Speaker: Moti Yung, Snapchat & Columbia University, USA
Title: The Advertisement Exchange: How to Develop Agile Cryptographic Support for an Evolving Ecosystem
Developing of Systems within a global infrastructure (or a cloud) has to take into account that the underlying system will evolve, new versions of software will develop, and if the system is successful then further services will be added.
The development of security tools to such systems has to consider agility and scale-up of the initial design and adaptation to the evolving nature of the system. In fact, we argue that this is a basic principle in deployment of security solutions in modern global ecosystems. For example, cryptographic solutions have to be designed with extended scope in mind and with enough flexibility to allow the growing system to be able to exploit the existing cryptographic tools and methods (since a drastic change may be overly complex and will result in much development overhead).
We demonstrate this "agility principle" by reviewing the development of cryptographic solution to Google's global Advertisement Exchange (ADX), which is the system managing auctions for placing banner ads throughout the Internet.
Moti Yung is a Security and Privacy Scientist with a main interest in Cryptography: its Theory and its Real life Applications. He graduated from Columbia University in 1988 and is an adjunct senior research faculty at Columbia till today. In parallel he has had an industrial research career working at places like IBM, RSA Labs. (EMC), Google, and Snap. Yung is a fellow of ACM, of IEEE, of the International Association for Cryptologic Research (IACR) and the European Association for Theoretical Computer Science (EATCS). Among his awards are ACM's SIGSAC Outstanding Innovation Award in 2014, and 2018 IEEE Computer Society W. Wallace McDowell Award. His research covers broad areas: from the theory and foundations, to applied systems, and actual engineering efforts of cryptography and secure systems.
Speaker: Vern Paxson, Professor, University of California, Berkeley / Corelight, Inc. / International Computer Science Institute, USA
Title: Finding Very Damaging Needles in Very Large Haystacks
Many of the most costly security compromises that enterprises suffer manifest as tiny trickles of behavior hidden within oceans of other site activity. This talk will exam the problem of developing robust detectors for particular forms of such activity. The themes include research pitfalls, the crucial need to leverage domain knowledge in an apt fashion, and why machine learning is very difficult to effectively apply for such problems.
Vern Paxson is a Professor of EECS at UC Berkeley, and co-founder and Chief Scientist of Corelight, a company based on the network monitoring technology he has developed for many years. He also leads the Networking and Security Group at the International Computer Science Institute in Berkeley. His research focuses heavily on measurement-based analysis of network activity and Internet attacks. He works extensively on high performance network monitoring, detection algorithms, cybercrime, and countering censorship and abusive surveillance. He was inducted in 2006 as a Fellow of the ACM, and in 2011 he received ACM's SIGCOMM Award "for his seminal contributions to the fields of Internet measurement and Internet security, and for distinguished leadership and service to the Internet community." His measurement work has also been recognized by ACM's Grace Murray Hopper Award and by the 2015 IEEE Internet Award.