Exploring the Human Element in Combating Malicious Software Threats
Malicious software or malware is a serious cybersecurity threat and the research community has explored it extensively for almost three decades. Since it is believed that people are often the weak link in cybersecurity, exploring malware attacks and defenses in the human context can provide new insights into how the threat posed by malware can be addressed.
Overview
Abstract
Malicious software or malware is a serious cybersecurity threat, and the research community has explored it extensively for almost three decades. Since it is believed that people are often the weak link in cybersecurity, exploring malware attacks and defenses in the human context can provide new insights into how the threat posed by malware can be addressed. This talk will focus on two questions related to the human element as it pertains to malware. We will first discuss the tactics of social engineering attacks launched with malware used to gain people’s attention and lure them into downloading malicious software. On the defense side, we explore malware analyst workflows and how malware is analyzed in practice. The insights gained from this research not only help develop better defenses but also highlight gaps in challenges faced by practitioners and those addressed by academic research.
Brief Biography
Dr. Mustaque Ahamad is a professor in the School of Cybersecurity and Privacy at the Georgia Institute of Technology. He served as director of the Georgia Tech Information Security Center (GTISC) from 2004 to 2012. As director of GTISC, he led the development of several education and research initiatives, including a first of its kind MS degree in Cybersecurity. Dr. Ahamad’s research interests include reliable distributed systems and cybersecurity. He has published extensively in these areas, and papers co-authored by him have received numerous awards. He also collaborated on a World Economic Forum project on cyber risk. He served as co-chair of MAAWG’s Voice and Telephony Abuse Special Interest Group. Dr. Ahamad currently serves as director of the MS Cybersecurity degree program offered by Georgia Tech’s School of Cybersecurity and Privacy, which is delivered in in-person, online, and hosted formats. Dr. Ahamad has also led projects that resulted in the successful commercialization of research done by his group. He has co-founded Pindrop Security and Codoxo, and served as chief scientist of these companies. These venture backed companies have developed solutions that are now deployed at leading companies in the financial, retail and healthcare sectors. Dr. Ahamad received his Ph.D. in computer science from the State University of New York at Stony Brook in 1985. He received his undergraduate degree in electrical and electronics engineering from the Birla Institute of Technology and Science, Pilani, India.