Featured Project:


Research Opportunities
Security Links
ISIS Blogs
Contact Us
About Us

The Information Systems and Internet Security (ISIS) Laboratory is a NSF-funded lab consisting of heterogeneous platforms and multiple interconnected networks to facilitate hands-on experimentation and project work related to information security. It provides focus for multidisciplinary research and education in emerging areas of information security at Polytechnic Institute of NYU.

Current research areas include computer and network security, digital forensics, hardware for secure systems, digital watermarking, and steganography. Courses supported by the ISIS lab include those related to computer and network security.

News & Events

isis_logo.jpg The Emerging Threat of Financial Crimes and CSC Website

The Cyber Security Club is proud to present David O’Connor giving a talk on "The Emerging Threat of Financial Crimes" on Wednesday, October 13, 2010 in room JAB473.

We would also like to inform everyone about our new website: https://sites.google.com/site/polycybersecurityclub/, where we will be posting a schedule of talks, and be providing content for each talk afterwards. This is solves the problem of members not knowing about upcoming talks, and will allow members to be able to obtain materials for each talk afterwards.

sachs.jpg Supply Chain Attcks
Speaking in the DISSP series next Wednesday, we have Marcus Sachs on Sept 8th from 12:30pm to 1:30pm in room RH 227.

Abstract: Most security professionals are well trained on the use of firewalls, intrusion detection systems, anti-virus software, and other common tools that are used to protect their organization's intellectual property. Recent attacks have been seen arriving through the supply chain, with attackers literally shipping software and hardware "pre-infected" with malicious code designed to install hidden backdoors and access methods that are undetected by traditional tools. This talk will look at several cases of recent supply chain attacks and will examine the policy and operational changes we need to make in order to protect ourselves from this new method of attack.

isislogo4.png SAIC Selects NYU-Poly to Help Build Cyber Security Powerhouse
Polytechnic Institute of New York University (NYU-Poly) has signed an agreement with Science Applications International Corporation (SAIC) [NYSE: SAI], a FORTUNE 500 scientific, engineering and technology applications company, to deliver master's degrees in cyber security to more than 600 top-performing employees over the next decade.

View full press release.

isislogo4.png Poly Hosting Security Treasure Hunt Online Competition
The New York State Office of Cyber Security and Critical Infrastructure Coordination (CSCIC) announced the launch of a new online competition, known as Security Treasure Hunt, designed to identify individuals with cyber security skills and enable competitors to be considered for participation in a week-long cyber security camp in NYC this July. (more info

srini_devadas.jpg Seminar: Prof. Srini Devadas, MIT
Title: How Hardware Can Help Meet Security Challenges
Time and Location: March 25, 2010 in LC400 at 2pm
Abstract: In this talk, I will focus on how hardware can help secure systems that are under physical as well as computational attack. Physical Unclonable Functions (PUFs) are a tamper resistant way of establishing shared secrets with a physical device. They rely on the inevitable manufacturing variations between devices to produce an identity for a device. This identity is unclonable, and in some cases is even manufacturer resistant (i.e., it is impossible to produce devices that have the same identity). We describe applications of PUFs, including authentication of individual integrated circuits such as FPGAs and RFIDs, and the design of a PUF-enabled processor that generates its public/private key pair on power-up so its private key is never left exposed in (on-chip or off-chip) non-volatile storage. It is capable of a broad range of cryptographic functionality, including certified execution of programs. Finally, by running a virtual machine on a secure processor we have built an attachable trusted module called a Trusted Execution Module (TEM) that does not need to be securely bound to its host (unlike the TPM) and which does not trust the authors of the programs it runs (unlike a smart card).

kevin_butler.jpg Seminar: Kevin Butler, Penn State
Title: Leveraging Emerging Storage Functionality for New Security Services
Time and Location: March 23, 2010 in LC400 at 11am
Abstract: This talk discusses how new disk architectures may be exploited to aid the protection of systems by acting as policy decision and enforcement points. We prototype disks that enforce data immutability at the block level on critical system data, preventing malicious code from inserting itself into system configuration and boot files. We then examine how storage may be used to ensure the integrity state of hosts prior to allowing access to data, and how such a design improves the security of portable storage devices.

isis_logo.jpg Seminar: Robert J. Giesler, SAIC
Title: Cyber Conflict: Fact and Fiction
Time and Location: Wednesday April 7 at 1pm in RH227
Abstract: Cyber warfare expert Bob Giesler will round up current trends in US government cyber policy and strategy, and discuss the real face of cyber military operations. He will explore the aphorism that a good defense requires a good offense. Emphasizing the strategic imperative of public awareness, Giesler will suggest that invoking the image of a Cyber Pearl Harbor, as seen in the CNN broadcast Cyber Shockwave (see http://www.youtube.com/watch?v=tfv5JASJxbA), is bad public policy.

caballero.jpg Seminar: Juan Caballero, CMU
Title: Binary Program Analysis and Model Extraction for Security Applications
Time and Location: Friday 3/12 at 11am in LC400
Abstract: In this talk I present a platform to extract models of security-relevant functionality from program binaries, enabling multiple security applications such as active botnet infiltration, finding deviations between implementations of the same functionality, vulnerability signature generation, and finding content-sniffing cross-site scripting (XSS) attacks. I present two applications: active botnet infiltration and finding content-sniffing XSS attacks.

att_sm.jpg Recruiting Visit: Gus de los Reyes, AT&T
Title: Security Research at AT&T
Time and Location: Wednesday 2/17 at 12:15pm in RH227

metwally.jpg Seminar: Ahmed Metwally, Google
Title: Online Data Forensics for Click Fraud Detection
Time and Location: Wednesday 2/17 at 11am in LC102
Abstract: In this talk, we describe the Internet advertising model, and discuss the issue of click fraud that is an integral problem in such a setting. We start by classifying the click fraud techniques into two major classes based on the motivation of the fraudulent publishers and advertisers. We describe traffic analysis problems that model detecting both classes of fraud attacks. We propose using streaming and sampling algorithms on aggregate traffic as a viable way of detecting automated traffic, while not violating the surfers. privacy. We conclude by reporting the results of deploying these algorithms on various networks of advertising commissioners.

