The Americas Round 2014
The ‘CyberSecurity for the Next Generation’ conference will be hosted at Georgetown University, March, 31st-April, 2nd 2014.
Bachelor, Master and Ph.D. students from the following countries can participate in the Americas Round of the conference: United States of America, Canada and students from all Latin American countries.
Participation is free. Kaspersky Lab will cover all participants’ travel and accommodation expenses. By submitting a paper, participants give their consent for Kaspersky Lab to publish their work at www.academy.kaspersky.com
The best projects will be given awards and valuable prizes (1st place $1500, 2nd place $1000 and 3rd place $750) from Kaspersky Lab and the authors will be invited to attend the international ‘CyberSecurity for the Next Generation’ conference.
Paper Submission Process and Paper Format
Submissions should be made using our conference paper management system, details of which will be sent upon registration. Papers should be in Word (DOC), or Rich Text Format (RTF) only (i.e. other formats will NOT be accepted). If necessary, files may be compressed, using ZIP format only. The ZIP file must contain two documents, .DOC format – i.e. an abstract of your paper and your full paper. Papers that do not meet the formatting instructions will be returned to the authors for revision. We are unable to accept PDF or PS files.
Please download and read the strict formatting guidelines. Failure to do so will mean us having to return papers for proper completion.
In addition, please use the supplied document template to help conform to the guidelines.
The total length of the paper should not exceed ten pages, including all figures, tables and references. Hyperlinks should be removed from the paper for both email addresses and web pages.
Tuesday, April 1, 2014
|09:00-10:00||Guest Registration and WELCOME COFFEE|
|10:30 - 11:00||Security and Privacy in the Era of Targeted Attacks.|
|11:00 - 11:30||COFFEE BREAK|
|11:30-12:10||Cyber Inferno: Seven Circles. Q & A Session|
|12:10-13:00||From hacking for fun to Cyber-crime and Cyber-warfare, and how to stop it.|
|13:00-14:00||LUNCH BY INVITATION|
|14:00-14:15||Cyber Threat Concerns of Autonomous Vehicle Deployment.|
|14:15-14:30||ShadowReplica: Efficient Parallelization of Dynamic Data Flow Tracking.|
|14:30-14:45||NSA, The Market Maker.|
|14:45-15:00||Neural intrusion detection via anomalies in the packets stream from platoon distributed sources.|
|15:00-15:15||The Pathway to Security – Mitigating User Negligence.|
|15:45-16:00||The United States & Ethical Cyberwarfare.|
|16:00-16:15||How Small Federal Consulting Firms are Managing the Security Implications of the Federal Government's Movement of Data to the Cloud.|
|16:15-16:30||Toward Secure Firmware in the Internet of Things.|
|16:30-16:45||Cybersecurity: Does it Breach Democratic Values on Intelligence? An Examination of China’s Search Limitations vs. United States’ Freedoms and the Role of Hacking.|
|16:45-17:15||CyberSecurity in Healthcare.|
Wednesday, April 2, 2014
|9:00-10:00||Guest Registration and WELCOME COFFEE|
|10:00-11:15||Panel Discussion: "Bitcoin and other Crypto-currencies - Will they thrive once regulated?"|
|11:45-12:15||Higher Ed: The New Frontlines of the Data Security Battlefield.|
|12:15-12:45||What do I want to be when I grow up?|
|12:45-13:00||Kaspersky LifeJourney video trailer|
|13:00-14:00||LUNCH BY INVITATION|
Cybersecurity: Does it Breach Democratic Values on Intelligence? An Examination of China’s Search Limitations vs. United States’ Freedoms and the Role of Hacking
Cyber security is becoming a problem on a national and global scale, and affects both public and private organization and citizens. In China, the restriction of information by the government may lead to civilian revolts due to the censorship and falsification of information. The United States government is currently trying to determine what information should be limited to their public and whatinformation should be made available. In 2012, Cyber security was officially addressed as a growing topic of concern to the United States Department of Defense. There are a number of problems associated with Cyber security. Cyber criminals are another growing problem as they continue to steal private information from governments and their citizens, as well as being potential terrorist threats and relocation of money from businesses worldwide
Georgetown University, Washington D.C.
Toward Secure Firmware in the Internet of Things
Georgetown University, Washington D.C.
How Small Federal Consulting Firms are Managing the Security Implications of the Federal Government's Movement of Data to the Cloud
Georgetown University, Washington D.C.
The United States & Ethical Cyberwarfare
The deployment of Stuxnet was an apparent application of an act-utilitarian Just War Theory approach to the threat imposed by the Iranian Nuclear Program. Just War Theory cannot stand alone as the ethical compass for information warfare. The incorporation of Kantian Duty-Based ethics may fill the gaps that Just War Theory misses.
Lipscomb University, Nashville, Tennessee
The Pathway to Security – Mitigating User Negligence.
