / security. Affordability requirements are driving the nee...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120222.mp4
Using validated carving techniques, we show that popular operating systems (eg Windows, Linux, and OSX) frequently have residual IP packets, Ethernet frames, and associated data structures presen...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120215.mp4
As technological advancements continue to expand the range of information access, issues of privacy and cyber security have risen to the forefront. Technology is only one part of a larger convers...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120208.mp4
The future web, and Internet, are undergoing a humanization of their technologies which increasingly make their services more personalized, individualized and transparent. This is jointly fueled ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120201.mp4
A variety of mechanisms have been used in access control systems to support enterprises' diverse security needs. For example, some enterprises might allow individual users to assign privileges on...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120125.mp4
Many application domains, such as real-time financial analysis, e-healthcare systems, sensor networks, are characterizedby continuous data streaming from multiple sources and through intermediate...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120118.mp4
A discussion about biometrics, performance and error. Learn more about biometric technologies and challenges related to performance. About the speaker: Dr. Stephen Elliott is the Director of the ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20120111.mp4
We introduce Soundcomber, a "sensory malware" for smartphones that uses the microphone to steal private information from phone conversations. Soundcomber is lightweight and stealthy. It uses targ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20111130.mp4
The open nature of the wireless medium leaves wireless communications exposed to interference caused by the concurrent operation of co-located wireless devices over the same frequency bands. Whil...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20111116.mp4
Previous research on virtual machine introspection proposed "out-of-box" approach by moving out security tools from the guest operating system. However, compared to the traditional "in-the-box" a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20111109.mp4
Learn how organization's proactivly protect against malware that traditional signature-based anti virus solutions miss.
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20111102.mp4
Peer-to-peer real-time communication and media streaming applicationsoptimize their performance by using application-level topology estimationservices such as virtual coordinate systems. Virtual ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20111026.mp4
The talk reports on an early stage of on-going research on the application of computational semantic techniques to detect phishing, i. e., mass mailings intended to sweep up personal details for ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20111019.mp4
Since early 2010 Google, Sony, Epsilon CitiBank, International Monetary Fund, RSA, various law enforcement agencies and many other organizations have been compromised by different attack groups. ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20111012.mp4
Computer hardware and software that perform real-world functions such as flight control, telecommunications switching, and network routing form a class of systems called embedded systems. These e...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20111005.mp4
Secret sharing is important in information and network security and has broad applications in the real world. Since an elegant secret sharing mechanism was first proposed by Shamir in 1979 (also ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110928.mp4
The ongoing explosion of data and information throughout the enterprise is undeniable. Sensitive data, whether structured or unstructured, finds itself replicated and dispersed. This creates a ch...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110921.mp4
Vast resources are devoted to predicting human behavior in domainssuch as economics, popular culture, and national security, but thequality of such predictions is often poor. Thus, it is tempting...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110914.mp4
The abuse of online games by automated programs, known as bots, hasgrown significantly in recent years. The conventional methods fordistinguishing bots from humans, such as CAPTCHAs, are not effe...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110907.mp4
Privacy Preserving Data Publishing (PPDP) is an evolving research field that is targeted at developing anonymization techniques to enable publishing data so that privacy is preserved while data d...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110831.mp4
The number of generic top-level domains in the Internet's Domain Name System has been increasing slowly since 2000. In July 2011 the Internet Corporation for Assigned Names and Numbers (ICANN) ap...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110824.mp4
Eric Katz, Purdue University
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110427.mp4
My late friend Robert Garigue, a pioneer of Information Warfare and one of the most original and visionary corporate Chief Information Security Officer, first described the notion a "semantic att...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110420.mp4
The correlation of information from disparate sources has long been an issue in data fusion research. Traditional data fusion addresses the correlation of information from sources as diverse as s...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110413.mp4
Krannert Auditorium, Purdue University, West Lafayette, INThe interaction of society, law enforcement and telecommunications has evolved over the last 140 years to a successful balance of give an...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110406.mp4
If you are interested in what cyber-related technologies will be most relevant at the time you graduate, and where many of the cutting-edge jobs will be, then this talk will be of interest. This ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110323.mp4
SHODAN is a computer search engine. But it is unlike any other search engine. While other search engines scour the web for content, SHODAN scans for information about the sites themselves. The re...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110309.mp4
The Domain Name System (DNS) is one of the components most critical toInternet functionality. The ubiquity of the DNS necessitates both theaccuracy and availability of responses. While the DNS Se...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110302.mp4
This talk will summarize two recent results on JavaScript."The Eval that Men Do": Transforming text into executable code with a function such as JavaScript's eval endows programmers with the abil...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110223.mp4
There is considerable research being conducted on insider threats directed to developing new technologies. At the same time, existing technology is not being fully utilized because of non-technol...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110209.mp4
The Wisebed wireless sensor network testbed provides a federated experimentation facility covering several European universities. For scalable management of access control we have designed and im...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110126.mp4
Research in computer security has historically advocated Design forSecurity, the principle that security must be proactively integratedinto the design of a system. While examples exist in the res...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110119.mp4
Many companies today are paying attention to cloud computing and new aspects of large-scale, distributed computing. This emerging paradigm of the information age offers exciting benefits to compa...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20110112.mp4
Piracy is a significant source of concern facing software developers, music labels, and movie production companies. Firms continue to invest in digital rights management technologies to thwart pi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20101201.mp4
Physically unclonable functions (PUFs) are hardware structures that create unique characteristics for distinct copies of a device. Specifically, the physical nature of manufacturing a device intr...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20101117.mp4
