|
The Information Systems and Internet Security (ISIS) Laboratory is a NSF-funded lab consisting of heterogeneous platforms and multiple interconnected networks to facilitate hands-on experimentation and project work related to information security. It provides focus for multidisciplinary research and education in emerging areas of information security at Polytechnic University.
Current research areas include computer and network security, digital forensics, hardware for secure systems, digital watermarking, and steganography. Courses supported by the ISIS lab include those related to computer and network security.
|
| | Seminar: Networked Systems for the Developing World |
Lakshminarayanan Subramanian of the Courant Institute
will give a seminar in room RH227
on Wednesday, November 19th from 12:30pm to 1:30pm.
Professor Subramanian's summary follows:
Networked Systems for the Developing World
Computer Science research over the past several
decades has predominantly focused on addressing
important computing problems in the developed
world with little focus on the developing world.
However, the sad reality is that a large majority
of the world's population does not have access to
basic digital communications - If this issue is
not addressed, the digital divide is bound to
significantly grow in the upcoming years.
In this talk, I will elaborate upon how the
development of appropriate Information and
Communication Technologies (ICT) has the potential
to solve some of the pressing problems in
developing countries including improving
healthcare, education, financial services,
supply-chain services etc. I will elaborate on the
computer science research challenges that arise in
addressing these problems many of which are
motivated by the operational environments in these
regions. These challenges are spread across a wide
range of topics within computer science.
|
|
| | Seminar: Deian Stefan - "Keystroke Dynamics Authentication and Human-Behavior Driven Bot Detection" |
Deian Stefan from Cooper Union will join us at Poly in room RH227
on Wednesday, October 22nd from 12:30pm to 1:30pm to
present his research.
Seminar Summary:
We present our design and implementation of a remote
authentication framework called
TUBA which collects, extracts features, analyzes, and classifies a
computer owner's character-
istic keystroke patterns. A comprehensive security analysis on the
attacks and defenses of our
framework is presented.
|
|
| | CSAW 2008: Big thanks to everyone! |
CSAW 2008 culminated in
the awards ceremony on Tuesday, October 14th in Poly's
Pfizer Auditorium. This year's CSAW was the biggest yet, with
more participation, more schools participating, more countries
participating, and more prizes than ever before. Big thanks to
all who competed, all the judges who donated their expertise,
and of course, big thanks to the sponsors.
|
|
| | Leveraging Technical Security in the Enterprise |
Time:Wednesday, September 25th at 12:30pm
Place:Rogers Hall, Room 227
Fred Scholl
will join us to give a talk titled
"Leveraging Technical Security in the Enterprise".
The talk will address how to better market and use
technical training to create effective products and
services for global enterprise users.
|
|
| | Workshop on Interdisciplinary Studies in Security and Privacy |
The ISIS group at NYU Poly is hosting
WISSP 2008, a
workshop on interdisciplinary studies in security and privacy.
Panel topics will include targeted malware, trusted platforms,
privacy, and education. See the
workshop program
for a listing of the speakers and panelists as well as for
more information about the topic of each of the sessions.
|
|
| | The Bad Guys Are Winning: What Now? |
On Wednesday, September 17th, at 12:30pm in room RH227
Ed Skoudis will give a talk titled,
"The Bad Guys Are Winning: What Now?"
The topic is as follows.
A sufficiently motivated
attacker will almost always compromise a target environment, given the
complex attack surface of today's enterprises. This talk analyzes why
this is so, and discusses what the implications are for enterprise
security personnel, penetration testers, and the military.
|
|
| | Computerworld Magazine lists Polytechnic among top 10 innovative schools, particularly the security program. |
A Computerworld/Dice.com survey of 16 graduate-level
alumni gave Poly straight A's.
- Overall grade: A
- Value: A
- Positive career impact: A
- Relevance to actual career activities: A
The article lists Poly's
security program as one of the key strengths of Poly, and has an interview
with an ISIS alum, Stanislav Nurilov.
See the full article on the Computerworld site.
|
|
| | Congratulations to Pasha Pal for winning the best paper award at DFRWS 08. |
ISIS PhD student
Pasha Pal
was given the best paper award at DFRWS 08
for his analysis of the state of the art in file carving, and development
of a powerful new method.