bbc.jpg NYU-Poly Cyber Security Program Featured on BBC
See it here.

ioannidis.jpg Seminar: John Ioannidis, Google
Title: Cloud Computing: Threats (Perceived and Real)
Time and Location: Friday 2/12 at 11am in LC400
Abstract: Cloud computing is being heralded as a major paradigm shift in how computing and network services are structured and offered. As with any new technology, there are many perceived threats, both from a business and from a personal perspective. In this talk we survey the landscape of the various technologies that the term "cloud computing" encompasses, analyze where threats and vulnerabilities can really be, and propose the necessary approaches to countering them in time.

att_sm.jpg iPhone App Class Visit with AT&T
NYU-Poly's iPhone App class visits AT&T.
video here

dod.jpg 2010 Department of Defense Scholarships
Applications for Department of Defense Scholarships are now being accepted for 2010. For more information, please see this page.

csaw09s.jpg Embedded System Challenge Featured in IEEE Spectrum
The article is here.

brooklyn_overflow.png UCSB iCTF 2009
The ISIS lab represented NYU-Poly in the 2009 UCSB iCTF competition and placed 15th out of 47, and third best in the U.S. (link to final scoreboard).

snp.png Security and Privacy Day 2009
The Security and Privacy Day is a biannual event sponsored by the greater New York City area computer security research community for bringing area researchers together, fostering multi-institutional collaborations, and discussing and exchanging our ideas on and experiences with security and privacy research. For more information, please visit the event web site.

csaw09s.jpg CSAW CTF Elimination Round Winners Have Been Announced
Check the CSAW CTF page for updates.

odlyzko.jpg Seminar: Prof. Andrew Odlyzko, University of Minnesota
Thursday, October 1st, 11 am - noon, LC400

Title: How to Live and Prosper with Insecure Cyber Infrastructure

Abstract: Professor Andrew Odlyzko uses an interdisciplinary approach that incorporates insights from economics, law, sociology, and psychology of security to explain some counterintuitive and contrarian approaches to research and the deployment of information technologies.

Bio: Andrew Odlyzko has had a long and distinguished career in research and research management at Bell and AT&T labs and has recently built an interdisciplinary research center. He has authored over 150 technical papers on computational complexity, cryptography, number theory, combinatorics, coding theory, analysis, probability theory and related fields. In recent years, he has worked on electronic commerce, economics of data networks, and economic history with particular focus on diffusion of technological innovation.

gary_mcgraw.jpg Seminar: Gary McGraw, CTO, Cigital Inc.
9/25 at 11am in the Pfizer Auditorium

Title: Software Security and the Building Security in Maturity Model (BSIMM)

Abstract: Gary McGraw, PhD, will use his book "Software Security: Building Security In" to frame a discussion on the state of the practice of software security. He will describe the observation-based maturity model, using examples from real software security programs and how to use the BSIMM to determine the software security plan that works best for you.

Bio: Dr. Gary McGraw is CTO of Cigital, Inc., a software security and quality-consulting firm, headquartered in the Washington, DC area. He is an international expert in the field of software security and the author of eight books. He holds dual PhD degrees in Cognitive Science and Computer Science from Indiana University where he serves on the Dean's Advisory Council for the School of Informatics.

online slides (for Microsoft Internet Explorer users)

reuters.gif CSAW Featured on Reuters
With cyber security fraud costing businesses more than a trillion dollars worldwide and enforcement agencies facing shortages that can delay forensics investigations for years, the graduate students of a leading information security program devised the 2009 cyber war games to attract the next generation of cyber sleuths. Graduate students of the Polytechnic Institute of New York University this week opened registration for the 6th Annual Cyber Security Awareness Week (CSAW) games.

Full Reuters CSAW Article

thomson.gif ISIS Media Forensics Research Featured in Thomson Security Newsletter
Time: July 1, 2009

Thomson Security Newsletter No. 13

isis_logo.jpg Collaborative Research in Information Security and Privacy
Time: May 7, 2009
Place: 295 Lafayette Street (Puck Building)-2nd Floor

Description: Collaborative Research in Information Security and Privacy (CRISP) is a workshop for discussing the relationship between security research and related fields such as law, economics, business, health, and public safety.

sotirov.jpg Seminar Series: Reverse Engineering
Speaker: Alex Sotirov, Independent Security Researcher
Time: April 1st, 8th, 15th, and 22nd at noon
Place: RH227

Alex Sotirov, an independent security researcher with more than ten years of experience with vulnerability research, reverse engineering and advanced exploitation techniques, will be giving a free 4-week reversing seminar through NYU:Poly's ISIS lab. Starting on April 1st, Alex will cover and go beyond many of the topics presented in NYU:Poly's successful "Penetration Testing and Vulnerability Analysis" course. Material will be presented on common binary patterns, dynamic analysis techniques, and complex malware analysis.

Alex's most recent work includes exploiting MD5 collisions to create a rogue Certificate Authority, bypassing the exploitation mitigations on Windows Vista and developing the Heap Feng Shui browser exploitation technique. His professional experience includes positions as a security researcher at Determina and VMware. Currently he is working as an independent security consultant in New York. He is a regular speaker at security conferences around the world, including CanSecWest, BlackHat and Recon. Alexander is a program chair of the USENIX Workshop on Offensive Technologies and is one of the founders of the Pwnie Awards.

Please join us for this unique opportunity at NYU:Poly's ISIS lab. All are welcome.