Coordinated attacks, such as botnets, present a major threat to today's computing infrastructures. They are able to evade traditional detection techniques by using zero-day and polymorphic exploi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20101110.mp4
Computing system compromises occur because system integrity is not managed effectively. The various parties that contribute to a system, programmers, OS distributors, and system administrators, d...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20101103.mp4
The 80s and 90s saw a revolution in hardware verification, where automata theory played a prominent role, formalizing model-checking and establishing the basis of verification using the logic-aut...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20101027.mp4
Current web browsers are complex, have enormous trusted computing bases, and provide attackers with easy access to modern computer systems. In this talk we introduce the Illinois Browser Operatin...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20101020.mp4
Regular expression (RegEx) matching is a core component of deep packet inspection in modern networking and security devices. Prior RegEx matching algorithms are either software-based or FPGA-base...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20101013.mp4
In this seminar, we present results from a global study about Web 2.0 use in organizations. The study, commissioned by McAfee, Inc., included a worldwide survey of over 1,000 organizational IT le...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20101006.mp4
In this seminar, an Obfuscation Module is discussed. This module provides a means to perform computation on untrusted computing systems while maintaining the confidentiality and integrity of the ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100929.mp4
This talk will initially provide an overview of Telcordia's cyber security research. The talk will then focus on Telcordia's research in securing MANETs. MANETs are networks that do not require a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100922.mp4
With software-as-a-service becoming mainstream, more and more applications are delivered to the client through the Web. Unlike a desktop application, a web application is a "two-part" program, wi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100915.mp4
This talk will examine the state of current and proposed rootkits, to try and answer the following question: are rootkits stupid and lame? The speaker will provide supporting evidence that most a...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100908.mp4
Assurance of authenticity as well as confidentiality of data is an important problem, in cloud computing and in third-party data distribution environments. Existing data authentication schemes fo...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_2010-09-01.mp4
In this talk we identify two general frameworks (inter-flow and intra-flow) that encompassseveral network coding-based systems proposed in wireless mesh networks. Our systematicanalysis of the co...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100825.mp4
The paper describes a computational system, an application and implementation of the mature Ontological Semantic Technology, for detecting unintentional inferences in casual unsolicited and unres...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100428.mp4
This seminar will provide an overview of how Information Security (AKA Cyber Security, AKA INFOSEC) engineering, requirements analysis and security policies and other activities fit into the over...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100421.mp4
The power of modern websites emerges to a large extent from the ability to combine content from different sources. As an example, a site may include a Google map next to business information a us...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100414.mp4
Shannon started the unclassified scientific research in cryptography with hisOctober 1949 paper. First we briefly survey the scientific research incryptography since then. We discuss the strength...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100407.mp4
The security field is an excellent illustration of the maxim that ``the more things change, the more they stay the same.'' Thus while technical details change, underlying security principles rema...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100331.mp4
The rapid growth of communication environments such as the Internet has spurred the development of a wide range of systems and applications based on peer-to-peer ideologies. As these applications...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100324.mp4
For the second time, MITRE's Common Weakness Enumeration project has released a Top-25 list. However, this year's is a much more sophisticated document, created using a systematic and more rigoro...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100310.mp4
By exploiting existing vulnerabilities, malicious parties can take advantage of resources made available by grid systems to attack mission critical websites or the grid itself. In this paper, we ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100303.mp4
We present ribbons, a shared memory programming modelthat allows for more implicit sharing of memory than processes but ismore restrictive than threads. Ribbons structure the heap into protection...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100224.mp4
This talk presents a systematic approach for estimating the trustworthiness of data items in data stream environments (such as sensor networks). The approach uses the data item provenance as well...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100217.mp4
This talk will look at how analytics can be used to increase our understanding of what digital evidence actually means. The real value of evidence is often related to the context and meaning of t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100210.mp4
Trusted insiders who misuse their privileges to gather and steal sensitive information represent a potent threat to businesses. Applying access controls to protect sensitive information can reduc...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100203.mp4
In today's society, biometric technologies are being used in a number of different applications. This discussion will introduce the concept of biometric technologies, and outline various challeng...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100120.mp4
Eugene Spafford, Purdue University
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20100113.mp4
Threats to privacy are not only due to traditional computer security issues; human factors issues such as unintentional disclosure of information also have an impact on privacy preservation. In t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20091209.mp4
The Director of the VeriSign iDefense Applied Vulnerability Research Labs discusses current cyber security trends identified in 2008 and manifested in 2009 from Cyber Crime, Cyber War, Cyber Espi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20091202.mp4
Social and communication networks are formed by entities (such as individuals or computer hosts) and their connections (which may be contacts, relationships, or flows of information). Such networ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20091118.mp4
We start with presenting motivation and goals for the Future Internet, and reviewing basics of trust in computing.The Pervasive Trust Foundation (PTF) for the Future Internet is proposed next. Th...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20091111.mp4
Access control policies in healthcare domain define permissions for users to access different medical records. A Role Based Access Control (RBAC) mechanism allows management of privileges to medi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20091104.mp4
Infrastructureless and decentralized communication substrates such as mobile ad hoc networks and peer-to-peer systems enable setting up communication services beyond borders of contemporary wired...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20091028.mp4
As information assets have become a critical factor for enterprises to stay competitive, there is an increasing awareness of information security management. However, they are easily overlooked b...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20091021.mp4
Given the proliferation of malware, the integrity of embedded communication systems is becoming a growing concern. Recent compromises to systems such as ATMs and network switches and routers prov...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20091014.mp4
