Keynote Speakers
YUSEUNG KIM
Bio:
Yuseung Kim has been working on the analysis of threats in mission-critical systems including telecommunication systems, medical devices, connected-automated vehicles, mobility services, and the development of countermeasures. He received PhD in Electrical and Computer Engineering from Carnegie Mellon University and was a member of the Mobile, Embedded, Wireless Security group led by Dr. Patrick Tague.
Title: Cybersecurity perspectives on rapidly evolving industries
Abstract: More than ever we are now experiencing the technological advances directly shifting our daily life. Retrospecting the past decade, cybersecurity professionals would be able to observe how different industries have reacted against the rapidly evolving threat landscape. From those lessons, we as a cybersecurity community would hopefully anticipate and prepare for the upcoming challenges
GUOFEI GU
Bio:
Dr. Guofei Gu is a professor and holder of the
Eppright Professorship in Engineering in the
Department of Computer Science & Engineering
at Texas A&M University (TAMU). Before coming
to Texas A&M, he received his Ph.D. degree in
Computer Science from the College of
Computing, Georgia Institute of Technology. His
research interests are in network and systems security.
Dr. Gu is a recipient of 2010 NSF CAREER Award,
2013 AFOSR Young Investigator Award, 2010
IEEE S&P Best Student Paper Award, 2015 ICDCS
Best Paper Award, 2022 ASIACCS Best Paper
Award, Texas A&M Dean of Engineering
Excellence Award, and Presidential Impact Fellow,
among several others. He is an active member of the security research community and has pioneered several new research directions such as botnet detection/defense and SDN security. Dr. Gu has frequently served on the program committees of top-tier security conferences such as IEEE S&P, ACM CCS, USENIX Security, and NDSS. He is an IEEE Fellow and an ACM Distinguished Member. He is currently directing the SUCCESS Lab at TAMU.
Title: Revisiting Security in the Age of Software-Defined Everything
Abstract:Software is not only eating the world, but also defining the new world. With the increasing examples such as software-defined compute/storage (aka, cloud), software-defined networking, software-defined radio/5G, and software-defined vehicle, we are now living in a world of software-defined everything (SDx). Infosys estimated that the global SDx market will reach USD 160 billion by 2024 and grow at a compound annual growth rate of 25%. The security of SDx is becoming more interesting and important. On one hand, SDx presents new attack surfaces and security challenges. On the other hand, SDx also provides new opportunities to rethink the design of security. In this talk, we will revisit the security at both sides and demonstrate with our recent research results. In particular, we show that we can well leverage software-defined principles to enhance zero-trust security and design new programmable security frameworks, thus also making this software-defined world more secure.
Title: A tale of Two Industroyers: It was the Season of Darkness
ALVARO A. CARDENAS
Bio:
Alvaro A. Cardenas is an Associate Professor of Computer Science and Engineering at the University of California, Santa Cruz. Before joining UCSC he was the Eugene McDermott Associate Professor of Computer Science at the University of Texas at Dallas, a postdoctoral scholar at the University of California, Berkeley, and a research staff member at Fujitsu Laboratories. He holds M.S. and Ph.D. degrees from the University of Maryland, College Park, and a B.S. from Universidad de Los Andes in Colombia. His research interests focus on security and privacy of emerging technologies and cyber-physical systems, including autonomous vehicles, drones, and SCADA systems controlling the power grid and other critical infrastructures.
Abstract: In this talk, we discuss the first two known pieces of malware that attempted to create power grid blackouts. While previous research had described the malware at a high level, in this talk, we take a deep dive into the payload targetting the operational equipment of power grid networks. Our findings include new malware behavior that was not previously documented, the software bugs of the malware, and the evolution of attacks against the power grid in Ukraine. We end our talk by discussing how similar malware may evolve in the future and the risks they pose to the power grid.
VIKRANT NANDA
Bio:
Vikrant Nanda is an engineering leader and people manager at Google, where he currently heads Information Integrity & Data Protection for Google Search. Over the course of his career, Vik has created strategic programs and led diverse teams across a range of industries: Banking & Financial Services, Consulting, Internet, and Telecom. Along the way, he has also tinkered with startup ideas in the education space, and mentors many brilliant minds to help them achieve the next step in their journey. He also serves as VP and Industry Leader for the Silicon Valley Cybersecurity Institute (SVCSI). Vik holds a Bachelor’s degree in Electrical & Computer Engineering from Cornell University and an MBA from the Indian Institute of Management at Ahmedabad. He is also credentialed as a CISSP and CIPP/US.
Title: Adventures in Security, Privacy, and Risk
Abstract: What does an Electrical Engineer + MBA have to do with Information Security, Privacy, and Risk? What does the career graph of an industry practitioner look like in our field? Are there key insights or perspectives we can glean for the future? In this talk, I will share my career journey spanning almost two decades, sampling some of the “big” problems tackled across industry sectors and layers of the tech stack. Taking a reflective approach, I will track major platform shifts and draw out some inspiring themes from a multi-disciplinary adventure.
Title: Data hiding in the third millennium: From traditional applications to emerging
scenarios
Abstract: Data hiding techniques have evolved significantly, offering diverse applications within cybersecurity and privacy frameworks. From safeguarding user privacy during multimedia content streaming to bolstering cybersecurity in IoT networks through its integration with machine learning, data hiding plays a crucial role. However, this evolution also presents challenges as malicious actors exploit these techniques for harmful purposes. This keynote provides an overview of traditional data hiding applications while highlighting current trends, including the
emerging use of watermarking in disinformation detection. It explores prospective uses of data hiding in enhancing information security and privacy, while also addressing potential threats posed to users and society when these techniques are misused.
DAVID MEGIAS
Bio:
Prof. David Megías is full Professor and the Principal Investigator of the KISON research group of the Internet Interdisciplinary Institute (IN3), at the Universitat Oberta de Catalunya (UOC). He received the Ph.D. degree in computer science from the Universitat Autònoma de Barcelona (UAB) in July 2000. Since October 2001, he has been at the UOC with a permanent position (currently as Professor). At the UOC, he has held several academic positions, until he was appointed director of the IN3 in April 2015. His current teaching is mostly related to computer networks, information security (watermarking and steganography), and research techniques and methodologies in the field of network and information technologies. His current research interests focus on information security and privacy, and include the security and privacy in multimedia content distribution (mainly in the watermarking and fingerprinting topics), steganography and steganalysis, and privacy concerns in different applications of decentralized networks. He has published more than 130 research papers in numerous international journals and conferences, 42 of them in journals indexed in JCR, and has participated in several national joint research projects both as a contributor and as principal investigator. He has supervised four doctoral theses and is a member of the editorial board and programme committees of several journals and conferences in the area of security and privacy.