The paper is here:
Detecting File Fragmentation Point using Sequential Hypothesis Testing
Abstract:
File carving is a technique whereby data files are extracted
from a digital device without the assistance of file tables
or other disk meta-data. One of the primary challenges in
file carving can be found in attempting to recover files
that are fragmented. In this paper, we show how detecting
the point of fragmentation of a file can benefit fragmented
file recovery. We then present a sequential hypothesis
testing procedure to identify the frag- mentation point of a
file by sequentially comparing adjacent pairs of blocks from
the start- ing block of a file until the fragmentation point
is reached. By utilizing serial analysis we are able to
minimize the errors in detecting the fragmentation points.
The performance results obtained from the fragmented
test-sets of DFRWS 2006 and 2007 show that the method can be
effectively used in recovery of fragmented files.
|
|
| | Transparent Anonymization: Thwarting Adversaries Who Know the Algorithm |
Speaker: Xiaokui Xiao, Chinese University of Hong Kong
Time and Location: Monday 07/07 at 11am in LC400
Abstract:
The digitization of our daily lives has led to unprecedented collections
of sensitive personal data (e.g., census data, medical records) by
governments and corporations. Such data is often released for research
purposes, which, however, may pose a risk to individual privacy. To
address this issue, numerous techniques have been proposed to anonymize
the data before its publication. Somewhat surprisingly, all existing
anonymization techniques assume that the adversary has no or limited
knowledge of the anonymization algorithm, and fail to protect privacy when
this assumption does not hold. In other words, a data publisher that
adopts these techniques must take up the difficult responsibility of
keeping the algorithm confidential, which severely limits the
applicability of these techniques in practice.
In this talk, I will present a solution that remedies the above problem. I
will start from an analytical model for evaluating disclosure risks,
against an adversary who knows everything in the anonymization process,
except the data to be published. Based on the model, I will discuss three
anonymization algorithms that can ensure privacy protection against the
adversary we consider. The effectiveness and efficiency of these
algorithms will be demonstrated through experimental results. Finally, I
will conclude the talk with my plan for future research.
Bio:
Xiaokui Xiao obtained the Bachelor and Master degrees in Computer Science
from the South China University of Technology in July 2001 and June 2004,
respectively. He is currently a PhD student in the Department of Computer
Science and Engineering of the Chinese University of Hong Kong.
|
|
| | ISIS gets NSA Designation of Center of Excellence in Research |
In addition to affirming our status as a Center of Academic Excellence
in Information Assurance Education, NSA awarded ISIS the status
of Center of Academic Excellence in Information Assurance Research.
More information about this designation can be found on
NSA's webpage.
|
|
| | ISIS Renews Center of Excellence in Education Designation |
| | On Trusted Hardware and Privacy Systems |
Speaker: Radu Sion, State University of New York, Stony Brook
Time and Location: Friday 3/14 at 11am in LC102
Short Abstract:
We will talk about existing trusted hardware devices and how they can be
deployed to make the world a safer and more private place.
Bio:
Radu Sion is an assistant professor of Computer
Science in Stony Brook University, heading the
Network Security and Applied Cryptography
Laboratory. His research focuses on data security
and information assurance mechanisms.
Collaborators and funding partners include
Motorola Labs, the Center of Excellence in
Wireless and Information Technology CEWIT, the
Stony Brook Office for the Vice-President for
Research and the National Science Foundation. Sion
also directs the Stony Brook Trusted Hardware
Laboratory, a central expertise and research
knowledge repository on secure hardware.
Radu Sion's Webpage
NSAC Lab
|
|
| | Tackling the Content Protection Challenge |
Speaker: Nelly Fazio, IBM Almaden Research Center
Time and Location: Friday 3/07 at 11am in LC102
Abstract:
Devising effective Content Protection mechanisms and building satisfactory
Digital Rights Management systems have been top priorities for the
Publishing and Entertainment Industries in recent years. Corporate DRM
efforts have so far attempted to address this challenge with systems
characterized by a tight control over the user media platform. This
approach, however, brings about rigid limitations on the user experience
(e.g., restrictions on the creation of back-up copies of purchased
copyrighted content), ultimately resulting in an unhappy customer base.