As a discipline, software security has made great progress over the last decade. There are now at least 46 large scale software security initiatives underway in enterprises including global finan...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20091007.mp4
Starting Over After A Lost Decade, In Search of a Bold New Vision for Cyber Security: It is not enough to develop a comprehensive cyber security program that exists in isolation from the world be...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090930.mp4
Information security professionals increasingly need to be familiar with developments in cyberlaw to ensure they comport their actions with the contours of the law. Unfortunately, with technology...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090923.mp4
From security architecture to implementation details... what matters when a customer faces a project to implement a global J2EE application? This presentation will cover some of the more pertinen...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090916.mp4
Behind countless complex applications lurk trusty relational databases that are responsible for managing the data that fuel these applications. For example, relational databases are used to suppo...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090909.mp4
As increasing amounts of valuable information are produced and persistdigitally, the ability to determine the origin of data becomesimportant. In science, medicine, commerce, and government, data...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090902.mp4
Mix networks, originally proposed in 1981, provide a way for Internetusers to send messages--such as email, blog posts, or tweets--withoutautomatically revealing their identities or their locatio...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090826.mp4
This Software Assurance (SwA) is a slightly different spin on the SwA presentation and discussion. The need for measurable SwA, for the purposes of presenting and assurance "case" and explained w...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090422.mp4
Intentional insider misuse of information systems resources (i.e., IS misuse) represents a significant threat to organizations. For example, industry statistics suggest that between 50-75% of sec...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090415.mp4
Over the last years it has become apparent that privacy issues become moreand more important when accessing data sources either on the Web or bydatabase management systems. That is, the user does...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090408.mp4
In the past six years, 44 states in the United States have embraced a new form of privacy and identity theft regulation – mandatory disclosure of data breach information. Information disclosure...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090401.mp4
,
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090325.mp4
The networking research community is working to design the Next Generation Internet, which will meet the needs of the twenty-first century. The first requirement for the Next Generation Internet ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090311.mp4
In the course of doing security vulnerability testing for government and commercial clients over the past 10 years, our Information Security Solutions team at Sypris Electronics has seen a lot of...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090304.mp4
Query-based web search is becoming an integral part of many people's daily activities. Most do not realize that their search history can be used to identify them (and their interests). In July 20...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090225.mp4
Building distributed systems is particularly difficult because of theasynchronous, heterogeneous, and failure-prone environment where thesesystems must run. This asynchrony makes verifying the co...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090218.mp4
The need for information security is undeniable and self-evident. The pervasiveness of this critical topic requires primarily risk assessment and management through quantitative means. To conduct...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090211.mp4
If you create an application that runs on one or more computersconnected to a network such as the internet, your code will be attacked.Consequences of compromised systems often include loss of tr...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090204.mp4
Code injection attacks, in their various forms, have been in existence and been an area of consistent research for a number of years. A code injection attack is a method whereby an attacker inser...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090128.mp4
A rules-based statistical algorithm (RBSA) identifies packets in any TCP connection that are client keystrokes of an ssh login. The input data of the algorithm are the packet arrival times and TC...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090121.mp4
There have been significant research developments in technology to protect privacy. Unfortunately, few of these have made the transition to practice. A large part of the problem is the lack of an...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20090114.mp4
Theories of deindividuation share common grounds, one of which is anonymity. For decades, it has been hypothesized that anonymity affects human behavior. With the rise of the popularity and devel...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20081210.mp4
In this talk, I will present a new approach to automatically generate a vulnerability signature for an unknown vulnerability, given a zero-day attack instance. Our approach is based on two system...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20081203.mp4
The Role Graph Model was first introduced by Nyanchama and Osborn in 1994. It has been extended over the years to include parameterized roles, an administrative model and a delegation model. We w...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20081119.mp4
Steganography is a discipline of computer science whose aim is to conceal the existence of information. Steganography synergizes various technologies including data compression, digital signal pr...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20081112.mp4
Scott Orton is the Anti-Tamper (AT) subject matter expert at Raytheon and was previously responsible for establishing the DOD AT executive agency. Scott will discuss the trends in information sec...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20081105.mp4
Currently many initiatives are being proposed for identity management, such as OpenID, SAML, CardSpace/Information Cards, and OAuth, as its importance is becoming apparent. Identity management is...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20081029.mp4
Business processes –the next generation workflows- have attracted considerable research interest in the last fifteen years. More recently, several XML-based languages have been proposed for spe...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20081022.mp4
What if you could determine exactly where, in any compiled binary, a security threat existed?Answering this question has been the fundamental goal of anti-virus software for many years past, with...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20081015.mp4
Software vendors have traditionally focused on improving code quality forimproving software security and quality. The code quality improvement effort aims toward reducing the number of design and...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20081008.mp4
The ability for information services to continue operating despite attacks is a core enabler of mission assurance goals. Existing security techniques lack this concept of resilience and are inade...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20081001.mp4
Organizations have recently shown increased interest in database activity monitoring and anomaly detection techniques to safeguard their internal databases. Once an anomaly is detected, a respons...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080924.mp4
The last decade has witnessed a huge increase in deployment of biometric systems, and while most of these systems have been single vendor, monolithic architectures the issue of interoperability i...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080917.mp4
Virtualization technology can deliver better IT asset utilization, more agile IT asset allocation, more efficient use of resources, while supporting a potentially more secure IT infrastructure. V...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080910.mp4
Mobile devices equipped with positioning capabilities (e.g., GPS) can ask location-dependent queries to Location Based Services (LBS). To protect privacy, the user location must not be disclosed....