More information:

molnar.jpg Theory Plus Practice in Computer Security: Radio Frequency Identification and Whitebox Fuzzing
Speaker: David Molnar, UC Berkeley
Time: Friday April 3rd at 11am
Place: LC102

Abstract: I will describe two areas in computer security that demonstrate the wide range of techniques, from both theory and practice, we need to make impact. First, I treat privacy and security in Radio Frequency Identification (RFID). RFID refers to a range of technologies where a small device with an antenna, or "tag", is attached to an item and can be queried later wirelessly by a reader. While proponents of RFID promise security and efficiency benefits, the technology also raises serious security concerns. I will describe my work on practical security analysis of RFID in library books and the United States e-passport deployments. These deployments in turn uncover a new theoretical problem, that of "scalable private authentication", I will describe the first solution to this problem that scales sub-linearly in the number of RFID tags.

Second, I describe recent work in "whitebox fuzz testing", a new approach to finding security bugs. Security bugs cost millions of dollars to patch after the fact, so we want to find and fix them as early in the deployment cycle as possible. I review previous fuzz testing work, how fuzzing has been responsible for serious security bugs, and classic fuzz testing's inability to deal with "unlikely" code paths. I then show how marrying the idea of dynamic test generation with fuzz testing overcomes these shortcomings, but raises significant scaling problems. Two recent tools, SAGE at Microsoft Research, and SmartFuzz at Berkeley, overcome these scaling problems; I present results on the effectiveness of these tools on commodity Windows and Linux media playing software. Finally, I close with directions for leveraging cloud computing to improve developers' testing and debugging experience. The talk describes joint work with Ari Juels and David Wagner (RFID), and with Patrice Godefroid, Michael Y. Levin, Xue Cong Li, and David Wagner (Fuzzing).

lobo.jpg Seminar: Expressive Policy Analysis with Enhanced System Dynamicity
Speaker: Jorge Lobo, IBM T.J. Watson Research Center
Time: Wednesday April 1st at 11am
Place: LC400

Abstract: Although several research efforts have been devoted to the issue, the effective analysis of policy based security systems remains a significant challenge. Policy analysis should at least (i) be expressive (ii) take account of obligations and authorizations, (iii) include a dynamic system model, and (iv) give useful diagnostic information. I will present a logic-based policy analysis framework which satisfies these requirements, showing how properties such as modality conflicts, separation of duties, and others can be analyzed. We give details of a prototype implementation.

Bio: Jorge Lobo joined IBM T. J. Watson Research Center in 2004. Previous to IBM he was principal architect at Teltier Technologies, a start-up company in the wireless telecommunication space acquired by Dynamicsoft and now part of Cisco System. Before Teltier he was an Associate Professor of CS at the University of Illinois at Chicago and a member of the Network Computing Research Department at Bell Labs. At Teltier he developed a policy server for the availability management of Presence Servers. The servers were successfully tested inside two GSM networks in Europe. He also designed and co-developed PDL, one of the first generic policy languages for network management. A policy server based on PDL was deployed for the management and monitoring of Lucent's first generation of softswitch networks.

Jorge Lobo has more than 50 publications in international journals and conferences in the areas of Networks, Databases and AI. He is co-author of an MIT Press book on logic programming and an IBM Press book on policy technologies for self-managing systems. He is co-founder and member of the steering committee for the IEEE International Symposium on Policies for Distributed Systems and Networks. He has a PhD in CS from the University of Maryland at College Park, and an MS and a BE from Simon Bolivar University, Venezuela.

aiello.jpg Seminar: Prioritizing Security Goals
Speaker: Michael Aiello, Goldman Sachs
Time: March 25th at 12:30pm
Place: RH227

The talk will describe several of the security techniques that do not get a lot of publicity, but been found quite effective within our organization. Some of the techniques are quite simple, such as providing developers with a checklist, and asking the right questions to determine where to focus efforts. Together, they enable a rational process of security management within a large heterogeneous environment.

joelrosenblatt.gif Seminar: Doing IDS without being (too) intrusive
Speaker: Joel Rosenblatt, Columbia Information Security Office
Time: February 18th at 12:15pm
Place: RH227

Speaker Bio: Joel Rosenblatt has been in IT at Columbia University for the last 31 years. He is currently the head of the Computer and Network security group, part of the Columbia Information Security Office. He is responsible for overseeing the security for the approximately 65,000 nodes that make up the Columbia University network. Additional responsibilities include DMCA compliance and investigations involving law enforcement. Joel is the Chair of the Security Metrics Project Team of the EDUCAUSE/Internet2 Computer and Network Security Task Force and a member of Infraguard, NYECTF and other organizations that he can neither confirm or deny the existence of.

isis_logo.jpg Security Seminar: Mike Zusman
Time: February 11th at 12:30pm
Place: RH227

Internet-facing SSL VPNs and Open Reverse Proxies can be abused to perform reconnaissance, data extraction, or general mischief INSIDE the Corporate Intranet and on SSL VPN clients. Such security devices are usually thought to add security to the enterprise network, while increased client side attack surface from required mobile code (ActiveX/Java) goes ignored.

This presentation will discuss programming and infrastructure flaws permitting abuse of the server, remote code execution on vulnerable clients, as well as appropriate countermeasures.

Mike Zusman is a Senior Consultant for the Intrepidus Group. Prior to joining Intrepidus Group, Mike has held the positions of Escalation Engineer at Whale Communications (a Microsoft subsidiary), Security Program Manager at Automatic Data Processing, and lead architect & developer at a number of smaller firms. In addition to his corporate experience, Mike is an independent security researcher, and has responsibly disclosed a number of critical vulnerabilities to commercial software vendors and other clients. Mike has also founded a number of successful entrepreneurial ventures including Global Uplink Solutions Incorporated (hosting division acquired by Flare Technologies in 2005) and Dish Uplink LLC, a leader in satellite TV subscription activations in the US. Mike holds the CISSP certification.

isis_logo.jpg Security Seminar: Bots, Botnets, and Malware: Evolving Attack and Defense
Time: February 4th at 12:30pm
Place: RH227
Dean De Beer will be presenting at this week's Wednesday security meeting on "Bots, Botnets, and Malware: Evolving Attack and Defense." The talk will cover infection vectors, command and control structures, and commercial detection tools for current-generation botnets focusing on the ASPRox, Waledac, Storm, and Confiker botnets. Dean will also show off techniques you can use to visualize the network data generated by these botnets. Dean is an Information Security Specialist with 10 years of experience in providing tailored security services to a variety of clients in the public, healthcare and education sectors. He has worked with these businesses to improve their overall security posture by helping them meet and exceed the standards required for compliance with various regulations such as HIPAA, GLBA and SOX. He is able to deliver these results by using a combination of technical services such as risk assessments, penetration testing and incident response to develop and improve upon existing controls and metrics for clients of zero(day) solutions. http://zerodaysolutions.com

isis_logo.jpg Presentation and Discussion: The Psychology of Deception
Time: January 30th at 4:00pm
Place: CS Conference Room

Sherard Bailey will give a talk in the psychology of deception and a group discussion will follow.

