PLANNED TALKS

Learn how to automate your systems, how to build chat bots and the future of deep learning. Explore the applications of machine learning, NLP, and computer vision transferring Neural Network know-how from academia to architects

WORLD'S BIGGEST CYBERSECURITY ONLINE
CONFERENCE FOR DEVELOPERS

CYBERSECURITY WITH THE BEST

50+ SPEAKERS - 2 DAYS - 2 TRACKS
14-15 October 2017
Location: Online
Access platform

4 TRACKS

Machine Learning AI Online With The Best Conference

1

MACHINE LEARNING RESEARCH
Machine and Deep Learning Fundamentals, implementation and new modelling strategies for your frameworks straight from the labs.
Chatbot online developer AI conference

2

DEEP LEARNING,
NLP & CHATBOTS
Detection, tracking & integration tips for robots, drones & autonomous vehicles. Leverage conversational architecture with bot-builders and a slick UX.
Computer Vision online developer AI conference

3

APPLIED AI: STARTUPS, INDUSTRY & SOCIETY
Discover the applications of AI from startups and industry, what it takes to manage an AI company and the impacts on society with this technology.
Platform and Programme Demos online developer AI conference

4

DEMOS & TUTORIALS
Be the first to discover the algorithms, APIs, platforms and tools enabling AI tech with these hands-on sessions, demos and workshops.

FEATURED SPEAKERS

Featured SPEAKERS

Max Bazaliy
Security Researcher, Lookout
Max is a Security Researcher with more than ten years of experience in areas as reverse engineering, software security, vulnerability research and advanced exploitation. Max was a lead security researcher at Pegasus iOS malware investigation. Max is author of various jailbreaks for iOS\tvOS\watchOS.
Raj Samani
Fellow & Chief Scientist, McAfee
Raj Samani is a McAfee Fellow and Chief Scientist at McAfee. His prior roles include VP and Chief Technology Officer, EMEA, at Intel Security/McAfee and Chief Information Security Officer for a large public-sector organisation in the United Kingdom. A leading international cybercrime expert, Samani has assisted multiple law enforcement agencies in cybercrime cases, and is special advisor to the European Cybercrime Centre (EC3/EUROPOL). Samani volunteers as the Cloud Security Alliance EMEA Strategy Advisor, and is on the advisory councils for Infosecurity Europe and Infosecurity Magazine. Samani has published numerous security papers and is the author of 'Applied Cyber Security and the Smart Grid'. Raj Samani is a sought-after speaker and regularly appears on television commenting on the top IT security issues driving headlines today. Samani’s recent speaking engagements include Mobile World Congress and RSA.
Patrick McDaniel
Distinguished Professor, Penn State
Patrick McDaniel is the William L. Weiss Professor of Information and Communications Technology and Director of the Institute for Networking and Security Research in the School of Electrical Engineering and Computer Science at the Pennsylvania State University. Professor McDaniel is also a Fellow of the IEEE and ACM and serves as the program manager and lead scientist for the Army Research Laboratory's Cyber-Security Collaborative Research Alliance. Patrick's research centrally focuses on a wide range of topics in computer and network security and technical public policy. Prior to joining Penn State in 2004, he was a senior research staff member at AT&T Labs-Research.
Robert M. Lee
Founder & CEO, Dragos Inc.
Robert M. Lee is the CEO and Founder of the industrial (ICS/IIoT) cyber security company Dragos, Inc. He is also a non-resident National Cybersecurity Fellow at New America focusing on policy issues relating to the cyber security of critical infrastructure. For his research and focus areas, Robert was named one of Passcode’s Influencers, awarded EnergySec’s Cyber Security Professional of the Year (2015), and inducted into Forbes’ 30 under 30 for Enterprise Technology (2016). A passionate educator, Robert is the course author of SANS ICS515 – “ICS Active Defense and Incident Response” with its accompanying GIAC certification GRID and the lead-author of SANS FOR578 – “Cyber Threat Intelligence” with its accompanying GIAC GCTI certification. Robert obtained his start in cyber security in the U.S. Air Force where he served as a Cyber Warfare Operations Officer. He has performed defense, intelligence, and attack missions in various government organizations including the establishment of a first-of-its-kind ICS/SCADA cyber threat intelligence and intrusion analysis mission. He may be found on Twitter @RobertMLee

