Cybersecurity Lecture Series


Come face to face with real solutions

Meet academic and industry leaders for intimate discussions about new cyber threats, trends and technologies.

The Cybersecurity Lecture Series at Georgia Tech is a free, one-hour lecture from a thought leader who is advancing the field of information security and privacy. Invited speakers include executives and researchers from Fortune 500 companies, federal intelligence agencies, start-ups and incubators, as well as Georgia Tech faculty and students presenting their research. Lectures are open to all -- students, faculty, industry, government, or simply the curious. Students may register for credit under seminar course CS-8001-INF.


Inquire about speaking.

Sponsor the series.




Join us Fridays at Noon at Georgia Tech

Sign up to receive future alerts.

Klaus Advanced Computing Building
Room #1116W
266 Ferst Drive, Atlanta

unless otherwise noted.

Next event: Feb. 23

Hong Hu
Postdoctoral Fellow, School of Computer Science


"Hacking Data-flow for Turing-complete Attacks"

Control-flow hijacking attacks from memory errors become more and more difficult as targeted defense mechanisms gain wide deployment. As an alternative, non-control data attacks do not require diverting the application’s control flow, and thus can bypass existing advanced defense mechanisms. Although it is known that such data-oriented attacks can mount significant damage, we are not clear about their real expressiveness.

In this talk, Hong Hu will first present data-flow stitching, a systematic method to build data-oriented attacks. Instead of corrupting individual data inside the program, data-flow stitching breaks existing data-flows and connects the fragments in a malicious manner, thus enabling systematic construction. Then he will propose data-oriented programming, a novel method to build expressive data-oriented attacks -- even Turing-complete attacks. Finally, he will show data-oriented attacks against Chromium that bypass the fundamental SOP policy.

Hong Hu, Ph.D., is a postdoctoral fellow in School of Computer Science, College of Computing, at the Georgia Institute of Technology. His research interest focuses on system security. Currently, he is working on the memory error detection, exploitation and defense. His research work has been published at several premier, academic conferences including IEEE Symposium on Security & Privacy, Usenix, ACM Conference on Computer and Communications Security, the European Symposium on Research in Computer Security (ESORICS), and the International Conference on Engineering of Complex Computer Systems (ICECCS). He earned the Best Paper Award from ICECCS '14. Prior to joining Georgia Tech,  he obtained his Ph.D. degree from National University of Singapore.


Coming Up...

March 2 - Erkam Uzun, Ph.D. student, School of Computer Science





Recent Highlights


On Feb. 16, Malachi Jones of Booz Allen Dark Labs presented his method for automated in-memory malware detection. [Slides]


Kennon Bittick, a research scientist in the CIPHER Lab at the Georgia Tech Research Institute, explained better methods for vulnerability analysis during the Feb. 2 session. [Video]


Jerry Perullo, chief information security officer at the Intercontinental Exchange, Inc., explained on Feb. 2 how his organization rates and prioritizes incoming cyber threats to the world's financial trading platforms. [Slides] [Video]


Brendan Saltaformaggio, from the School of Electrical & Computer Engineering, presented a technique for cyber forensics that scans volatile RAM in his talk, "Convicted by Memory: Recovering Spatial-Temporal Digital Evidence from Memory Images" [Slides] on Jan. 19.


Dave Levin, of the University of Maryland, shared a better method for tracking digital certificate revocations in his talk, "Revocations Are Dead. Long Live Revocations" on Jan. 12.

Past Lectures


Video and slides are available from speakers who permitted their presentations to be shared. Recordings are provided as a courtesy of the Georgia Tech Library System.




Thank You to Our Fall '17 Speakers

Energy & Cybersecurity

"Energy System Cybersecurity and Operational Reliability"
Sakis Meliopoulos, Institute for Information Security & Privacy

“Out of Control: the expanded attack surface of control systems” [Video]
Raheem Beyah, Georgia Tech School of Electrical & Computer Engineering


Internet & Infrastructure

"Multi-stakeholder Network Security Concerns" [Article]
Tony Tauber, Comcast

"Security and Privacy Issues of Modern Web Browsers" [Video]
Nick Nikiforakis, Stony Brook University


Public Policy

“The Domestic Benefits of Subversive Foreign Propaganda: The RT (Russia Today) News Network and Geopolitical Muckraking” [Video]
Hans Klein, Georgia Tech School of Public Policy

“The Non-Code Aspects of Cybersecurity and the Globalization of Criminal Evidence” [Slides] [Video]
Peter Swire, Institute for Information Security & Privacy

“What Can Social Science Contribute to Cybersecurity Attribution Research?”
Milton Mueller, Georgia Tech School of Public Policy

"What Constitutes an Act of War in Cyberspace?" [Video]
Holly Dragoo, CIPHER Laboratory, Georgia Tech Research Institute


Software, Systems & Hardware

"Why Memory Corruption is Hard" [Video]
Mathias Payer, Purdue University

"Can Trust Be Delivered As a Service?"
Margaret Loper, Institute for Information Security & Privacy

"Tracing the Arc of Smartphone Application Security" [Video]
Patrick McDaniel, professor and director, Institute for Network and Security Research, The Pennsylvania State University


Threat and Fraud Detection

"Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud" [Video]
Terry Nelms, Pindrop Security

