HomeProjectsScholarshipsCurriculumSFSPeople



WWW
ISIS






Featured Project:
ForNet
Courses
ISISWiki
Research Opportunities
Join ISIS
Security Links
ISIS Group Meetings
ISIS Blogs
Contact Us
About Us

The Information Systems and Internet Security (ISIS) Laboratory is a NSF-funded lab consisting of heterogeneous platforms and multiple interconnected networks to facilitate hands-on experimentation and project work related to information security. It provides focus for multidisciplinary research and education in emerging areas of information security at Polytechnic University.

Current research areas include computer and network security, digital forensics, hardware for secure systems, digital watermarking, and steganography. Courses supported by the ISIS lab include those related to computer and network security.

News & Events

lakshmi_sm.jpg Seminar: Networked Systems for the Developing World
Lakshminarayanan Subramanian of the Courant Institute will give a seminar in room RH227 on Wednesday, November 19th from 12:30pm to 1:30pm. Professor Subramanian's summary follows:

Networked Systems for the Developing World Computer Science research over the past several decades has predominantly focused on addressing important computing problems in the developed world with little focus on the developing world. However, the sad reality is that a large majority of the world's population does not have access to basic digital communications - If this issue is not addressed, the digital divide is bound to significantly grow in the upcoming years.

In this talk, I will elaborate upon how the development of appropriate Information and Communication Technologies (ICT) has the potential to solve some of the pressing problems in developing countries including improving healthcare, education, financial services, supply-chain services etc. I will elaborate on the computer science research challenges that arise in addressing these problems many of which are motivated by the operational environments in these regions. These challenges are spread across a wide range of topics within computer science.

deian.jpg Seminar: Deian Stefan - "Keystroke Dynamics Authentication and Human-Behavior Driven Bot Detection"
Deian Stefan from Cooper Union will join us at Poly in room RH227 on Wednesday, October 22nd from 12:30pm to 1:30pm to present his research.

Seminar Summary: We present our design and implementation of a remote authentication framework called TUBA which collects, extracts features, analyzes, and classifies a computer owner's character- istic keystroke patterns. A comprehensive security analysis on the attacks and defenses of our framework is presented.

csaw64.jpg CSAW 2008: Big thanks to everyone!
CSAW 2008 culminated in the awards ceremony on Tuesday, October 14th in Poly's Pfizer Auditorium. This year's CSAW was the biggest yet, with more participation, more schools participating, more countries participating, and more prizes than ever before. Big thanks to all who competed, all the judges who donated their expertise, and of course, big thanks to the sponsors.
isislogo.png Leveraging Technical Security in the Enterprise
Time:Wednesday, September 25th at 12:30pm

Place:Rogers Hall, Room 227

Fred Scholl will join us to give a talk titled "Leveraging Technical Security in the Enterprise". The talk will address how to better market and use technical training to create effective products and services for global enterprise users.
wissp2.png Workshop on Interdisciplinary Studies in Security and Privacy
The ISIS group at NYU Poly is hosting WISSP 2008, a workshop on interdisciplinary studies in security and privacy. Panel topics will include targeted malware, trusted platforms, privacy, and education. See the workshop program for a listing of the speakers and panelists as well as for more information about the topic of each of the sessions.
skoudis.jpg The Bad Guys Are Winning: What Now?
On Wednesday, September 17th, at 12:30pm in room RH227 Ed Skoudis will give a talk titled, "The Bad Guys Are Winning: What Now?" The topic is as follows.

A sufficiently motivated attacker will almost always compromise a target environment, given the complex attack surface of today's enterprises. This talk analyzes why this is so, and discusses what the implications are for enterprise security personnel, penetration testers, and the military.

compw.gif Computerworld Magazine lists Polytechnic among top 10 innovative schools, particularly the security program.
A Computerworld/Dice.com survey of 16 graduate-level alumni gave Poly straight A's.
  • Overall grade: A
  • Value: A
  • Positive career impact: A
  • Relevance to actual career activities: A

The article lists Poly's security program as one of the key strengths of Poly, and has an interview with an ISIS alum, Stanislav Nurilov. See the full article on the Computerworld site.

pasha.jpg Congratulations to Pasha Pal for winning the best paper award at DFRWS 08.
ISIS PhD student Pasha Pal was given the best paper award at DFRWS 08 for his analysis of the state of the art in file carving, and development of a powerful new method.