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080903.mp4
Web sites on the Internet often use redirection. Unfortunately, without additional security, many of the redirection links can be manipulated and abused to mask phishing attacks. In this work, we...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080827.mp4
Creating secure code requires more than just good intentions. Programmers need to know how to make their code safe in an almost infinite number of scenarios and configurations. Static source code...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080416.mp4
With few exceptions, executive management doesn't care about security. They care about risk. In this session, Jack will discuss the differences and share his experiences in taking the information...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080409.mp4
Third Generation (3G) cellular networks utilize time-varying andlocation-dependent channel conditions to provide broadband services. They employ opportunistic scheduling to efficiently utilize sp...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080402.mp4
For sensor networks deployed to monitor and report real events, event source location privacy is an attractive and critical security property, which unfortunately is also very difficult and expen...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080326.mp4
Companies spend millions of dollars implementing security technologies to protect their corporate networks. Laptop computers and other mobile devices lose this protection once they leave the conf...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080305.mp4
There is inherent tension between network performance and security. With the rapidly evolving drive for military and economic data being accessible via Service Oriented Architectures, the import ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080227.mp4
This paper investigates the relationship between information security related disclosures in financial reports and the impacts of information security incidents through cross-sectional and cluste...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080220.mp4
This presentation discusses evolving concepts in security architectures. Current security architectures are based on the enclave architecture model. This model organizes and separates networked i...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080213.mp4
2006 and 2007 were seminal years which saw emergence of several information security threats and significant data breaches. The media focus on various incidents have made consumers much more awar...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080130.mp4
Electronic voting machines have made our elections less reliable and less secure, but recent developments offer hope of a better system in the future. Current research offers the hope of a future...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080123.mp4
What do the Department of Defense and the Electronic Frontier Foundation have in common? They have both funded the development of Tor (torproject.org), a free-software anonymizing network that he...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080116.mp4
While the world is constantly changing, the core principles of security have not changed that much, yet organizations are stilling be compromised. This talk will look at some of the problems in c...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20080109.mp4
SQL injection attacks are one of the topmost threats for applicationswritten for the Web. These attacks are launched through specially crafted user input on web applications that use low level st...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20071128.mp4
The widespread adoption of home routers by the general public has added a new target for malware and crimeware authors. A router's ability to manipulate essentially all network traffic coming in ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20071114.mp4
Non-state and state intelligence are converging in a context of fluid boundaries. It is increasingly difficult to know who is inside and who is not. Creating a trusted network does not resolve th...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20071107.mp4
In order to support emerging online activities within the digital information infrastructure, such as commerce, healthcare, entertainment and scientific collaboration, it is increasingly importan...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20071031.mp4
The potential for security to be tightly integrated into virtual machine technology is an exciting prospect. Not only does virtualization offer IT departments the opportunity to reduce costs, but...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20071024.mp4
Recent rapid development of wireless networks of sensors, actuators and identifiers dictates the digitalization of our physical world and the creation of the "internet of things". In this new int...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20071017.mp4
This talk discusses how engineers can go about learning what they needto know to prevent the most significant emerging data security vulnerabilities, and the impact these vulnerabilities are havi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20071010.mp4
About the speaker: Mr. Ehinger has been an employee of Rolls-Royce and its' predecessor companies for nearly 23 years. During the first 14 years of his career Mr. Ehinger served in several engine...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070926.mp4
Protecting valuable information assets, including personal data about employees, students, customers, and medical patients, is an enterprise-wide responsibility. Like all components of good corpo...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070919.mp4
Software development processes and tools used for small communication devices have changed significantly over the years. Some of these practices and processes have resulted in improvements in qua...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070912.mp4
The problem of a mice traveling through a maze is well known. The maze can be represented using a planar graph. We present a variant of the maze. We consider a grid vertex colored planar graph in...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070905.mp4
Trust models have been touted to facilitate cooperation among unknown entities. In our current work, we are interested in behavior-based trust models, i.e., models that derive the trustworthiness...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070829.mp4
The first step in migrating to a role based access control (RBAC) system, is role development, in which teams of people meticulously define sets of roles that meet the needs of an organization's ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070822.mp4
Human aspects of information security were identified at the early stages in the history of time shared computing. The recent surge in attacks that exploit security vulnerabilities involving huma...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070425.mp4
The Internet has become one of the main sources of knowledgeacquisition, harboring resources such as online newspapers, webportals for scientific documents, personal blogs, encyclopedias, andadve...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070418.mp4
Every profession goes through mistakes and unwise steps, especially in its early years. It is through trial and error that leaders and innovators of the profession are able to advance knowledge. ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070411.mp4
Abstract 1:Real-time logic (RTL) is useful for the verification of a safety assertion with respect to the specification of a real-time system. Since the satisfiability problem for RTL is undecida...