SPEAKERS

Yanick Fratantonio
Yanick Fratantonio
PhD Candidate, UCSB
Yanick Fratantonio is an Assistant Professor at EURECOM. He earned his Ph.D. in Computer Science at University of California, Santa Barbara. His research focuses on mobile security and it spans areas such as malware detection, vulnerability analysis, and system security. His recent works include Cloak & Dagger, Drammer, and ultrasonic cross-device tracking. He was awarded the Distinguished Practical Paper Award at IEEE S&P 2017 and a Pwnie award for the “Best Privilege Escalation Bug”. In his free time, he enjoys playing and organizing Capture The Flag competitions with the Shellphish hacking team. He is @reyammer on Twitter.
David Freeman
David Freeman
Anti-Abuse Engineer, Facebook
David Freeman is a research scientist/engineer at Facebook working on spam and abuse problems. He previously led anti-abuse engineering and data science teams at LinkedIn, where he built statistical models to detect fraud and abuse and worked with the larger machine learning community at LinkedIn to build scalable modeling and scoring infrastructure. He is an author, presenter, and organizer at international conferences on machine learning and security, such as NDSS, WWW and AISec, and is currently writing (with Clarence Chio) a book on Machine Learning and Security to be published by O'Reilly. He holds a Ph.D. in mathematics from UC Berkeley and did postdoctoral research in cryptography and security at CWI and Stanford University.
Joseph Bonneau
Joseph Bonneau
Technology Fellow, Stanford
Joseph is a researcher at the Applied Crypto Group at Stanford University and a Technology Fellow at the Electronic Frontier Foundation. His research has spanned a variety of topics in cryptography and security including HTTPS and web security, passwords and authentication, cryptocurrencies, end-to-end encrypted communication tools, and side-channel cryptanalysis. He holds a PhD from the University of Cambridge and BS and MS degrees in computer science and cryptography from Stanford University. He has previously worked as a researcher at Princeton University and as engineer at Google, Yahoo! and Cryptography Research, Inc.
Jinan Jaber
Jinan Jaber
Director Biz Dev, AppGuard
Jinan Jaber is the EVP of Cybersecurity and Strategy of Telo Consulting. Mrs. Jaber has over 16 years of progressive cybersecurity and leadership experience. She is a frequent participant at national conferences, as a cyber thought leader and subject-matter expert. Jinan has extensive knowledge of advanced cyber attacks and threat actors’ techniques, tactics and procedures (TTPs). She has broad experience across security disciplines, including cybersecurity and emerging threats, mobile application security, fraud protection and behavioral analysis, deep and dark web intelligence, phishing, reputation management and brand protection, and insider threat protection. The spectrum of her experience and her applied focus give her a unique insight into the issues that can plague the operationalization of cybersecurity and threat intelligence initiatives. Jinan holds a Masters of Business Administration degree from George Mason University.
Nicolas Papernot
Nicolas Papernot
Google PhD Fellow in Security, Penn State
Nicolas Papernot is a PhD student in Computer Science and Engineering advised by Dr. Patrick McDaniel at the Pennsylvania State University. His research interests lie at the intersection of computer security and deep learning. He is supported by a Google PhD Fellowship in Security. In 2016, he received his MS in Computer Science and Engineering from the Pennsylvania State University and his MS in Engineering Sciences from the École Centrale de Lyon.
Regine Bonneau
Regine Bonneau
Founder & CEO, RB Advisory LLC
Regine Bonneau is a leading expert on cyber security, risk management and compliance. Her career spans 20 years with a focus on technology and processes in the healthcare, financial and energy sectors. Ms. Bonneau is the Founder of RB Advisory LLC, which provides cyber risk management, security assessments, compliance services, forensic audits and privacy consultations for private sector and government clients. She is a sought after speaker and holds leadership roles in several technology industry associations. Ms. Bonneau has been featured in the Orlando Sentinel, the Orlando Business Journal and other prominent publications. Areas of expertise: Risk management, Cyber Risk Management, compliance, cyber security, systems and technology, product development, anti-money laundering (AML) risk and control, business continuity, training and education.
Vinod Vasudevan
Vinod Vasudevan
CTO, Paladion
Vinod Vasudevan is the co-founder and CTO of Paladion. He has over 20 years of experience in the technology and information risk management domain. He is responsible for establishing the company’s technology and services vision, and leading all aspects of the company’s technology development. As the CTO at Paladion, Vinod has serviced large enterprise organizations across the globe for setting up integrated risk management systems, and for streamlining system based operations. Vinod regularly presents in leading global cyber security forums and conferences. He sits on the expert panel of industry consortiums. He is the lead author of the book “Application Security in the ISO 27001 Environment” from IT Governance, UK. Vinod is also the co-author of “Enhancing Computer Security with Smart Technology” published by Auerbach. He is a CISSP.
Tudor Dumitras
Tudor Dumitras
Assistant Prof, U of Maryland
Tudor Dumitraș is a professor in the Electrical & Computer Engineering Department at the University of Maryland, College Park. His research is in the area of data-driven security: he conducts empirical studies of adversary behavior, he builds machine learning systems for detecting malware and attacks, and he investigates the security of machine learning in adversarial environments. He also has a good knowledge of the security industry, having worked for 2.5 years at Symantec Research Labs. In his most cited paper he measured how long zero-day attacks go on undiscovered in the wild. His research has been widely cited in the media, for example in The Economist, the MIT Technology Review, Forbes, and The Register.
Candan Bolkubas
Candan Bolkubas
CTO, Normshield
Candan Bolukbas is digital polymath and Certified Ethical Hacker. Candan fully appreciates the growing threat to digital communications and data accumulation which affects all of us. He is co-founder and chief technology officer for NormShield, Inc., a McLean-based “security-as-a-service solutions” company. Candan and NormShield’s primary focus is on cyber threat intelligence, vulnerability management and perimeter monitoring. Candan is responsible for the technical direction and innovation of NormShield products. Besides being a certified Ethical Hacker, he is a certified secure programmer, certified incident handler and a certified computer hacking forensic investigator. He has more than ten years of experience working with data protection and information security standards and technologies including business continuity, data-loss protection, data privacy, disaster recovery, encryption, enterprise architecture, firewalls, intrusion detection and prevention systems, penetration testing, physical security, security event management and vulnerability scanning. Candan has a BS degree in Computer Engineering and he has been developing security products, performing penetration testing & forensic analysis, and providing cyber security training. Certifications: CCNA, CCNP, CHFI, ECSP, MCSA, ECIH, CEH, LPT. Candan worked for both public and private sectors for many years and strong supporter of human rights, freedom and privacy.
Eric Lawrence
Eric Lawrence
Software Engineer, Google Chrome
Eric Lawrence (@ericlaw) is a Software Engineer on the Google Chrome Security team, helping bring HTTPS to every site on the web. Prior to Google, Eric spent a decade building browsers and websites for Microsoft, and was best known as the original developer of the Fiddler web debugging platform. Eric blogs about security and software development at https://textslashplain.com/.
Mathias Payer
Mathias Payer
Assistant Professor, Purdue
Mathias Payer is a security researcher and an assistant professor in computer science at Purdue university leading the HexHive group. His interests are related to system security, binary exploitation, user-space software-based fault isolation, binary translation/recompilation, and (application) virtualization. His research focuses on protecting applications even in the presence of vulnerabilities, with a focus on memory corruption. Before joining Purdue in 2014 he spent two years as PostDoc in Dawn Song's BitBlaze group at UC Berkeley. He graduated from ETH Zurich with a Dr. sc. ETH in 2012. The topic of his thesis is related to low-level binary translation and security. He analyzed different exploit techniques and wondered how we can enforce integrity for a subset of data (e.g., code pointers). All prototype implementations are open-source. In 2014, he started the b01lers Purdue CTF team. Some of his random ramblings on security-related topics are published on a security blog . You can find his publications under Publications or on Google scholar .
Juan Cabarello
Juan Cabarello
Assistant Research Professor, IMDEA
Juan Caballero is an Associate Research Professor at the IMDEA Software Institute in Madrid, Spain. His research focuses on security issues in systems, software, and networks. One of his focus is the analysis of malware and cyberattacks. He received his Ph.D. in Electrical and Computer Engineering from Carnegie Mellon University, USA and was a visiting student researcher at University of California, Berkeley for two years. His research regularly appears at top security venues and has won two best paper awards at the USENIX Security Symposium and the DIMVA Most Influential Paper 2009-2013 award. He is an Associate Editor for ACM Transactions on Privacy and Security (TOPS). He has been in the technical committee of venues such as IEEE S&P, ACM CCS, USENIX Security, NDSS, WWW, RAID, and DIMVA. He has been program chair or co-chair for the Annual Computer Security Applications Conference (ACSAC, 2017), the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA, 2016), the Digital Forensics Research Symposium (DFRWS, 2014 & 2013), the European Workshop on Systems Security (EuroSec, 2015 & 2014) and the International Symposium on Engineering Secure Software and Systems (ESSoS, 2015 & 2016).
David Puron
David Puron
SVP Engineering, Silent Circle