The paper is here: Detecting File Fragmentation Point using Sequential Hypothesis Testing

Abstract: File carving is a technique whereby data files are extracted from a digital device without the assistance of file tables or other disk meta-data. One of the primary challenges in file carving can be found in attempting to recover files that are fragmented. In this paper, we show how detecting the point of fragmentation of a file can benefit fragmented file recovery. We then present a sequential hypothesis testing procedure to identify the frag- mentation point of a file by sequentially comparing adjacent pairs of blocks from the start- ing block of a file until the fragmentation point is reached. By utilizing serial analysis we are able to minimize the errors in detecting the fragmentation points. The performance results obtained from the fragmented test-sets of DFRWS 2006 and 2007 show that the method can be effectively used in recovery of fragmented files.

xiaokui.jpg Transparent Anonymization: Thwarting Adversaries Who Know the Algorithm
Speaker: Xiaokui Xiao, Chinese University of Hong Kong

Time and Location: Monday 07/07 at 11am in LC400

Abstract: The digitization of our daily lives has led to unprecedented collections of sensitive personal data (e.g., census data, medical records) by governments and corporations. Such data is often released for research purposes, which, however, may pose a risk to individual privacy. To address this issue, numerous techniques have been proposed to anonymize the data before its publication. Somewhat surprisingly, all existing anonymization techniques assume that the adversary has no or limited knowledge of the anonymization algorithm, and fail to protect privacy when this assumption does not hold. In other words, a data publisher that adopts these techniques must take up the difficult responsibility of keeping the algorithm confidential, which severely limits the applicability of these techniques in practice.

In this talk, I will present a solution that remedies the above problem. I will start from an analytical model for evaluating disclosure risks, against an adversary who knows everything in the anonymization process, except the data to be published. Based on the model, I will discuss three anonymization algorithms that can ensure privacy protection against the adversary we consider. The effectiveness and efficiency of these algorithms will be demonstrated through experimental results. Finally, I will conclude the talk with my plan for future research.

Bio: Xiaokui Xiao obtained the Bachelor and Master degrees in Computer Science from the South China University of Technology in July 2001 and June 2004, respectively. He is currently a PhD student in the Department of Computer Science and Engineering of the Chinese University of Hong Kong.

nsa.jpeg ISIS gets NSA Designation of Center of Excellence in Research
In addition to affirming our status as a Center of Academic Excellence in Information Assurance Education, NSA awarded ISIS the status of Center of Academic Excellence in Information Assurance Research. More information about this designation can be found on NSA's webpage.
nsa.jpeg ISIS Renews Center of Excellence in Education Designation
More information can be found on NSA's webpage.
radu.jpg On Trusted Hardware and Privacy Systems
Speaker: Radu Sion, State University of New York, Stony Brook
Time and Location: Friday 3/14 at 11am in LC102

Short Abstract:
We will talk about existing trusted hardware devices and how they can be deployed to make the world a safer and more private place.

Bio:
Radu Sion is an assistant professor of Computer Science in Stony Brook University, heading the Network Security and Applied Cryptography Laboratory. His research focuses on data security and information assurance mechanisms. Collaborators and funding partners include Motorola Labs, the Center of Excellence in Wireless and Information Technology CEWIT, the Stony Brook Office for the Vice-President for Research and the National Science Foundation. Sion also directs the Stony Brook Trusted Hardware Laboratory, a central expertise and research knowledge repository on secure hardware.