Research advances over the last few years show that Cryptography holds
promise for the development of flexible tools that could enable fair DRM
solutions. In this talk, I will provide an overview of my investigations
along this direction, and I will then focus on the case of transmission of
live events, where the sensitivity of the content under distribution
decreases with time. For this setting, I will present a scheme in which
unauthorized disclosure of access control credentials can be traced back
to the leaker(s), thus discouraging piracy by the threat of detection.
The proposed solution improves upon the state of the art both in
communication performance and in security guarantees.
Before concluding, I will briefly discuss some of my other cryptographic
research, including an on-going project that was recently funded by DARPA
in the context of the "System F6" initiative.
Bio:
Nelly Fazio earned her M.Sc. ('03) and Ph.D. ('06) in Computer Science
from New York University. During her studies, she also conducted research
at Stanford University, Ecole Normale Superieure (France) and Aarhus
University (Denmark). In 2003, she was awarded the NYU CIMS Sandra
Bleistein prize, for "notable achievement by a woman in Applied
Mathematics or Computer Science." Her Ph.D. thesis was nominated with
honorable mention for the NYU J. Fabri prize, awarded yearly for the "most
outstanding dissertation in Computer Science."
Dr. Fazio's research interests are in cryptography and information
security, with a focus on digital content protection. Since July 2006, she
is part of the Content Protection group at IBM Almaden Research Center,
where she has been conducting research on advanced cryptographic key
management, tracing technologies, and authenticated communications in
dynamic federated environments. Currently, she is a visiting research
scientist in the Security group at IBM T.J. Watson Research center,
working on security issues of decentralized enironments such as sensor
networks.
|
|
| | Seven Flaws of Identity Management |
Speaker: Rachna Dhamija, Harvard University
Time and Location: Friday 02/29 at 11am in LC102
Abstract:
In the last few years, Internet users have seen the rapid expansion of
phishing, man-in-the-middle, malware and other attacks that attempt to
trick users into revealing sensitive data. We have also seen the
introduction of new authentication and identity management systems across
the Web. The scale and complexity, combined with the privacy and security
requirements of these systems, create steep challenges for usability. To
design systems and interfaces to shield users from attacks, it is
important to know which kinds of attack strategies are successful and why
users are deceived. In this talk, I posit seven flaws or design
challenges that must be met for authentication and identity management
systems to be usable and accepted by the general public.
Bio:
Rachna Dhamija is a Postdoctoral Fellow at the Center for Research on
Computation and Society at Harvard University. Rachna's research
interests span the fields of computer security, human computer interaction
and information policy. She received a Ph.D. from U.C. Berkeley, where
her thesis focused on the design and evaluation of usable security
systems. Previously, Dhamija worked on electronic payment system privacy
and security at CyberCash. Her research has been featured in the New York
Times, the Wall Street Journal, the Economist and CNN.
|
|
| | "Solutions for Memory Authentication" |
Speaker: Dr. Reouven Elbaz
Time and Location: Thursday, Feb. 28 at 11 am in LC400
Abstract:
One objective in the design of a secure platform is to
ensure that sensitive application outcomes have not been
corrupted by a malicious party. For example, an adversary
tampering with the memory space of an application can affect
the results of its computations. Verifying the integrity (or
authenticate) data processed and stored by those secure
platforms is then an essential security service to provide.
After an overview of existing techniques ensuring memory
authentication, namely integrity trees, this talk presents a
new parallelizable integrity tree (TEC-Tree: Tamper-Evident
Counter Tree). Among other benefits, TEC-Tree provides data
confidentiality in addition to data integrity.