David Puron is a telecommunications engineer, serial entrepreneur and maker, with more than 20 years of experience working with technology. He started his career as software developer and international standards delegate in the telco carrier Telefonica, where he had a rapid promotion getting to be the Open Mobile Alliance Requirements Group Chairman for two years. He jumped in 2009 to the device manufacturer side, working in big companies - such as Huawei - and startups - such as Geeksphone. In 2014, David co-founded the joint venture "Blackphone", the first privacy oriented mobile device manufacturer that won the TIME Magazine's Best 25 Inventions of 2014, Best of MWC 2014 Award by PC Magazine and Top 10 Breakthrough Technologies 2014 by MIT Technology Review among other awards. In the recent years, David has become more and more active in the Internet of Things ecosystem, and currently he is running TipTap Labs as Managing Director and CTO. TipTap Labs is a software development company specialized in secure connected devices, including IoT, wearables and smartphones.
Brian Kelley
Brian Kelley
CTO, Ohio Turnpike and Infrastructure Commission
Brian Kelley is in his 27th year at Portage County where he has served in the capacity of Chief Information Officer for the past 26 years. He is responsible for the County’s enterprise-wide information technology operations spanning 18 elected officials, over 30 departments, and 700+ users. Under his leadership, Portage County has received international, national, state, and regional recognition for highly successful enterprise-wide IT projects. Brian earned his Master of Public Administration Degree from Kent State University. He completed the Certified Government Chief Information Officer Program at the University of North Carolina at Chapel Hill. Brian is an adjunct professor in the Political Science Departments at Kent State University where he teaches a public sector IT management , e-governance, and strategic planning online graduate courses and undergraduate police role and interviewing course in Sociology. He is also a senior lecturer at the University of Akron where he teaches an undergraduate course in computer and information security. Brian spent fifteen years as a commissioned special deputy sheriff at Portage County, OH, and performed computer forensics and conducted cyber-related investigations. He is currently sector chief for higher education with the Northeast Ohio InfraGard Chapter sponsored by the FBI and he is a member of the Cleveland Electronic Crimes Taskforce sponsored by the Secret Service.
Tyler Moffitt
Tyler Moffitt
Sr Threat Research Analyst, Webroot
Tyler Moffitt is a Senior Threat Research Analyst with Webroot, Inc. He has been with Webroot since 2010 working as a key member of the Threat Research team, immersed deep within the world of malware. Tyler is focused on improving the customer experience through his work directly with malware samples, creating antimalware intelligence, writing blogs, speaking at conferences, and testing in-house tools. Tyler has a passion for hands on learning as he spends his time gathering samples from the wild to test and improve Webroot capabilities to handle the latest malware threats.
Julia Ellefson
Julia Ellefson
VP of Development, Mkacyber
Julia Ellefson has over 17 years of software development experience in variety of industries, with nearly a decade of experience in development for the cybersecurity industry. Ms. Ellefson currently serves as Vice President of Development at MKACyber where she is responsible for leading the development of MKACyber technologies. Previously Ms. Ellefson worked at Concept Solutions leading the development of an enterprise level cyber-focused Incident Management system for a Federal client. Her work ranged from designing, coding, testing, and implementing several Web 2.0 Oracle applications. Preceeding her work at Concept Solutions, Ms. Ellefson held software engineering roles at both Citizant and Verizon. Ms. Ellefson holds Bachelor of Science, Mathematics.
Max Bazaliy
Max Bazaliy
Security Researcher, Lookout
Max is a Security Researcher with more than ten years of experience in areas as reverse engineering, software security, vulnerability research and advanced exploitation. Max was a lead security researcher at Pegasus iOS malware investigation. Max is author of various jailbreaks for iOS\tvOS\watchOS.
Arthur Edelstein
Arthur Edelstein
Developer, Tor Browser.
Arthur Edelstein is a programmer for the Tor Project. He works on the team that develops Tor Browser and contributes features to prevent tracking of users, improve browser security, and enhance the user experience. He also collaborates closely with a team at Mozilla working to bring Tor Browser anti-tracking features to Firefox.
Abhijitt Mukharjji
Abhijitt Mukharjji
CyberZest Pty Ltd.
A Digital Security Evangelist, working in the domain of Information Security for past 11 years with the experiences spanning across working with Knowledge Processing Industry, Technology Conglomerates, ISVs and Financial Entities delivering range of Security Solutions and Framework for Information Security, Cyber Security and IPR protection. Over all an explicit career in IT and Information Security of over 20 years. A continuous learner, researcher, blogger and a traveller who has worked and travelled across 34 countries. Originally from New Delhi, India and now based in Sydney, Australia where he is managing the security of an International Bank. His list of qualifications entails an Honours in Bachelors of Commerce with specialisation in Tax Planning and Financial Management,MCA, MBA from IIM Calcutta, India, LLB, PGD in Cyber Laws and IPR Management from Indian Law Institute, New Delhi along with other Industry certifications like CISSP, CISA, ISO27001 LI, CPISI PCI DSS, CEH, CHFI, Six Sigma, ITIL, PMP, PRINCE2.
Khadir Fayaz
Khadir Fayaz
VP, Global Security Strategy, Engineering and Architecture, Pearson
Khadir Fayaz is a recognized Cyber Security Executive Leader with more than 16 years of experience in driving large scale technology security initiatives, cyber resiliency programs and risk management. Experience includes Financial, FMCG, Education, Manufacturing, Technology Consulting and Hospitality/Travel industries requiring on demand adaptability, high availability, and secure architecture. Currently employed with Pearson as a VP, Global Security Engineering and Architecture.
Abbas Kudrati
Abbas Kudrati
Chief Information Security Officer, KPMG AUS
Abbas Kudrati is the chief information security officer for KPMG Australia, responsible for managing cybersecurity policies, standards, and best practices to protect the firm’s information systems. He has more than 20 years of working experience with cross-functional sectors of cyber security, information security and information risk management, with skills in cyber security strategy, information security management, ethical hacking, cloud and BIG Data security, IT contingency planning, information system security auditing and compliance in various industries including government, Big 4 consulting, banking, financial, telecommunications and education sectors. He is a frequent speaker at external conferences, events and local universities on the topics of cyber and information security. He is a Certified Chief Information Security Officer (C|CISO), Certified Information Security Manager (CISM) and a Certified Information Systems Auditor (CISA), among other professional certifications.
Shawn Riley
Shawn Riley
Chief Data Officer & Cybersecurity Scientist, Champion Technology Company Inc.
A recognized thought leader in the defense and intelligence communities, Shawn Riley, Executive Vice President at The Center for Strategic Cyberspace and Security Science, brings over 25 years of cyber security, all source cyber threat intelligence, and artificial intelligence experience with an unparalleled understanding of the pitfalls that overtake modern security teams.
Lonnie Benavides
Lonnie Benavides
Head of Cybersecurity Active Defense, McKesson
Lonnie was formerly the Senior Director of Security Operations at Docusign, and he has over 20 years of information security experience. In 2007, he was part of a hand picked Air Force red team that took over The White House network in two hours. Lonnie then led the Application Security Team at Washington Mutual and also created the Red Team at Boeing. He is an expert in security operations, enterprise security assessment strategy and vulnerability management.
Moty Cristal
Moty Cristal
CEO, NEST Negotiation Strategies
Moty Cristal is the founder of NEST Group and the CEO of NEST Consulting. Following an illustrious career as one of Israel's leading negotiation experts, Cristal established NEST in order to bring a unique systemic approach to the world of negotiation and the benefit of his experience and success to the private and public sector. From 1994 to 2001, Mr. Cristal served in various official capacities in Israel's negotiation teams with Jordan and the PLO, and experienced years of intense negotiations. Since 2001, Mr. Cristal advises, consults and trains business people, top managers, CEOs and senior government officials in US, Europe (UK, France, Spain, Germany, Austria, Serbia, Greece, Italy) Russia and CIS and Asia (China, Singapore, Sri-Lanka, Australia and New Zealand) in analyzing, planning and designing complex negotiation processes. His experience extends to the energy, construction, financial, technological, pharmaceutical, industrial, transportation and aeronautical sectors, and varies from complex deal-making negotiations, business cross-cultural disputes, union-management conflicts, post-merger integration, project integration and project management to business and national crisis management. Cristal is a Lt. Col. (Res.) in the Israeli Defense Forces, with extensive operational experience in crisis negotiation and crisis management, within the physical and the virtual worlds. He is a Professor for Negotiation Dynamics at SKOLKOVO, Moscow's leading Business School, as well as a lecturer at Hebrew University in Jerusalem, the Lauder School of Government at and the Arison Business School at the Interdisciplinary Center in Herzelia. Mr. Cristal commentates and writes regularly on the international media, international conferences and academic publications on negotiation processes and crisis interventions. (See recent profile article: http://www.haaretz.com/weekend/magazine/.premium-1.556814) Graduated Bar-Ilan Law School in Israel (1994), and Harvard Kennedy School of Government (1998), Mr. Cristal is also a doctoral researcher at the London School of Economics. Personal email: cristalm@nest-consulting.net
Gib Soreno
Gib Soreno
Chief Cybersecurity Strategist , Leidos
Gib Sorebo is a Chief Cybersecurity Technologist for Leidos where he develops strategy and solutions, leads large cybersecurity captures, and provides subject matter expertise to commercial and government customers. He has been working in the cybersecurity industry for more than twenty years in both the public and private sector. In addition to federal and state governments, Gib has done security consulting and led professional services teams in the financial services, healthcare, and energy sectors. He also recently co-authored a book on Smart Grid Security that was published in December 2011.
Yan Shoshitaishvili
Yan Shoshitaishvili
PhD Candidate, UCSB