Radu Sion's Webpage
NSAC Lab

fazio.gif Tackling the Content Protection Challenge
Speaker: Nelly Fazio, IBM Almaden Research Center
Time and Location: Friday 3/07 at 11am in LC102

Abstract:
Devising effective Content Protection mechanisms and building satisfactory Digital Rights Management systems have been top priorities for the Publishing and Entertainment Industries in recent years. Corporate DRM efforts have so far attempted to address this challenge with systems characterized by a tight control over the user media platform. This approach, however, brings about rigid limitations on the user experience (e.g., restrictions on the creation of back-up copies of purchased copyrighted content), ultimately resulting in an unhappy customer base. Research advances over the last few years show that Cryptography holds promise for the development of flexible tools that could enable fair DRM solutions. In this talk, I will provide an overview of my investigations along this direction, and I will then focus on the case of transmission of live events, where the sensitivity of the content under distribution decreases with time. For this setting, I will present a scheme in which unauthorized disclosure of access control credentials can be traced back to the leaker(s), thus discouraging piracy by the threat of detection. The proposed solution improves upon the state of the art both in communication performance and in security guarantees. Before concluding, I will briefly discuss some of my other cryptographic research, including an on-going project that was recently funded by DARPA in the context of the "System F6" initiative.

Bio:
Nelly Fazio earned her M.Sc. ('03) and Ph.D. ('06) in Computer Science from New York University. During her studies, she also conducted research at Stanford University, Ecole Normale Superieure (France) and Aarhus University (Denmark). In 2003, she was awarded the NYU CIMS Sandra Bleistein prize, for "notable achievement by a woman in Applied Mathematics or Computer Science." Her Ph.D. thesis was nominated with honorable mention for the NYU J. Fabri prize, awarded yearly for the "most outstanding dissertation in Computer Science." Dr. Fazio's research interests are in cryptography and information security, with a focus on digital content protection. Since July 2006, she is part of the Content Protection group at IBM Almaden Research Center, where she has been conducting research on advanced cryptographic key management, tracing technologies, and authenticated communications in dynamic federated environments. Currently, she is a visiting research scientist in the Security group at IBM T.J. Watson Research center, working on security issues of decentralized enironments such as sensor networks.

harvard_shield.gif Seven Flaws of Identity Management
Speaker: Rachna Dhamija, Harvard University
Time and Location: Friday 02/29 at 11am in LC102

Abstract:
In the last few years, Internet users have seen the rapid expansion of phishing, man-in-the-middle, malware and other attacks that attempt to trick users into revealing sensitive data. We have also seen the introduction of new authentication and identity management systems across the Web. The scale and complexity, combined with the privacy and security requirements of these systems, create steep challenges for usability. To design systems and interfaces to shield users from attacks, it is important to know which kinds of attack strategies are successful and why users are deceived. In this talk, I posit seven flaws or design challenges that must be met for authentication and identity management systems to be usable and accepted by the general public.

Bio:
Rachna Dhamija is a Postdoctoral Fellow at the Center for Research on Computation and Society at Harvard University. Rachna's research interests span the fields of computer security, human computer interaction and information policy. She received a Ph.D. from U.C. Berkeley, where her thesis focused on the design and evaluation of usable security systems. Previously, Dhamija worked on electronic payment system privacy and security at CyberCash. Her research has been featured in the New York Times, the Wall Street Journal, the Economist and CNN.

elbaz.jpg "Solutions for Memory Authentication"

Speaker: Dr. Reouven Elbaz
Time and Location: Thursday, Feb. 28 at 11 am in LC400

Abstract:
One objective in the design of a secure platform is to ensure that sensitive application outcomes have not been corrupted by a malicious party. For example, an adversary tampering with the memory space of an application can affect the results of its computations. Verifying the integrity (or authenticate) data processed and stored by those secure platforms is then an essential security service to provide. After an overview of existing techniques ensuring memory authentication, namely integrity trees, this talk presents a new parallelizable integrity tree (TEC-Tree: Tamper-Evident Counter Tree). Among other benefits, TEC-Tree provides data confidentiality in addition to data integrity.

