May 4, 2010 (Tuesday) - Concordia University, Montreal, Quebec, Canada
The Computer Security Laboratory at the Concordia Institute for Information Systems Engineering (CIISE) and the National Cyber-Forensics and Training Alliance (NCFTA) Canada are organizing a one day colloquium on Information Systems Security.
Location: EV2.260 at the EV
building, 1515 St. Catherine W., Montreal
[Google
map] [Concordia
campus map]
Date: May 4, 2010 [Program]
Registration:
Registration is free. You can pre-register by filling out the
registration form available at the front desk of CIISE, or get it from here:
[doc] [pdf]
For further information, please contact Ms. Sheila Anderson
- E-mail: anderson(at)ciise.concordia.ca
- Phone: 514-8482424 ext 3180
Invited Speakers (in alphabetical order)
| Mr. Adam Hatfield, Acting Director of Capability Development, National Cyber Security Directorate, Public Safety Canada | |
Topic: Cyber Security: A Strategic Perspective for Canada Abstract: Cyber security has now been recognized by nations around the world as a national security and economic priority requiring strategic attention. In Canada, cyber security issues are addressed in a broader context of security issues that includes emergency management, critical infrastructure protection, and national security. The cyber threat has evolved quickly in recent years and is complex, multi-faceted, and asymmetric. Real consequences are being felt across Canada, across the public, private, academic, and not-for-profit sectors, and by Canadians. Significant work is underway to build upon established successes and strengths to address cyber security issues for the long term. Biography: Adam Hatfield is the Acting Director of Capability Development within the National Cyber Security Directorate at Public Safety Canada. In this role he is responsible for leading the definition and implementation of Public Safety’s future cyber security capabilities, including its linkages with stakeholders and partner organizations, in collaboration with other cyber security lead departments and agencies. Previously, Mr. Hatfield was a Senior Strategist with the National Cyber Security Strategy Initiative, where he contributed to the advancement of a national strategy for cyber security for Canada. Prior to that, he held several positions within Public Safety Canada, including Special Advisor to the Senior Assistant Deputy Minister, Manager of Knowledge Integration at the Canadian Emergency Management College, and Cyber Security Research Officer in the Research and Development Division. Prior to joining the federal government, he was a Product Manager for the Silicon Valley-based software company BackWeb Inc, and also spent several years as a business continuity and disaster recovery consultant at Comdisco Canada in Toronto. Mr. Hatfield holds a Master of Applied Science degree in Systems Design Engineering from the University of Waterloo and has studied at Carleton University in the Master of Arts in Public Administration program. He is a licensed Professional Engineer in the province of Ontario. |
| Dr. Wenke Lee, Professor, Georgia Institute of Technology |  |
Topic: Invariants of Botnets Abstract: Botnets have emerged as the platform for most of cyber attacks and frauds. In this talk, I will present an overview of techniques for botnet detection and response. Given that botnet masters evolve their botnet technologies constantly, our research focuses on the "invariants" or "choke-points" of botnets. I will present a brief analysis of botnet invariants, and highlight two in this talk. The first is the use of malware and the presence of malicious (or, abnormal) traffic. I will present our work on automated, network-level malware analysis and clustering. The second is the use of command and control (C&C) channels. I will present our work on detection of domains for botnet C&C. In particular, I will describe our latest work on dynamic reputation of DNS domains. Biography: Dr. Wenke Lee is a Professor in the School of Computer Science, College of Computing, the Georgia Institute of Technology. He received his Ph.D. in Computer Science from Columbia University in the City of New York in 1999. Dr. Lee works in systems and network security. His current research projects are in the areas of botnet detection, malware analysis, virtual machine monitoring, and Web 2.0 security and privacy, with funding from NSF, DHS, and DoD. Dr. Lee has published over 100 articles with more than 20 of them cited more than 100 times. In 2006, Dr. Lee co-founded Damballa, Inc., a spin-off from his lab that focuses on botnet detection and mitigation.
|
| Dr. Jose Nazario, Senior Security Researcher, Arbor Networks | |
Topic: Tracking Rogue Networks Abstract: An increasing awareness of "rogue networks," ASNs and netblocks that are strictly for cybercrime, has emerged in recent years. Working to disrupt those networks requires the accumulation of abuse data and an understanding of global routing, but isn't restricted to coordinated takedown efforts. This talk discusses data collection in these cases and how such networks are "de-peered", and also how network operators can use this data themselves to defend their own userbase. Biography: Dr. Jose Nazario is the senior manager of security research at Arbor Networks. In this capacity, he is responsible for analyzing burgeoning Internet security threats, reverse engineering malicious code, software development, developing security mechanisms that are then distributed to Arbor's Peakflow platforms via the Active Threat Feed (ATF) threat detection service. Dr. Nazario's research interests include large-scale Internet trends such as reachability and topology measurement, Internet-scale events such as DDoS attacks, botnets and worms, source code analysis tools, and data mining. |
| Mr. Thomas B. Reddington, Director of the Security Research Department, Bell Labs |  |
|
Topic: Did you know that your network is showing? Abstract: There has been much focus in the literature on operating system vulnerabilities and how to detect bots and botnets. But how does it help the network operator who has already been overwhelmed with a botnet? This talk will focus on techniques that have been used to provide detailed reconnaissance on a network prior to intrusion or the launching of a botnet. The intent is to educate as to the capabilities of expert hackers and what knowledge they can gain about a target network prior to launching a botnet for further exploitation. Our interest here is botnets that target and try to invade a supposedly protected network and extract information for subsequent purposes. Biography: Thomas B. Reddington is a researcher at Bell Labs research working on the security of components and systems. His most recent position was the Director of the Security Research Department. His department was comprised of people with backgrounds in cryptography and computer science whose research mission is to create technologies that can be applied to the security of products and networks. His former position at Bell Labs was the creator and Director of the Internet Research Department of Lucent Technologies, Bell Labs Advanced Technologies. The mission of the Internet Research Department is to investigate latent vulnerabilities (with risks and impacts) and pathological deficiencies in network infrastructure, network services, and network user equipment so that business units in Alcatel-Lucent could provide technologies to protect and promote the security of IP networks for Alcatel-Lucent's customers. Prior to being Director of the Internet Research Laboratory, Mr. Reddington was a Distinguished Member of Technical Staff doing research in Computer Based Training Systems, Expert Systems, Distributed Interactive Simulation and Human-Computer Interaction. |
| Dr. Patrick Traynor, Assistant Professor, Georgia Institute of Technology |  |
Topic: Understanding the Disruptive Potential of Malware in Cellular Networks Abstract: The vast expansion of interconnectivity with the Internet and the rapid evolution of highly-capable but largely insecure mobile devices threatens cellular networks. In this talk, we discuss a number of attacks against both the wired and wireless portions of these systems. We show that with a relatively small number of infected mobile phones, an adversary can deny service to metropolitan-sized regions. We then discuss a number of significant challenges facing the realization of such attacks, including network bottlenecks and the density of compromised nodes per base station and investigate how they can be avoided by the attacker. Biography: Patrick Traynor is an Assistant Professor in the School of Computer Science at the Georgia Institute of Technology. His research focuses on the problems that arise when cellular networks and other pieces of critical infrastructure converge with the larger Internet. Dr. Traynor's work also investigates the systems challenges of applied cryptography, Internet security, mobile devices and wireless systems |
| Dr. Andrew L. Vallerand, Director S&T Public Security, Defence R&D Canada - Center for Security Sciences | |
Topic: Whole of Government e-Security S&T Abstract: Who we are, what we do, and how we do it by engaging Govt, industry academia and Allies. |