Yan Shoshitaishvili is a Assistant Professor of Computer Science at Arizona State University. Over much of the last decade, he has pursued techniques in the automation of Computer Security, building frameworks (angr.io) and whole systems (shellphish.net/cgc) to enable the assistance of security researchers by autonomous systems. He route to Computer Security involved accidental buffer overflows in C code written in elementary school, hacking his friends for fun in high school, protecting networks in college, and competing in cybersecurity competitions with his team, Shellphish.
Jen Tong
Jen Tong
Developer Advocate, Google Cloud
Jen is a Developer Advocate on Cloud at Google. In this role she helps developers build cool stuff on all sorts of platforms. Previously she worked in a wide variety of software roles from robotics at NASA, to developer advocacy for Google Glass. She is passionate about education, especially on the subjects of technology and science. If she’s away from her laptop, she’s probably skating around a roller derby track, or hanging from aerial silk.
Marudhamaran Gunaseka
Marudhamaran Gunaseka
Software Security Consultant, Prowareness
Marudhamaran Gunasekaran (Maran) is a Software Security Consultant at Prowareness who focuses on helping Organizations implement Security Initiatives and delivering secure software at a faster pace. He is an ICAgile Certified Coach and works with Agile Software Development Teams and Portfolio Managers daily switching between a developer and security coach roles. At his spare time he digs the OWASP ZAP project, moderates some security meet up groups in India and The Netherlands, and enjoys watching comedy. He blogs at https://renouncedthoughts.wordpress.com./
Brian Liceaga
Brian Liceaga
Senior Security Consultant, Evolve Security
Brian Liceaga has worked and consulted for organizations of all sizes from start-ups to large corporations. Brian’s experience includes vulnerability management, application security, incident response, security program development, cloud security, DevSecOps, and penetration testing. Notably, he has developed and implemented solutions to establish secure SDLC processes for Waterfall and Agile environments. Recently, his focus has been on next-generation vulnerability management utilizing automation and orchestration as well as finding solutions for privacy and security to better coexist.
Florian Tramèr
Florian Tramèr
PhD, Stanford University
Florian Tramèr is a second year PhD student at Stanford University, advised by Prof. Dan Boneh. He is interested in various aspects of Machine Learning Security, from adversarial examples to attacks on model confidentiality and data privacy. Before starting his PhD, he was a Master student and researcher at EPFL, Switzerland, working on various topics in Cryptography and Cryptocurrencies.
Reza Shokri
Reza Shokri
CS Assistant Prof, NUS
Reza Shokri is a computer science assistant professor at National University of Singapore. He is an active member of the security and privacy community, and his research focuses on data and computational privacy. He received his PhD from EPFL.
Aaron Rinehart
Aaron Rinehart
United Health Group, Chief Enterprise Security Architect
Aaron Rinehart currently serves as Chief Enterprise Security Architect at the United Health Group and has worked and consulted in the field of Information Security and Technology for organizations such as the Department of Homeland Security (DHS), National Aeronautics and Space Administration (NASA), and the Department of Defense (DoD). Aaron has been a featured speaker at several media outlets and conferences, most notably the National Press Club in Washington DC, RSA, HITRUST, and ABC News. Aaron has been interviewed and quoted in various publications including the Huffington Post, Medill News Service, and CBS MarketWatch.
Jaime Blasco
Jaime Blasco
AlienVault, Vice President & Chief Scientist
Jaime Blasco is a renowned Security Researcher with broad experience in network security, malware analysis, and incident response. At AlienVault, Jaime leads the Lab Intelligence and Research team that leads the charge of researching and integrating threat intelligence into detection mechanisms. Prior to working at AlienVault, he founded a couple of startups (Eazel, Aitsec) working on web application security, source code analysis, and incident response. He is based in San Francisco. Jaime’s work in emerging threats and targeted attacks is frequently cited in international publications such as New York Times, BBC, Washington Post and Al Jazeera.
Chris Doman
Chris Doman
AlienVault, Security Researcher / Threat Engineer
Chris had a long interest in security, but joined the industry after winning the civilian section of the Department of Defense’s forensics competition. Chris run a popular threat intelligence portal (ThreatCrowd.org) in his spare time, and holds a CCHIA (Certified Host Intrusion Analyst) from CREST and a degree in Computer Science from the University of Cambridge.
Lorenzo Cavallaro
Lorenzo Cavallaro
Associate Professor, Royal Holloway
Lorenzo Cavallaro is a Reader (Associate Professor) of Information Security in the School of Mathematics and Information Security at Royal Holloway, University of London. In 2014, he established and is since leading the Systems Security Research Lab (S2Lab, http://s2lab.isg.rhul.ac.uk), whose underpinning research builds on program analysis and machine learning to address threats against the security of computing systems. Prior joining Royal Holloway, University of London in 2012 as a Lecturer (Assistant Professor), Lorenzo held various Post-Doctoral (UC Santa Barbara, Vrije Universiteit Amsterdam) and visiting scholar (Stony Brook University) positions as well as a PhD in Computer Science awarded from University of Milan in 2008. He sits on the technical program committees of and has published in top-tier and well known venues (e.g., ACM CCS, NDSS, IEEE TIFS, ACSAC, RAID, USENIX WOOT) as well as being PI in a number of research projects primarily funded by the UK EPSRC, the EU, Royal Holloway, McAfee, and NCSC. Lorenzo teaches Malicious Software (undergraduate) and Software Security (graduate), a passion he also nurtured through the participation to (e.g., DEF CON 2008-09) and co-organization of (e.g., DIMVA 2011, UCSB iCTF 2008-09, ISG Open Day 2016) CTF-like computer security exercises.
Raj Sachdev
Raj Sachdev
Professor, Researcher, Attorney, Solicitor
Raj Sachdev is a Professor, Researcher, California Lawyer, English Solicitor and is pursuing further graduate work at Oxford University. He holds several degrees including an LL.M and an M.B.A. He was a Visiting Researcher at UC Berkeley Law and has spoken globally on related topics at such places as Oxford, Cambridge, Stanford and in Industry/Conferences. He has taught related courses at Stanford's part time program and has held several teaching and faculty head positions at other institutions having taught more than 40 courses.
Raj Samani
Raj Samani
Fellow & Chief Scientist, McAfee
Raj Samani is a McAfee Fellow and Chief Scientist at McAfee. His prior roles include VP and Chief Technology Officer, EMEA, at Intel Security/McAfee and Chief Information Security Officer for a large public-sector organisation in the United Kingdom. A leading international cybercrime expert, Samani has assisted multiple law enforcement agencies in cybercrime cases, and is special advisor to the European Cybercrime Centre (EC3/EUROPOL). Samani volunteers as the Cloud Security Alliance EMEA Strategy Advisor, and is on the advisory councils for Infosecurity Europe and Infosecurity Magazine. Samani has published numerous security papers and is the author of 'Applied Cyber Security and the Smart Grid'. Raj Samani is a sought-after speaker and regularly appears on television commenting on the top IT security issues driving headlines today. Samani’s recent speaking engagements include Mobile World Congress and RSA.
Patrick McDaniel
Patrick McDaniel
Distinguished Professor, Penn State
Patrick McDaniel is the William L. Weiss Professor of Information and Communications Technology and Director of the Institute for Networking and Security Research in the School of Electrical Engineering and Computer Science at the Pennsylvania State University. Professor McDaniel is also a Fellow of the IEEE and ACM and serves as the program manager and lead scientist for the Army Research Laboratory's Cyber-Security Collaborative Research Alliance. Patrick's research centrally focuses on a wide range of topics in computer and network security and technical public policy. Prior to joining Penn State in 2004, he was a senior research staff member at AT&T Labs-Research.
Robert M. Lee
Robert M. Lee
Founder & CEO, Dragos Inc.
Robert M. Lee is the CEO and Founder of the industrial (ICS/IIoT) cyber security company Dragos, Inc. He is also a non-resident National Cybersecurity Fellow at New America focusing on policy issues relating to the cyber security of critical infrastructure. For his research and focus areas, Robert was named one of Passcode’s Influencers, awarded EnergySec’s Cyber Security Professional of the Year (2015), and inducted into Forbes’ 30 under 30 for Enterprise Technology (2016). A passionate educator, Robert is the course author of SANS ICS515 – “ICS Active Defense and Incident Response” with its accompanying GIAC certification GRID and the lead-author of SANS FOR578 – “Cyber Threat Intelligence” with its accompanying GIAC GCTI certification. Robert obtained his start in cyber security in the U.S. Air Force where he served as a Cyber Warfare Operations Officer. He has performed defense, intelligence, and attack missions in various government organizations including the establishment of a first-of-its-kind ICS/SCADA cyber threat intelligence and intrusion analysis mission. He may be found on Twitter @RobertMLee
Philipp Jovanovic
Philipp Jovanovic
Postdoc Researcher, EPFL
Philipp Jovanovic is a cryptographer and post-doctoral researcher at the Swiss Federal Institute of Technology Lausanne (EPFL), in Switzerland. He obtained his PhD in cryptography from the University of Passau, Germany, in 2015. Philipp designed several cryptographic algorithms, such as NORX and OPP/MRO, and protocols, like CoSi, ByzCoin, and RandHound. He is actively involved in the development of open source projects like the kyber crypto library or the cothority framework for scalable, decentralized, cryptographic protocols, and he works as an adviser on the DFINITY project. His research is published regularly at top crypto/security conferences such as IEEE S&P, USENIX Security, or EUROCRYPT, and he is frequently active at non-academic events like the Chaos Communication Congress, Troopers, or dotSecurity. Philipp tweets as @daeinar.
Presenting companies include
Royal Holloway
Ohio Turnpike and Infrastructure Commission
webroot
United Health Group
AlienVault
mkaCyber
University of Maryland
Evolve Security
NUS
Prowareness
Google Cloud
Leidos
NEST Negotiation Strategies
McAfee
McKesson
Champion Technology Company Inc. -- www.DarkLightCyber.com
KPMG Aus
ZoneFox
Pearson
iProov Limited
Axiom Cyber Solutions
Gotham Digital Science
Tor Browser
Lookout
Dtex Systems
Webroot
Safebreach
Silent Circle
IMDEA
Google Chrome
EPS
Normshield
DataVisor Inc
STM
EPFL
Paladion
RB Advisory LLC
CounterTack Inc.
Dragos Inc
ScottSchober.com
Telo Consulting
Stanford
LinkedIn
Purdue
Penn State
UCSB
Netsparker