Bio:
Dr. Reouven Elbaz received his PhD. in Computer Engineering from University of Montpellier II in December 2006. The research project (Hardware Mechanisms for Secure Processor-Memory Transactions) he carried out during his graduate studies was a collaboration between the Microelectronics department of the LIRMM (Laboratory of Computer Science, Robotics and Microelectronics - University of Montpellier II) and the Security Group of the company STMicroelectronics. He is now a Research Associate in the Computer Engineering Department of the Princeton University (PALMS Laboratory). His research interests are in computer security, computer architecture, applied cryptography, trusted computing and reconfigurable architectures.
aiello.jpg Hacking Outside the Box
On Wednesday, February 13th, 2008, Michael Aiello of Goldman Sachs (and an ISIS alumnus) will describe his experiences and give insight into the role of hacking in a financial security context. The room is RH227 and the time is 12:30pm. slides
pitneybowes.jpg A Selection of Applied Research Problems in Information Communication
Speaker: Bertrand Haas, Pitney Bowes
Time and Location: Friday Feb 1 at 11am in LC102

Abstract: Bertrand will present several concrete research problems related to the communication of information through parallel or hidden channels (watermarking and steganography) and to the securing of information communication for specific purposes (fingerprinting and authentication).

Bio: Bertrand Haas is Principal Engineer in the Secure Systems research group of the Advanced Concepts and Technology division at Pitney Bowes. He joined this group in 2001 and has been working, since then, on cryptography, coding theory, image processing, graphic security and has more recently been involved in developing solutions for mail voting applications. Bertrand received his Ph.D. in Mathematics from the University of Basel in Switzerland in 1998. He spent a postdoctoral year at the Fields Institute and UofT in Toronto, a year at the Mathematical Science Research Institute and UC in Berkeley and then taught two years at Michigan State University before beginning his corporate career at Pitney Bowes.

wietse.jpg The broken file shredder - secure programming traps and pitfalls
Speaker: Wietse Venema, IBM T. J. Watson
Time and Location: Friday 01/25 at 11am in LC102

Abstract: Wietse analyzes a very small program that is obviously correct, yet completely fails to perform as expected, for more reasons than many people can think of. The audience is expected to have some programming experience, but detailed knowledge of C, UNIX or Windows is not required.

Bio: Wietse Venema is known for his software such as the TCP Wrapper and the POSTFIX mail system. He co-authored the SATAN network scanner and the Coroner's Toolkit (TCT) for forensic analysis, as well as a book on Forensic Discovery. Wietse received awards from the System Administrator's Guild (SAGE), the Netherlands UNIX User Group (NLUUG), as well as a Sendmail innovation award. He served a two-year term as chair of the international Forum of Incident Response and Security Teams (FIRST). Wietse currently is a research staff member at the IBM T. J. Watson research center. After completing his Ph.D. in physics he changed career to computer science and never looked back.

isis_logo.jpg ECE Seminar on the Design of Stream Ciphers
On Friday, December 14th, 2007, there will be a seminar by Dr. Cédric Lauradoux on the topic of stream cipher design. It will take place in LC433 at 10 AM. See here for details.
isis_logo.jpg Modern Cryptography Course
A course in modern cryptography will once again be taught in the spring. For more information, see the course outline.
garfinkel.jpeg Simson Garfinkel - The Drives Project: From Disk Forensics to Media Exploitation
Monday, October 1st, 11am, Dibner Hall LC433

This talk discusses the work to date of the Drives Project, a 9-year (and counting) effort that is creating a large-scale collection of real disk drive images, open source tools, and new techniques for automatically processing data recovered from disk drives and other kinds of storage devices. Today the Drives Project has assembled a corpus of more than 1000 forensically interesting images from hard drives and USB storage devices that were collected all over the world. We have created open source formats, tools and algorithms for automatically analyzing this data in bulk and rapidly producing answers to questions that are relevant to the Defense, Intelligence and Law Enforcement communities. The Project is now in the process of dramatically expanding the global reach of data being acquired and exploring new research opportunities for using this data.

aleksey.jpg Tracking Bots in Poly and Autonomous System Traceback
Aleksey Fateev will be presenting his work on tracking botted machines in Poly this Wednesday, September 26th, at 12:30 PM in RH227, and Sandra Dykes of the Southwest Research Institute will present her work in tracking distributed denial of service attacks using BGP this Friday, September 28th at 11:00 AM in room LC102. See here for more details.
symantec.gif Seminar: The Symantec Internet Security Threat Report
Rob Clyde of Symantec will be presenting at the next CIS seminar, to be held on Friday, September 21st, in LC102. See here for more details.
microsoft.jpg Digital Identity Systems Workshop
On September 20, 2007, Poly/ISIS will be hosting a workshop which will bring together leading experts on the impact of the digital identity systems. more info

