Managing Digital Evidence Following the Boston Marathon Bombing
Kevin Swindon, FBI
The presentation focuses on the FBI's response to the Boston Marathon bombing and the emergency trend of evaluating unprecedented amounts of digital evidence and data. A review of the digital media evidence review process and overarching issues of crisis response, crisis leadership, technology and managing the media are examined.
Life after the Virus Signature: Machine Learning for Identifying Malware
Louw Smith, Boston College
Wherein we ask the questions: What do 200k malware binaries have in common? Can we use that information to find "unknown" malware? And most importantly, can we make the machines do all the work for us? We will briefly talk about the results, methods, and pitfalls of machine learning for malware analysis.
Cybercrime: The College Edition
Morvareed (Moury) Bidgoli, The Pennsylvania State University
The results from two studies that have been conducted with college students on two different campuses will be presented. These studies cover college students’ cybercrime victimization experiences, their online behaviors (i.e., preventative measures), their overall awareness about cybercrimes and cybercrime reporting, and better understanding their decision making process behind filing a cybercrime report. While we find that college students are not immune to being victims of cybercrimes, there is a disparity between their positive inclination towards cybercrime reporting and their self- efficacy with regards to cybercrime reporting. Our work provides public policy implications. Initiatives need to be taken towards better educating the public about how to formally report cybercrimes since such an action provides valuable information for law enforcement to effectively combat cybercrimes and increases the public’s awareness of the prevalence of cybercrimes as a means to mitigate their future cybercrime risk.
Attacking Multi-Factor Authentication
Paul Nash, Harvard University
You’ve just deployed multi-factor authentication campus wide - what happens next? The attackers up their game. Paul will discuss attacks against multi-factor authentication that have been seen in the wild and provide some steps that you can take to identify them.
Getting Cozy with Cozy Bear
Nathan Hall, Harvard University
At BC Security Camp last year Nathan spoke about detection and response to APT activity on Harvard systems and plans to mitigate the impact of future attacks. 2016 saw additional APT attacks targeting Harvard and other higher-ed institutions. Come hear about the successes and failures, and the changing tactics of both sides in this cat and mouse game.
Two-step Verification Lessons Learned
Christian Hamer, Harvard University
How did we get 50,000+ people using Duo two-step verification in two months? We will review our project and talk about some of the critical success factors and lessons learned in rolling this out to the community. We will talk about why we decided to do this, highlight some of the benefits that we’ve seen that may help anyone trying to make a case for two-step and provide a “readiness checklist.”
Philip Aldrich, EMC
To guard against security threats, organizations need to continuously monitor the computer systems and applications they have deployed, incorporate security upgrades to software and deploy updates to configurations. The Security Content Automation Protocol (SCAP), pronounced "ess-cap", comprises a number of open standards that are widely used to enumerate software flaws and configuration issues related to security.