Topics to be addressed are:

  • What is deception?
  • Properties/Classification/Examples
  • Defining a psychology of deception
  • define the strong/weak "sense" of psychology and how the psychology of deception fits into this
  • review of published articles by
    • Jastrow (illusory inferences on knowledge based on sensory info),
    • Dessoir (invited inference, psychological kernel),
    • Binet and Triplett (sociobiology, deception/natural selection) that form a broad collection of ideas on the topic

sotirov.jpg Seminar: Reverse Engineering in the Security Industry
Time: January 28th at 12:30pm
Place: RH227
Alexander Sotirov will join us for a seminar on the state of the art of reverse engineering. Alexander Sotirov has been involved in computer security since 1998, when he became one of the editors of Phreedom Magazine, a Bulgarian underground technical publication. For the past eight years he has been working on reverse engineering, exploit code development and research in automated source code auditing. His most well-known work is the development of highly reliable exploits for Apache/mod_ssl, ProFTPd and Windows ASN.1. He graduated with a Master's degree in computer science in 2005. He is an independent security consultant working in New York City and is affiliated with phreedom.org.

lakshmi_sm.jpg Seminar: Networked Systems for the Developing World
Lakshminarayanan Subramanian of the Courant Institute will give a seminar in room RH227 on Wednesday, November 19th from 12:30pm to 1:30pm. Professor Subramanian's summary follows:

Networked Systems for the Developing World Computer Science research over the past several decades has predominantly focused on addressing important computing problems in the developed world with little focus on the developing world. However, the sad reality is that a large majority of the world's population does not have access to basic digital communications - If this issue is not addressed, the digital divide is bound to significantly grow in the upcoming years.

In this talk, I will elaborate upon how the development of appropriate Information and Communication Technologies (ICT) has the potential to solve some of the pressing problems in developing countries including improving healthcare, education, financial services, supply-chain services etc. I will elaborate on the computer science research challenges that arise in addressing these problems many of which are motivated by the operational environments in these regions. These challenges are spread across a wide range of topics within computer science.

deian.jpg Seminar: Deian Stefan - "Keystroke Dynamics Authentication and Human-Behavior Driven Bot Detection"
Deian Stefan from Cooper Union will join us at Poly in room RH227 on Wednesday, October 22nd from 12:30pm to 1:30pm to present his research.

Seminar Summary: We present our design and implementation of a remote authentication framework called TUBA which collects, extracts features, analyzes, and classifies a computer owner's character- istic keystroke patterns. A comprehensive security analysis on the attacks and defenses of our framework is presented.

csaw64.jpg CSAW 2008: Big thanks to everyone!
CSAW 2008 culminated in the awards ceremony on Tuesday, October 14th in Poly's Pfizer Auditorium. This year's CSAW was the biggest yet, with more participation, more schools participating, more countries participating, and more prizes than ever before. Big thanks to all who competed, all the judges who donated their expertise, and of course, big thanks to the sponsors.

isislogo.png Leveraging Technical Security in the Enterprise
Time:Wednesday, September 25th at 12:30pm

Place:Rogers Hall, Room 227

Fred Scholl will join us to give a talk titled "Leveraging Technical Security in the Enterprise". The talk will address how to better market and use technical training to create effective products and services for global enterprise users.

wissp2.png Workshop on Interdisciplinary Studies in Security and Privacy
The ISIS group at NYU Poly is hosting WISSP 2008, a workshop on interdisciplinary studies in security and privacy. Panel topics will include targeted malware, trusted platforms, privacy, and education. See the workshop program for a listing of the speakers and panelists as well as for more information about the topic of each of the sessions.

skoudis.jpg The Bad Guys Are Winning: What Now?
On Wednesday, September 17th, at 12:30pm in room RH227 Ed Skoudis will give a talk titled, "The Bad Guys Are Winning: What Now?" The topic is as follows.

A sufficiently motivated attacker will almost always compromise a target environment, given the complex attack surface of today's enterprises. This talk analyzes why this is so, and discusses what the implications are for enterprise security personnel, penetration testers, and the military.

compw.gif Computerworld Magazine lists Polytechnic among top 10 innovative schools, particularly the security program.
A Computerworld/Dice.com survey of 16 graduate-level alumni gave Poly straight A's.
  • Overall grade: A
  • Value: A
  • Positive career impact: A
  • Relevance to actual career activities: A

The article lists Poly's security program as one of the key strengths of Poly, and has an interview with an ISIS alum, Stanislav Nurilov. See the full article on the Computerworld site.

pasha.jpg Congratulations to Pasha Pal for winning the best paper award at DFRWS 08.
ISIS PhD student Pasha Pal was given the best paper award at DFRWS 08 for his analysis of the state of the art in file carving, and development of a powerful new method.

