Scalable Cyber Deception (Ragsdale)
•
2 likes•553 views
Dan Ragsdale, program manager at DARPA, gave a presentation on scalable cyber deception. He discussed how government agencies see 40,000 blocked intrusion attempts per week from around the world and that deception can counter asymmetric threats. The presentation described generating realistic decoy systems and infrastructure through automation to significantly increase an adversaries' workload with minimal effort. Ragsdale requested input be sent to his email.
Report
Share
Report
Share
Download to read offline
Recommended
Forecast 2012 Panel: Cloud Security Christofer Hoff
Moderator: Christofer Hoff
Chief Security Architect, Juniper Networks
Security is an amazingly polarizing topic; it is considered either salvation or superfluous depending on experience and expectation
The operational, organizational and technical impacts due to the massively disruptive nature of Cloud computing are equally polarizing
Combine the two topics and you’ve got fantastic fodder for lively discourse, debate and perspective
Our spectacular panel of notable architects, technologists, specialist practitioners and entrepreneurs from industry and the enterprise will lead us through a lively interactive discussion around this exciting topic
Don't Give Credit: Hacking Arcade Machines
The document discusses hacking arcade machines by exploiting vulnerabilities in how game profiles are loaded and signed from USB drives. Specifically, it finds that the game In The Groove 2 does not properly check if profile data is from an arcade machine or personal computer, allowing injected Lua code. It then details how to sign a rogue profile with the private keys, which are shared between arcade machines, and use it to run arbitrary code covertly by inserting a malicious USB drive.
Tab stbd night-serviceinvestments-jan2017
The presentation proposes investments to expand Seattle's late-night transit system, known as Night Owl. It discusses proposals from Metro Transit and SDOT to replace routes 82, 83, and 84 with expanded service on existing routes from 11PM-6AM. The SDOT proposal would add additional routes 44, 48, 65, and 67 to provide better coverage, especially in Northeast Seattle. Public feedback supported these changes. The proposal aims to create a connected late-night transit network operating on existing all-day routes. Next steps include submitting the proposal to King County and implementing changes in September 2017.
If You Don't Like the Game, Hack the Playbook... (Zatko)
This document summarizes Peiter Zatko's presentation on DARPA's Cyber Fast Track program. It discusses how small groups of skilled security researchers have shown significant capabilities despite barriers to entry. The Cyber Fast Track program aims to cultivate relationships with these "maker spaces and boutique security firms" through short, inexpensive projects to help address cyber threats faster than adversaries can evolve. The summary provides details on current Cyber Fast Track efforts including the performers, efforts, and periods of performance for 8 initial awards made through the program.
Secure Computer Systems (Shrobe)
This document discusses secure computer systems and presents three approaches inspired by biological principles:
1) Innate immunity refers to new hardware and operating system architectures that eliminate common vulnerabilities.
2) Adaptive immunity uses middleware to diagnose vulnerabilities, quickly adapt and reconfigure systems, and learn from previous attacks.
3) Population diversity uses computational techniques to increase entropy, make each system unique, and raise the work factor for attackers.
The goal is to develop resilient, adaptive, and secure computer systems using these biological principles.
National Cyber Range (Ranka)
1) The National Cyber Range (NCR) was created by DARPA to allow for secure and timely testing of cyber technologies by rapidly emulating complex networks.
2) The NCR has completed technical design and tool development and demonstrated its architecture on an operational prototype located in Orlando, FL.
3) During a one-year beta phase, the NCR prototype will grow to emulate a 3000-node network and transition to USCYBERCOM to be available for use by government agencies.
Being a mobile entrepreneur
This document summarizes Daniel Odio's presentation on capitalizing on mobile trends for success. The presentation covers the current state of mobile with smartphones surpassing PCs, opportunities for mobile entrepreneurs in apps and social features, and big trends like the rise of APIs and gamification. It provides tips for mobile developers such as using agile development practices and cloud services to improve efficiency.
Internet of Things: Government Keynote, Randy Garrett
Randy Garrett gave a presentation on cyber security analytics and the Internet of Things for DARPA. Some key points:
- DARPA has a history of developing new technologies to provide strategic advantage for national defense.
- The interconnectivity enabled by modern technology has democratized access to sophisticated tools and information.
- Physical systems like vehicles are increasingly vulnerable to cyber attacks as they become more connected to networks.
- DARPA is pursuing research in areas like intuitive cyber situational awareness tools, encrypted computing, automated software analysis, and developing high-assurance cyber systems through formal methods.
Recommended
Forecast 2012 Panel: Cloud Security Christofer Hoff
Moderator: Christofer Hoff
Chief Security Architect, Juniper Networks
Security is an amazingly polarizing topic; it is considered either salvation or superfluous depending on experience and expectation
The operational, organizational and technical impacts due to the massively disruptive nature of Cloud computing are equally polarizing
Combine the two topics and you’ve got fantastic fodder for lively discourse, debate and perspective
Our spectacular panel of notable architects, technologists, specialist practitioners and entrepreneurs from industry and the enterprise will lead us through a lively interactive discussion around this exciting topic
Don't Give Credit: Hacking Arcade Machines
The document discusses hacking arcade machines by exploiting vulnerabilities in how game profiles are loaded and signed from USB drives. Specifically, it finds that the game In The Groove 2 does not properly check if profile data is from an arcade machine or personal computer, allowing injected Lua code. It then details how to sign a rogue profile with the private keys, which are shared between arcade machines, and use it to run arbitrary code covertly by inserting a malicious USB drive.