Bio:
Dr. Reouven Elbaz received his PhD. in Computer Engineering
from University of Montpellier II in December 2006. The
research project (Hardware Mechanisms for Secure
Processor-Memory Transactions) he carried out during his
graduate studies was a collaboration between the
Microelectronics department of the LIRMM (Laboratory of
Computer Science, Robotics and Microelectronics - University
of Montpellier II) and the Security Group of the company
STMicroelectronics. He is now a Research Associate in the
Computer Engineering Department of the Princeton University
(PALMS Laboratory). His research interests are in computer
security, computer architecture, applied cryptography,
trusted computing and reconfigurable architectures.
|
|
| | Hacking Outside the Box |
On Wednesday, February 13th, 2008, Michael Aiello of
Goldman Sachs (and an ISIS alumnus) will describe
his experiences and give insight into the role of hacking in
a financial security context. The room is RH227 and the time
is 12:30pm.
slides
|
|
| | A Selection of Applied Research Problems in Information Communication |
Speaker: Bertrand Haas, Pitney Bowes
Time and Location: Friday Feb 1 at 11am in LC102
Abstract: Bertrand will present several concrete research problems related to
the communication of information through parallel or hidden channels
(watermarking and steganography) and to the securing of information
communication for specific purposes (fingerprinting and
authentication).
Bio:
Bertrand Haas is Principal Engineer in the Secure Systems research
group of the Advanced Concepts and Technology division at Pitney
Bowes. He joined this group in 2001 and has been working, since
then, on cryptography, coding theory, image processing, graphic
security and has more recently been involved in developing solutions
for mail voting applications. Bertrand received his Ph.D. in
Mathematics from the University of Basel in Switzerland in 1998. He
spent a postdoctoral year at the Fields Institute and UofT in
Toronto, a year at the Mathematical Science Research Institute and
UC in Berkeley and then taught two years at Michigan State
University before beginning his corporate career at Pitney Bowes.
|
|
| | The broken file shredder - secure programming traps and pitfalls |
Speaker: Wietse Venema, IBM T. J. Watson
Time and Location: Friday 01/25 at 11am in LC102
Abstract: Wietse analyzes a very small program that is obviously correct, yet
completely fails to perform as expected, for more reasons than many
people can think of. The audience is expected to have some
programming experience, but detailed knowledge of C, UNIX or Windows
is not required.
Bio:
Wietse Venema is known for his software such as the TCP Wrapper
and the POSTFIX mail system. He co-authored the SATAN network
scanner and the Coroner's Toolkit (TCT) for forensic analysis, as
well as a book on Forensic Discovery. Wietse received awards from
the System Administrator's Guild (SAGE), the Netherlands UNIX User
Group (NLUUG), as well as a Sendmail innovation award. He served
a two-year term as chair of the international Forum of Incident
Response and Security Teams (FIRST). Wietse currently is a research
staff member at the IBM T. J. Watson research center. After completing
his Ph.D. in physics he changed career to computer science and
never looked back.
|
|
| | ECE Seminar on the Design of Stream Ciphers |
On Friday, December 14th, 2007, there will be a seminar by Dr. Cédric Lauradoux on the topic of stream cipher design. It will take place in LC433 at 10 AM. See here for details.
|
|
| | Modern Cryptography Course |
A course in modern cryptography will once again be taught in the spring. For more information, see the course outline.
|
|
| | Simson Garfinkel - The Drives Project: From Disk Forensics to Media Exploitation |
Monday, October 1st, 11am, Dibner Hall LC433 This talk discusses the work to date of the Drives Project, a 9-year (and
counting) effort that is creating a large-scale collection of real disk
drive images, open source tools, and new techniques for automatically
processing data recovered from disk drives and other kinds of storage
devices. Today the Drives Project has assembled a corpus of more than 1000
forensically interesting images from hard drives and USB storage devices
that were collected all over the world. We have created open source formats,
tools and algorithms for automatically analyzing this data in bulk and
rapidly producing answers to questions that are relevant to the Defense,
Intelligence and Law Enforcement communities. The Project is now in the
process of dramatically expanding the global reach of data being acquired and
exploring new research opportunities for using this data.
|
|
| | Tracking Bots in Poly and Autonomous System Traceback |
Aleksey Fateev will be presenting his work on tracking botted machines in Poly this Wednesday, September 26th, at 12:30 PM in RH227, and Sandra Dykes of the Southwest Research Institute will present her work in tracking distributed denial of service attacks using BGP this Friday, September 28th at 11:00 AM in room LC102. See here for more details.
|
|
| | Seminar: The Symantec Internet Security Threat Report |
Rob Clyde of Symantec will be presenting at the next CIS seminar, to be held on Friday, September 21st, in LC102.
