DFRWS 2015 Keynote Speakers

Abstract: The defense of critical systems and data has never been more challenging. Foreign governments are using increasingly aggressive and multi-faceted approaches to steal trade secrets and customer data. Terrorists, hacktivists, and rogue nations are attempting to acquire and use cyber-enabled means to sabotage systems. Sophisticated criminal hackers remain a persistent threat. This keynote will discuss the current threat trends, with an emphasis on national security cyber threats, as well what the U.S. Department of Justice and the U.S. government as a whole are doing to address them. The speaker will touch on lessons learned over years of managing DOJ's response to major cyber incidents, including the cyber attack by North Korea on Sony.

Bio: Luke Dembosky is Deputy Assistant Attorney General at the Justice Department's National Security Division (NSD), where he manages NSD's newly created portfolio covering protection of national assets, including efforts to combat economic espionage, proliferation, and cyber-based national security threats, as well as its work on the Committee on Foreign Investment in the United States. Before joining NSD, Dembosky served as Deputy Chief for Litigation at the Criminal Division's Computer Crime and Intellectual Property Section. He previously served as the DOJ representative at the U.S. Embassy in Moscow, Russia, where he represented DOJ to Russia on matters of transnational crime, including cybercrime and intellectual property crimes, and worked with Russian law enforcement and other government officials to build cooperation between the two countries. Prior to working in Moscow, Dembosky was based in Pittsburgh as a member of DOJ's Computer Hacking and Intellectual Property (CHIP) network of federal prosecutors. He has been involved in some of the largest and most groundbreaking cyber-crime prosecutions and disruptions in U.S. history, including the GameOver Zeus botnet disruption, coordination of the Silk Road takedown, and U.S. v. Max Ray Butler. Prior to entering government service, Dembosky worked in civil practice at a Philadelphia law firm, and clerked for Judge Richard L. Nygaard of the U.S. Court of Appeals for the Third Circuit.

Jason Upchurch, Intel

Changing the Malware Economy

Abstract: The malware economy provides attackers with the resources needed to buy and sell their wares. We will examine a simple representation of the malware economy in terms of a supply pyramid and discuss how we manipulate the pyramid to cause the greatest effect. New technologies in the detection of code reuse in malware and reducing the trusted compute boundary to hardware will be introduced with respect to their effect on the malware economy. We will discuss attacks in terms of risk, cost, and returns and how to use technology to increase risk/cost while reducing returns to change the economics of the malware marketplace.

Bio: Jason Upchurch is a security research scientist and Principal Investigator for Intel Security Group, Intel Corporation. He is the lead researcher at the Center of Innovation, Anti-Malware Laboratory at the United States Air Force Academy. Prior to joining Intel at the Air Force Academy, Jason was a Sr. Lead Engineer at General Dynamics and was the subject matter expert for malicious software and reverse engineering. While with General Dynamics he had the honor of serving as the section chief of the DCFL Intrusions Section and technical manager for the GD assets in the NCIJTF/AG and DCISE at the DoD Cyber Crime Center (DC3). He is currently pursuing his PhD in Engineering - Security at the University of Colorado at Colorado Springs.

Ricky Connell

What keeps me up at night? - “Unsolved” problems in Incident Response

Abstract: With all of the talk about scale, cloud, and big data, does this change the way that we need to think about digital forensics?

Many standard models fall apart when you are working with a limited amount of computing, financial and even personnel resources and the potential, or actual, large intrusion. What choices get made in deciding where to focus resources, and how does that affect outcomes? How do you determine completeness for an incident or investigation?

This talk will provide a perspective on forensic analysis in the context of potential intrusions of large environments, especially relating it to how forensics fits into the incident response cycle.

Bio: Ricky Connell is the Director of Incident Response of Yahoo. He leads an international team that responds to all Security Incidents and Investigations at some of the world's busiest Internet destinations. The team's responsibilities encompass everything from internally discovered issues to bug bounty reports through HackerOne, running through the incident response cycle, and working with all parts of Yahoo to analyze and remediate issues. Previously Ricky was at Symantec, Verisign, and Stanford University as an individual contributor in security teams and also managing security and operations teams.


©2001-2016 DFRWS   |   dfrws [at] dfrws [dot] org  

DFRWS is a US 501(c)(3) non-profit organization.