Through the use of effective training techniques and exercises, employees and users can be educated on how to make safe Information Security decisions. It is critical to the success of a total Information Security Program that users are trained properly as they are a major layer of defence against malicious intent. The current methods of training people about InfoSec are failing and the number of user related breaches increases every year. Through effective training practices, user negligence can be mitigated and controlled and the Information Security Program can be better practiced throughout entire organizations.
University of Ottawa
Neural intrusion detection via anomalies in the packets stream from platoon distributed source
Neural intrusion detection via anomalies in the packets stream from platoon distributed sources Intrusion into computer network may sufficiently distort the existng statistical distribution of packet’s streams there. This in turn creates the ground to detect such occurances via monitoring parameters of the packet streams. Here the neural approach for acquiring the statistical distribution patterns of the packet flow is explored and based on that the anomaly detector is designed, capable of in-situ detection of the anomalous changes in statistical patterns, which are attributed to possible intrusions into network. As a basis for anomaly detector, constructed is a neural predictor consisting of 2 layers MLP.The experiments are conducted of parameters optimization for the neural predictor, designed to forecast the packet arrivals from a single source exhibiting platoon distribution of activity. Demonstrated is the ability of neural predictor to learn on-line and forecast the internet traffic generated by a single source with platoon distribution of the activity. To enhance the efficiency of the on-line training, the complimentary off-line training is introduced during the inter-packet time slots. Quantitatively, the intensity for off-line training is characerized by the repetition rate RR for the off-line training embedded into on-line forecasting mode. Optimization of parameters resulted in value of learning rate =0.00007. The RR is found to be optimal in the range 999 < RR < 9999 for the simulated source. Significant deviation from that region leads to reduction of the achieved forecasting RMSE. Best achieved RMSE is currently in the range of 1.7 – 1.8 for the RR=999. The anomaly associated with intrusion is detected as abrupt change in the accuracy of the predicted arrival time for the acket flow.
Georgetown University, Washington, D.C.
NSA, The Market Maker
Revelations of the National Security Agency’s domestic surveillance programs have galvanized corporations, start-ups, and unaligned individuals in an effort to better secure digital communication. While some clamor for the curtailment of the NSA operations in whole, a more realistic though mercenary view would better benefit cybersecurity in the coming years. The American government will continue to push and break existing security technology in a never-ending war to fight terrorism via intelligence collection, which occasionally will require intrusions into private corporate user data. Instead of denying this reality, the cybersecurity industry would be strengthened by embracing the unremitting competition and challenge to stay one step ahead. With new technologies to introduce to the market, these same beleaguered companies will increase their own economic power, industry stature, and the security of the data entrusted to them by billions of users worldwide.
Columbia University, New York
ShadowReplica: Efficient Parallelization of Dynamic Data Flow Tracking
Dynamic data flow tracking (DFT) is a technique broadly used in a variety of security applications that, unfortunately, exhibits poor performance, preventing its adoption in production systems. We present ShadowReplica, a new and fficient approach for accelerating DFT and other shadow memory-based analyses, by decoupling analysis from execution and utilizing spare CPU cores to run them in parallel. Our approach enables us to run a heavyweight technique, like ynamic taint analysis (DTA), twice as fast, while concurrently consuming fewer CPU cycles than when applying it in-line. DFT is run in parallel by a second hadow thread that is spawned for each application thread, and the two communicate using a shared data structure. We avoid the problems suffered by previous approaches, introducing an off-line application analysis phase that utilizes both static and dynamic analysis methodologies to generate optimized code for decoupling execution and implementing DFT, while it also minimizes the amount of information that needs to be communicated between the two threads. Furthermore, we use a lock-free ring buffer structure and an N-way buffering scheme to efficiently exchange data between threads and maintain high cache-hit rates on multi-core CPUs. Our evaluation shows that ShadowReplica is on average 2.3× faster than in-line DFT (∼2.75× slowdown over native execution) when running the SPEC CPU2006 benchmark, while similar speed ups were observed with command-line utilities and popular server software. Astoundingly, ShadowReplica also reduces the CPU cycles used up to 30%.
Amritpal K. Rai, Girum Tessema and Michael Ward
Georgetown University, Washington, D.C.
Cyber Threat Concerns of Autonomous Vehicle Deployment
The first prize and the best presentation prize go to Danny Brothers for ” NSA, The Market Maker"
The second prize goes to Kangkook Jee for “ ShadowReplica: Efficient Parallelization of Dynamic Data Flow Tracking”
The third prize goes to Sarah Nance for “The Pathway to Security – Mitigating User Negligence”
Head, Global Research & Analysis Team, Kaspersky Lab
Ryan Naraine joined Kaspersky Lab in 2008 as a Security Evangelist. In March 2013, he was appointed Head of Kaspersky Lab’s Global Research & Analysis Team in the United States. Ryan has extensive experience in computer security user education. He specializes in operating system and third-party application vulnerabilities, zero-day attacks, social engineering and social networking threats, and issues related to responsible vulnerability disclosure. He has monitored security and hacker attack trends for over 10 years, writing for eWEEK magazine and ZDNet’s Zero Day blog. Before joining Kaspersky Lab’s Global Research & Analysis Team, Ryan created and managed Threatpost.com, Kaspersky Lab’s security news service.
