Security Innovations in the Big-Data Era

Speaker: XiaoFeng Wang, School of Informatics and Computing, Indiana University, Bloomington

Date/Time: 16 March 2016, Wednesday, 10:00 AM to 11:30 AM

Venue: SR@LT19

Chaired by: Saxena Prateek, School of Computing (prateeks@comp.nus.edu.sg)


Registration: https://goo.gl/u1R8wg

Refreshment provided; Limited seats: 40 pax; First come first serve


Abstract:

The rapid progress in computing has produced a huge amount of data, which will continue to grow in the years to come. In this big-data era, we envision that tomorrow’s security technologies will be data-centric: new defense will become smart and proactive by using the data to understand what the attackers have already done, what they are about to do, what their strategies and infrastructures are; effective protection will be provided for dissemination and analysis of the data involving sensitive information on an unprecedented scale. In this talk, I report our first step toward this future of secure computing. We show that through effective analysis of over a million Android apps, previously unknown malware can be detected within a few seconds, without resorting to conventional Anti-Virus means such as signatures and behavior patterns. Also, by leveraging trillions of web pages indexed by search engines, we can capture tens of thousands of compromised websites (including thos e of government agencies like NIH, NSF and leading education institutions world-wide) by simply asking Google and Bing right questions and automatically analyzing their answers through Natural Language Processing. Further, we found that an in-depth understanding about the unique features of human genomes and how they are used in biomedical research and healthcare systems can help us find a highly efficient way to protect patient privacy during a large-scale genome analysis. Our findings indicate that by unlocking the great value of data, we can revolutionize the security landscape, making tomorrow security technologies more intelligent and effective.

Biography:

Dr. XiaoFeng Wang is a professor in the School of Informatics and Computing at Indiana University, Bloomington. He received his Ph.D. in Electrical and Computer Engineering from Carnegie Mellon University in 2004, and has since been a faculty member at IU. Dr. Wang is a well-recognized researcher on system and network security. His work focuses on cloud and mobile security, and data privacy. He is a recipient of 2011 Award for Outstanding Research in Privacy Enhancing Technologies (the PET Award) and the Best Practical Paper Award at the 32nd IEEE Symposium on Security and Privacy. His work frequently receives attention from media, including CNN, MSNBC, Slashdot, CNet, PC World, etc. Examples include his discovery of security-critical vulnerabilities in payment API integrations (http://money.cnn.com/2011/04/13/technology/ecommerce_security_flaw/) and his recent study of the security flaws on the Apple platform (http://money.cnn.com/2015/06/18/technology/apple-keychain-passwor ds/). His research is supported by the NIH, NSF, Department of Homeland Security, the Air Force and Microsoft Research. He is the director of IU’s Center for Security Informatics.