Keynote: IoT Security: The Gathering Storm

Prof. Andrew Martin
University of Oxford, UK

Abstract:
The Internet of Things (IoT) has begun to touch the lives of many already, and we are reaping benefits in convenience and economic value. Much has been invested in IoT security - and yet examples of insecure IoT devices and configurations are reported almost daily. Relatively few of these reports have come from tangible examples of loss or disruption by malice so far. Is this the calm before the storm? Will the threats be contained, or will they overwhelm the IoT venture? We will consider some of the possible future scenarios, and the possible professional responses to these. It is clear that some profound improvement is needed: but is effort best focused on engineering, design, law, regulation, consumer awareness, or all of these? We will ask what can realistically be achieved, and whether that will be enough?

Biography:
Andrew Martin is a Professor of Systems Security and Director of Centre for Doctoral Training in Cyber Security at the Department of Computer Science, University of Oxford. Prof. Martin undertakes research and teaching in the area of Systems Security, in the University of Oxford. He was instrumental in setting up the University's Cyber Security Network and helps to lead it, heading Oxford's EPSRC/GCHQ-recognised Academic Centre of Excellence in Cyber Security Research. He directs the Centre for Doctoral Training in Cyber Security, which admits 16 students each year for inter-disciplinary education and research. His recent research focus has been on the technologies of Trusted Computing, exploring how they can be applied in large-scale distributed systems, particularly cloud computing, mobile devices, and the Internet of Things. He has published extensively in this area, hosting several related international events in Oxford and speaking on the subject all over the world.

Big Data Security and Privacy: Developments and Directions

Prof. Bhavani Thuraisingham
The University of Texas at Dallas, USA

Abstract:
The collection, storage, manipulation and retention of massive amounts of data have resulted in serious security and privacy considerations. Various regulations are being proposed to handle big data so that the privacy of the individuals is not violated. For example, even if personally identifiable information is removed from the data, when data is combined with other data, an individual can be identified. This is essentially the inference and aggregation problem that data security researchers have been exploring for the past four decades. This problem is exacerbated with the management of big data as different sources of data now exist that are related to various individuals. While collecting massive amounts of data causes security and privacy concerns, big data analytics applications in cyber security is exploding. For example, an organization can outsource activities such as identity management, email filtering and intrusion detection to the cloud. This is because massive amounts of data are being collected for such applications and this data has to be analyzed. The question is, how can the developments in big data management and analytics techniques be used to solve security problems? These problems include malware detection, insider threat detection, and intrusion detection. To address the challenges of big data security and privacy as well as big data analytics for cyber security applications, we organized a workshop sponsored by the National Science Foundation in September 2014 and presented the results in 2015 at an inter-agency workshop in Washington DC. Since then several developments have been reported on big data security and privacy as well as on big data analytics of cyber security. This talk will summarize the findings of the workshop and discuss the developments and directions.

Biography:
Dr. Bhavani Thuraisingham is the Louis A. Beecherl, Jr. Distinguished Professor in the Erik Jonsson School of Engineering and Computer Science at the University of Texas, Dallas (UTD) and the executive director of UTD’s Cyber Security Research and Education Institute. Her current research is on integrating cyber security, cloud computing and data science. Prior to joining UTD she worked at the MITRE Corporation for 16 years including a three-year stint as a Program Director at the NSF. She initiated the Data and Applications Security program at NSF and was part of the Cyber Trust theme. Prior to MITRE, she worked for the commercial industry for six years including Honeywell. She is the recipient of numerous awards including the IEEE CS1997 Technical Achievement Award, the ACM SIGSAC 2010 Outstanding Contributions Award, 2012 SDPS Transformative Achievement Gold Medal, 2013 IBM Faculty Award, 2017 ACM CODASPY Research Award, and 2017 IEEE CS Services Computing Technical Committee Research Innovation Award. She is a 2003 Fellow of the IEEE and the AAAS and a 2005 Fellow of the British Computer Society. She has published over 120 journal articles, 250 conference papers, 15 books, has delivered over 130 keynote addresses, and is the inventor of five patents. She has chaired conferences and workshops for women in her field including on Women in Cyber Security, Women in Data Science, and Women in Services Computing/Cloud and has delivered featured addresses at SWE, WITI, and CRA-W.