Large scale use of digital identity systems that cross institutional boundaries does not seem to be gaining traction. What are the issues that are holding this back? Technology, cost, usability, scalability, cross-institutional trust models? The focus of this workshop is on technologies that will foster development and deployment of digital identity systems, particularly at a system and infrastructure level, not on point technologies.

bhavani.jpg Data Mining for Malicious Code Detection and Security Applications
Friday August 3rd, 11am, LC433

The presentation will provide an overview of data mining, the various types of threats and then discuss the applications of data mining for malicious code detection and cyber security. Then we will discuss the consequences to privacy.

Bio: Dr. Bhavani Thuraisingham joined The University of Texas at Dallas in October 2004 as a Professor of Computer Science and Director of the Cyber Security Research Center in the Erik Jonson School of Engineering and Computer Science.

poly_logo.gif Certificate in Cyber Security
Polytechnic/ISIS now offers a Certificate in Cyber Security. This graduate certificate allows technical professionals to obtain key bodies of knowledge and specializations in Cyber Security. Students will acquire an understanding of various technologies in emerging areas of security like computer and network security, digital forensics, cryptography, and biometrics.
gd_crescenzo.gif Perfect Security for Password Protocols in the Bounded Retrieval Model
Speaker: Giovanni Di Crescenzo, Telcordia

Time and Place: Friday 5/4 at 11am, LC102

Presentation abstract: Despite their popularity and wide applicability, password protocols remain subject to a number of weaknesses. In this talk we introduce a formal model based on reasonable limitations on an adversary's power, under which we can design password protocols that are provably secure against simultaneous intrusions and dictionary attacks. While we do not modify the user's algorithm in the password protocol, we substantially update the server's verification algorithm by using various types of extractors. Our formal model, called the Bounded Retrieval Model, is also of interest for the design and analysis of cryptographic protocols that remain secure against intruders. bio
carrie_gates_sm.jpg Testing Anomaly Detection Systems
Speaker: Dr. Carrie Gates, Research Staff Member, CA Labs

Time and Place: April 25 12:30pm - 2:00pm. Rogers Hall 227

Presentation abstract: Anomaly detection has been widely used as a basis for many network intrusion detection systems. However, anomalies themselves have not been well-defined, and no research has been performed to determine how security events of interest are actually related to anomalous behavior. Additionally, little research has been done in the general area of testing anomaly-based detection systems, resulting in systems that have been tested using poor, out-dated data sets or locally-collected network traffic with unknown characteristics. In this presentation I will introduce some of the previous research in anomaly detection, detailing the larger research questions that have arisen from this work. I will focus in particular on the issues involved in testing anomaly detection systems, presenting some initial results from my own research in this area. bio
isis_logo.jpg Recent Attacks on Hash Functions and Their Impact on Hash-Based Security Schemes
Speaker: Yiqun Lisa Yin - Independent Security Consultant

Time and Place: Monday 4/23 at 11am in LC102

This talk will first provide a survey of recent attacks on hash functions. We will review new techniques introduced in these attacks and analyze some common weaknesses in the design of existing hash functions that made all the attacks possible. We will then consider the impact of these attacks on hash-based security schemes. We will present new results on colliding the X.509 digital certificates and key-recovery attacks on the HMAC authentication protocol. These results show that the strength of a security scheme can be greatly weakened by the insecurity of the underlying hash function. more...
nsa.jpeg Making IA Decisions: Optimizing Risk Assessment Scope
Speaker: Richard Straka - National Security Agency