Tab stbd night-serviceinvestments-jan2017
The presentation proposes investments to expand Seattle's late-night transit system, known as Night Owl. It discusses proposals from Metro Transit and SDOT to replace routes 82, 83, and 84 with expanded service on existing routes from 11PM-6AM. The SDOT proposal would add additional routes 44, 48, 65, and 67 to provide better coverage, especially in Northeast Seattle. Public feedback supported these changes. The proposal aims to create a connected late-night transit network operating on existing all-day routes. Next steps include submitting the proposal to King County and implementing changes in September 2017.
If You Don't Like the Game, Hack the Playbook... (Zatko)
This document summarizes Peiter Zatko's presentation on DARPA's Cyber Fast Track program. It discusses how small groups of skilled security researchers have shown significant capabilities despite barriers to entry. The Cyber Fast Track program aims to cultivate relationships with these "maker spaces and boutique security firms" through short, inexpensive projects to help address cyber threats faster than adversaries can evolve. The summary provides details on current Cyber Fast Track efforts including the performers, efforts, and periods of performance for 8 initial awards made through the program.
Secure Computer Systems (Shrobe)
This document discusses secure computer systems and presents three approaches inspired by biological principles:
1) Innate immunity refers to new hardware and operating system architectures that eliminate common vulnerabilities.
2) Adaptive immunity uses middleware to diagnose vulnerabilities, quickly adapt and reconfigure systems, and learn from previous attacks.
3) Population diversity uses computational techniques to increase entropy, make each system unique, and raise the work factor for attackers.
The goal is to develop resilient, adaptive, and secure computer systems using these biological principles.
National Cyber Range (Ranka)
1) The National Cyber Range (NCR) was created by DARPA to allow for secure and timely testing of cyber technologies by rapidly emulating complex networks.
2) The NCR has completed technical design and tool development and demonstrated its architecture on an operational prototype located in Orlando, FL.
3) During a one-year beta phase, the NCR prototype will grow to emulate a 3000-node network and transition to USCYBERCOM to be available for use by government agencies.
Being a mobile entrepreneur
This document summarizes Daniel Odio's presentation on capitalizing on mobile trends for success. The presentation covers the current state of mobile with smartphones surpassing PCs, opportunities for mobile entrepreneurs in apps and social features, and big trends like the rise of APIs and gamification. It provides tips for mobile developers such as using agile development practices and cloud services to improve efficiency.
Internet of Things: Government Keynote, Randy Garrett
Randy Garrett gave a presentation on cyber security analytics and the Internet of Things for DARPA. Some key points:
- DARPA has a history of developing new technologies to provide strategic advantage for national defense.
- The interconnectivity enabled by modern technology has democratized access to sophisticated tools and information.
- Physical systems like vehicles are increasingly vulnerable to cyber attacks as they become more connected to networks.
- DARPA is pursuing research in areas like intuitive cyber situational awareness tools, encrypted computing, automated software analysis, and developing high-assurance cyber systems through formal methods.
Robin Hoods And Criminals
The document discusses cyber security threats posed by distributed denial of service (DDoS) attacks. It provides background on DDoS attacks, including their origins from hacktivism, cybercrime, and cyber war. It examines the 2011 attacks against major government agencies by the hacktivist group Anonymous. The document explores whether DDoS attacks should be considered a form of protest or a criminal act. It notes that while protection technologies exist, more intelligence, capabilities, and cooperation are still needed to adequately defend against evolving DDoS threats. The presentation concludes by describing Radware's attack mitigation system for providing end-to-end DDoS protection both on-premises and in the cloud.
Data distribution in the cloud with Node.js
Messaging becomes Data Distributions gets embedded event processing (not complex, made simple) - bending all the rules one benchmark at a time - Push Technology, Waratek and other things
DITEC JAN 31 2015 (PDF)
The document discusses DARPA's role in innovation and supporting the research ecosystem. It outlines DARPA's operating principles of being independent, small, and collaborative. It also discusses DARPA's program managers, research drivers, initiatives in various technologies, and role in cyber defense research like the Active Cyber Defense initiative. Finally, it describes the broader research ecosystem that DARPA collaborates with, including partnerships with industry, academia, and government labs.
Invention and Innovation
*Exposições de Walter Bender, diretor executivo do Media Lab MIT, e David
Cavallo, pesquisador do Media Lab e diretor do grupo de investigação sobre o
"Futuro do Aprendizado" -- Instituto Fernando Henrique Cardoso, 01/06/2005,
NAE, 07/06/2005*
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...
Malware reversing is a conventional threat intelligence strategy that is being challenged to keep up with the fast-paced evolution of threats. To stay ahead of bad actors, the next generation security intelligence engine is big data, not malware reversing. An advanced generation of security intelligence teams has risen with mathematicians, algorithmic geniuses and big data researchers.
The buzz words sound impressive but what does this actually mean in practice?
On Jan 22nd, OpenDNS Security Researcher, Dhia Mahjoub, and Senior Product Manager, Dima Kumets, went under the hood of OpenDNS Security Research Labs. Their discussion included such topics as:
-What the OpenDNS Researchers actually do and why it's so different from traditional sample analysis
-The process of developing and improving learning machines as developed by Dhia and the Labs Team
-Insights gained from looking at Internet traffic as a whole
-The difference in Big Data insight vs Malware Reversing
-The latest threats OpenDNS Security Labs is mitigating
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
On June, thousands of Facebook users complained that they had been infected by a virus through their accounts after they received a message from a Facebook friend claiming they had mentioned them in a comment. Kaspersky Lab researcher Ido Naor and Dani Goland, CEO & founder of Undot, decided to investigate. They quickly discovered that the message had in fact been initiated by attackers and unleashed a two-stage attack on recipients. The first stage of the attack started when the user clicked on the “mention”. A malicious file seized control of their browsers, terminating its legitimate session and replacing it with a malicious one that captured their entire web traffic. The second stage included a highly sophisticated script that took over victims Facebook and Google Drive accounts. After puzzling the script, they managed to extract the proverbial needle from a haystack: an unknown Facebook vulnerability that allowed an attacker to exploit the notifications functionality.