AGENDA EST

9am-6pm EST // 6am-3pm PST // 3pm-12am CEST // 9pm-6am GMT+8
SYSTEM SECURITY AND BROWSER SECURITY
SECURITY & PRIVACY IN MACHINE LEARNING
AND Cyber Security Operations in Industry
9:00 am
9:40 am
Patrick McDaniel
Distinguished Professor, Penn State
Building Toward Smartphone Application Security

The introduction of smart phones in the mid-2000s forever changed the way users interact with data and computation--and through it prompted a renaissance of digital innovation. Yet, at the same time, the architectures, applications and services that fostered this new reality fundamentally altered the relationship between users and security and privacy. In this talk I map the scientific community's initial efforts evaluating smart phone application security and privacy. I consider several key scientific questions and explore the methods and tools used to answer them. In this talk, I show how our joint understanding of adversary and industry practices have matured over time, and conclude with a discussion of the open problems and opportunities in mobile device security and privacy.

9:40 am
10:20 am
Yanick Fratantonio
Assistant Professor, EURECOM
Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop

While both the SYSTEM_ALERT_WINDOW and the BIND_ACCESSIBILITY_SERVICE Android permissions have been abused individually (e.g., in UI redressing attacks, accessibility attacks), previous attacks based on these permissions failed to completely control the UI feedback loop and thus either rely on vanishing side-channels to time the appearance of overlay UI, cannot respond properly to user input, or make the attacks literally visible. In this work, we demonstrate how combining the capabilities of these permissions leads to complete control of the UI feedback loop and creates devastating and stealthy attacks. In particular, we demonstrate how such an app can launch a variety of stealthy, powerful attacks, ranging from stealing user’s login credentials and security PIN, to the silent installation of a God-like app with all permissions enabled. To make things even worse, we note that when installing an app targeting a recent Android SDK, the list of its required permissions is not shown to the user and that these attacks can be carried out without needing to lure the user to knowingly enable any permission, thus leaving him completely unsuspecting. In fact, we found that the SYSTEM_ALERT_WINDOW permission is automatically granted for apps installed from the Play Store and, even though the BIND_ACCESSIBILITY_SERVICE is not automatically granted, our experiment shows that it is very easy to lure users to unknowingly grant that permission by abusing capabilities from the SYSTEM_ALERT_WINDOW permission. We also found that it is straightforward to get a proof-of-concept app requiring both permissions accepted on the official store. We evaluated the practicality of these attacks by performing a user study: none of the 20 human subjects that took part of the experiment even suspected they had been attacked. We conclude with a number of observations and best-practices that Google and developers can adopt to secure the Android GUI.

Reza Shokri
Assistant Professor , NUS
Data Privacy in Machine Learning

I will talk about what machine learning privacy is, and will discuss how and why machine learning models leak information about the individual data records on which they were trained.  My quantitative analysis will be based on the fundamental membership inference attacks: given a data record and (black-box) access to a model, determine if a record was in the model's training set.  I will demonstrate how to build such inference attacks on different classification models e.g., trained by commercial "machine learning as a service" providers such as Google and Amazon.

10:20 am
11:00 am
Philipp Jovanovic
Postdoc Researcher, EPFL
Scalable Bias-Resistant Distributed Randomness

Bias-resistant public randomness is a critical component in many (distributed) protocols. Existing solutions do not scale to hundreds or thousands of participants, as is needed in many decentralized systems. In this talk, we present two large-scale distributed protocols, RandHound and RandHerd, which provide publicly-verifiable, unpredictable, and unbiasable randomness against Byzantine adversaries targeting different application scenarios. Finally, we also discuss some applications of our protocols like sharding and proof-of-stake.

Khadir Fayaz
VP, Global Security Strategy, Engineering and Architecture, Pearson
Building an Effective Cyber Defense Portfolio

A balanced cyber security investment strategy is essential to build an adaptive security capability stack, this session will cover approaches to building a resilient cyber security portfolio.

11:00 am
11:40 am
David Puron
SVP Engineering, Silent Circle
Encrypting the Internet of Things

Internet of Things (IoT) is changing the world we live in. Everybody wants to connect new objects to Internet, opening the door to a new spectrum of cyber threats and risks. No doubt, security is the top 1 concern in the IoT industry. However, developers are finding many challenges when implementing security on connected objects. One of these challenges is how to protect data and communications from eavesdropping. Traditional encryption algorithms and security protocols require a significant computing power, which is not available in small IoT hardware boards. This presentation will go, using practical examples, through lightweight encryption algorithms and solutions that can be used to break these barriers.

11:40 am
12:20 pm
Mathias Payer
Assistant Professor, Purdue
Control-flow hijacking: are we making progress?

Memory corruption errors in C/C++ programs remain the most common source of security vulnerabilities in today’s systems. Over the last 10+ years we have deployed several defenses. Data Execution Prevention (DEP) protects against code injection, eradicating this attack vector. Yet, control-flow hijacking and code reuse remain challenging despite wide deployment of Address Space Layout Randomization (ASLR) and stack canaries. These defenses are probabilistic and rely on information hiding. The deployed defenses complicate attacks, yet control-flow hijack attacks (redirecting execution to a location that would not be reached in a benign execution) are still prevalent. Attacks reuse existing gadgets (short sequences of code), often leveraging information disclosures to learn the location of the desired gadgets. Strong defense mechanisms have not yet been widely deployed due to (i) the time it takes to roll out a security mechanism, (ii) incompatibility with specific features, and (iii) performance overhead. In the meantime, only a set of low-overhead but incomplete mitigations has been deployed in practice. Control-flow hijacking attacks exploit memory corruption vulnerabilities to divert program execution away from the intended control flow. Researchers have spent more than a decade studying and refining future defenses based on Control-Flow Integrity (CFI). This technique is now integrated into several production compilers. Microsoft compiles large parts of their codebase with Control-Flow Guard, a coarse-grained CFI mechanism, and allows developers to compile their software with the same mitigation mechanism. Google, on the other hand, developed a fine-grained CFI mechanism on top of LLVM that increases precision and compiles Chrome with this stronger mechanism. Researchers so far have shown that both coarse-grained and fine-grained CFI mechanisms can generally be bypassed. The accepted notion is that CFI makes successful control-flow hijacking attacks harder but the question remains how much harder an attack becomes? Attacks are now even more application specific and require a detailed analysis of the available whole-function-gadgets.

Raj Sachdev
Professor, Researcher, Attorney, Solicitor
Legal and Marketing Concepts in Cybersecurity

This talk will overview key legal and marketing issues presented by today's 'breach' prone world.  More than ever, transactions of increasingly sensitive nature are being conducted online. When a breach occurs, this has legal and marketing implications.  This talk will provide a comparative update to major changes in US, Canadian and UK/EU laws and rules affecting cybersecurity and related areas including issues raised by modern technologies. Also, how to maintain brand image amidst a breach will be discussed.