https://www.cerias.purdue.edu/video/secsem/secsem_20070328.mp4
If there is a difference between information and bits we had better find it soon. The bit-count is bounding upward, no one dares throw anything away, and once "search" supplants "organize" there ...
https://www.cerias.purdue.edu/video/secsem/secsem_20070321.mp4
Over the years intrusion detection technology has improved to the point that it is highly useful to both the commercial and non-commercial sector. This technology is, however, by no means anythin...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070307.mp4
Data mining is the process of posing queries and extracting patterns, often previously unknown from large quantities of data using pattern matching or other reasoning techniques. Data mining has ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070228.mp4
As cyber security has evolved in the new world of distributedcomputingthere have been dramatic changes to the nature of our security needs. Mr.Schmidt will talk about issues that affect large ent...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070221.mp4
Information policy at the enterprise level is invariably an exercise in gaps and inconsistencies. The range of concerns—including security—is broad, the environment tends to be heterogeneous ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070207.mp4
Computer systems ease the sharing and use of information,but accessibility of information leads to privacy concerns.Technology is being developed to address this issue - enablinguse of informatio...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070131.mp4
Information permeates every corner of our lives and shapes ouruniverse. Understanding and harnessing information holds the potential forsignificant advances. The breadth and depth of underlying c...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070124.mp4
Assured information sharing has been a "grand challenge" problem ofinformation security for several decades. Currently, there is broadconsensus that the state-of-practice of information sharing i...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070117.mp4
Computer-related incidents that have the potential to destabilize, violate, or damage, the resources, services, policies, or data of the community or individual members of the community are happe...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20070110.mp4
The talk will look at the phenomenon of deviant computer behavior and how understanding the individuals who engage in this behavior can benefit digital evidence investigations. A brief overview o...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20061206.mp4
The Internet is facing threats from increasingly stealthy andsophisticated malware. Recent reports have suggested that newcomputer worms and malware deliberately avoid fast massivepropagation. In...
https://www.cerias.purdue.edu/video/secsem/secsem_20061129.mp4
This presentation explores the evolution of cyber crime and cyber security as global issues over the past decade. It examines the growth of cyber bank robbery, cyber extortion, identity theft, ec...
https://www.cerias.purdue.edu/video/secsem/secsem_20061114.mp4
Many multicast overlay networks maintain application-specific performance goals such as bandwidth, latency, jitter and loss rate by dynamically changing the overlay structure using measurement- b...
https://www.cerias.purdue.edu/video/secsem/secsem_20061108.mp4
Systems are composed of multiple complex levels including the physical infrastructure, personnel or "humans-in-the-loop", administration policies and procedures, computers, networks, and the comm...
https://www.cerias.purdue.edu/video/secsem/secsem_20061101.mp4
A high-level security policy states an overall requirement for a sensitive task. One example of a high-level security policy is a separation of duty policy, which requires a sensitive task to be ...
https://www.cerias.purdue.edu/video/secsem/secsem_20061025.mp4
The falling cost and wide availability of electronic devices have led to theirwidespread use by individuals, corporations, and governments. These devices,such as computers, cell phones, digital c...
https://www.cerias.purdue.edu/video/secsem/secsem_20061018.mp4
Virus and worm attacks that spread through holes in popular consumersoftware emphasize the role the online public must play in preserving thesafety and integrity of the Internet. To protect the n...
https://www.cerias.purdue.edu/video/secsem/secsem_20061011.mp4
In outsourced content publishing, the data owner gives the content to a service provider who answers requests from users. Similarly, in outsourced databases, the data owner delegates a service pr...
https://www.cerias.purdue.edu/video/secsem/secsem_20061004.mp4
The secure information sharing problem is one of the oldest and most fundamental and elusive problems in information security. Mission objectives dictate that Information must be shared and made ...
https://www.cerias.purdue.edu/video/secsem/secsem_20060927.mp4
Are your security & IT controls really effective? Do you know how your security & IT operations compare to high performers? In this presentation, Gene Kim will share the work he has been doing ov...
https://www.cerias.purdue.edu/video/secsem/secsem_20060920.mp4
In this talk, we will see that malicious traffic flows such as denial-of-service attacks and various scanning activities can be visualized in an intuitive manner. A simple but novel idea of plott...
https://www.cerias.purdue.edu/video/secsem/secsem_20060913.mp4
Defending against attacks on a web application is by nature is complex process, one that must address everything from coding practices to user management to network architecture. This talk will d...