In this talk, Dani and Ido will dive into the bites and bytes of the campaign and explaining how the attackers exploited Facebook to spread the malware.
--- Ido Naor
Ido is a senior security researcher at the Global Research & Analysis Team (GReAT), Kaspersky Lab. He joined Kaspersky two years ago and is leading the regional research in Israel.
Ido specializes in malware analysis, penetration testing and software reverse engineering and has been credited for his work by major enterprises such as: Google, Facebook, Linkedin, Alibaba and more.
Aside from research, Ido is a martial arts expert and a father of two daughters.
--- Dani Goland
Dani is the CEO and founder of Undot, an Israeli-based startup that developed a unified remote-control application to control home appliances.
Dani has more than a decade of experience in programming on a variety of frameworks and languages.
Aside from managing Undot, Dani is a frequent competitor in Hackathons (programming competitions) and won 1st places at HackTrackTLV 2016 and eBay Hackathon 2015.
NERCOMP: Web Governance - Planning for Disruption
Only some emerging technologies will become disruptive. Can we identify which ones? If so, how? We'll survey some current methods for: analyzing present conditions, examining trends on the horizon, spotting which might become disruptive, and preparing for the unexpected.
Amplifying citizen voices and driving civic tech usage through mainstream media
This was presented by Justin Arenstein from Code for
Africa at the Impacts of Civic Technology Conference (TICTeC2016) in Barcelona on 27th April. You can find out more information about the conference here: https://www.mysociety.org/research/tictec-2016/
Digital Publishing - Globalocal Event Presentation
The document discusses the transition of the publishing industry to digital platforms and outlines opportunities and challenges. It notes that eBooks now make up 8-10% of overall sales and that there are 200 million tablets expected by 2012. A new architecture for digital publishing is proposed that focuses on engagement, experience, ecommerce, data, design, and distribution. The document outlines how each element works in a digital context and changes needed to publishing teams and skill sets.
Open Development in The Netherlands
This document discusses implementing the International Aid Transparency Initiative (IATI) standard among Dutch nongovernmental organizations (NGOs). It notes that while two Dutch NGOs have committed to publishing to the IATI standard soon, more needs to be done to promote adoption. This includes demonstrating what can be done with IATI data using platforms like Openaid.nl, Akvo, and OpenSpending. The document also stresses the importance of addressing CSO concerns about the IATI standard, such as how it handles exclusion policies, specific CSO needs, and the costs of implementation.
Nas nie zaatakują!
This document provides an overview and summary of Arbor Networks, a security company focused on distributed denial of service (DDoS) attack prevention. Key points include:
- Arbor is a leading vendor in DDoS mitigation and has over 90% of the world's tier 1 service providers as customers.
- The document outlines the evolution of DDoS attacks and trends showing increasing attack sizes, frequencies, and complexity over time.
- Arbor's solution integrates detection and mitigation capabilities to quickly detect and stop advanced DDoS threats affecting networks globally.
Joshua Ness (Verizon 5G Labs): How 5G will drive a hardware revolution (and h...
A talk from the XR Enablement Track at AWE USA 2019 - the World's #1 XR Conference & Expo in Santa Clara, California May 29-31, 2019.
Joshua Ness (Verizon 5G Labs): How 5G will drive a hardware revolution (and how you can prepare for it)
A decade ago, advancements in hardware technology drove innovations in network infrastructure -- and we've collectively been reaping the benefits ever since. But this symbiosis of high-speed wireless connectivity and device capabilities is about to be upended by the arrival of 5G. The advanced network platform is poised to enable a hardware revolution, and this has significant (some might say "huge") implications for creators and technologists. The fact is: 5G is here, and innovators are skating to where the puck is going to be. Learn how you can meet them there and be ready when this new technology presents new opportunities for the augmented reality industry. (Spoiler: that time is now.)
https://awexr.com
Azure for Education Ktadeka UCL Cloud Event 2013
This document discusses how data-intensive research is now occurring across many fields and involves acquiring, modeling, analyzing, collaborating on, visualizing, disseminating, archiving, and preserving large amounts of data. It provides examples of genomics and vaccine/HIV research that involve analyzing large datasets. It also discusses how cloud computing can help research by providing vast, on-demand computing resources but that data transfer times had been a barrier. A new high-bandwidth connection between the Janet network and Microsoft Azure cloud will help researchers overcome this barrier and better exploit cloud computing. University representatives comment that this new connection will accelerate drug design, support wildfire research, and open new opportunities for researchers.
Where worlds collide: Agile, Project Management, Risk and Cloud?
The new CIO is expected to be truly agile, deliver transformational value using new technology based services and have a deep understanding of, and engagement with the business – all whilst managing and mitigating risks. In addition to this, the CIO is also expected to be a ‘business partner’ in the real sense of the word. On top of these factors, Cloud is often seen in the eyes of business as a metaphor for timely change, and a convenient ‘get out of jail’ card in their push to lower IT cost, and collapse IT project lead times.