12:20 pm
1:00 pm
Brian Liceaga
Senior Security Consultant, Evolve Security
Corrective Cloud Security in AWS with Lambda Functions

An overwhelming number of security controls revolve around generating and forwarding alerts to System Administrators or a Security Operations Center (SOC). These mechanisms often require a significant human element to actively manage and triage alerts. In addition, alerting tools require ongoing TLC, a.k.a. tuning, and typically result in alert fatigue or delayed response times. To ensure a timely response to security events, 24/7 SOCs and response SLAs become a necessity. Unfortunately, a SOC is a luxury which many organizations cannot afford. To overcome this challenge, automated corrective access controls must be deployed in conjunction with preventative access controls in order to effectively manage security threats and discourage alert fatigue. In a cloud environment, automated corrective controls can be triggered based on specific events deemed as security violations. In AWS, this can be achieved using AWS Lambda functions. This talk will focus on how to implement automated corrective access controls in AWS to quarantine users based on security policy violations.

1:00 pm
1:40 pm
Robert M. Lee
Founder & CEO, Dragos Inc
ICS Cyber Attacks: Fact vs. Fiction

Industrial Control Systems (ICS) are critical to local and national communities alike; they are the systems running the power grid, filtering water, pumping oil, and manufacturing the items we rely upon. It thus makes sense that cyber attacks against these infrastructures are a highly interesting topic to everyone. Unfortunately, when there's high interest in an area, and a lack of case-studies, the void that forms is filled with hype. There are real threats that need to be explored such as the attacks that took place on the Ukrainian power grid but there is also a lot of hype and misunderstanding about the threats ICS face. This presentation will be a case-study driven presentation on what the hype is, what the facts are, and what is being done to make our global infrastructure more secure.

1:40 pm
2:20 pm
Jaime Blasco & Chris Doman
Chief Scientist & Security Researcher, AlienVault
Threat Intelligence Sharing

In the last few years, private companies, government agencies, and security vendors have boosted the number of initiatives to share Threat Intelligence, predominantly focus on the sharing of Indicators Of Compromise (IOC's). In this talk, we will review what Threat Intelligence is, what the different use cases are and how it can help your organization. Finally, we will give you and overview of MISP (MISP - Open Source Threat Intelligence Platform) and OTX (Open Threat Exchange) with a focus on helping you start to consume Indicators Of Compromise.

2:20 pm
3:00 pm
Julia Ellefson
VP of Development, Mkacyber
Putting Security First in Web Application Development

Web applications are notoriously challenging to secure because they have so many avenues for attackers. Providing proper functionality and doing it securely requires a balancing act, which can often put security on the backburner. Focusing your development efforts on proper web application development techniques, coding standards and security testing tools will ensure that your web application will be as secure as possible upon deployment. Attendees of this session will learn: 1. The proper approach to building a secure web application 2. Necessary security coding standards that anyone can apply 3. Must use tools for proper security testing

Aaron Rinehart
Chief Enterprise Security Architect, United Health Group
ChaoSlingr: Introducing Security based Chaos Testing – “Security is Chaotic – Drive out failure and build software that is truly rugged with Security Chaos Engineering”

ChaoSlingr is a Security Chaos Engineering Tool focused primarily on the experimentation on AWS Infrastructure to bring system security weaknesses to the forefront. The industry has traditionally put emphasis on the importance of preventative security control measures and defense-in-depth where-as our mission is to drive new knowledge and perspective into the attack surface by delivering proactively through detective experimentation. With so much focus on the preventative mechanisms we never attempt beyond one-time or annual pen testing requirements to actually validate whether or not those controls actually are performing as designed. Our mission is to address security weaknesses proactively, going beyond the reactive processes that currently dominate traditional security models.

3:00 pm
3:40 pm
Yan Shoshitaishvili
PhD Candidate, UCSB
The Long Road to Cyber Autonomy

As software has proliferated to become a critical part of our daily lives, increasing in both variety and volume beyond the ability of human hackers to effectively analyze it, the need for automated techniques to identify and mitigate bugs and vulnerabilities has become painfully apparent. Over the last few decades, several paradigms for the design of such automation have been explored by security researchers, numerous buzzwords have been coined, and many papers have been written to convey various techniques. However, despite decades of work, techniques for the automation of finding and fixing bugs are still in their infancy, and most such analyses are still done by hand. In this talk, I will delve into why this is the case, using the DARPA Cyber Grand Challenge as a vantage point to explore the issue. I will explore the road we have taken to get where we are, the fundamental (and not so fundamental) limitations holding us back, and muse about the next steps. I'll discuss this all in the context of my research into cyber autonomy and in the challenges and hurdles that my team, Shellphish, faced in the Cyber Grand Challenge and in applying our Cyber Reasoning System beyond that contest.

3:40 pm
4:20 pm
Nicolas Papernot
Google PhD Fellow in Security
Private Machine Learning with PATE

Some machine learning applications involve training data that is sensitive, such as the medical histories of patients in a clinical trial. A model may inadvertently and implicitly store some of its training data; careful analysis of the model may therefore reveal sensitive information. To address this problem, we demonstrate a generally applicable approach to providing strong privacy guarantees for training data. The approach combines, in a black-box fashion, multiple models trained with disjoint datasets, such as records from different subsets of users. Because they rely directly on sensitive data, these models are not published, but instead used as "teachers" for a "student" model. The student learns to predict an output chosen by noisy voting among all of the teachers, and cannot directly access an individual teacher or the underlying data or parameters. The student's privacy properties can be understood both intuitively (since no single teacher and thus no single dataset dictates the student's training) and formally, in terms of differential privacy.

4:20 pm
5:00 pm
Tyler Moffitt
Sr Threat Research Analyst, Webroot Inc
Ransomware Spotlight

Over the past few years, malware authors have developed increasingly sophisticated and creative ways to infect endpoints. Encrypting ransomware is no longer merely an annoyance. It's a highly persistent and organized criminal "business model" in full deployment, with new abilities to move laterally through networks and infect machines previously thought not possible to infect. The damage from becoming a ransomware victim is considerable, and can even put organizations out of business. At Webroot, we believe it's possible to effectively protect businesses and users, but only by understanding your adversary and the techniques they use for their attacks. In this webinar, Webroot's own Senior Threat Research Analyst, Tyler Moffitt, will offer expert insights into emerging encrypting ransomware variants--and how you can stay ahead.

Tudor Dumitras
Assistant Prof, U of Maryland
FeatureSmith: Automatically Engineering Features for Malware Detection by Mining the Security Literature

Companies facing rampant attacks and data breaches have started turning to artificial intelligence techniques, such as machine learning, for security tasks. A machine learning classifier automatically learns models of malicious activity from a set of known-benign and known-malicious observations, without the need for a precise description of the activity prepared in advance. However, the effectiveness of these techniques primarily depends on the feature engineering process, which is usually a manual task based on human knowledge and intuition. Can we automate this process? Can we build an intelligent system that not only learns from examples, but can also help us build other intelligent systems? We developed a system, called FeatureSmith, that engineers features for malware detectors by synthesizing the knowledge described in thousands of research papers. As a demonstration, we trained a machine learning classifier with automatically engineered features for detecting Android malware and we achieved a performance comparable to that of a state-of-the-art detector for Android malware, which uses manually engineered features. In addition, FeatureSmith can suggest informative features that are absent from the manually engineered set and can link the features generated to human-understandable concepts that describe malware behaviors.

5:00 pm
5:40 pm
Abbas Kudrati
Chief Information Security Officer, KPMG AUS
The typical day in a life of CISO

Chief Information Security Officer (CISO)s rarely have a typical day, it’s a “CHANGE” which is the only constant in a life of a CISO. No two CISO looks alike. Every organisation treat them differently and they all come from different background. They are known with different designations such as Chief Security Officer, Information Security Officer, Head of IT Security, Security Manager etc etc. One thing which is common among all is similar set of broad challenges and set of techniques used by them to get the job done and to set the priority.