“Modern Malware and Secure Techniques for Better Software” [Video]
Joel Odom, CIPHER Lab, Georgia Tech Research Institute

"Automatic Feature Engineering: Learning to Detect Malware by Mining the Scientific Literature" [Video]
Tudor Dumitras, assistant professor, University of Maryland

Thank You to Our Spring '17 Speakers

Alexander Degitz, Exchange Research Scholar, Georgia Tech
"Secure Data Outsourcing: Access Pattern Confidentiality in Outsourced Databases"

Arvind Narayanan, assistant professor of computer science, Princeton University
"Online Tracking: A 1-million-site Measurement and Analysis" [Video]

Phani Vadrevu, Ph.D. student, University of Georgia
NDSS'17 Conference Preview: "Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots" [Video]

Kangjie Lu, Ph.D. candidate, Georgia Tech, School of Computer Science
"Defeating Advanced Memory-Error Exploits by Preventing Information Leaks"

Yeongjin Jang, Ph.D. candidate, Georgia Tech, School of Computer Science
"Protecting Computing Systems from Emerging Attacks"

Tianxin Tang, Ph.D. student, Georgia Tech, School of Computer Science
"Keyless Fuzzy Search for Data-based Access Control"

Mattia Fazzini, Ph.D. student, Georgia Tech, School of Computer Science
"Tagging and Tracking of Multi-level Host Events for Transparent Computing" [Video]

Shan Chen, Ph.D. student, Georgia Tech, School of Computer Science
"Human Computing for Handling Strong Corruptions in Authenticated Key Exchange" [Video]

David Formby, Ph.D candidate, Georgia Tech, School of Electrical & Computer Engineering
"Out of Control: Ransomware for Industrial Control Systems" 

Bharat Srinivasan, Ph.D. student, Georgia Tech, School of Computer Science
"Exposing Cross-Channel Abuse in Converged Communications Infrastructure with Text-Messaging Scams" [Video]

Yanick Fratantonio, Ph.D. candidate, University of California, Santa Barbara
"Cloak & Dagger: From Two Android Permissions to Complete Control of the UI Feedback Loop"

Brandon Eames, technical lead, Sandia National Laboratories
"On Trust Analysis for Microelectronics-Based Systems"

James Plusquellic, professor of electrical engineering, University of New Mexico
"Hardware-Based Security and Trust For IoT and Supply Chain Authentication" [Video]

Thank you to our Fall '16 Speakers

Nicolas Christin, associate research professor, Carnegie Mellon University CyLab
"Security Analytics: Bridging large-scale data collection and analysis with human factors to design better defenses" [Video]

Terry Nelms, Pindrop
"Towards Measuring and Mitigating Social Engineering Software Download Attacks" [Video]

Curtis Walker, Draper Laboratory
"Myths of Computer Security"

Milos Prvulovic, professor, Georgia Tech School of Computer Science
"Understanding, Alleviating and Exploiting Electro-Magnetic Side-Channel Signals" [Video]

Yeongjin Jang, PhD student, Georgia Tech School of Computer Science
"Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX" [Video]

Frank Wang, PhD student, MIT & Cybersecurity Factory
"Cryptographically Enforced Access Control for User Data in Untrusted Clouds" [Presentation Slides[Video]

Yousef Iskander, hardware security researcher, and Dmitry Kuchynski, security principal, Cisco Security Group
"Managing Product Security and Integrity in a Global Supply Chain" [Video]

Malachi G. Jones, embedded security researcher, Booz Allen Dark Labs
"Automating Analysis and Exploitation of Embedded Device Firmware"  [Presentation Slides]

Michalis Polychronakis, assistant professor, Stony Brook University
"Defending against Advanced Return-Oriented Programming Attacks"  [Video]

Patrick Schaumont, professor, Virginia Tech
"Fault Injection as an Attack Vector Against Trustworthy Embedded Systems"  [Video]

Chris Smoak, division chief, GTRI Cyber Technology & Information Security Laboratory
"The Evolution of Modern Malware: Technology Trends and Motivations” [Video]

Jeff Reava, CISSP, CISM, CISA; director of information security operations, Jackson National Life Insurance Company
"Leveraging Information Symmetry and Asymmetry for Effective Cyber Defense”  [Presentation Slides]

Maria Konte, post-doctoral fellow, Georgia Tech School of Computer Science
“ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes” [Video]

Ling Liu, professor, Georgia Tech School of Computer Science
"The Evolution of Data Privacy: From Concept to Execution"

Thank you to our Spring '16 speakers

Wenke Lee, professor, College of Computing
Stephen Pair, CEO, BitPay  [Video]
Frank Wang, coordinator, The Cybersecurity Factory  [Video]
Sivakumar "Siva" Raghupathy, director, CREATE-X
Adam Wenchel, VP for Security & Tech Analytics, Capital One  [Video]
Kyle Grossman and Jim Schwoebel, co-founders, CyberLaunch
John Corliss, senior computer scientist, U.S. Department of Homeland Security  [Video]
Tim Junio, co-founder and CEO, Qadium Inc.

And Graduate Students:

Byoungyoung Lee  [Video]
Kangjie Liu
David Formby
Chengyu Song
and Ren Ding  [Video]