https://www.cerias.purdue.edu/video/secsem/secsem_20060906.mp4
We describe the detrimental effects of browser cache/ history sniffing in the context of phishing attacks, and detail an approach that neutralizes the threat by means of URL personalization; we r...
https://www.cerias.purdue.edu/video/secsem/secsem_20060830.mp4
The assurance of network security is dependent not only on the protocols but also on polices that determine the functional behavior of network security devices. Network security devices such as F...
https://www.cerias.purdue.edu/video/secsem/secsem_20060823.mp4
Invariably, new technologies introduce new vulnerabilities which, in principle, enable new attacks by increasingly potent adversaries. Yet new systems are more adept at handling well-known attack...
https://www.cerias.purdue.edu/video/secsem/secsem_20060426.mp4
Cryptology is typically defined as cryptography (the construction of cryptographic algorithms) and cryptanalysis (attacks on these algorithms). Both are important, but the latter is more fun. Cry...
https://www.cerias.purdue.edu/video/secsem/secsem_20060419.mp4
For large government agencies and corporations there can be significant value in the use of identity, access, and rights management infrastructures or IDM. The organizations investment in directo...
https://www.cerias.purdue.edu/video/secsem/secsem_20060412.mp4
In the days after Presidential Decision Directive 63 "Therminator: was born at NSA. This talk gives an overview of the applications of strategies from non-linear dynamics, complexity theory and e...
https://www.cerias.purdue.edu/video/secsem/secsem_20060405.mp4
The forgery of source IP addresses, called IP spoofing, is commonly exploited to launch damaging denial-of-service (DoS) attacks in the Internet. Currently proposed spoofing prevention approaches...
https://www.cerias.purdue.edu/video/secsem/secsem_20060329.mp4
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) has resulted in the presence of very descriptive privacy policies on healthcare websites. These policies are intended to no...
https://www.cerias.purdue.edu/video/secsem/secsem_20060322.mp4
Hierarchies arise in the context of access control whenever the set of users can be modeled as a set of partially ordered classes (i.e., represented as a directed graph). In such systems, a user ...
https://www.cerias.purdue.edu/video/secsem/secsem_20060308.mp4
Federated systems are an emerging paradigm for information sharing and integration. Such systems require access management policies that not only protect user privacy and resource security but al...
https://www.cerias.purdue.edu/video/secsem/secsem_20060301.mp4
Mobile ad hoc networks (MANETs) are collections of wireless mobile nodes with links that are made or broken in an arbitrary way. Communication is achieved via routes whose node relay packets. Sev...
https://www.cerias.purdue.edu/video/secsem/secsem_20060215.mp4
This talk examines formal concepts of digital forensic investigations. To date, the field has had an applied focus and little theory exists to formally define analysis techniques and requirements...
https://www.cerias.purdue.edu/video/secsem/secsem_20060208.mp4
Digital identity management technology is fundamental in customizing user experience, protecting privacy, underpinning accountability and compliance in today About the speaker: Abhilasha Bhargav-...
https://www.cerias.purdue.edu/video/secsem/secsem_20060201.mp4
Attacks on computer and other networked systems can be categorized as physical, syntactic and semantic. Physical attacks seek to destroy hardware, while syntactic attacks, such as computer worms ...
https://www.cerias.purdue.edu/video/secsem/secsem_20060125.mp4
In the nineties the disconnection between physical experience and the digital networked experience was celebrated - individuals are said to move into cyberspace, become virtual and leave the cons...
https://www.cerias.purdue.edu/video/secsem/secsem_20060118.mp4
This talk introduces cross-drive analysis (CDA), a new approach for performing analysis of forensic data sets that are too large or complex to be analyzed with today's existing tools. CDA works b...
https://www.cerias.purdue.edu/video/secsem/secsem_20060111.mp4
IP spoofing accompanies many malicious activities and is even means for performing reflector DDoS attacks. Route-based filtering (RBF) enables a router to filter spoofed packets based on their in...
https://www.cerias.purdue.edu/video/secsem/secsem_20051207.mp4
Secret Handshake is an authentication protocol with non-standard and strong anonymity property: Namely, the secrecy of the *affiliations* (i.e. the certificates) of party A who engages in this au...
https://www.cerias.purdue.edu/video/secsem/secsem_20051130.mp4
Access control in decentralized systems is an important problem that has not been fully understood, except perhaps that it should be based on credentials. There are mainly two research approaches...
https://www.cerias.purdue.edu/video/secsem/secsem_20051116.mp4
Trust negotiation is an emerging approach for establishing trust in open systems, where sensitive interactions may often occur between entities with no prior knowledge of each other. Although sev...
https://www.cerias.purdue.edu/video/secsem/secsem_20051109.mp4
About the speaker: Bryant has over 15 years of experience in the IT industry both as an entrepreneur and corporate executive and has successfully built 3 high tech companies. As the current Direc...
https://www.cerias.purdue.edu/video/secsem/secsem_20051026.mp4
As systems grow in size and complexity, our ability to protect them through manual intervention or static defenses degrades. We believe that, in addition to proper design principles and proactive...
