Eric Dull, Drew Walsh, Scott Riede (Deloitte and Touche)

Cyber has been the original big-data for decades. Since Denning and Neumann’s 1985 whitepaper on statistical analysis for intrusion detection systems1, cyber has seen the need for complex event processors to manage the scale of cyber data. Security Operations Centers (SOCs) have been successful in overcoming this challenge, as evidenced by the rise of behavioral analytics, supervised machine learning methods, training data sets, and the scaling of technology. This talk will describe the strategies used in successful automation, AI adoption, and implementation and offer a framework for engaging executives to help guide effective AI use in the broader organization outside of the SOC.

View More Papers

OCPPStorm: A Comprehensive Fuzzing Tool for OCPP Implementations (Long)

Gaetano Coppoletta (University of Illinois Chicago), Rigel Gjomemo (Discovery Partners Institute, University of Illinois), Amanjot Kaur, Nima Valizadeh (Cardiff University), Venkat Venkatakrishnan (Discovery Partners Institute, University of Illinois), Omer Rana (Cardiff University)

Read More

Facilitating Non-Intrusive In-Vivo Firmware Testing with Stateless Instrumentation

Jiameng Shi (University of Georgia), Wenqiang Li (Independent Researcher), Wenwen Wang (University of Georgia), Le Guan (University of Georgia)

Read More

IDA: Hybrid Attestation with Support for Interrupts and TOCTOU

Fatemeh Arkannezhad (UCLA), Justin Feng (UCLA), Nader Sehatbakhsh (UCLA)

Read More