5:40 pm
6:20 pm
Abhijitt Mukharjji
Digital Security Evangelist, CyberZest Pty Ltd.
Cyber Kill Chain, for Ultimate Cyber Defence

They are all around us and we can very well see them through their exploits and plunders. However, it is not the case that we have to be at the receiving end and they lead this game every time. I believe, if we do our basics right we can outsmart them while staying ahead of the curve, hence I present to you a tried and tested strategy for Cyber Defense

SYSTEM SECURITY AND BROWSER SECURITY
SECURITY & PRIVACY IN MACHINE LEARNING 
AND CYBER SECURITY OPERATIONS IN INDUSTRY
9:00 am
9:40 am
Max Bazaliy
Security Researcher, Lookout
Jailbreaking 101

In the Apple ecosystem, in order to explore the internals and security aspects of an Apple iOS based device, it is necessary to use a jailbreak. While many associate jailbreaking with hackers simply out to steal sensitive data, jailbreaking is unique way for the research community to explore and enhance the features and capabilities of a device. By creating and using jailbreaks, we can gain valuable information which can help us stay ahead of those who are looking to leverage threats for personal gain. In this talk I will be focusing on a process of jailbreaking modern iOS devices. We will start by diving into the history of jailbreaks. When did they first surface? How have they evolved over time? Next, we’ll take a look at the purposes and goals of jailbreaking. Finally, we’ll walk thru the evolution of iOS security enhancements over time, including modern exploit mitigation techniques and how jailbreaks are currently being used to better educate and protect the security research community. Attendees will gain an in-depth understanding of the steps needed nowadays for creating a jailbreak and why they are important. They will learn how iOS security mitigations work and what is needed in order to better understand the innerworkings of today’s latest technologies. Finally, attendees will learn how to use an exploit chain, and helper tools and techniques to create jailbreaks and better understand the iOS platform...

9:40 am
10:20 am
Vinod Vasudevan
Chief Technology Officer, Paladion
Reducing attacker Dwell time and increasing speed of response

Cybersecurity breach is a given, most organizations should be prepared for a breach. There are ways to contain the impact of a breach. Attacker dwell time has reduced to 90+ days (Source: Ponemon) as compared to 270+ days a few years back. But it continues to be a key metric that captures the lacunae in today’s detection systems and processes. In this session, we discuss tools & techniques to reduce attacker dwell time to less than a day. We also look at methods to increase the speed of cyber security incident response. Together, this enables reducing the business impact of a Cybersecurity intrusion.

10:20 am
11:00 am
Candan Bolkubas
CTO, Normshield
Hacker Reconnaissance w/ OSINT

Introduction / OSINT and the first step of Cyber Kill Chain: "Hacker Reconnaissance" / Brief description of OSINT / What is "Hacker Reconnaissance" in the cyber kill chain / OSINT sources and demo of Censys, Shodan, Hacker Forums, Paste Sites, Vuln DBs and Cyber Threat Search Engine / OSINT mind map / Internet wide scanners / Hacker sites and deepweb / Known vulnerability databases / Google DORK / NormShield Cyber Threat Search Engine / OSINT & Hacker Reconnaissance tools in Kali Linux and Windows / theHarvester / sublist3r / Foca / Make your own tool with python / Basic REST API usage / Cymon integration for IP check

Brian Kelly
CTO, Ohio Turnpike and Infrastructure Commission
Navigating the Looming Cyber Threats on the Horizon

The cyber threat landscape is ever-changing with new and more advanced threats. In 2017 we have experienced major global ransomware attacks with devastating impacts and experts predict the frequency and severity of these attacks will increase in the near future. This session will explore the cyber threats on the horizon and best practices for detecting and mitigating these threats on the cyber battlefield in the never-ending cyber war of the 21st century.

11:00 am
11:40 am
Juan Caballero
Associate Research Professor
The Rise of Potentially Unwanted Programs: Measuring its Prevalence, Distribution through Pay-Per-Install Services, and Economics

Potentially unwanted programs (PUP) such as adware and rogueware, while not outright malicious, exhibit intrusive behavior that generates user complaints and makes security vendors flag them as undesirable. PUP has been little studied in the research literature despite recent indications that its prevalence may have surpassed that of malware. We have performed a systematic study of Windows PUP over a period of 4 years using a variety of datasets including malware repositories, AV telemetry from 3.9 million real Windows hosts, dynamic executions, and financial statements. This  presentation summarizes what we have learned from our measurements on PUP prevalence, its distribution through pay-perinstall (PPI) services, which link advertisers that want to promote their programs with affiliate publishers willing to bundle their programs with offers for other software, and the economics of PPI services that distribute PUP.

Florian Tramer
PhD, Stanford University
Ensemble Adversarial Training: Attacks and Defenses

Many machine learning models are vulnerable to adversarial examples, maliciously perturbed inputs designed to mislead the model. Adversarial training explicitly includes adversarial examples at training time in order to increase a model’s robustness to attacks. To keep adversarial training tractable, we usually rely on simple first-order approximations of the worst-case perturbation for each data point. We show that this form of adversarial training admits an unsatisfactory global minimum, wherein the model’s decision surface is highly curved near training points, thus resulting in first-order methods that produce poor adversarial examples. We experimentally verify that adversarially trained models on MNIST and ImageNet exhibit this curious behavior. We further show that these models remain surprisingly vulnerable to black-box attacks, where adversarial examples are crafted on a separate model trained for the same task. We harness our observations in two ways: First, we propose a simple yet powerful novel attack that first applies a small random perturbation to an input, before finding the optimal perturbation under a first-order approximation. Our attack outperforms prior first-order attacks on models trained with or without adversarial training. Second, we propose Ensemble Adversarial Training, an extension of adversarial training that additionally augments training data with perturbed inputs obtained from a number of fixed pre-trained models. On ImageNet and MNIST, ensemble adversarial training vastly increases robustness to black-box attacks. This is joint work with Alexey Kurakin, Nicolas Papernot, Dan Boneh & Patrick McDaniel

11:40 am
12:20 pm
Lorenzo Cavallaro
Associate Professor
Transcend: Detecting Concept Drift in Malware Classification Models

Building machine learning models of malware behavior is widely accepted as a panacea towards effective malware classification. A crucial requirement for building sustainable learning models, though, is to train on a wide variety of malware samples. Unfortunately, malware evolves rapidly and it thus becomes hard—if not impossible—to generalize learning models to reflect future, previously-unseen behaviors. Consequently, most malware classifiers become unsustainable in the long run, becoming rapidly antiquated as malware continues to evolve. In this talk, I present Transcend, a framework to identify aging classification models in vivo during deployment, much before the machine learning model’s performance starts to degrade. This is a significant departure from conventional approaches that retrain aging models retrospectively when poor performance is observed. Our approach uses a statistical comparison of samples seen during deployment with those used to train the model, thereby building metrics for prediction quality. I then show how Transcend can be used to identify concept drift based on two separate case studies on Android and Windows malware, raising a red flag before the model starts making consistently poor decisions due to out-of-date training.

Shawn Riley
Chief Data Officer & Cybersecurity Scientist, Champion Technology Company
An A.I. Cyber Defense Expert System for Active Cyber Defense and Trusted Information Sharing

DarkLight is a first of its kind, AI-based expert system which enables sense-making and decision-making for active cyber defense and information sharing. /It helps an organization to immediately deploy a scientific, evidence-based foundation for vastly improved cyber security operations and automation of their most highly-prized resource: the logic and experience of the human analyst. DarkLight automates what was previously solely a human task in frameworks such as the Integrated Adaptive Cyber Defense (IACD), a collaboration between NSA, DHS, Johns Hopkins APL and many industryleading vendors. Upper-level sense-making and decision-making functions which require human expertise and analytic tradecraft in the loop are now captured, augmented and/or automated to perform at machine speed, while the human remains on the loop only as needed, to further train and guide the AI. Created, tested and proven at one of the nation's most advanced research aboratories over the course of more than four years, the company has been granted multiple patents on this unique technology. The company recently emerged from stealth and first demonstrated the product publicly at the RSA Early Stage Expo in February 2017.

12:20 pm
1:00 pm
Gib Sorebo
Chief Cybersecurity Strategist, Leidos
Best Practices for An Industrial Control System Asset and Configuration Management Program

This talk will focus on an important but frequently overlooked area of Industrial Control System cybersecurity, asset and configuration management. While asset owners often do a good job of physical inventories, their management of software assets and their configurations on the OT side often leave much to be desired. While NERC CIP has forced utilities to dramatically improve their change and configuration management processes, particularly the tracking and approval aspects, many other industries are still operating in the dark in many cases. Moreover, even with utilities, the efforts may still rely heavily on labor-intensive, spreadsheet-based processes. We will discuss how organizations can insert more automation to not only improve security but also reduce costs. The session will highlight both the tools available, and, more importantly, the steps used to integrate those tools into a process appropriate for the environment.