The paper is here: Detecting File Fragmentation Point using Sequential Hypothesis Testing

Abstract: File carving is a technique whereby data files are extracted from a digital device without the assistance of file tables or other disk meta-data. One of the primary challenges in file carving can be found in attempting to recover files that are fragmented. In this paper, we show how detecting the point of fragmentation of a file can benefit fragmented file recovery. We then present a sequential hypothesis testing procedure to identify the frag- mentation point of a file by sequentially comparing adjacent pairs of blocks from the start- ing block of a file until the fragmentation point is reached. By utilizing serial analysis we are able to minimize the errors in detecting the fragmentation points. The performance results obtained from the fragmented test-sets of DFRWS 2006 and 2007 show that the method can be effectively used in recovery of fragmented files.

xiaokui.jpg Transparent Anonymization: Thwarting Adversaries Who Know the Algorithm
Speaker: Xiaokui Xiao, Chinese University of Hong Kong

Time and Location: Monday 07/07 at 11am in LC400

Abstract: The digitization of our daily lives has led to unprecedented collections of sensitive personal data (e.g., census data, medical records) by governments and corporations. Such data is often released for research purposes, which, however, may pose a risk to individual privacy. To address this issue, numerous techniques have been proposed to anonymize the data before its publication. Somewhat surprisingly, all existing anonymization techniques assume that the adversary has no or limited knowledge of the anonymization algorithm, and fail to protect privacy when this assumption does not hold. In other words, a data publisher that adopts these techniques must take up the difficult responsibility of keeping the algorithm confidential, which severely limits the applicability of these techniques in practice.

In this talk, I will present a solution that remedies the above problem. I will start from an analytical model for evaluating disclosure risks, against an adversary who knows everything in the anonymization process, except the data to be published. Based on the model, I will discuss three anonymization algorithms that can ensure privacy protection against the adversary we consider. The effectiveness and efficiency of these algorithms will be demonstrated through experimental results. Finally, I will conclude the talk with my plan for future research.

Bio: Xiaokui Xiao obtained the Bachelor and Master degrees in Computer Science from the South China University of Technology in July 2001 and June 2004, respectively. He is currently a PhD student in the Department of Computer Science and Engineering of the Chinese University of Hong Kong.

nsa.jpeg ISIS gets NSA Designation of Center of Excellence in Research
In addition to affirming our status as a Center of Academic Excellence in Information Assurance Education, NSA awarded ISIS the status of Center of Academic Excellence in Information Assurance Research. More information about this designation can be found on NSA's webpage.

nsa.jpeg ISIS Renews Center of Excellence in Education Designation
More information can be found on NSA's webpage.

radu.jpg On Trusted Hardware and Privacy Systems
Speaker: Radu Sion, State University of New York, Stony Brook
Time and Location: Friday 3/14 at 11am in LC102

Short Abstract:
We will talk about existing trusted hardware devices and how they can be deployed to make the world a safer and more private place.

Radu Sion is an assistant professor of Computer Science in Stony Brook University, heading the Network Security and Applied Cryptography Laboratory. His research focuses on data security and information assurance mechanisms. Collaborators and funding partners include Motorola Labs, the Center of Excellence in Wireless and Information Technology CEWIT, the Stony Brook Office for the Vice-President for Research and the National Science Foundation. Sion also directs the Stony Brook Trusted Hardware Laboratory, a central expertise and research knowledge repository on secure hardware.

Radu Sion's Webpage

fazio.gif Tackling the Content Protection Challenge
Speaker: Nelly Fazio, IBM Almaden Research Center
Time and Location: Friday 3/07 at 11am in LC102

Devising effective Content Protection mechanisms and building satisfactory Digital Rights Management systems have been top priorities for the Publishing and Entertainment Industries in recent years. Corporate DRM efforts have so far attempted to address this challenge with systems characterized by a tight control over the user media platform. This approach, however, brings about rigid limitations on the user experience (e.g., restrictions on the creation of back-up copies of purchased copyrighted content), ultimately resulting in an unhappy customer base. Research advances over the last few years show that Cryptography holds promise for the development of flexible tools that could enable fair DRM solutions. In this talk, I will provide an overview of my investigations along this direction, and I will then focus on the case of transmission of live events, where the sensitivity of the content under distribution decreases with time. For this setting, I will present a scheme in which unauthorized disclosure of access control credentials can be traced back to the leaker(s), thus discouraging piracy by the threat of detection. The proposed solution improves upon the state of the art both in communication performance and in security guarantees. Before concluding, I will briefly discuss some of my other cryptographic research, including an on-going project that was recently funded by DARPA in the context of the "System F6" initiative.

Nelly Fazio earned her M.Sc. ('03) and Ph.D. ('06) in Computer Science from New York University. During her studies, she also conducted research at Stanford University, Ecole Normale Superieure (France) and Aarhus University (Denmark). In 2003, she was awarded the NYU CIMS Sandra Bleistein prize, for "notable achievement by a woman in Applied Mathematics or Computer Science." Her Ph.D. thesis was nominated with honorable mention for the NYU J. Fabri prize, awarded yearly for the "most outstanding dissertation in Computer Science." Dr. Fazio's research interests are in cryptography and information security, with a focus on digital content protection. Since July 2006, she is part of the Content Protection group at IBM Almaden Research Center, where she has been conducting research on advanced cryptographic key management, tracing technologies, and authenticated communications in dynamic federated environments. Currently, she is a visiting research scientist in the Security group at IBM T.J. Watson Research center, working on security issues of decentralized enironments such as sensor networks.

harvard_shield.gif Seven Flaws of Identity Management
Speaker: Rachna Dhamija, Harvard University
Time and Location: Friday 02/29 at 11am in LC102

In the last few years, Internet users have seen the rapid expansion of phishing, man-in-the-middle, malware and other attacks that attempt to trick users into revealing sensitive data. We have also seen the introduction of new authentication and identity management systems across the Web. The scale and complexity, combined with the privacy and security requirements of these systems, create steep challenges for usability. To design systems and interfaces to shield users from attacks, it is important to know which kinds of attack strategies are successful and why users are deceived. In this talk, I posit seven flaws or design challenges that must be met for authentication and identity management systems to be usable and accepted by the general public.

