 |
||||||||||
|
Hilton Orlando Lake Buena Vista, Orlando, FL, USA
December 4-5, 2017
Collocated with
ACSAC
2017
Keynote Speakers
Juan Caballero, Associate Research Professor, IMDEA Software Institute
Talk: "The Rise of Potentially Unwanted Programs: Measuring its Prevalence, Distribution through Pay-Per-Install Services, and Economics"
Potentially unwanted programs (PUP) such as adware and rogueware, while not outright malicious, exhibit intrusive behavior that generates user complaints and makes security vendors flag them as undesirable. PUP has been little studied in the research literature despite recent indications that its prevalence may have surpassed that of malware. We have performed a systematic study of Windows PUP over a period of 4 years using a variety of datasets including malware repositories, AV telemetry from 3.9 million real Windows hosts, dynamic executions, and financial statements. This presentation summarizes what we have learned from our measurements on PUP prevalence, its distribution through pay-perinstall (PPI) services, which link advertisers that want to promote their programs with affiliate publishers willing to bundle their programs with offers for other software, and the economics of PPI services that distribute PUP.
Juan Caballero is Deputy Director and Associate Research Professor at the IMDEA Software Institute in Madrid, Spain. His research focuses on security issues in systems, software, and networks. One of his focus is the analysis of malware and cyberattacks. He received his Ph.D. in Electrical and Computer Engineering from Carnegie Mellon University, USA and was a visiting student researcher at University of California, Berkeley for two years. His research regularly appears at top security venues and has won two best paper awards at the USENIX Security Symposium and the DIMVA Most Influential Paper 2009-2013 award. He is an Associate Editor for ACM Transactions on Privacy and Security (TOPS). He has been in the technical committee of venues such as IEEE S&P, ACM CCS, USENIX Security, NDSS, WWW, RAID, and DIMVA. He has been program chair or co-chair for the Annual Computer Security Applications Conference (ACSAC, 2017), the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA, 2016), the Digital Forensics Research Symposium (DFRWS, 2014 &2013), the European Workshop on Systems Security (EuroSec, 2015 & 2014) and the International Symposium on Engineering Secure Software and Systems (ESSoS, 2015 & 2016). .
Dongyan Xu, Professor, Purdue University
Talk: "Inferring Program Behavior from a Distance for Cyber Attack Investigation"
Dongyan Xu is a professor of computer science at Purdue University. He is also the Interim Director of Purdue's Center for Education and Research in Information Assurance and Security (CERIAS). Dongyan's research spans cyber and cyber-physical systems security and forensics, cloud computing, and virtualization technology, with current projects focusing on autonomous vehicle controller security, APT analytics and forensics, and commodity software transformation for security. His research has long been supported by both government and industry. He is the co-author of seven award-winning papers at top conferences in security and cloud computing, including CCS, NDSS, USENIX Security, RAID, and SoCC. This year he serves as the program co-chair of CCS 2017.