In this context, ensuring the effective orchestration if the various ‘best practice’ methodologies and frameworks in the areas of agile application development, project management and risk management, all whilst managing the whole ‘Cloud’ discussion is not a trivial task.
In this presentation, Rob Livingstone explores the key systemic and technical risks associated with the concurrent adoption and management of agile application development methodologies, project management, hybrid cloud and mobile devices within the enterprise in today’s volatile environment.
Croi4 hc
This document discusses the importance of open innovation and managing intellectual property to support a knowledge commons. It notes that open innovation recognizes the value of widespread knowledge and the need to incentivize secondary markets. Both firms and governments need to manage IP in a way that supports open sharing of knowledge and the growth of secondary markets. The document also discusses learning from open infrastructure like the internet and exploring how to "port" similar infrastructure to support open innovation. It emphasizes that managing knowledge is more important than just managing IP.
An IP Managment for Open Innovation and the idea of a commons
This document discusses the importance of open innovation and managing intellectual property to support a knowledge commons. It notes that open innovation recognizes the value of widespread knowledge and the need to incentivize secondary markets. Both firms and governments need to manage IP in a way that supports open sharing of knowledge and the growth of secondary markets. The document also discusses learning from open infrastructure like the internet and exploring how to "port" similar infrastructure to support open innovation. It emphasizes that managing knowledge is more important than just managing IP.
How Can We Answer the Really BIG Questions?
Tom Soderstrom, Chief Technology and Innovation Officer at NASA’s Jet Propulsion Laboratory, has demonstrated how internet-of-things (IoT) technology and cloud computing can form the backbone for monumental innovation. This combination has enabled private and public space exploration enterprises to dare greatly and, together, discover more of the solar system than ever before. Cloud computing, with its unlimited storage and compute resources, blends IoT, machine learning, intelligent assistance, and new interfaces with computers. It has the potential to allow humans to explore and colonize other areas of the solar system by enabling collaboration across millions of miles, and social networking on a planetary scale.
Clear and present danger: Cyber Threats and Trends 2017
Cyber threats and trends that you cannot afford to overlook in 2018. revised presentation from Clear and Present Danger - an Enterprsie Security event hosted by Netplus
Doten apt presentaiton (2)
Chief Security Scientist at Lockheed Martin using Plants Vs. Zombies to illustrate his points. Government wants to eat our brains CONFIRMED!
Jornada CÚbicS: Social TV: People, Devices and Networks - Marie-José Montpetit
Presentació que anava a realitzar Marie-José Montpetit, investigadora en SocialTV al MIT (Massachusetts Institute of Technology), dins de la jornada "CÚbicS: La transformació dels mitjans audiovisuals" al voltant del concepte "Social TV". Tot i que finalment no va poder assistir, ens autoritza la difusió del contingut.
La jornada es va realitzar el 2 de desembre de 2010 a l'Auditori del CaixaForum de Barcelona.
Peter Norvig - NYC Machine Learning 2013
The document discusses learning programming through MOOCs and machine learning. It provides data on a MOOC with over 160,000 students from 209 countries. It analyzes student error messages, submissions, and interactions to improve programming instructions. However, programming languages can be ambiguous and students struggle with different concepts. The document advocates for mastery learning through one-on-one tutoring and continual course improvements using data and machine learning.
Android Attacks
This document provides an overview of attacking Android devices. It discusses Android's architecture and security model, popular versions and their vulnerabilities, and methods for remotely accessing a device and elevating privileges. The presenters demonstrate gaining root access on an Android 2.1 device through a browser vulnerability and vendor kernel bug. They discuss options for backdooring devices at the application or system level for persistent remote access.
More Related Content
Similar to Scalable Cyber Deception (Ragsdale)
Robin Hoods And Criminals
The document discusses cyber security threats posed by distributed denial of service (DDoS) attacks. It provides background on DDoS attacks, including their origins from hacktivism, cybercrime, and cyber war. It examines the 2011 attacks against major government agencies by the hacktivist group Anonymous. The document explores whether DDoS attacks should be considered a form of protest or a criminal act. It notes that while protection technologies exist, more intelligence, capabilities, and cooperation are still needed to adequately defend against evolving DDoS threats. The presentation concludes by describing Radware's attack mitigation system for providing end-to-end DDoS protection both on-premises and in the cloud.
Data distribution in the cloud with Node.js
Messaging becomes Data Distributions gets embedded event processing (not complex, made simple) - bending all the rules one benchmark at a time - Push Technology, Waratek and other things
DITEC JAN 31 2015 (PDF)
The document discusses DARPA's role in innovation and supporting the research ecosystem. It outlines DARPA's operating principles of being independent, small, and collaborative. It also discusses DARPA's program managers, research drivers, initiatives in various technologies, and role in cyber defense research like the Active Cyber Defense initiative. Finally, it describes the broader research ecosystem that DARPA collaborates with, including partnerships with industry, academia, and government labs.
Invention and Innovation
*Exposições de Walter Bender, diretor executivo do Media Lab MIT, e David
Cavallo, pesquisador do Media Lab e diretor do grupo de investigação sobre o
"Futuro do Aprendizado" -- Instituto Fernando Henrique Cardoso, 01/06/2005,
NAE, 07/06/2005*
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...
Malware reversing is a conventional threat intelligence strategy that is being challenged to keep up with the fast-paced evolution of threats. To stay ahead of bad actors, the next generation security intelligence engine is big data, not malware reversing. An advanced generation of security intelligence teams has risen with mathematicians, algorithmic geniuses and big data researchers.
