#
 

CSAW'15 Highlights

Brendan Hannigan CSAW'15 Keynote Speaker

KEYNOTE SPEAKER

BRENDAN HANNIGAN | GENERAL MANAGER OF THE IBM SECURITY BUSINESS UNIT, IBM CORPORATION

Brendan Hannigan is General Manager of the IBM Security Business Unit for the IBM Corporation; he brings more than 25 years of industry experience to his role. Previously, Mr. Hannigan was the president and chief executive officer of Q1 Labs, the acquisition of which catalyzed the creation of the Security Systems Division. This division brings together many capabilities across IBM to respond to the market need for sophisticated, comprehensive and integrated approaches to enterprise security.

Prior to Q1 Labs, Mr. Hannigan was vice president of marketing and technology at Sockeye Networks; director of network research at Forrester Research; and served in a variety of senior-level product development roles at Digital Equipment Corporation, Wellfleet Communications, and Motorola. Mr. Hannigan has a Computer Science degree with honors from University College Dublin, Ireland.

TOPIC | THE CURRENT STATE OF CYBER SECURITY: A NEW ERA OF CRIME AND DEFENSES

Cyber security has become paramount as businesses and consumers embrace Cloud, mobile computing, Internet of Things, the digitization of information, and other innovations. Attackers are organized, collaborate with each other, and buy automated attack platforms on the Dark Web. Unfortunately, most organizations and individuals are not prepared to address the growing security challenge. The theft of hundreds of millions of records in the first half of 2015 demonstrates that we need a different approach to stop advanced attacks and unknown threats.

Brendan Hannigan, General Manager of IBM Security, leads one of the top cyber security organizations in the world. In this session, learn what the IBM X-Force team of threat researchers have discovered about the latest trends in attack methods and what can be done to stop them. Brendan will also discuss his own path in security, his experience leading the top SIEM company, Q1 Labs, through its transition from startup to the powerhouse at the center of IBM's security portfolio, and describe what it takes to succeed as a security practitioner.

DFC Crime Scene Challenge at CSAW'15
DFC DIGITAL CRIME SCENE CHALLENGE

A SPECIAL OPPORTUNITY FOR HSF FINALISTS

Solving the HSF murder mystery isn't the only way to earn points. This year, HSF teams can visit the Digital Forensics Consortium (DFC) Scene at the time assigned to them. Using their forensic and investigative skills, finalists will attempt to find all the evidence items, including the key device with vital information stored on it, in fewer than 15 minutes!

Kevin Zerrusen at the Women's Symposium Workshop sponsored by Goldman Sachs at CSAW'15
DISCOVERING CYBER SECURITY:
A WOMEN'S SYMPOSIUM WORKSHOP

SPONSORED BY GOLDMAN SACHS

Event Overview

This event is designed for women interested in exploring a career in cyber security. Our goal is to build interest and improve the pipeline for women changing tracks mid-career or returning to the workforce, as well as college graduates, high school students and girls who code.

We’ll cover the fundamental competencies you need to cultivate a successful career. We’ll also provide a tour of the types of positions and industry areas where you can work in cyber security. Finally, we’ll offer opportunities for you to network with industry professionals and connect to resources in this important field.

The Skills You Need to Succeed, by Kevin Zerrusen
Informed by the National Cybersecurity Workforce Framework

Kevin is global head of the Security Incident Response Team, which comprises the firm’s Threat Management Center and the Incident Response and Coordination, Threat Intelligence and Investigations/Forensic teams. He joined Goldman Sachs as a managing director in Technology Risk in 2013.

Prior to joining the firm, Kevin had a long career in the US government, where he served in multiple roles in a number of countries overseas, including Bulgaria, Morocco, Pakistan, Lebanon, South Korea and Iraq. He most recently directed a cyber security center at a large agency.

Kevin earned a BA in Political Science from the University of Dayton in 1983 and an MBA from Syracuse University in 1999.

Panel and Networking Lunch
Sponsored by TechRisk Women’s Network

Public Presentations at CSAW'15
PUBLIC PRESENTATIONS

Finalists from the Policy Competition, Applied Research Competition and Embedded Security Challenge share award-winning work.