Rachna Dhamija is a Postdoctoral Fellow at the Center for Research on Computation and Society at Harvard University. Rachna's research interests span the fields of computer security, human computer interaction and information policy. She received a Ph.D. from U.C. Berkeley, where her thesis focused on the design and evaluation of usable security systems. Previously, Dhamija worked on electronic payment system privacy and security at CyberCash. Her research has been featured in the New York Times, the Wall Street Journal, the Economist and CNN.

elbaz.jpg "Solutions for Memory Authentication"

Speaker: Dr. Reouven Elbaz
Time and Location: Thursday, Feb. 28 at 11 am in LC400

One objective in the design of a secure platform is to ensure that sensitive application outcomes have not been corrupted by a malicious party. For example, an adversary tampering with the memory space of an application can affect the results of its computations. Verifying the integrity (or authenticate) data processed and stored by those secure platforms is then an essential security service to provide. After an overview of existing techniques ensuring memory authentication, namely integrity trees, this talk presents a new parallelizable integrity tree (TEC-Tree: Tamper-Evident Counter Tree). Among other benefits, TEC-Tree provides data confidentiality in addition to data integrity.

Dr. Reouven Elbaz received his PhD. in Computer Engineering from University of Montpellier II in December 2006. The research project (Hardware Mechanisms for Secure Processor-Memory Transactions) he carried out during his graduate studies was a collaboration between the Microelectronics department of the LIRMM (Laboratory of Computer Science, Robotics and Microelectronics - University of Montpellier II) and the Security Group of the company STMicroelectronics. He is now a Research Associate in the Computer Engineering Department of the Princeton University (PALMS Laboratory). His research interests are in computer security, computer architecture, applied cryptography, trusted computing and reconfigurable architectures.

aiello.jpg Hacking Outside the Box
On Wednesday, February 13th, 2008, Michael Aiello of Goldman Sachs (and an ISIS alumnus) will describe his experiences and give insight into the role of hacking in a financial security context. The room is RH227 and the time is 12:30pm. slides

pitneybowes.jpg A Selection of Applied Research Problems in Information Communication
Speaker: Bertrand Haas, Pitney Bowes
Time and Location: Friday Feb 1 at 11am in LC102

Abstract: Bertrand will present several concrete research problems related to the communication of information through parallel or hidden channels (watermarking and steganography) and to the securing of information communication for specific purposes (fingerprinting and authentication).

Bio: Bertrand Haas is Principal Engineer in the Secure Systems research group of the Advanced Concepts and Technology division at Pitney Bowes. He joined this group in 2001 and has been working, since then, on cryptography, coding theory, image processing, graphic security and has more recently been involved in developing solutions for mail voting applications. Bertrand received his Ph.D. in Mathematics from the University of Basel in Switzerland in 1998. He spent a postdoctoral year at the Fields Institute and UofT in Toronto, a year at the Mathematical Science Research Institute and UC in Berkeley and then taught two years at Michigan State University before beginning his corporate career at Pitney Bowes.

wietse.jpg The broken file shredder - secure programming traps and pitfalls
Speaker: Wietse Venema, IBM T. J. Watson
Time and Location: Friday 01/25 at 11am in LC102

Abstract: Wietse analyzes a very small program that is obviously correct, yet completely fails to perform as expected, for more reasons than many people can think of. The audience is expected to have some programming experience, but detailed knowledge of C, UNIX or Windows is not required.

Bio: Wietse Venema is known for his software such as the TCP Wrapper and the POSTFIX mail system. He co-authored the SATAN network scanner and the Coroner's Toolkit (TCT) for forensic analysis, as well as a book on Forensic Discovery. Wietse received awards from the System Administrator's Guild (SAGE), the Netherlands UNIX User Group (NLUUG), as well as a Sendmail innovation award. He served a two-year term as chair of the international Forum of Incident Response and Security Teams (FIRST). Wietse currently is a research staff member at the IBM T. J. Watson research center. After completing his Ph.D. in physics he changed career to computer science and never looked back.

isis_logo.jpg ECE Seminar on the Design of Stream Ciphers
On Friday, December 14th, 2007, there will be a seminar by Dr. Cédric Lauradoux on the topic of stream cipher design. It will take place in LC433 at 10 AM. See here for details.

isis_logo.jpg Modern Cryptography Course
A course in modern cryptography will once again be taught in the spring. For more information, see the course outline.

garfinkel.jpeg Simson Garfinkel - The Drives Project: From Disk Forensics to Media Exploitation
Monday, October 1st, 11am, Dibner Hall LC433

This talk discusses the work to date of the Drives Project, a 9-year (and counting) effort that is creating a large-scale collection of real disk drive images, open source tools, and new techniques for automatically processing data recovered from disk drives and other kinds of storage devices. Today the Drives Project has assembled a corpus of more than 1000 forensically interesting images from hard drives and USB storage devices that were collected all over the world. We have created open source formats, tools and algorithms for automatically analyzing this data in bulk and rapidly producing answers to questions that are relevant to the Defense, Intelligence and Law Enforcement communities. The Project is now in the process of dramatically expanding the global reach of data being acquired and exploring new research opportunities for using this data.

aleksey.jpg Tracking Bots in Poly and Autonomous System Traceback
Aleksey Fateev will be presenting his work on tracking botted machines in Poly this Wednesday, September 26th, at 12:30 PM in RH227, and Sandra Dykes of the Southwest Research Institute will present her work in tracking distributed denial of service attacks using BGP this Friday, September 28th at 11:00 AM in room LC102. See here for more details.

symantec.gif Seminar: The Symantec Internet Security Threat Report
Rob Clyde of Symantec will be presenting at the next CIS seminar, to be held on Friday, September 21st, in LC102. See here for more details.

microsoft.jpg Digital Identity Systems Workshop
On September 20, 2007, Poly/ISIS will be hosting a workshop which will bring together leading experts on the impact of the digital identity systems. more info

Large scale use of digital identity systems that cross institutional boundaries does not seem to be gaining traction. What are the issues that are holding this back? Technology, cost, usability, scalability, cross-institutional trust models? The focus of this workshop is on technologies that will foster development and deployment of digital identity systems, particularly at a system and infrastructure level, not on point technologies.

bhavani.jpg Data Mining for Malicious Code Detection and Security Applications
Friday August 3rd, 11am, LC433

The presentation will provide an overview of data mining, the various types of threats and then discuss the applications of data mining for malicious code detection and cyber security. Then we will discuss the consequences to privacy.