The buzz words sound impressive but what does this actually mean in practice?
On Jan 22nd, OpenDNS Security Researcher, Dhia Mahjoub, and Senior Product Manager, Dima Kumets, went under the hood of OpenDNS Security Research Labs. Their discussion included such topics as:
-What the OpenDNS Researchers actually do and why it's so different from traditional sample analysis
-The process of developing and improving learning machines as developed by Dhia and the Labs Team
-Insights gained from looking at Internet traffic as a whole
-The difference in Big Data insight vs Malware Reversing
-The latest threats OpenDNS Security Labs is mitigating
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
On June, thousands of Facebook users complained that they had been infected by a virus through their accounts after they received a message from a Facebook friend claiming they had mentioned them in a comment. Kaspersky Lab researcher Ido Naor and Dani Goland, CEO & founder of Undot, decided to investigate. They quickly discovered that the message had in fact been initiated by attackers and unleashed a two-stage attack on recipients. The first stage of the attack started when the user clicked on the “mention”. A malicious file seized control of their browsers, terminating its legitimate session and replacing it with a malicious one that captured their entire web traffic. The second stage included a highly sophisticated script that took over victims Facebook and Google Drive accounts. After puzzling the script, they managed to extract the proverbial needle from a haystack: an unknown Facebook vulnerability that allowed an attacker to exploit the notifications functionality.
In this talk, Dani and Ido will dive into the bites and bytes of the campaign and explaining how the attackers exploited Facebook to spread the malware.
--- Ido Naor
Ido is a senior security researcher at the Global Research & Analysis Team (GReAT), Kaspersky Lab. He joined Kaspersky two years ago and is leading the regional research in Israel.
Ido specializes in malware analysis, penetration testing and software reverse engineering and has been credited for his work by major enterprises such as: Google, Facebook, Linkedin, Alibaba and more.
Aside from research, Ido is a martial arts expert and a father of two daughters.
--- Dani Goland
Dani is the CEO and founder of Undot, an Israeli-based startup that developed a unified remote-control application to control home appliances.
Dani has more than a decade of experience in programming on a variety of frameworks and languages.
Aside from managing Undot, Dani is a frequent competitor in Hackathons (programming competitions) and won 1st places at HackTrackTLV 2016 and eBay Hackathon 2015.
NERCOMP: Web Governance - Planning for Disruption
Only some emerging technologies will become disruptive. Can we identify which ones? If so, how? We'll survey some current methods for: analyzing present conditions, examining trends on the horizon, spotting which might become disruptive, and preparing for the unexpected.
Amplifying citizen voices and driving civic tech usage through mainstream media
This was presented by Justin Arenstein from Code for
Africa at the Impacts of Civic Technology Conference (TICTeC2016) in Barcelona on 27th April. You can find out more information about the conference here: https://www.mysociety.org/research/tictec-2016/
Digital Publishing - Globalocal Event Presentation
The document discusses the transition of the publishing industry to digital platforms and outlines opportunities and challenges. It notes that eBooks now make up 8-10% of overall sales and that there are 200 million tablets expected by 2012. A new architecture for digital publishing is proposed that focuses on engagement, experience, ecommerce, data, design, and distribution. The document outlines how each element works in a digital context and changes needed to publishing teams and skill sets.
Open Development in The Netherlands
This document discusses implementing the International Aid Transparency Initiative (IATI) standard among Dutch nongovernmental organizations (NGOs). It notes that while two Dutch NGOs have committed to publishing to the IATI standard soon, more needs to be done to promote adoption. This includes demonstrating what can be done with IATI data using platforms like Openaid.nl, Akvo, and OpenSpending. The document also stresses the importance of addressing CSO concerns about the IATI standard, such as how it handles exclusion policies, specific CSO needs, and the costs of implementation.
Nas nie zaatakują!
This document provides an overview and summary of Arbor Networks, a security company focused on distributed denial of service (DDoS) attack prevention. Key points include:
- Arbor is a leading vendor in DDoS mitigation and has over 90% of the world's tier 1 service providers as customers.
- The document outlines the evolution of DDoS attacks and trends showing increasing attack sizes, frequencies, and complexity over time.
- Arbor's solution integrates detection and mitigation capabilities to quickly detect and stop advanced DDoS threats affecting networks globally.
Joshua Ness (Verizon 5G Labs): How 5G will drive a hardware revolution (and h...
A talk from the XR Enablement Track at AWE USA 2019 - the World's #1 XR Conference & Expo in Santa Clara, California May 29-31, 2019.
Joshua Ness (Verizon 5G Labs): How 5G will drive a hardware revolution (and how you can prepare for it)
A decade ago, advancements in hardware technology drove innovations in network infrastructure -- and we've collectively been reaping the benefits ever since. But this symbiosis of high-speed wireless connectivity and device capabilities is about to be upended by the arrival of 5G. The advanced network platform is poised to enable a hardware revolution, and this has significant (some might say "huge") implications for creators and technologists. The fact is: 5G is here, and innovators are skating to where the puck is going to be. Learn how you can meet them there and be ready when this new technology presents new opportunities for the augmented reality industry. (Spoiler: that time is now.)
https://awexr.com
Azure for Education Ktadeka UCL Cloud Event 2013
This document discusses how data-intensive research is now occurring across many fields and involves acquiring, modeling, analyzing, collaborating on, visualizing, disseminating, archiving, and preserving large amounts of data. It provides examples of genomics and vaccine/HIV research that involve analyzing large datasets. It also discusses how cloud computing can help research by providing vast, on-demand computing resources but that data transfer times had been a barrier. A new high-bandwidth connection between the Janet network and Microsoft Azure cloud will help researchers overcome this barrier and better exploit cloud computing. University representatives comment that this new connection will accelerate drug design, support wildfire research, and open new opportunities for researchers.