POLICY PRESENTATIONS

3:00pm | Carnegie Mellon University
Casey Canfield, Frankie Catota, Nirajan Rajkarnikar
3:10pm | University of Connecticut
Anthony Barletta, Waldemar Cruz, Eugene Kovalev, Jonathan Roemer
3:20pm | University of Illinois
Jeffrey Bigg, Magdala Boyer, Michael Burdi, Matt Loar
3:30pm | NYU School of Law
Kevin Kirby, Clay Venetis
3:40pm | United States Naval Academy
Zachary Dannelly, Max Goldwasser, William Young

RESEARCH PRESENTATIONS

3:50pm | Bohatei: Flexible and Elastic DDoS Defense
Seyed K. Fayaz, Yoshiaki Tobioka, Vyas Sekar and Michael Bailey
4:00pm | A Generic Approach to Automatic Deobfuscation of Executable Code
Babak Yadegari, Brian Johannesmeyer, Benjamin Whitely and Saumya Debray
4:10pm | ObliVM: A Programming Framework for Secure Computation
Chang Liu, Xiao Wang, Kartik Nayak, Yan Huang and Elaine Shi
4:20pm | Nomad: Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration
Soo-Jin Moon, Vyas Sekar and Michael K. Reiter
4:30pm | Type Casting Verification: Stopping an emerging attack vector
Byoungyoung Lee, Chengyu Song, Taesoo Kim, Wenke Lee
4:40pm | Preventing Use-after-free with Dangling Pointers Nullification
Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, Wenke Lee
4:50pm | AUTOPROBE: Towards Automatic Active Malicious Server Probing Using Dynamic Binary Analysis
Zhaoyan Xu, Antonio Nappa, Robert Baykov, Guangliang Yang, Juan Caballero and Guofei Gu
5:00pm | Morpheus: Automatically Generating Heuristics to Detect Android Emulators
Yiming Jing, Ziming Zhao, Gail-Joon Ahn and Hongxin Hu
5:10pm | Cracking App Isolation on Apple: Unauthorized Cross-App Resource Access on MAC OS X and iOS
Luyi Xing, Xiaolong Bai, Tongxin Li, Kai Chen, Xiaojing Liao and Xiaofeng Wang
5:20pm | SUPOR: Precise and Scalable Sensitive User Input Detection for Android Apps
Jianjun Huang, Zhichun Li, Xusheng Xiao, Zhenyu Wu, Kangjie Lu, Xiangyu Zhang and Guofei Jiang

EMBEDDED SECURITY CHALLENGE PRESENTATIONS

5:30pm | No Comment | University of Illinois at Urbana Champaign
Peter Fischer, Hiroshi Fuji, Duyen Le (mentor: Masooda Bashir)
5:40pm | SSL | University of Central Florida
Orlando Arias, Jacob Wurm, Khoa Hoang (mentor: Yier Jin)
5:50pm | TRELA | University of Texas at Dallas
Gaurav Rajavendra Reddy, Liwei Zhou, Mohammad-Mahdi Bidmeshki (mentors: Yiorgos Makris, Jeyavijayan Rajendran)
6:00pm | Wildcats | University of New Hampshire
William Melanson, Chenghua She, Jaya Dofe (mentor: Qiaoyan Yu)
6:10pm | MESHsec | University of Maryland College Park
Tanvir Arafin, Mingze Gao, Qian Wang (mentor: Gang Qu)
Neil Hershfield CSAW'15 Featured Speaker
FEATURED SPEAKER

NEIL HERSHFIELD | DEPUTY SECTION MANAGER, ICS-CERT, UNITED STATES DEPARTMENT OF HOMELAND SECURITY

Neil Hershfield is employed with Cybersecurity and Communications of the U. S. Department of Homeland Security. Neil is Deputy Section Manager for ICS-CERT, Industrial Control Systems Cyber Emergency Response Team.

Prior to his current role, Neil was Program Manager for the National Cyber Security Division Mission Support contract with SRA International, Inc. Previously, Neil was employed with The Dow Chemical Company and held a variety of managerial and leadership positions in Economic Development, the Chemical Sector Cyber Security Program, Global eCommerce, Marketing and Sales.