Bio: Dr. Bhavani Thuraisingham joined The University of Texas at Dallas in October 2004 as a Professor of Computer Science and Director of the Cyber Security Research Center in the Erik Jonson School of Engineering and Computer Science.

poly_logo.gif Certificate in Cyber Security
Polytechnic/ISIS now offers a Certificate in Cyber Security. This graduate certificate allows technical professionals to obtain key bodies of knowledge and specializations in Cyber Security. Students will acquire an understanding of various technologies in emerging areas of security like computer and network security, digital forensics, cryptography, and biometrics.

gd_crescenzo.gif Perfect Security for Password Protocols in the Bounded Retrieval Model
Speaker: Giovanni Di Crescenzo, Telcordia

Time and Place: Friday 5/4 at 11am, LC102

Presentation abstract: Despite their popularity and wide applicability, password protocols remain subject to a number of weaknesses. In this talk we introduce a formal model based on reasonable limitations on an adversary's power, under which we can design password protocols that are provably secure against simultaneous intrusions and dictionary attacks. While we do not modify the user's algorithm in the password protocol, we substantially update the server's verification algorithm by using various types of extractors. Our formal model, called the Bounded Retrieval Model, is also of interest for the design and analysis of cryptographic protocols that remain secure against intruders. bio

carrie_gates_sm.jpg Testing Anomaly Detection Systems
Speaker: Dr. Carrie Gates, Research Staff Member, CA Labs

Time and Place: April 25 12:30pm - 2:00pm. Rogers Hall 227

Presentation abstract: Anomaly detection has been widely used as a basis for many network intrusion detection systems. However, anomalies themselves have not been well-defined, and no research has been performed to determine how security events of interest are actually related to anomalous behavior. Additionally, little research has been done in the general area of testing anomaly-based detection systems, resulting in systems that have been tested using poor, out-dated data sets or locally-collected network traffic with unknown characteristics. In this presentation I will introduce some of the previous research in anomaly detection, detailing the larger research questions that have arisen from this work. I will focus in particular on the issues involved in testing anomaly detection systems, presenting some initial results from my own research in this area. bio

isis_logo.jpg Recent Attacks on Hash Functions and Their Impact on Hash-Based Security Schemes
Speaker: Yiqun Lisa Yin - Independent Security Consultant

Time and Place: Monday 4/23 at 11am in LC102

This talk will first provide a survey of recent attacks on hash functions. We will review new techniques introduced in these attacks and analyze some common weaknesses in the design of existing hash functions that made all the attacks possible. We will then consider the impact of these attacks on hash-based security schemes. We will present new results on colliding the X.509 digital certificates and key-recovery attacks on the HMAC authentication protocol. These results show that the strength of a security scheme can be greatly weakened by the insecurity of the underlying hash function. more...

nsa.jpeg Making IA Decisions: Optimizing Risk Assessment Scope
Speaker: Richard Straka - National Security Agency

Time and Place: Friday 4/13 at 11am in LC102

Abstract: Risk Assessments fulfill a variety of decision-making functions in Information Assurance practice, ranging from supporting portfolio-based investment decisions - through architecture, design and certification & accreditation decisions - to operational decisions regarding systems under cyber attack. This presentation investigates the characteristics of the criteria most appropriate to make these decisions - characteristics that affect the likelihood and magnitude of harm to stakeholders and the behavior of adversaries. Particularly, decision-making criteria need to account for and model the stakeholders' tradeoff preferences between security risk and mission-fulfilling operational system characteristics and also the adversaries' tradeoff preferences between payoff, probability of success and risk tolerance.

ing.jpeg Planning and Prioritizing in Financial Sector Information Security
Two representatives from ING Financial Services including Director of Information Risk Management Services James Toczylowski and David Kaplan will give a informal talk in Rogers Hall room 227 at 12:30pm on Wednesday April 11th, 2007. First they will outline their responsibilities and medium-term goals. Then they will describe the kinds of tools and procedures they use. The talk will close with an open discussion and Q/A session intended to provide insight into the current state of information security in the financial sector and what challenges are expected in the near future.

On March 27-28, Poly will be hosting the IP3 Seminar. This workshop is open to IT professionals who want to stay on the cutting edge of the profession.

Seminar topics will include:

  • Cryptography
  • Firewalls
  • IPS's / IDS's
  • Authentication Mechanisms
  • Vulnerabilities and Exploits
  • Regulatory & Compliance Issues
    • Sarbanes-Oxley
    • GLBA
    • HIPAA
    • FISMA
    • SB1386

va.jpg Seminar: Quantifying Social vs. Antisocial Behavior in Email Networks
On Friday March 9, we will have a seminar by Virgilio Almeida from the Federal University of Minas Gerais in Brazil. Prof. Almeida will be visiting Poly for three months (March to May), so this is a good opportunity to become familiar with his research interests.