Where worlds collide: Agile, Project Management, Risk and Cloud?
The new CIO is expected to be truly agile, deliver transformational value using new technology based services and have a deep understanding of, and engagement with the business – all whilst managing and mitigating risks. In addition to this, the CIO is also expected to be a ‘business partner’ in the real sense of the word. On top of these factors, Cloud is often seen in the eyes of business as a metaphor for timely change, and a convenient ‘get out of jail’ card in their push to lower IT cost, and collapse IT project lead times.
In this context, ensuring the effective orchestration if the various ‘best practice’ methodologies and frameworks in the areas of agile application development, project management and risk management, all whilst managing the whole ‘Cloud’ discussion is not a trivial task.
In this presentation, Rob Livingstone explores the key systemic and technical risks associated with the concurrent adoption and management of agile application development methodologies, project management, hybrid cloud and mobile devices within the enterprise in today’s volatile environment.
Croi4 hc
This document discusses the importance of open innovation and managing intellectual property to support a knowledge commons. It notes that open innovation recognizes the value of widespread knowledge and the need to incentivize secondary markets. Both firms and governments need to manage IP in a way that supports open sharing of knowledge and the growth of secondary markets. The document also discusses learning from open infrastructure like the internet and exploring how to "port" similar infrastructure to support open innovation. It emphasizes that managing knowledge is more important than just managing IP.
An IP Managment for Open Innovation and the idea of a commons
This document discusses the importance of open innovation and managing intellectual property to support a knowledge commons. It notes that open innovation recognizes the value of widespread knowledge and the need to incentivize secondary markets. Both firms and governments need to manage IP in a way that supports open sharing of knowledge and the growth of secondary markets. The document also discusses learning from open infrastructure like the internet and exploring how to "port" similar infrastructure to support open innovation. It emphasizes that managing knowledge is more important than just managing IP.
How Can We Answer the Really BIG Questions?
Tom Soderstrom, Chief Technology and Innovation Officer at NASA’s Jet Propulsion Laboratory, has demonstrated how internet-of-things (IoT) technology and cloud computing can form the backbone for monumental innovation. This combination has enabled private and public space exploration enterprises to dare greatly and, together, discover more of the solar system than ever before. Cloud computing, with its unlimited storage and compute resources, blends IoT, machine learning, intelligent assistance, and new interfaces with computers. It has the potential to allow humans to explore and colonize other areas of the solar system by enabling collaboration across millions of miles, and social networking on a planetary scale.
Clear and present danger: Cyber Threats and Trends 2017
Cyber threats and trends that you cannot afford to overlook in 2018. revised presentation from Clear and Present Danger - an Enterprsie Security event hosted by Netplus
Doten apt presentaiton (2)
Chief Security Scientist at Lockheed Martin using Plants Vs. Zombies to illustrate his points. Government wants to eat our brains CONFIRMED!
Jornada CÚbicS: Social TV: People, Devices and Networks - Marie-José Montpetit
Presentació que anava a realitzar Marie-José Montpetit, investigadora en SocialTV al MIT (Massachusetts Institute of Technology), dins de la jornada "CÚbicS: La transformació dels mitjans audiovisuals" al voltant del concepte "Social TV". Tot i que finalment no va poder assistir, ens autoritza la difusió del contingut.
La jornada es va realitzar el 2 de desembre de 2010 a l'Auditori del CaixaForum de Barcelona.
Similar to Scalable Cyber Deception (Ragsdale) (20)
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
Amplifying citizen voices and driving civic tech usage through mainstream media
Amplifying citizen voices and driving civic tech usage through mainstream media
Digital Publishing - Globalocal Event Presentation
Digital Publishing - Globalocal Event Presentation
Joshua Ness (Verizon 5G Labs): How 5G will drive a hardware revolution (and h...
Joshua Ness (Verizon 5G Labs): How 5G will drive a hardware revolution (and h...
Where worlds collide: Agile, Project Management, Risk and Cloud?
Where worlds collide: Agile, Project Management, Risk and Cloud?
An IP Managment for Open Innovation and the idea of a commons
An IP Managment for Open Innovation and the idea of a commons
Clear and present danger: Cyber Threats and Trends 2017
Clear and present danger: Cyber Threats and Trends 2017
Jornada CÚbicS: Social TV: People, Devices and Networks - Marie-José Montpetit
Jornada CÚbicS: Social TV: People, Devices and Networks - Marie-José Montpetit
More from Michael Scovetta
Peter Norvig - NYC Machine Learning 2013
The document discusses learning programming through MOOCs and machine learning. It provides data on a MOOC with over 160,000 students from 209 countries. It analyzes student error messages, submissions, and interactions to improve programming instructions. However, programming languages can be ambiguous and students struggle with different concepts. The document advocates for mastery learning through one-on-one tutoring and continual course improvements using data and machine learning.
Android Attacks
This document provides an overview of attacking Android devices. It discusses Android's architecture and security model, popular versions and their vulnerabilities, and methods for remotely accessing a device and elevating privileges. The presenters demonstrate gaining root access on an Android 2.1 device through a browser vulnerability and vendor kernel bug. They discuss options for backdooring devices at the application or system level for persistent remote access.