1:00 pm
1:40 pm
Raj Samani
McAfee Fellow & Chief Scientist, McAfee
Appetite for Destruction - The growth and rise of pseudo ransomware, destroying a network near you

Hear how a whole new trend is on the rise, the evolution of ransomware as we know it to pseudo ransomware, where even determining the purpose of an attack is difficult to ascertain. We will share details on what pseudo ransomware is and why it is gaining traction. The audience will see examples of wiper campaigns that destroy entire organizations.  The attackers pretend that this is ransomware but is in fact developed for the sole purpose of destruction, as opposed to extortion. Based on interviews with ransomware actors, we will share the motivations, tactics and techniques behind these attacks and why these are so different from what we have seen with ransomware to date. The session will include insights from a full take-down operation against a major ransomware family. This session will be conducted by one of Europe’s leading cybercrime experts, who has been at the forefront of the NoMoreRansom Initiative, a multi-company effort working in tandem with law enforcement to pool resources to address the ransomware threat and assist victims in retrieving stolen data without paying criminals.

1:40 pm
2:20 pm
Jinan Jaber
EVP Cybersecurity and Strategy
Will a False Sense of Security Make You the Victim of the Next Cyberattack?

This session will cover threats that traditional anti-virus software is not equipped to face, including file-less malware, polymorphic malware, weaponized documents, targeted attacks, in-memory attacks, ransomware, phishing, and other undetectable advanced threats, and will explore a new endpoint protection method that guards applications in runtime through isolation to prevent compromise. Cyber attacks are on the rise, both in numbers and craftiness. New research shows that attackers are increasingly beating security detection at the gateway and on the endpoint by initiating attacks that don't drop malicious files at all, thus evading file-based detection. And even when they do use malicious files, once they get past the gateway filtering, the typical detection mechanisms aren't picking them up. The research found that few pieces of malware actually had signatures within AV engines. Only half of file-based attacks had been submitted to malware repositories and, of those, only 20 percent made it to AV engines. Are you truly prepared to defend your turf and your data when (not if) the attackers come after you? How should you be preparing beyond just having an endpoint security solution in place? Join us for this compelling session to see how advanced attacks such as zero-day attacks, ransomware and file-less malware can impact your organization causing operational, financial, and reputation damage, and the steps you can take to minimize your risk by preventing compromise.

Moty Cristal
CEO, NEST Negotiation Strategies
Cyber Extortion: How to negotiate with Cyber Criminals

Many believe that “To pay or not to pay?” is the fundamental dilemma in ransomware and cyber extortion. However, who is the crisis manager, and what should be the engagement process with the hackers, shareholders, customers and frustrated employees are far more relevant, and urgent, issues to address. This brief presentation will focus solely on managing the human dimension in cyber crisis, and will cast light on how to negotiate with cyber-criminals, as well as how to set up the company’s crisis management structures.

2:20 pm
3:00 pm
Lonnie Benavides
Head of Cybersecurity Active Defense, McKesson
How to Build a Threat Intelligence Program

Setting up a threat intelligence program can be hard, but it doesn’t need to be, providing that you focus on the basics and keep things simple. In this talk I will share insights and fundamental concepts that I have learned in my own threat intel journey. I hope to leave you with valuable information that may allow you to finally turn the tables on your adversaries.

3:00 pm
3:40 pm
Eric Lawrence
Software Engineer, Google Chrome
Moving to HTTPS in 2017

Snoops and active attackers mean our networks are increasingly hostile. Protecting users and their information requires HTTPS on every page of every site. Browsers have started limiting powerful features like geolocation and ServiceWorkers to pages served over HTTPS, and actively warn users when visiting non-secure pages. Fortunately, moving sites of any size and complexity to HTTPS is easier than ever. Certificates can be acquired automatically at no cost, new protocols like HTTP/2 and Brotli compression mean that secure connections can improve performance, and web developers can utilize features like upgrade insecure requests and referrer policy to avoid common pitfalls as they upgrade to HTTPS. Eric Lawrence offers practical advice to defuse common concerns about migrating to HTTPS, and share news about the latest browser changes to encourage web developers to secure their sites.

3:40 pm
4:20 pm
Jen Tong
Developer Advocate, Google Cloud
Firebase security rules - Protecting app data from the Zombie Apocalypse

The Firebase Realtime Database has lots of cool features that make it enjoyable for app development, but its easy to use API is not enough for it to be production ready.  The feature that makes the database useful is actually its powerful security model. This talk will explain why the security rules engine is such a critical feature, and explore practical aspects of the security rules language.

4:20 pm
5:00 pm
David Freeman
Anti-Abuse Research Scientist/Engineer, Facebook
Data vs. the Bad Guys: Protecting the Consumer Web

Every day, billions of people use the consumer web to find information, connect with friends and colleagues, post or store content, and conduct business. And while these services have been a boon to the economy, they have also been a boon to the underground economy -- billions of people are now subject to being scammed, defrauded, impersonated, or tricked into releasing sensitive information. In this talk we will discuss the threats faced by consumer-facing apps and websites and give an overview of how we can use data and machine learning to stop them. Topics we will consider include account access, account creation, and automation.

5:00 pm
5:40 pm
Arthur Edelstein
Developer, Tor Browser.
Tor Browser and the fight for privacy on the Web

The World Wide Web is facilitating a huge erosion of privacy. Because web technologies permit it, governments, advertising networks and internet service providers monitor what everyone reads online. We can combat this spying by redesigning web browsers to stop exposing users’ private information. I will discuss the Tor Project’s work to develop Tor Browser, a web browser with many unique features that protect user privacy. I will describe Tor Browser’s privacy technologies including onion networking, first-party isolation, fingerprinting resistance, disk hygiene and hardening against exploits. I will also talk about Tor Project’s ongoing collaboration with Mozilla to bring these technologies to Firefox.

Marudhamaran Gunasekaran
Software Security Consultant, Prowareness
N different strategies to automate OWASP ZAP for Security Testing during Development

In this talk we will explore the many different ways of automating security testing with the OWASP Zed Attack Proxy and how it ties to an overall Software Security Initiative. Over the years, ZAP has made many advancements to its powerful APIs and introduced scripts to make security automation consumable for mortals. This talk is structured to demonstrate how ZAP's API, and scripts could be integrated with Automated Testing frameworks beyond selenium, Continuous Integration and Continuous Delivery Pipelines beyond Jenkins, scanning authenticated parts of the application, options to manage the discovered vulnerabilities and so on with real world case studies and implementation challenges.

5:40 pm
6:20 pm
Regine Bonneau
Founder & CEO, RB Advisory LLC
Cybersecurity and DevOps – focusing on “build security in”

The high demand of medical, fitness, fintech, and business apps and a rise in IoT devices at an alarming rate have brought about great cyber risk issues. These issues need to be addressed at the beginning of the life cycle of the software that operates them. These devices are collected a great mass of sensitive data on companies operations and the individual. Companies producing these services lack a strategy for secure development, creating a high risk of exposure of all the data to cyber security threats; therefore, creating the need for security in all stages of the development. This is possible with the close collaboration between security professionals and developers. We are going to explore a more dynamic and secure way of managing infrastructure and automated deployment by giving equal prioritization to maximizing risk management and prevention, flexibility, speed, time to market, and security.

Joseph Bonneau
Technology Fellow, Stanford
Why we need verifiable lotteries

The world is full of authorities who promise to behave randomly: commercial lottery drawings worth millions of euros, school assignments, group draws for international football tournaments, or choosing travelers for secondary security screening. More technically speaking, randomness is a requirement in many algorithms and hence verifiable randomness is a necessary prerequisite for algorithmic transparency. Yet today authorities typically provide no evidence to prove that they are actually behaving randomly. If any evidence is provided, it is typically in the form of a physical randomness process such as rolling dice. This talk will describe the ways in which we can use cryptography to provide stronger evidence to verify that lotteries are behaving correctly.

TICKETS

WHAT PEOPLE SAY
ACCESS REPLAYS

SPONSOR

Media Partners

Community Partners