See here for more details.
|
|
| | Digital Identity Systems Workshop |
On September 20, 2007,
Poly/ISIS will be hosting a workshop which will bring
together leading experts on the impact of the digital
identity systems. more info
Large scale use of digital identity systems that cross institutional
boundaries does not seem to be gaining traction. What are the issues
that are holding this back? Technology, cost, usability, scalability,
cross-institutional trust models? The focus of this workshop is on
technologies that will foster development and deployment of digital
identity systems, particularly at a system and infrastructure level,
not on point technologies.
|
|
| | Data Mining for Malicious Code Detection and Security Applications |
Friday August 3rd, 11am, LC433
The presentation will provide an overview of data mining, the
various types of threats and then discuss the applications of data mining
for malicious code detection and cyber security. Then we will discuss the
consequences to privacy.
Bio:
Dr. Bhavani Thuraisingham
joined The University of Texas at
Dallas in October 2004 as a Professor of Computer Science and Director of
the Cyber Security Research Center in the Erik Jonson School of Engineering
and Computer Science.
|
|
| | Certificate in Cyber Security |
Polytechnic/ISIS now offers a
Certificate in Cyber Security. This graduate certificate allows technical professionals to obtain key bodies of knowledge and specializations in Cyber Security. Students will acquire an understanding of various technologies in emerging areas of security like computer and network security, digital forensics, cryptography, and biometrics.
|
|
| | Perfect Security for Password Protocols in the Bounded Retrieval Model |
Speaker: Giovanni Di Crescenzo, Telcordia
Time and Place: Friday 5/4 at 11am, LC102
Presentation abstract:
Despite their popularity and wide applicability, password protocols remain
subject to a number of weaknesses. In this talk we introduce a formal model
based on reasonable limitations on an adversary's power, under which we
can design password protocols that are provably secure against simultaneous
intrusions and dictionary attacks. While we do not modify the user's algorithm
in the password protocol, we substantially update the server's verification
algorithm by using various types of extractors. Our formal model, called the
Bounded Retrieval Model, is also of interest for the design and analysis of
cryptographic protocols that remain secure against intruders.
bio
|
|
| | Testing Anomaly Detection Systems |
Speaker: Dr. Carrie Gates, Research Staff Member, CA Labs
Time and Place: April 25 12:30pm - 2:00pm. Rogers Hall 227
Presentation abstract:
Anomaly detection has been widely used as a basis for many network
intrusion detection systems. However, anomalies themselves have not
been well-defined, and no research has been performed to determine how
security events of interest are actually related to anomalous behavior.
Additionally, little research has been done in the general area of
testing anomaly-based detection systems, resulting in systems that have
been tested using poor, out-dated data sets or locally-collected network
traffic with unknown characteristics. In this presentation I will
introduce some of the previous research in anomaly detection, detailing
the larger research questions that have arisen from this work. I will
focus in particular on the issues involved in testing anomaly detection
systems, presenting some initial results from my own research in this
area.
bio
|
|
| | Recent Attacks on Hash Functions and Their Impact on Hash-Based Security Schemes |
Speaker: Yiqun Lisa Yin - Independent Security Consultant
Time and Place: Monday 4/23 at 11am in LC102
This talk will first provide a survey of recent attacks on hash
functions. We will review new techniques introduced in these attacks and
analyze some common weaknesses in the design of existing hash functions that
made all the attacks possible. We will then consider the impact of these
attacks on hash-based security schemes. We will present new results on
colliding the X.509 digital certificates and key-recovery attacks on the HMAC
authentication protocol. These results show that the strength of a security
scheme can be greatly weakened by the insecurity of the underlying hash
function. more...
|
|
| | Making IA Decisions: Optimizing Risk Assessment Scope |
Speaker: Richard Straka - National Security Agency
Time and Place: Friday 4/13 at 11am in LC102
Abstract:
Risk Assessments fulfill a variety of decision-making functions in
Information Assurance practice, ranging from supporting portfolio-based
investment decisions - through architecture, design and certification &
accreditation decisions - to operational decisions regarding systems under
cyber attack. This presentation investigates the characteristics of the
criteria most appropriate to make these decisions - characteristics that
affect the likelihood and magnitude of harm to stakeholders and the behavior
of adversaries. Particularly, decision-making criteria need to account for
and model the stakeholders' tradeoff preferences between security risk and
mission-fulfilling operational system characteristics and also the adversaries'
tradeoff preferences between payoff, probability of success and risk tolerance.