Topic of talk: Email graphs have been used to illustrate general properties of social networks of communication and collaboration. However, increasingly, the majority of email traffic reflects opportunistic, rather than symbiotic social relations. Here we use e-mail data drawn from a large university to construct directed graphs of email exchange that quantify the differences between social and antisocial behaviors in networks of communication. We show that while structural characteristics typical of other social networks are shared to a large extent by the legitimate component they are not characteristic of antisocial traffic.

sen2.gif Seminar: Practicing Security in a Major Hospital
We have a security talk on February 28th at 12:30. The title of the talk is "Practicing Security in a Major Hospital" and the speaker is Soumitro Sengupta, Chief Security Officer at Columbia University Medical Center. The talk will be highly informative and give you a great glimpse on the type of situations and compromises one makes when in charge of systems security at a medical center.

reiner_sailer.jpg Seminar: Trusted Virtual Data Center Technologies
This talk introduces the Trusted Virtual Data Center (TVDc), which is designed to offer strong enterprise-level security guarantees in hosted data center environments. The IBM Trusted Virtual Data Center, a project defined and pursued by the Secure Systems Department at the IBM T. J. Watson Research Center in Hawthorne NY, is designed to satisfy business-level security goals by simplifying management and providing explicit infrastructure-level containment and trust guarantees for data center environments based on virtualization. This talk will focus on the technologies -- developed at the Secure Systems Department -- that drive the Trusted Virtual Data Center, including the integrity measurement architecture (IMA), the secure hypervisor architecture (sHype), and the virtualized trusted platform module (vTPM). We will close with future work and open research problems. The seminar will be on February 16th, 2007 at 11am in LC102.

nitesh.jpg Seminar: Secure Device Pairing and Privacy on the Internet
In this talk, Prof. Nitesh Saxena will give an overview of some of his very recent research on the topics of secure device pairing and privacy on the public internet. Time and Place: Friday 2/2 at 11am in LC 102.

fiber-80.jpg Cisco Sponsors ISIS Lab

Cisco has given a product grant worth $150,000 to the ISIS Lab. The equipment includes 10Gbit/s switches, routers, and advanced firewalls. The hardware will be used for research and teaching.

cisco.gif Free Cisco security bootcamp at Poly

The Information Systems and Internet Security (ISIS) Laboratory at Polytechnic University, Brooklyn is hosting a Cisco Systems-sponsored Security Bootcamp for faculty and staff. Please see here for more details.

nitesh3.jpg New Course: Modern Cryptography
Professor Nitesh Saxena will teach CS996 Modern Cryptography in the spring semester. The course will cover current techniques from a theoretical perspective, the emphasis of the course being on "provable security". In particular, the course will cover the cryptographic primitives that are the building-blocks of various cryptographic applications. The cryptographic primitives that will be discussed include pseudo-random functions, symmetric encryption (block ciphers), hash functions and random oracles, message authentication code, asymmetric encryption and digital signatures.

pistoia.jpg New Course: Application Security
Dr. Marco Pistoia will teach a new course in the spring semester, CS9164, titled "Application Security" which is highly recommended for all interested in security. The course will have emphasis on writing secure distributed programs in Java, Standard Edition (Java SE), Java, Enterprise Edition (Java EE), JavaScript, and PHP. For more information, see the course description and brief bio of the instructor.

9094profs_sm.jpg Biometrics for Computer Authentication and Identification
We have an outstanding pair of new instructors, Larry O'Gorman from Avaya and Nalini Ratha from IBM Research teaching our online biometrics course, CS9094, this coming spring semester. The course description and brief instructor biographies provide more details.

dod.gif DoD Scholarship Applications
Applications for the Department of Defense information assurance scholarship are now available with a deadline of February 9th, 2007. Please see the Scholarships page for more details.

metcalfe.jpeg Ethernet Is the Answer. What Is the Question?
Bob Metcalfe, inventor of ethernet and founder of 3Com, will give a talk in Dibner Auditorium on Thursday, December 7th at 4pm. More information can be found here.
Event date: 12/7/2006

vmware.gif Security and Virtualization: VMware's approach
VMware's Senior Director of R&D on the East Coast and the Head of the Security Technologies Group, which focuses on security oriented projects that take advantage of the existing virtualization layer, will be visiting Poly on Tuesday 11/28. The talk will be at 2pm in LC229. more info
Event date: 11/28/2006

kstate.jpg Secure Information Flow
Anindya Banerjee of Kansas State University will give a a talk titled, "Secure Information Flow and Access Control in a Java-like Language." The event will be in LC433 at 3pm. More information can be found here.
Event date: 11/15/2006

csaw64.jpg CSAW 2006 Award Ceremony Talk
Neal Ziring, Technical Leader, Vulnerability Analysis and Operations, NSA, will be the keynote speaker and give a talk titled "Emerging trends in cyber-security attacks and defense."
Event date: Thursday, Nov 9, 4-6PM

sven.jpeg From DDoS to Botnets
The next CIS Seminar will be on Monday October 30, at 11am in LC400. The speaker will be Sven Dietrich form Carnegie-Mellon University.
Event date: 10/30/2006

hitchcock_jayne.jpg Cyber Security Week Speaker
Jayne A. Hitchcock will be the speaker. Monday November 6 at 1pm in Dibner Auditorium. Click here for more info.

csaw64.jpg CSAW 2006
CSAW 2006 will be November 6, 7, 8, and 9. Events include Capture the Flag, Student Research Posters, Cyber Security Quiz, Digital Forensics Challenge, Student Essay Contest, and a Cyber Security Awareness Poster Competition. And of course there are nice prizes for each event.

angelo_k.gif CIS Seminar
Angelos Keromytis will join us on Friday, September 15th, 2006 for a seminar titled "Application Communities: A Collaborative Approach To Software Security." The talk will be held in LC102 at 11am. In his talk, Dr. Keromytis will describe the concept of Application Communities, some of their basic operational parameters, and his preliminary work in demonstrating their feasibility. more...

skm2.gif Secure Knowledge Workshop
Poly/ISIS is hosting the Secure Knowledge Management 2006 Workshop. The dates are September 28-29, 2006.

ieee_logo64.jpg IEEE Workshop
The 2006 IEEE International Workshop on Wireless Ad-hoc and Sensor Networks (IWWAN) will take place in the Dibner Library Building, Polytechnic University, June 28-30 (Wednesday - Friday).

hope_button.gif Hope
HOPE 6 will be in Manhattan on July 21, 22, and 23, 2006. ISIS will be there.

nitesh.jpg Nitesh Sexena
Nitesh Saxena from UC Irvine will be joining Poly in Fall 2006. Dr. Saxena is a specialist in the area of mobile security. His research focuses on key distribution and trust management in ad hoc networks.