Strategic Surprise
This document discusses strategic surprise in exploitation. It begins with an introduction and overview of exploitation in the past when vulnerabilities were more prevalent. The present section notes how exploitation has become more difficult with defenses like DEP, ASLR, and code hardening. It suggests that teamwork may be needed rather than individual researchers. The document questions whether true surprises still exist given protections and analyzes how long different stages of exploitation take on modern platforms like Windows Vista versus older ones like Windows 2000. It concludes by asking if there are any questions.
Stackjacking
This document discusses bypassing Linux kernel protections added by the grsecurity and PaX patchsets. It begins with background on Linux kernel security issues over the past decade. It then explains how grsecurity and PaX attempt to harden the kernel by preventing code introduction and arbitrary control flow changes. The main technique discussed for bypassing these protections is "stackjacking", which involves leveraging kernel stack disclosure vulnerabilities along with an arbitrary kernel write primitive. Through a process called "kstack self-discovery", an attacker can use stack disclosures to determine the base address of the kernel stack, which then enables targeting the arbitrary write.
Modern Kernel Pool Exploitation: Attacks and Techniques
The document discusses modern techniques for exploiting vulnerabilities in the Windows kernel memory pool. It provides an overview of the kernel pool structures and internals in Windows 7 and earlier versions. Specific topics covered include the pool descriptor, pool headers, free lists, lookaside lists, large allocations, and the use of bitmaps. The goal is to identify weaknesses that can be leveraged for privilege escalation attacks.
Exploitation and State Machines
Exploitation involves programming the "weird machine" created when memory is corrupted, transforming invalid program states via interactions. Programs can be viewed as implicit state machines, and exploitation is reaching a state violating security assumptions. Static analysis and input generation often ignore these implicit state machines, failing to account for how program state affects control flow and feasibility of paths. Fully automating exploitation requires understanding complex state transitions, which current tools and theory do not address.
Attacking the WebKit Heap
The document discusses exploiting memory corruption bugs in the WebKit heap allocator TCMalloc. It begins with an overview of TCMalloc's architecture, including its use of thread caches, central caches, spans, and page heap to manage memory allocation. It then explores several potential exploitation vectors, such as freeing invalid pointers, overflowing free lists, double freeing, and span metadata overflows. The goal is to introduce techniques for writing cross-platform exploits that target WebKit-powered browsers like Safari and Chrome.
The Listening: Email Client Backdoor
This document summarizes a presentation about creating a backdoor in the Thunderbird email client using extensions. It describes how the backdoor would check for encrypted commands in images attached to emails, execute commands on the system by hiding output in email replies, and avoid detection through techniques like modifying existing trusted extensions and hiding the backdoor's updates. The presentation demonstrates capabilities of the backdoor like retrieving PGP keys and proposes ways to improve and expand its capabilities.
Smooth CoffeeScript
This document introduces the Smooth CoffeeScript book, which provides an introduction to CoffeeScript programming with an emphasis on clarity, abstraction and verification. The book is freely available and is based on Eloquent JavaScript by Marijn Haverbeke, with numerous changes made by the editor. The book includes chapters on CoffeeScript basics, functions, data structures, error handling, functional programming, searching, object orientation, regular expressions and modularity. It also includes appendices on language extras, binary heaps, performance and a command line utility.
DEFCON 18- These Aren't the Permissions You're Looking For
This document discusses various ways that an Android application can access protected application programming interfaces (APIs) and permissions without explicitly declaring them in the app's manifest. It describes techniques like using Toast notifications to cause a denial of service crash in the system server and gain root access, as well as leveraging implicit broadcasts and custom URI schemes to enable capabilities without permissions. The document warns that these techniques allow apps to perform actions secretly without consent from the user.
Systematic Detection of Capability Leaks in Stock Android Smartphones
This document describes a study that analyzed eight popular Android smartphones and found that their stock firmware did not properly enforce Android's permission-based security model. The researchers developed a tool called Woodpecker that used data flow analysis to identify "capability leaks", where an app could access privileged permissions without requesting them. The study identified two types of leaks - explicit leaks through public interfaces and implicit leaks by inheriting permissions from other apps with the same signing key. Woodpecker found capability leaks in all eight phones, with individual phones leaking up to eight permissions.
Consumer Password Worst Practices
The passwords of 32 million users from a breach were analyzed. It was found that 30% of passwords were 6 characters or less, 60% used a limited set of characters, and the most common password was "123456". Only 0.2% of passwords met basic strength recommendations like length and mix of characters. The short and simple passwords chosen by many users leaves them vulnerable to brute force attacks.
HTML5 Web Security
This document provides an overview of HTML5 web security. It discusses the history and development of HTML5, noting that both the W3C and WHATWG are working on specifications that differ slightly. The document also introduces the current web model that will be used, including resources, the user agent, the web application consisting of a website, web server and database, and how they interact over the internet. It motivates the discussion by noting that web servers are regular targets of attacks and studies have found high percentages of websites with vulnerabilities.
A collection of examples of 64 bit errors in real programs
This document provides 30 examples of common 64-bit errors found in real C/C++ programs. The examples cover a wide range of issues like buffer overflows, unnecessary type conversions, incorrect preprocessor directives, pointer/integer confusion, use of deprecated functions, truncation of values during type conversions, undefined functions, legacy code practices, and more. The goal is to help developers identify and avoid such 64-bit porting issues when moving applications to 64-bit systems.
Scaling Cyberwarfare (Roelker)
1) The document discusses scaling cyberwarfare capabilities and limitations of relying solely on individual "cyberartisans".