Assistant Professor, Stevens Institute of Technology
Georgios Portokalidis is an assistant Professor in the Computer Science Department at Stevens Institute of Technology, in Hoboken, New Jersey. He obtained his doctorate degree in Computer Science from Vrije Universiteit in Amsterdam, while he also holds an MSc from Leiden University and a BSc from University of Crete. His research interests are mainly around the area of systems security, but extend to networking, operating systems, virtualization, and data privacy. His work focuses on improving the security of existing software on commodity systems, and using virtualization to retrofit software with protection mechanisms. More recently, he has been involved with improving
software reliability and availability, mobile device security, and privacy issues in mobile devices and the cloud. He has authored numerous papers in high impact conferences, including ACM CCS, ACM EuroSys, Usenix Security, and ACSAC.
He has also been involved in several projects funded by the EU, DARPA, IARPA and NSF, and he has received funding through IARPA. He has served in committees of various conferences, including ACSAC, SEC, and EuroSec, while he regularly reviews for journals, like ACM Transactions of Information and System Security, IEEE Transactions on Reliability, etc.
Dr. Stephano Ortolani
Education Initiatives Manager, Kaspersky Lab
Stefano Ortolani joined Kaspersky Lab in 2012 as Security Researcher. Since then his responsibilities have included conducting scientific research in collaboration with universities and governmental agencies. His research interests comprise intrusion detection, malware analysis, systems security, and communications privacy. Prior to joining Kaspersky Lab, since 2008 Stefano worked as a Systems Security Researcher at Vrije Universiteit Amsterdam, The Netherlands. As Ph.D. Candidate, he published a number of papers in international conference proceedings, as well as in international journals; he later earned his Ph.D. by successfully defending his dissertation titled "Keylogger Detection and Containment". Stefano also holds an MSc in Computer Science awarded summa cum laude from the Ca' Foscari University of Venice, Italy
Dr. Beverly Magda
Associate Dean & Interim Executive Director, Georgetown University School of Continuing Studies
Dr. Magda is the Associate Dean for the Technology Management master’s degree program and also serves as the Interim Executive Director for the Systems Engineering Management degree program at the Georgetown University School of Continuing Studies. Dr. Magda has over 20 years’ experience in the technology field that includes IT initiatives at organizations such as the Humane Society of the United States and Johns Hopkins University, in addition to her industry consulting. Her experience includes IT strategic planning, IT and telecommunications infrastructure planning and design, disaster recovery and business continuity planning, security and PCI compliance, and enterprise-wide software and hardware implementations.
Principal Security Researcher, Kaspersky Lab
Roel joined Kaspersky Lab in 2004 as a Senior Research Engineer for the Benelux region. Currently he's a Principal Security Researcher in Kaspersky Lab's Global Research & Analysis Team based out of New York City. Roel is responsible for monitoring the regional malware situation and in-depth analysis of cyber incidents. Roel focuses on targeted attacks including, but not limited to, cyber-espionage and cyber-sabotage operations. In addition, Roel also investigates new platforms and technologies.
Roel is a regular presenter at industry conferences. He is a member of the Computer Anti-Virus Research Organization and a founding member of the Anti-Malware Testing Standards Organization (AMTSO). Roel currently serves as part of AMTSO's Board of Directors.
Freelance Security Reporter
Fahmida Rashid is an analyst for networking and security at PCMag.com and a contributing writer for Security Week. She has experience writing about and reviewing security, core Internet infrastructure, open source, networking, and storage. Before setting out her journalism shingle, she spent nine years as a help-desk technician, software and Web application developer, network administrator, and technology consultant.
Georgetown University SCS Faculty
Author of Above the Clouds: Managing Risk in the World of Cloud Computing, McDonald is a Technology Fellow for ICF International’s Enterprise Security and Solutions Division in Washington, DC. He specializes in Cyber Security, Health Data Privacy, Cloud Computing and Data center optimization.
He is a member of the IAC-ACT Cloud Computing in Government committee and the Northern Virginia Technology Center, Data Center and Critical Infrastructure Task Force and serves on the board of the Project Management Institute Washington DC Chapter as the Vice President of Technology.
He has published work on a wide array of topics ranging from Cloud Project management to Greening the Enterprise. He graduated with honors from the University of Georgetown SCS Technology Management MPS program. He holds certifications in Cyber Security, Risk Management, Auditing, Business Continuity and Project Management and now serves on the faculty of the University of Georgetown leading graduate studies on Cyber Security Compliance, Forensics, Cloud Computing, Health Informatics and Big Data.
Guest Registration is open
Submissions Deadline: Friday 28th February 2014 Notification Deadline: Friday 7th March 2014