|
|
| | Planning and Prioritizing in Financial Sector Information Security |
Two representatives from ING Financial Services including
Director of Information Risk Management Services James Toczylowski and
David Kaplan will give a informal talk in Rogers Hall room 227 at
12:30pm on Wednesday April 11th, 2007. First they will outline their
responsibilities and medium-term goals. Then they will describe the
kinds of tools and procedures they use. The talk will close with an
open discussion and Q/A session intended to provide insight into the
current state of information security in the financial sector and what
challenges are expected in the near future.
|
|
On March 27-28, Poly will be hosting the
IP3 Seminar.
This workshop is open to IT professionals who want to stay on the
cutting edge of the profession.
Seminar topics will include:
- Cryptography
- Firewalls
- IPS's / IDS's
- Authentication Mechanisms
- Vulnerabilities and Exploits
- Regulatory & Compliance Issues
- Sarbanes-Oxley
- GLBA
- HIPAA
- FISMA
- SB1386
|
|
| | Seminar: Quantifying Social vs. Antisocial Behavior in Email Networks |
On Friday March 9, we will have a seminar by Virgilio Almeida from the
Federal University of Minas Gerais in Brazil. Prof. Almeida will be visiting
Poly for three months (March to May), so this is a good opportunity to become
familiar with his research interests.
Topic of talk: Email graphs have been used to illustrate general properties of
social networks of communication and collaboration. However,
increasingly, the majority of email traffic reflects opportunistic,
rather than symbiotic social relations. Here we use e-mail data
drawn from a large university to construct directed graphs of email
exchange that quantify the differences between social and antisocial
behaviors in networks of communication. We show that while structural
characteristics typical of other social networks are shared to a
large extent by the legitimate component they are not characteristic
of antisocial traffic.
|
|
| | Seminar: Practicing Security in a Major Hospital |
We have a security talk on February 28th at 12:30.
The title of the talk is "Practicing Security in a Major Hospital" and
the speaker is
Soumitro Sengupta,
Chief Security Officer at Columbia
University Medical Center. The talk will be highly informative and give you
a great glimpse on the type of situations and compromises one makes when in
charge of systems security at a medical center.
|
|
| | Seminar: Trusted Virtual Data Center Technologies |
This talk introduces the Trusted Virtual Data Center (TVDc), which
is designed to offer strong enterprise-level security guarantees
in hosted data center environments. The IBM Trusted Virtual Data
Center, a project defined and pursued by the Secure Systems Department
at the IBM T. J. Watson Research Center in Hawthorne NY, is designed
to satisfy business-level security goals by simplifying management
and providing explicit infrastructure-level containment and trust
guarantees for data center environments based on virtualization.
This talk will focus on the technologies -- developed at the
Secure Systems Department -- that drive the Trusted Virtual Data
Center, including the integrity measurement architecture (IMA), the
secure hypervisor architecture (sHype), and the virtualized trusted
platform module (vTPM). We will close with future work and open
research problems. The seminar will be on February 16th, 2007
at 11am in LC102.
|
|
| | Seminar: Secure Device Pairing and Privacy on the Internet |
In this talk, Prof. Nitesh Saxena will give an overview of some of
his very recent research on the topics of secure device pairing and
privacy on the public internet. Time and Place: Friday 2/2 at 11am
in LC 102.
|
|
| | Cisco Sponsors ISIS Lab |
Cisco has given a product grant worth $150,000 to the ISIS Lab.
The equipment includes 10Gbit/s switches, routers, and advanced
firewalls. The hardware will be used for research and teaching.
|
|
| | Free Cisco security bootcamp at Poly |
The Information Systems and Internet Security (ISIS) Laboratory at
Polytechnic University, Brooklyn is hosting a Cisco Systems-sponsored
Security Bootcamp for faculty and staff. Please see here for more details.
|
|
| | New Course: Modern Cryptography |
Professor Nitesh Saxena will teach CS996 Modern Cryptography in the spring
semester. The course will cover current techniques from a theoretical
perspective, the emphasis of the course being on "provable security".
