To view more alumni events, click here.
Recent news reports stated that the National Security Agency has pursued new methods that have allowed the agency to monitor telephone and online communication, encrypted information that was thought to be virtually immune to eavesdropping. What steps can and should computer scientists take in response to this privacy threat? How will the recent revelations affect the future of cryptography—the field of encoding and decoding electronic communication and transmissions for the purposes of privacy, reliability and efficiency?
To address these questions, the Johns Hopkins University Information Security Institute will host an hour-long roundtable discussion, moderated by Anton Dahbura, interim executive director of the Information Security Institute, and Avi Rubin, the institute’s technical director. Other participants will include Johns Hopkins cyber-security experts Matthew Green, Stephen Checkoway and Giuseppe Ateniese.
The event will be streamed live at https://connect.johnshopkins.edu/jhuisicrypto/, and also will be posted online following the event.
NOTE: Seating at this public event will be limited. Members of the media who plan to cover the discussion are asked to RSVP to Phil Sneiderman, email@example.com.
NOTE: This talk has been rescheduled for April 4.
Please join us for our next TechTalk featuring network security expert and current Johns Hopkins Engineering student William Kupersanin. He will present “Post-exploit detection: How NOT to be owned for months.”
Participants can also attend online via live stream at ep.jhu.edu/webcast.
Abstract: Effectively defending a network from Advanced Persistent Threats (APTs) remains a difficult problem for enterprises, as evidenced by the large number of publicly documented network compromises. MITRE has been developing methods to detect APTs post-compromise more quickly. As part of our work, we developed an adversary model (ATT&CK™), and a suite of behavior-based analytics for detecting threats operating on a network, and an iterative method for developing future analytics.
ATT&CK™ is a model and framework for describing the actions an adversary takes while operating within an enterprise network. The model can be used to better characterize post-compromise adversary behavior with the goal of distilling the common behaviors across known intrusion activity into individual actions that an adversary may take to be successful. The techniques described in ATT&CK™ relate to observed APT intrusions, and are at a level of abstraction necessary for effectively prioritizing defensive investments and comparing host-based intrusion detection capabilities.
Bio: William Kupersanin is a Cyber Analyst with MITRE’s internal information security team and focuses on the development of analytics to detect adversarial behavior. He has over 20 years of experience in IT and network security. At MITRE, Kupersanin has supported various sponsors in the intelligence community and civilian government. Before coming to MITRE, Kupersanin worked in operational security at the U.S. Nuclear Regulatory Commission, developed ISP capabilities for a startup targeting developing nations, participated in the development of the University of Maryland’s initial cyber incident response capabilities, and has held various other cyber security related positions within the aerospace and educational sectors. William has a BS in Computer Science from the University of Maryland and is currently a student in the Johns Hopkins Engineering for Professionals program.