2023
Keynote Speakers
TAESOO KIM
Taesoo Kim is a Professor in the School of Cybersecurity and Privacy and the School Computer Science at Georgia Tech. He also serves as a director of the Georgia Tech Systems Software and Security Center (GTS3). Starting from his sabbatical year, he works as a VP at Samsung Research, leading the development of a Rust-based OS for a secure element. He is a recipient of various awards including NSF CAREER (2018), Internet Defense Prize (2015), and several best paper awards including USENIX Security’18 and EuroSys’17. He holds a BS from KAIST (2009), a SM (2011) and a Ph.D. (2014) from MIT.
Title: Are we done yet? Our journey to fight against memory-safety bugs
Abstract: Memory-safety issues have been a long-standing concern of the security practitioners. According to Microsoft [1] and Google [2], memory-safety bugs still represent 70% of the exploited vulnerabilities in complex, real-world programs like OSes and Web browsers. However, it doesn’t mean that academics and practitioners haven’t tried hard to alleviate the problem. Advances in automatic techniques like fuzzing and sanitizers revolutionize the way we tame the memory safety bugs, but the increasing volume of new software simply outpaces the adoption rate of these promising new techniques, setting the legacy programs aside.
In this talk, I’d like to share “our” own journey to fight against memory-safety bugs – “our” is important as all research is conducted together with the brightest hackers in SSLab at Georgia Tech. First, I’d like to talk about our group’s research agenda in the memory-safety world ranging from binary exploitation, programming analysis, fuzzing, symbolic execution and security education. Second, I will share our group's journey to participate in the DARPA CGC, DEFCON CTF and pwn2own competitions. Third, I will also present where our group is heading to: a promising new memory/thread-safe language, called Rust. Lastly, I will conclude the talk with an important projection by using our recent work on finding bugs in the Rust packages [3]: like COVID-19, the memory-safety bugs likely stay with us for the next decade, if not more.
[1] MSRC, Microsoft, A proactive approach to more secure code, https://msrc-blog.microsoft.com/2019/07/16/a-proactive-approach-to-more-secure-code/
[2] The Chromium Projects, Google, Memory safety, https://www.chromium.org/Home/chromium-security/memory-safety
[3] Rudra: Finding Memory Safety Bugs in Rust at the Ecosystem Scale, Yechan Bae, Youngsuk Kim, Ammar Askar, Jungwon Lim, and Taesoo Kim. In Proceedings of the 28th ACM Symposium on Operating Systems Principles (SOSP 2021), Virtual, October 2021
MISCHA DOHLER
Bio:
Mischa Dohler is now VP Emerging Technologies at Ericsson Inc. in Silicon Valley, working on cutting-edge topics of 6G, Metaverse, XR, Quantum and Blockchain. He serves on the Technical Advisory Committee of the FCC and on the Spectrum Advisory Board of Ofcom.
He is a Fellow of the IEEE, the Royal Academy of Engineering, the Royal Society of Arts (RSA), the Institution of Engineering and Technology (IET); and a Distinguished Member of Harvard Square Leaders Excellence. He is a serial entrepreneur with 5 companies; composer & pianist with 5 albums on Spotify/iTunes; and fluent in several languages. He has had ample coverage by national and international press and media, and is featured on Amazon Prime.
Title: Why cybersecurity will be central to 6G!
Abstract: In this presentation, I will outline current industry, standards and academic thinking around 6G, and then align this with emerging services, applications and innovation capabilities. This will lay the ground for discussions on the challenges that need to be solved for 6G to succeed and contribute to a secure,
human-friendly and sustainable society through ever-present intelligent communication.
Title: Bet on Cyber Security Hope or Strategies?
SUJATA RAMAMOORTHY
Bio:
Sujata Ramamoorthy leads Platform Security in Verizon's Cybersecurity organization to secure Verizon platforms and products via architecture, governance and operations focused on Cloud Security (IaaS/PaaS/SaaS), Software Security (Web, Mobile, Platform APIs), and IoT.
Sujata sets the strategy and direction for the group and partner across various Technology organizations in Verizon - Product, IT and Network - to implement appropriate security controls via people, process and technology that supports trust and innovation in Verizon's Products and Services enabling growth and customer confidence.
Prior to joining Verizon in June 2021, Sujata has held several leadership roles in Cisco for over 20 years promoting a culture of security innovation that earned her several industry recognitions including 2 time CSO50 awards and 2 time Women Executive awards. She has built transformational programs to enable major industry transitions be it Mobility/BYOD, Cloud, DevSecOps and Security Governance via metrics and accountability.
Abstract: Setting a Cyber Security strategy amidst
the ever-changing business, technology and threat
landscape is an art and a science. The speaker will
share lessons learnt, successes achieved and what is to come from her 15 years of experience driving Cybersecurity strategies in corporations that prioritize security alongside speed and scale. While there is no one silver bullet, there are many advances to be able to strike the balance that moves the industry forward.
ELIE BURSZTEIN
Bio:
Elie Bursztein leads Google’s Cybersecurity Research Team, which invents transformative security and anti-abuse solutions that help protect users against online threats. His research focuses on applied cryptography, machine learning for security, protecting at risk users, and web security.
Recently he was involved in the development of password checkup, a privacy-preserving service that tells users if their passwords are compromised, and the first SHA-1 collision. Elie is the author of 50+ academic publications for which he has received seven best paper awards. He has given over 20 talks at leading industry conferences and received multiple industry awards, including a Black Hat Pwnie award.
Passionated by education he gave countless guest lectures at numerous universities including Stanford, Berkeley, and Tsinghua. Elie's work is regularly featured by major news outlets, including the Wall Street Journal, CBS, Forbes, Wired, the Huffington Post, and CNN.
Title: How AI helps keeping Gmail inboxes malware free
Abstract: Gmail's defenses analyze billions of attachments daily to prevent malicious documents from reaching its inboxes, whether they are for end-users or businesses. This talk provides an overview of how Google uses AI to strengthen Gmail's document defenses and withstand attacks that evade traditional AVs.
Title: Identity and Authentication: The Road Ahead
Abstract: In this keynote, I will discuss key trends shaping the consumer identity and authentication landscape and share a vision for the future of identity powered by privacy, security and machine learning technologies. I will also present cutting-edge research being conducted at Visa Research to realize this vision.
DR. SUNPREET SIGNH AORA
Bio:
Dr. Sunpreet Singh Arora leads the identity and authentication research team in Visa Research,
and represents Visa on the Fast Identity Online (FIDO) Alliance board. He is a co-inventor on over
40 patent applications and has published over 20 research articles in top international
conferences and journals. His research has received multiple awards including best paper, best
demo and best poster awards and has been featured in several national and international media
outlets, such as Forbes, MIT Technology Review, ACM Multimedia, NASA Tech Briefs and BBC
UK. Dr. Arora received his Ph.D. in Computer Science and Engineering from Michigan State
University, and B.Tech.(Hons.) in Computer Science and Engineering from IIIT-Delhi. He currently
serves as associate editor of IEEE Transactions on Biometrics, Behavior and Identity Science, and
previously led the IEEE Biometrics Council Industrial Committe