Time and Place: Friday 4/13 at 11am in LC102

Abstract: Risk Assessments fulfill a variety of decision-making functions in Information Assurance practice, ranging from supporting portfolio-based investment decisions - through architecture, design and certification & accreditation decisions - to operational decisions regarding systems under cyber attack. This presentation investigates the characteristics of the criteria most appropriate to make these decisions - characteristics that affect the likelihood and magnitude of harm to stakeholders and the behavior of adversaries. Particularly, decision-making criteria need to account for and model the stakeholders' tradeoff preferences between security risk and mission-fulfilling operational system characteristics and also the adversaries' tradeoff preferences between payoff, probability of success and risk tolerance.
ing.jpeg Planning and Prioritizing in Financial Sector Information Security
Two representatives from ING Financial Services including Director of Information Risk Management Services James Toczylowski and David Kaplan will give a informal talk in Rogers Hall room 227 at 12:30pm on Wednesday April 11th, 2007. First they will outline their responsibilities and medium-term goals. Then they will describe the kinds of tools and procedures they use. The talk will close with an open discussion and Q/A session intended to provide insight into the current state of information security in the financial sector and what challenges are expected in the near future.
ip3.gif
On March 27-28, Poly will be hosting the IP3 Seminar. This workshop is open to IT professionals who want to stay on the cutting edge of the profession.

Seminar topics will include:

  • Cryptography
  • Firewalls
  • IPS's / IDS's
  • Authentication Mechanisms
  • Vulnerabilities and Exploits
  • Regulatory & Compliance Issues
    • Sarbanes-Oxley
    • GLBA
    • HIPAA
    • FISMA
    • SB1386
va.jpg Seminar: Quantifying Social vs. Antisocial Behavior in Email Networks
On Friday March 9, we will have a seminar by Virgilio Almeida from the Federal University of Minas Gerais in Brazil. Prof. Almeida will be visiting Poly for three months (March to May), so this is a good opportunity to become familiar with his research interests.

Topic of talk: Email graphs have been used to illustrate general properties of social networks of communication and collaboration. However, increasingly, the majority of email traffic reflects opportunistic, rather than symbiotic social relations. Here we use e-mail data drawn from a large university to construct directed graphs of email exchange that quantify the differences between social and antisocial behaviors in networks of communication. We show that while structural characteristics typical of other social networks are shared to a large extent by the legitimate component they are not characteristic of antisocial traffic.

sen2.gif Seminar: Practicing Security in a Major Hospital
We have a security talk on February 28th at 12:30. The title of the talk is "Practicing Security in a Major Hospital" and the speaker is Soumitro Sengupta, Chief Security Officer at Columbia University Medical Center. The talk will be highly informative and give you a great glimpse on the type of situations and compromises one makes when in charge of systems security at a medical center.
reiner_sailer.jpg Seminar: Trusted Virtual Data Center Technologies
This talk introduces the Trusted Virtual Data Center (TVDc), which is designed to offer strong enterprise-level security guarantees in hosted data center environments. The IBM Trusted Virtual Data Center, a project defined and pursued by the Secure Systems Department at the IBM T. J. Watson Research Center in Hawthorne NY, is designed to satisfy business-level security goals by simplifying management and providing explicit infrastructure-level containment and trust guarantees for data center environments based on virtualization. This talk will focus on the technologies -- developed at the Secure Systems Department -- that drive the Trusted Virtual Data Center, including the integrity measurement architecture (IMA), the secure hypervisor architecture (sHype), and the virtualized trusted platform module (vTPM). We will close with future work and open research problems. The seminar will be on February 16th, 2007 at 11am in LC102.
nitesh.jpg Seminar: Secure Device Pairing and Privacy on the Internet
In this talk, Prof. Nitesh Saxena will give an overview of some of his very recent research on the topics of secure device pairing and privacy on the public internet. Time and Place: Friday 2/2 at 11am in LC 102.
fiber-80.jpg Cisco Sponsors ISIS Lab

Cisco has given a product grant worth $150,000 to the ISIS Lab. The equipment includes 10Gbit/s switches, routers, and advanced firewalls. The hardware will be used for research and teaching.

cisco.gif Free Cisco security bootcamp at Poly

The Information Systems and Internet Security (ISIS) Laboratory at Polytechnic University, Brooklyn is hosting a Cisco Systems-sponsored Security Bootcamp for faculty and staff. Please see here for more details.

