The Internet of Things and the Four Horsemen of the Apocalypse

The internet of things or internet of anything is coming while the four horsemen of the apocalypse namely cloud, mobile, social, and big data have arrived. Consequently, we are headed to world that is sensor rich and data obese where everything is connected and disrupted. The scale, complexity, and potential pervasiveness of IOT technology are epic. However, technology is not always kind. It does not ask or say please. That is our job as researchers and technologists. This talk will seek to address the IOT challenge by describing the current state of IOT, what our security challenges are, suggest some research questions, and offer some path forward.

Tim Grance is a senior computer scientist in the Information Technology Laboratory at the National Institute of Standards and Technology in Gaithersburg, MD. He has held a variety of positions at NIST including Group Manager, Systems and Network Security and Program Manager for Cyber and Network Security. He has led a broad portfolio of projects including high profile projects such as the NIST Hash Competition, Cloud Computing, Security Content Automation Protocol (SCAP), Protocol Security (DNS, BGP, IPv6), Combinatorial Testing, and the National Vulnerability Database. He is presently a senior researcher advising on various projects in cloud computing, mobile devices/applications, and big data. He has extensive public and private experience in accounting, law enforcement, and computer security. He has written on diverse topics including cloud computing, incident handling, privacy, metrics, contingency planning, forensics, and identity management. He was named in 2003 to the Fed 100 by Federal Computer Week as one of the most influential people in Information Technology for the US Government. He is also is a two time recipient of the US Department of Commerce’s highest award—a Gold Medal, from the Secretary of Commerce.

Evolution of Badness: A Safe Browsing Perspective

Google's Safe Browsing has protected users from malicious content for over 8 years. During that time, the platforms users employ to access content have become more diverse and the threat landscape more sophisticated. This talk discusses the evolution of Safe Browsing in the context of an arms race against adversaries and provides numerous examples to illustrate the adversarial nature of protecting users not only on desktop platforms but also on mobile systems such as Android. Measurements from over 8 years of protecting users show a shift in exploitation away from drive-by downloads to time proven techniques such as social engineering to newer challenges such as unwanted software. The talk concludes with a survey of the current situations and speculative outlook for the future.

Niels Provos is a Distinguished Engineer in Google's Infrastructure Security group. His interests span a wide range of security topics including malware and cloud security. He received a Ph.D. from the University of Michigan in 2003. When not working with computers, he forges steel into swords.