https://www.cerias.purdue.edu/video/secsem/secsem_20051019.mp4
This talk considers security challenges facing the Internet's Domain Name System (DNS). The DNS is one of the most widely used and least secure Internet systems. Viirtually every Internet applica...
https://www.cerias.purdue.edu/video/secsem/secsem_20051005.mp4
Sensor networks are vulnerable to physical attacks. Once a node's cryptographic key is compromised, an attacker may completely impersonate it, and introduce arbitrary false information into the n...
https://www.cerias.purdue.edu/video/secsem/secsem_20050921.mp4
While considering all existing hazards for humans due to (a) natural disastrous events, (b) failures of human hazard attention or (c) intentional harmful behaviors of humans, we address the probl...
https://www.cerias.purdue.edu/video/secsem/secsem_20050914.mp4
This talk deals with practical issues of web application security, with an emphasis on open-source web service tools such as Apache, PHP, and MySQL. Recent exploits in widely-used open source web...
https://www.cerias.purdue.edu/video/secsem/secsem_20050907.mp4
Large-scale collaborative applications are characterized by a large number of users and other processing end entities that are distributed over geographically disparate locations. Therefore, thes...
https://www.cerias.purdue.edu/video/secsem/secsem_20050831.mp4
This lecture provides an introduction to biometric technologies. Various technologies will be examined, including iris, face, voice, dynamic signature, fingerprint, and keystroke dynamics. An ove...
https://www.cerias.purdue.edu/video/secsem/secsem_20050824.mp4
In order to protect individuals' privacy, the technique of k-anonymization has been proposed to de-associate sensitive attributes from the corresponding identifiers. In this work, we provide priv...
https://www.cerias.purdue.edu/video/secsem/secsem_20050427.mp4
Automated trust negotiation is an approach to authorization for open systems, i.e., systems where resources are shared across organizational boundaries. Automated trust negotiation enables open c...
https://www.cerias.purdue.edu/video/secsem/secsem_20050420.mp4
Proving ownership rights on outsourced relational databases is a crucial issue in today internet-based application environment and in many content distribution applications. In this talk, we will...
https://www.cerias.purdue.edu/video/secsem/secsem_20050413.mp4
Digital investigations have occurred in some form or another for many years, yet there is no scientific model of the process. After all, there are multiple ways and sequences in which evidence ma...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20050406.mp4
Software patching has not been an effective first-line defense preventing large-scale worm attacks, even when patches had long been available for their corresponding vulnerabilities. Generally, p...
https://www.cerias.purdue.edu/video/secsem/secsem_20050330.mp4
Lockheed Martin realizes that their newly hired college graduates are an investment in Lockheed Martin's future. As a result the Company looks out for their new college hires. Dr Cherry will talk...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20050323.mp4
Instruction Set Randomization (ISR) has been proposed as a promising defense against code injection attacks. It defuses all standard code injection attacks since the attacker does not know the in...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20050309.mp4
Much of the research in computer security, especially in digital forensics and intrusion detection, is concerned with retrieving and analyzing the information that is present on a system. In my t...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20050302.mp4
Public key cryptography is an indispensable part of most modern communication systems. However, quantum computers can break cryptosystems like RSA, which are based on About the speaker: Jintai Di...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20050223.mp4
The most commonly used intrusion detection system (IDS) performance metrics are detection rate and false alarm rate. From a usability point of view, a very important measurement is Bayesian detec...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20050209.mp4
I will present some new definitions and constructions for privacy in large databases. In contrast to conventional privacy mechanisms that aim to prevent any access to individual records, our tech...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20050202.mp4
In an open environment such as the Internet, the decision to collaborate with a stranger (e.g., by granting access to a resource) is often based on the characteristics (rather than the identity) ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20050119.mp4
In an ad hoc wireless network nodes not in direct range communicate via intermediate nodes. Thus, a significant concern is the ability to route in the presence of Byzantine failures which include...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20050112.mp4
Commercial web sites are more dependant than ever on being placed prominently within the result pages returned by a search engine to be successful. "Spam" web pages are web pages that are created...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20041208.mp4
Basing authorization on attributes of the resource requester provides flexibility and scalability that is essential in the context of large distributed systems. Logic programming provides an conv...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20041201.mp4
Many business transactions over the Internet involve the exchange of digital products between two parties -- electronic mails, digital audio and video, electronic contract signing and digital sig...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20041117.mp4
A key issue in computer system security is to protect information against unauthorized access. Emerging workflow-based applications in healthcare, manufacturing, the financial sector, and e-comme...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20041110.mp4
Syslog is the primary source of information about intrusion-related activity on a Unix system. Searching for known messages and patterns in syslog data is easy to do, and many tools are available...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20041103.mp4
The robustness testing method is based on systematic creation of a very large number of communication protocol messages containing exceptional data elements and structures simulating malicious at...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20041027.mp4
Most people now realize that computer security is hard. However, many people do not realize that creating a correct security policy is hard. Creating an accurate security policy is on the order o...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20041013.mp4
The Internet is uniquely and strategically positioned to address the needs of a growing segment of population in a very cost-effective way. It provides tremendous connectivity and immense informa...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20040915.mp4
Role-based access control (RBAC) has received considerable attention in recent years, resulting in several important theoretical models and increasing use in commercial products. Nevertheless, ro...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20040908.mp4