nitesh3.jpg New Course: Modern Cryptography
Professor Nitesh Saxena will teach CS996 Modern Cryptography in the spring semester. The course will cover current techniques from a theoretical perspective, the emphasis of the course being on "provable security". In particular, the course will cover the cryptographic primitives that are the building-blocks of various cryptographic applications. The cryptographic primitives that will be discussed include pseudo-random functions, symmetric encryption (block ciphers), hash functions and random oracles, message authentication code, asymmetric encryption and digital signatures.
pistoia.jpg New Course: Application Security
Dr. Marco Pistoia will teach a new course in the spring semester, CS9164, titled "Application Security" which is highly recommended for all interested in security. The course will have emphasis on writing secure distributed programs in Java, Standard Edition (Java SE), Java, Enterprise Edition (Java EE), JavaScript, and PHP. For more information, see the course description and brief bio of the instructor.
9094profs_sm.jpg Biometrics for Computer Authentication and Identification
We have an outstanding pair of new instructors, Larry O'Gorman from Avaya and Nalini Ratha from IBM Research teaching our online biometrics course, CS9094, this coming spring semester. The course description and brief instructor biographies provide more details.
dod.gif DoD Scholarship Applications
Applications for the Department of Defense information assurance scholarship are now available with a deadline of February 9th, 2007. Please see the Scholarships page for more details.
metcalfe.jpeg Ethernet Is the Answer. What Is the Question?
Bob Metcalfe, inventor of ethernet and founder of 3Com, will give a talk in Dibner Auditorium on Thursday, December 7th at 4pm. More information can be found here.
Event date: 12/7/2006
vmware.gif Security and Virtualization: VMware's approach
VMware's Senior Director of R&D on the East Coast and the Head of the Security Technologies Group, which focuses on security oriented projects that take advantage of the existing virtualization layer, will be visiting Poly on Tuesday 11/28. The talk will be at 2pm in LC229. more info
Event date: 11/28/2006
kstate.jpg Secure Information Flow
Anindya Banerjee of Kansas State University will give a a talk titled, "Secure Information Flow and Access Control in a Java-like Language." The event will be in LC433 at 3pm. More information can be found here.
Event date: 11/15/2006
csaw64.jpg CSAW 2006 Award Ceremony Talk
Neal Ziring, Technical Leader, Vulnerability Analysis and Operations, NSA, will be the keynote speaker and give a talk titled "Emerging trends in cyber-security attacks and defense."
Event date: Thursday, Nov 9, 4-6PM
sven.jpeg From DDoS to Botnets
The next CIS Seminar will be on Monday October 30, at 11am in LC400. The speaker will be Sven Dietrich form Carnegie-Mellon University.
Event date: 10/30/2006
hitchcock_jayne.jpg Cyber Security Week Speaker
Jayne A. Hitchcock will be the speaker. Monday November 6 at 1pm in Dibner Auditorium. Click here for more info.
csaw64.jpg CSAW 2006
CSAW 2006 will be November 6, 7, 8, and 9. Events include Capture the Flag, Student Research Posters, Cyber Security Quiz, Digital Forensics Challenge, Student Essay Contest, and a Cyber Security Awareness Poster Competition. And of course there are nice prizes for each event.
angelo_k.gif CIS Seminar
Angelos Keromytis will join us on Friday, September 15th, 2006 for a seminar titled "Application Communities: A Collaborative Approach To Software Security." The talk will be held in LC102 at 11am. In his talk, Dr. Keromytis will describe the concept of Application Communities, some of their basic operational parameters, and his preliminary work in demonstrating their feasibility. more...
skm2.gif Secure Knowledge Workshop
Poly/ISIS is hosting the Secure Knowledge Management 2006 Workshop. The dates are September 28-29, 2006.
ieee_logo64.jpg IEEE Workshop
The 2006 IEEE International Workshop on Wireless Ad-hoc and Sensor Networks (IWWAN) will take place in the Dibner Library Building, Polytechnic University, June 28-30 (Wednesday - Friday).
hope_button.gif Hope
HOPE 6 will be in Manhattan on July 21, 22, and 23, 2006. ISIS will be there.
nitesh.jpg Nitesh Sexena
Nitesh Saxena from UC Irvine will be joining Poly in Fall 2006. Dr. Saxena is a specialist in the area of mobile security. His research focuses on key distribution and trust management in ad hoc networks.