2) It introduces the Binary Executable Transforms (BET) program which aims to automate software development by identifying, extracting, and recombining functional components from binary executables.
3) The author argues that to overcome limitations in force size, execution speed, and tactical depth, breakthroughs in technology are needed rather than just hiring more individual hackers.
High Assurance Systems (Fisher)
Kathleen Fisher of DARPA's Information Innovation Office presented on high assurance systems at the 2011 DARPA Cyber Colloquium. She discussed how physical systems like vehicles and medical devices are vulnerable to cyber attacks. Current security approaches cannot fully address this problem as they focus on known vulnerabilities. Fisher proposed a new approach of developing critical system components using formal methods to mathematically prove their correctness. This could enable a "high assurance component factory" to securely compose systems from verified building blocks. She welcomed feedback on promising research directions and additional challenges.
PROCEED and Crowd-Sourced Formal Verification
DARPA's PROCEED program aims to enable practical computation on encrypted data without decryption, with potential applications including privacy-preserving cloud services. The newer CSFV program seeks to "gamify" formal software verification by applying game mechanics to crowdsource solving verification problems, exploiting a large user base without expertise. This could make formal verification more scalable and affordable for verifying large DoD software systems. Contact Drew Dean for a future special notice on a CSFV funding opportunity.
Beyond Passwords (Guidorizzi)
Richard Guidorizzi, Program Manager at DARPA's Information Innovation Office, gave a presentation at the DARPA Cyber Colloquium in Arlington, VA on November 7, 2011 about moving beyond passwords for authentication. The presentation discussed the unintended consequences of passwords, showing how many passwords were cracked in the Defcon 2010 Password Hacking Contest. It explained that passwords will always be problematic due to issues like people reusing the same passwords or choosing weak passwords based on patterns on the keyboard. The presentation explored using biometrics and behavioral analytics as more secure alternatives to passwords that can uniquely identify individuals. It announced an upcoming Active Authentication program seeking new authentication technologies.
Anomaly Detection at Multiple Scales (Waltzman)
Rand Waltzman presented on anomaly detection at multiple scales (ADAMS) at the DARPA Cyber Colloquium. The presentation discussed (1) how insider threats like Hanssen, Ames and Montes were only obvious after the fact due to weak signals over time and data, (2) the enormous amounts of behavioral data like emails and texts that must be analyzed to detect anomalies, such as analyzing nearly 48 billion links annually to investigate Fort Hood, and (3) the four coordinated thrusts of ADAMS research focusing on topic analysis, system use, social interactions, and psychological state to detect signs an insider may be turning before they act.
DARPA: Cyber Analytical Framework (Kaufman)
The document discusses several challenges facing cyber security, including:
1) Attackers were able to easily compromise a fully patched DoD system within days through multiple remote accesses and local privilege escalations.
2) Users are often the weak link as many fall victim to hijacked websites and infected documents.
3) Integrated circuits and hardware used in systems may have been compromised in the supply chain as many are manufactured overseas.
4) Physical systems like cars and industrial control systems are vulnerable to cyber attacks which could disable brakes or take control of acceleration.
5) While defensive cyber spending is rising, the number of reported cyber incidents continues to grow and attackers require far less resources and code
More from Michael Scovetta (20)
Modern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and Techniques
DEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking For
Systematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android Smartphones
A collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programs
Recently uploaded
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
UiPath Test Automation using UiPath Test Suite series, part 6
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
How to Get CNIC Information System with Paksim Ga.pptx
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
June Patch Tuesday
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Best 20 SEO Techniques To Improve Website Visibility In SERP
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...Edge AI and Vision Alliance
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
20240607 QFM018 Elixir Reading List May 2024
Everything I found interesting about the Elixir programming ecosystem in May 2024
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Skybuffer SAM4U tool for SAP license adoption
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Artificial Intelligence for XMLDevelopment
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
National Security Agency - NSA mobile device best practices
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
TrustArc Webinar - 2024 Global Privacy Survey
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Recently uploaded (20)
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Scalable Cyber Deception (Ragsdale)
- 1. Dan “Rags” Ragsdale Program Manager, Information Innovation Office Scalable Cyber Deception DARPA Cyber Colloquium Arlington, VA November 7, 2011 Approved for Public Release, Distribution Unlimited.
- 2. Deception in Warfare “All warfare is based on deception…” Sun Tzu http://www.ng.mil/Images1/today/0501b.jpg Deception: A direct counter to asymmetrical threats Approved for Public Release, Distribution Unlimited.
- 3. Intrusion attempts on a Government agency • 40,000 blocked intrusion attempts/week • World-wide attack sources An Opportunity? Approved for Public Release, Distribution Unlimited.
- 4. An Example Architecture for Cyber Deception Approved for Public Release, Distribution Unlimited.
- 5. Scalable Cyber Deception Issues Generation and Deployment of both Decoy Products and Infrastructure • Automated • Realistic, Credible, Enticing • Tailorable • Differentiable / Non-differentiable • Noninterference Approved for Public Release, Distribution Unlimited.
- 6. Key Technical Challenge To significantly increase adversaries’ workloads with minimal increase to our own Promising Applicable Research Areas: • Natural Language Processing • Large-scale Virtualization • Realistic Synthetic Activity Generation • Protocol Manipulation and Exploitation • Behavioral Science • Others… Approved for Public Release, Distribution Unlimited.
- 7. Scalable and Tailorable Cyber Deception Please send input to: Daniel.Ragsdale@darpa.mil Approved for Public Release, Distribution Unlimited.