We describe the Diffie-Hellman key-exchange protocol and the Pohlig-Hellman cipher. We discuss discrete logarithms and the cryptanalysis of these two systems. We also describe the Mental Poker pr...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20020123.mp4
We discuss the history and basic facts of Information Theory and give simple applications to cryptography and data security. About the speaker: Before coming to Purdue, Professor Wagstaff taught ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20010822.mp4
Computer security takes on more importance as commerce becomes e-commerce and business embraces the Net. However, little progress has been made in the security field, especially when vendor techn...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20010110.mp4
The studies all say that 70% to 80% of information security incidents involve "insiders". However, today, it is becoming increasingly difficult to pinpoint exactly what we mean by an insider. Com...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20001108.mp4
Intrusion detection (ID) is an important component of infrastructure protection mechanisms. Intrusion detection systems (IDSs) need to be accurate, adaptive, extensible, and cost-effective. These...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20001011.mp4
About the speaker: Colonel Richard Stotts Bio Jerome Webb Mr. Jerome A. Webb is Chief of the Air Force Information Warfare Center's Computer Threat Analysis Section (AFIWC/IOAIC). IOAIC's mission...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20001004.mp4
What's wrong with today's Internet? If TCP/IP has won, what's left to be done? In truth, we've only just begun ... to understand the how the Internet is evolving, the impact of our staggering dem...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000920.mp4
Despite decades of advances in computer science and software engineering, our computing systems seem to be less and less trustworthy. Each week seems to bring new stories of computer viruses, inv...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000913.mp4
Resource-constrained devices are becoming ubiquitous. Examples include cell phones, palm pilots, and digital thermostats. It can be difficult to fit required functionality into such a device with...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000906.mp4
Information about the incidence of security breaches is difficult to obtain. Emergency situations are not favorable to the maintenance of records, the security breaches are embarrassing and possi...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000830.mp4
Information security, and the technologies that provide such security, are a very hot topic throughout the information technology and business communities today. This presentation opens with a co...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000823.mp4
In order for e-commerce and e-business to grow at the fullest extent possible, higher levels of trust and accountability need to become established. The corporate buyers who rely on reliable stru...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000428.mp4
In today's increasingly dependent and interdependent global information society, information assurance for systems is gaining tremendous importance. Individuals, governments, and societies are in...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000421.mp4
With the recent phenomenal growth of the availability and connectivity of computing resources and the advent of e-commerce, more valuable and private data is being stored online than ever before....
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000407.mp4
With the advent of mobile code (excutable programs that are carried on web pages and inside E-Mail) in everyday use, the capability to include malicious software without the recipient's knowlege ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000331.mp4
How can one automatically identify classified documents? This is a vital question for the Department of Energy (DOE), which is reviewing millions of classified documents for possible declassifica...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000225.mp4
The recent spate of attacks against Yahoo and other sites with large on-line presences brought denial-of-service attacks into the public consciousness. The methods used in these attacks make it v...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000218.mp4
In October of 1999, Denver based Space Imaging launched the world's first very-high resolution commercial satellite, IKONOS 2, into polar orbit around the earth. For the first time in history, su...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000211.mp4
This paper explores a promising interface between natural language processing (NLP) and information assurance and security (IAS). More specifically, it is devoted to possible applications of the ...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000204.mp4
Tripwire has a long history of openly available source, having been created at Purdue University in 1992 as a publicly available security tool. It has been created into an industrial strength too...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_20000121.mp4
Many security breaches are caused by inappropriate inputs crafted by people with malicious intents. To enhance the system security, we need either to ensure that inappropriate inputs are filtered...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_19991119.mp4
We will discuss a novel approach to building safeguards against denial of service attacks against communication protocols. Our approach involves changes to the relevant communication protocol sub...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_19991119.mp4
Information security is an inarticulate, incoherent, incomplete, incorrect folk art attempting to preserve confidentiality, integrity, and availability (CIA) of information from destruction, disc...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_19991112.mp4
This presentation will teach participants how to develop secure infrastructures in eCommerce by discussing security impacts to business applications, Netcentric security elements, and real storie...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_19991105.mp4
As use of information technology continues to expand, the need to identify and preserve electronic evidence becomes a paramount. Once strictly the domain of law enforcement agencies, computer for...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_19991029.mp4
This talk addresses the issue of reconciling the needs of law enforcement and national security with the continuing evolution of computer and communications technology. It will describe the needs...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_19991015.mp4
In the past several years there has been an explosive growth in digital imaging technology and applications. Digital images and video are now widely distributed on the Internet and via CD-ROM. On...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_19990910.mp4
Current research in information security at many labs are largely focused on traditional themes: firewalls, intrusion detection, cryptography, and computer viruses. However, there are other chall...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_19990903.mp4
Multicast routing is a service that provides for efficient many-to-many communication in a network. Traditionally, secure multicast protocols have used existing multicast routing services and rel...
https://www.cerias.purdue.edu/assets/video/secsem/secsem_19990827.mp4