Individualized Cybersecurity Research Mentoring (iMentor) Workshop 2021

Radia Perlman

Bio: Dr. Perlman earned her Ph.D. from MIT and is currently employed by Dell EMC. She was elected a member of the National Academy of Engineering in 2015 for contributions to Internet routing and bridging protocols. She is most famous for her invention of the Spanning Tree Protocol (STP), which is fundamental to the operation of network bridges. She also served as a professor at both Harvard University and the University of Washington, has written or co-written two textbooks, and has been the keynote speaker at events all over the world.

Elena Ferrari

Bio: Dr. Ferrari is a full professor of Computer Science at the University of Insubria, Italy, where she leads the STRICT SociaLab. She received her Ph.D and M.Sc. degree in Computer Science from the University of Milano (Italy). Her research interests are in the broad area of cybersecurity, privacy, and trust and has published more than 270 scientific papers. Her current research includes Big Data and IoT security and privacy, access control, machine learning for cybersecurity, risk analysis, blockchain, and secure social media. She also extensively promotes cybersecurity and privacy to women and has supervised numerous female PhD students. In 2018, she has been named one of the 50 most influential Italian women in tech.

Tuba Yavuz

Title: Securing the IoT using Model Guided Analysis

Abstract:

The number of Internet of Things (IoT) devices has already exceeded 26 billion. A typical IoT ecosystem has a wide attack surface, in which software vulnerabilities play an important role. Despite recent advances in program analysis techniques and decision procedures, the complexity of system software creates challenges for vulnerability detection in terms of scalability and precision. In this talk, I will introduce Model Extraction and Model Guided Analysis as an effective approach for detecting vulnerabilities in the IoT ecosystem. I will present our experience in detecting vulnerabilities in Bluetooth firmware, device drivers, and cryptographic libraries. I will conclude with a roadmap for Optimized Model Extraction and Model Guided Analysis.

Bio:

Dr. Tuba Yavuz is currently an Assistant Professor at the Electrical and Computer Engineering Department of University of Florida (UF). She is also affiliated with the Nelms Institute for the Connected World and the Florida Institute of Cyber Security Research (FICS) at UF. She received her Ph.D. in computer science from the Computer Science Department of University of California, Santa Barbara in 2004. Her research areas include formal methods, software engineering, and system security. She has recently developed tools and techniques for detecting vulnerabilities and malicious behavior in system software. She received an NSF CAREER Award in 2020 to develop automated model extraction techniques to improve IoT reliability and security.

Heng Xu

Bio: Dr. Heng Xu is a Professor of Information Technology and Analytics in the Kogod School of Business at the American University, where she also serves as the Director of the Kogod Cyber Governance Center. Before joining Kogod in 2018, she served as a faculty member at the Pennsylvania State University for 12 years, as well as a program director at the National Science Foundation for 3 years. Dr. Xu's recent research focuses on AI governance, privacy protection, data ethics, and algorithmic fairness. Her scholarly work has been published in premier outlets across various fields.

Behnaz Hassanshahi

Bio: Dr. Behnaz Hassanshahi is a Senior Researcher at Oracle Labs Australia. In her current role, Dr. Hassanshahi is working as the technical lead of Gelato, a Dynamic Application Security Testing (DAST) tool that analyses client-side JavaScript applications to find security vulnerabilities both at the client and server side of web applications. During the past few years, She has explored various static and dynamic analysis as well as fuzzing techniques to analyse client-side and server-side JavaScript programs. Dr. Hassanshahi conducts research in the area of program analysis and its intersection with computer security that will improve the security of large complex software.

Weihang Wang

Bio: Dr. Weihang Wang is an Assistant Professor at University at Buffalo (SUNY Buffalo). Her research interests are in software engineering and computer systems. Before joining University at Buffalo, Dr. Wang received her Ph.D. degree in Computer Science from Purdue University in 2018. She was awarded an NSF CAREER Award in 2021, a Facebook Testing and Verification Research Award in 2019, a Mozilla Research Award in 2019, and Maurice H. Halstead Memorial Research Award (from Purdue University) in 2018.

Bhavani Thuraisingham

Bio: Dr. Bhavani Thuraisingham is the Louis A. Beecherl, Jr. Distinguished Professor of computer science and the Executive Director of the Cyber Security Research and Education Institute at the University of Texas at Dallas. She is a Visiting Senior Research Fellow in the Department of Informatics at Kings College University of London and a 2017-2018 Cyber Security Policy Fellow at New America. Dr. Thuraisingham has 40 years of work experience in the commercial industry (Honeywell), Federally Funded Research and Development Center (MITRE), Government (NSF), and Academia. She has conducted research in cyber security for thirty years and specializes in applying data analytics for cyber security. Her work has resulted in over 100 keynote addresses, 120 journal papers, 300 conference papers, 15 books, and 8 patents.

Elisa Bertino

Bio: Dr. Elisa Bertino is a professor at the Department of Computer Science, Purdue University. She heads the Cyber Space Security Lab (Cyber2Slab) carrying out groundbreaking research on protection from insider threat, security of IoT, sensors, embedded systems, and drones, digital identity management, data security and privacy on the cloud, privacy of mobile devices, data trustworthiness. Her main research interests cover many areas in the fields of information security and database systems. Her recent research focuses on the security of cellular networks and of mobile applications, and AI techniques for cybersecurity.