In particular, the course will cover the cryptographic primitives
that are the building-blocks of various cryptographic applications.
The cryptographic primitives that will be discussed include
pseudo-random functions, symmetric encryption (block ciphers), hash
functions and random oracles, message authentication code, asymmetric
encryption and digital signatures.
|
|
| | New Course: Application Security |
Dr. Marco Pistoia will teach a new course in the spring semester,
CS9164,
titled "Application Security" which is highly recommended for all
interested in security. The course will have emphasis on writing
secure distributed programs in Java, Standard Edition (Java SE),
Java, Enterprise Edition (Java EE), JavaScript, and PHP. For more
information, see the course description and brief bio of the instructor.
|
|
| | Biometrics for Computer Authentication and Identification |
We have an outstanding pair of new instructors, Larry O'Gorman from Avaya
and Nalini Ratha from IBM Research teaching our online biometrics course,
CS9094,
this coming spring semester. The
course description and brief instructor
biographies provide more details.
|
|
| | DoD Scholarship Applications |
Applications for the Department of Defense information assurance
scholarship are now available with a deadline of February 9th, 2007.
Please see the
Scholarships
page for more details.
|
|
| | Ethernet Is the Answer. What Is the Question? |
Bob Metcalfe, inventor of ethernet and founder of 3Com, will give
a talk in Dibner Auditorium on Thursday, December 7th at 4pm.
More information can be found
here.
|
Event date: 12/7/2006 |
| | Security and Virtualization: VMware's approach |
VMware's Senior Director of R&D on the East Coast and
the Head of the Security Technologies Group, which
focuses on security oriented projects that
take advantage of the existing virtualization layer,
will be visiting Poly on Tuesday 11/28. The talk will be
at 2pm in LC229.
more info
|
Event date: 11/28/2006 |
| | Secure Information Flow |
Anindya Banerjee of Kansas State University will give a a talk titled,
"Secure Information Flow and Access Control in a Java-like Language."
The event will be in LC433 at 3pm.
More information can be found
here.
|
Event date: 11/15/2006 |
| | CSAW 2006 Award Ceremony Talk |
Neal Ziring, Technical Leader, Vulnerability Analysis and Operations,
NSA, will be the keynote speaker and give a talk titled "Emerging trends in cyber-security attacks and defense."
|
Event date: Thursday, Nov 9, 4-6PM |
| | From DDoS to Botnets |
The next CIS Seminar will be on Monday October 30, at 11am in LC400. The speaker will be Sven Dietrich form Carnegie-Mellon University.
|
Event date: 10/30/2006 |
| | Cyber Security Week Speaker |
Jayne A. Hitchcock will be the speaker.
Monday November 6 at 1pm in Dibner Auditorium. Click here for more info.
|
|
| | CSAW 2006 |
CSAW 2006
will be November 6, 7, 8, and 9. Events include
Capture the Flag,
Student Research Posters,
Cyber Security Quiz,
Digital Forensics Challenge,
Student Essay Contest, and
a Cyber Security Awareness Poster Competition.
And of course there are nice prizes for each event.
|
|
| | CIS Seminar |
Angelos Keromytis will join us on Friday, September 15th, 2006 for a seminar
titled "Application Communities: A Collaborative Approach To
Software Security." The talk will be held in LC102 at 11am.
In his talk, Dr. Keromytis will describe the concept of
Application Communities, some
of their basic operational parameters, and his preliminary work in
demonstrating their feasibility.
more...
|
|
| | Secure Knowledge Workshop |
| | IEEE Workshop |
The 2006 IEEE International Workshop on Wireless Ad-hoc and Sensor Networks (IWWAN) will take place in the Dibner Library Building, Polytechnic University, June 28-30 (Wednesday - Friday).
|
|
| | Hope |
HOPE 6 will be in
Manhattan on July 21, 22, and 23, 2006. ISIS will be there.
|
|
| | Nitesh Sexena |
Nitesh Saxena from UC Irvine will be joining Poly in Fall 2006. Dr. Saxena is a specialist in the area of mobile security. His research focuses on key distribution and trust management in ad hoc networks.
|
|
|
|
|