1st Keynote Speaker
Prof. Elisa Bertino
Purdue University, USA
Title: Privacy in the Era of Big Data, Machine Learning, IoT, and 5G
Abstract: Technological advances, such as IoT devices, cyber-physical systems, smart mobile devices, data analytics, social networks, and increased communication capabilities are making possible to capture and to quickly process and analyze huge amounts of data from which to extract information critical for many critical tasks, such as healthcare and cyber security. In the area of cyber security, such tasks include user authentication, access control, anomaly detection, user monitoring, and protection from insider threat. By analyzing and integrating data collected on the Internet and the Web one can identify connections and relationships among individuals that may in turn help with homeland protection. By collecting and mining data concerning user travels, contacts and disease outbreaks one can predict disease spreading across geographical areas. And those are just a few examples. The use of data for those tasks raises however major privacy concerns. Collected data, even if anonymized by removing identifiers such as names or social security numbers, when linked with other data may lead to re-identify the individuals to which specific data items are related to. Also, as organizations, such as governmental agencies, often need to collaborate on security tasks, data sets are exchanged across different organizations, resulting in these data sets being available to many different parties. Privacy breaches may occur at different layers and components in our interconnected systems. In this talk, I first present an interesting privacy attack that exploits paging occasion in 5G cellular networks and possible defenses. Such attack shows that achieving privacy is challenging and there is no unique technique that one can use; rather one must combine different techniques depending also on the intended use of data. Examples of these techniques and their applications are presented. Finally, I discuss the notion of data transparency – critical when dealing with user sensitive data, and elaborate on the different dimensions of data transparency.
Bio:Elisa Bertino is the Samuel D. Conte Professor of Computer Science at Purdue University. She serves as Director of the Purdue Cyberspace Security Lab (Cyber2Slab). In her role as Director of Cyber2SLab she leads multi-disciplinary research in data security and privacy. Prior to joining Purdue, she was a professor and department head at the Department of Computer Science and Communication of the University of Milan. She has been a visiting researcher at the IBM Research Laboratory (now Almaden) in San Jose and visiting professor at the Singapore Management University and the National University of Singapore. Her recent research focuses on cybersecurity and privacy of cellular networks and IoT systems, and edge analytics and machine learning for cybersecurity. Elisa Bertino is a Fellow member of IEEE, ACM, and AAAS. She received the 2002 IEEE Computer Society Technical Achievement Award for "For outstanding contributions to database systems and database security and advanced data management systems", the 2005 IEEE Computer Society Tsutomu Kanai Award for "Pioneering and innovative research contributions to secure distributed systems", the 2014 ACM SIGSAC Outstanding Contributions Award with citation "For her seminal research contributions and outstanding leadership to data security and privacy for the past 25 years", and the 2019-2020 ACM Athena Lecturer Award. She is currently serving as ACM Secretary-Treasurer.
2nd Keynote Speaker
Prof. Bhavani Thuraisingham
The University of Texas at Dallas, USA
Title: SecAI: Integrating Cyber Security and Artificial Intelligence
Abstract: Artificial Intelligence (AI) emerged as a field of study in Computer Science in the late 1950s. Researchers were interested in designing and developing systems that could behave like humans. This interest resulted in substantial developments in areas such as expert systems, machine learning, planning systems, reasoning systems and robotics. However, it is only recently that these AI systems are being used in practical applications in various fields such as medicine, finance, marketing, defense, and manufacturing. The main reason behind the success of these AI systems is due to the developments in data science and high-performance computing. For example, it is now possible collect, store, manipulate, analyze and retain massive amounts of data and therefore the AI systems are now able to learn patterns from this data and make useful predictions.
While AI has been evolving as a field during the past sixty years, the developments in computing systems and data management systems have resulted in serious security and privacy considerations. Various regulations are being proposed to handle big data so that the privacy of the individuals is not violated. For example, even if personally identifiable information is removed from the data, when data is combined with other data, an individual can be identified. Furthermore, the computing systems are being attacked by malware resulting in disastrous consequences. In order words, as progress is being made with technology, the security of these technologies is in serious question due to the malicious attacks.
Over the decade. AI and Security are being integrated. For example, machine learning techniques are being applied to solve security problems such as malware analysis, intrusion detection and insider threat detection. However, there is also a major concern that the machine learning techniques themselves could be attacked. Therefore, the machine leading techniques are being adapted to handle adversarial attacks. This area is known as adversarial machine learning. Furthermore, while collecting massive amounts of data causes security and privacy concerns, big data analytics applications in cyber security is exploding. For example, an organization can outsource activities such as identity management, intrusion detection and malware analysis to the cloud. While AI techniques are being applied to solve cyber security problems, the AI systems have to be protected. For example, how can the machine learning systems be protected from the attacks? What are the threats to the planning systems? How can expert system carry out their functions in the midst of malware attacks? What are the appropriate access control models for AI systems? How can we develop appropriate security policies for AI systems? These are questions that researchers are beginning to provide answers to.
To assess the developments on the integration of AI and Security over the past decade and to determine future directions, the presentation will focus on two major questions: (i) how can the developments in AI techniques be used to solve security problems and (ii) how can we ensure that the AI systems are secure and(iii) what are the security and privacy considerations for AI systems. Second, it will describe the application of AI including machine learning for cyber security applications such as insider threat detection. Third, it will discuss the trends in areas such as adversarial machine learning that take into consideration the attacker’s behavior in developing machine learning techniques. Fourth, it will discuss some emerging trends in carrying out trustworthy AI so that the AI techniques can be secured against malicious attacks. Fifth, it will focus on the privacy threats due to the collection of massive amounts of data and potential solutions. Finally, it will discuss the next steps.
Bio:Dr. Bhavani Thuraisingham is the Founders Chaired Professor of Computer Science and the Executive Director of the Cyber Security Research and Education Institute at the University of Texas at Dallas. She is also a visiting Senior Research Fellow at Kings College, University of London and a Fellow of the ACM, IEEE, the AAAS, the NAI and the BCS. She has received several awards including the IEEE CS 1997 Technical Achievement Award, ACM SIGSAC 2010 Outstanding Contributions Award, and the ACM SACMAT 10 Year Test of Time Awards for 2018 and2019. She co-chaired the Women in Cyber Security Conference (WiCyS) in 2016 and delivered the featured address at the 2018 Women in Data Science (WiDS) at Stanford University and has chaired several conferences for ACM and IEEE. Her 39 years career included industry (Honeywell), federal laboratory (MITRE), US government (NSF) and US Academia. Her work has resulted in 130+ journal articles, 300+ conference papers, 140+ keynote and featured addresses, six US patents, fifteen books as well as technology transfer of the research to commercial and operational systems. She received her PhD from the University of Wales, Swansea, UK, and the prestigious earned higher doctorate (D. Eng) from the University of Bristol, UK.