2023
Keynote Speakers
TAESOO KIM
Taesoo Kim is a Professor in the School of Cybersecurity and Privacy and the School Computer Science at Georgia Tech. He also serves as a director of the Georgia Tech Systems Software and Security Center (GTS3). Starting from his sabbatical year, he works as a VP at Samsung Research, leading the development of a Rust-based OS for a secure element. He is a recipient of various awards including NSF CAREER (2018), Internet Defense Prize (2015), and several best paper awards including USENIX Security’18 and EuroSys’17. He holds a BS from KAIST (2009), a SM (2011) and a Ph.D. (2014) from MIT.
Title: Are we done yet? Our journey to fight against memory-safety bugs
Abstract: Memory-safety issues have been a long-standing concern of the security practitioners. According to Microsoft [1] and Google [2], memory-safety bugs still represent 70% of the exploited vulnerabilities in complex, real-world programs like OSes and Web browsers. However, it doesn’t mean that academics and practitioners haven’t tried hard to alleviate the problem. Advances in automatic techniques like fuzzing and sanitizers revolutionize the way we tame the memory safety bugs, but the increasing volume of new software simply outpaces the adoption rate of these promising new techniques, setting the legacy programs aside.
In this talk, I’d like to share “our” own journey to fight against memory-safety bugs – “our” is important as all research is conducted together with the brightest hackers in SSLab at Georgia Tech. First, I’d like to talk about our group’s research agenda in the memory-safety world ranging from binary exploitation, programming analysis, fuzzing, symbolic execution and security education. Second, I will share our group's journey to participate in the DARPA CGC, DEFCON CTF and pwn2own competitions. Third, I will also present where our group is heading to: a promising new memory/thread-safe language, called Rust. Lastly, I will conclude the talk with an important projection by using our recent work on finding bugs in the Rust packages [3]: like COVID-19, the memory-safety bugs likely stay with us for the next decade, if not more.
[1] MSRC, Microsoft, A proactive approach to more secure code, https://msrc-blog.microsoft.com/2019/07/16/a-proactive-approach-to-more-secure-code/
[2] The Chromium Projects, Google, Memory safety, https://www.chromium.org/Home/chromium-security/memory-safety
[3] Rudra: Finding Memory Safety Bugs in Rust at the Ecosystem Scale, Yechan Bae, Youngsuk Kim, Ammar Askar, Jungwon Lim, and Taesoo Kim. In Proceedings of the 28th ACM Symposium on Operating Systems Principles (SOSP 2021), Virtual, October 2021
MISCHA DOHLER
Bio:
Mischa Dohler is now VP Emerging Technologies at Ericsson Inc. in Silicon Valley, working on cutting-edge topics of 6G, Metaverse, XR, Quantum and Blockchain. He serves on the Technical Advisory Committee of the FCC and on the Spectrum Advisory Board of Ofcom.
He is a Fellow of the IEEE, the Royal Academy of Engineering, the Royal Society of Arts (RSA), the Institution of Engineering and Technology (IET); and a Distinguished Member of Harvard Square Leaders Excellence. He is a serial entrepreneur with 5 companies; composer & pianist with 5 albums on Spotify/iTunes; and fluent in several languages. He has had ample coverage by national and international press and media, and is featured on Amazon Prime.
Title: Why cybersecurity will be central to 6G!
Abstract: In this presentation, I will outline current industry, standards and academic thinking around 6G, and then align this with emerging services, applications and innovation capabilities. This will lay the ground for discussions on the challenges that need to be solved for 6G to succeed and contribute to a secure,
human-friendly and sustainable society through ever-present intelligent communication.
Title: Bet on Cyber Security Hope or Strategies?
SUJATA RAMAMOORTHY
Bio:
Sujata Ramamoorthy leads Platform Security in Verizon's Cybersecurity organization to secure Verizon platforms and products via architecture, governance and operations focused on Cloud Security (IaaS/PaaS/SaaS), Software Security (Web, Mobile, Platform APIs), and IoT.
Sujata sets the strategy and direction for the group and partner across various Technology organizations in Verizon - Product, IT and Network - to implement appropriate security controls via people, process and technology that supports trust and innovation in Verizon's Products and Services enabling growth and customer confidence.
Prior to joining Verizon in June 2021, Sujata has held several leadership roles in Cisco for over 20 years promoting a culture of security innovation that earned her several industry recognitions including 2 time CSO50 awards and 2 time Women Executive awards. She has built transformational programs to enable major industry transitions be it Mobility/BYOD, Cloud, DevSecOps and Security Governance via metrics and accountability.
Abstract: Setting a Cyber Security strategy amidst
the ever-changing business, technology and threat
landscape is an art and a science. The speaker will
share lessons learnt, successes achieved and what is to come from her 15 years of experience driving Cybersecurity strategies in corporations that prioritize security alongside speed and scale. While there is no one silver bullet, there are many advances to be able to strike the balance that moves the industry forward.