PRESS OFFICE • 15 MetroTech Center, 6th Floor, Brooklyn, NY 11201
For Immediate Release:
Contact: Kathleen Hamilton
Monday, October 6, 2014
718-260-3792/mobile 347-843-9782
kathleen.hamilton@nyu.edu
CONFERENCE WILL EXPLORE HOW TO AUTOMATE
CYBER SECURITY FASTER THAN THE HACKERS
NYU Polytechnic School of Engineering Announces NSA Chief of Tailored Access Operations
Robert E. Joyce as Keynote Speaker for THREADS symposium
How can human protectors keep watch over massively increasing lines of software code, now generated for millions of
devices and services—even as automated coding and hacking increase the speed of the onslaught?
Researchers and information security professionals will tackle the new challenge of automating security during the
THREADS conference, to be held during the 11th annual Cyber Security Awareness Week (CSAW) at the New York
University Polytechnic School of Engineering.
National Security Agency Chief of Tailored Access Operations Robert E. Joyce will open the two-day conference for
students, academics and professionals. Cutting-edge research and pragmatic advice will be offered by featured speaker White
Ops CEO Michael Tiffany and more than a dozen presenters from some of the best-known tech companies and research
institutions.
“The CSAW THREADS conference will present new research and workshops on integrating security into modern software
development and operations, focusing on automation, integration, detection, and response time,” said Dan Guido, the
school’s Hacker in Residence and founder of security company Trail of Bits. “We want to show how to make security a
fundamental part of development and operations–without turning it into a roadblock.”
CSAW THREADS—a peer-reviewed conference focused on pragmatic security research and discoveries in network attack
and defense—will be held Thursday and Friday, November 13 and 14, 2014, at NYU Polytechnic School of Engineering
in Downtown Brooklyn. It serves as a prelude to the world’s largest student information security event, CSAW.
Mr. Joyce leads an organization that provides tools and expertise in computer network exploitation to deliver foreign
intelligence to U.S. leadership and the intelligence community. He served at the NSA for more than 25 years, holding various
leadership positions within the Information Assurance and Signals Intelligence Directorates. He began his career as an
-more-
engineer and holds a bachelor’s degree in electrical and computer engineering from Clarkson University and a master’s
degree in electrical engineering from The Johns Hopkins University.
Presentations will include:

Marc-Etienne M. Léveillé of ESET—“Are Attackers Using Automation More Efficiently than Defenders?” He will
detail the highly automated attacks from Operation Windigo that successfully redirected more than 500,000 Internet
users to malicious content and sent millions of spam messages, even though it used an unreliable network running a
wide range of operating systems.

Mike Arpaia of Facebook—“Operating System Analytics and Host Intrusion Detection at Scale.” This presentation
will examine how to use, at no cost, the same software that Facebook employs to address the normally complex,
expensive task of host intrusion detection.

Scott J. Roberts of GitHub—“Building Your Own DFIR Sidekick.” He will discuss how to build a personalized
robot (using an open-source chat bot called Hubot Variable Threat Response) for rapid response, automation,
collaboration, reverse engineering, defense tasks (and finding cat pictures) on the web.

Neil Matatall of Twitter—“Security Automation Database (SADB): Two Years Later and Two Years from Today.”
He will describe Twitter’s security automation dashboard and detail how its security team uses open-source static
analysis tools to automatically identify issues in software before they reach production.

Jared Carlson and Andrew Reiter of Veracode—“Reasoning About Optimal Solutions to Automation Problems.”
They will outline research to help automate and scale techniques for recognizing weaknesses or malware in mobile
applications.

Xiaoning Li of Intel and Michael Crouse of Harvard University—“Transparent ROP Detection using CPU
Performance Counters.” They will explain how to use performance counters available on most modern computers to
detect subversive attacks without the usual performance penalties.

Scott Behrens and Andy Hoernecke of Netflix—“Cleaning Up the Internet with Scumblr and Sketchy.” They will
discuss ways to monitor sites like Pastebin, Google, and Twitter for database leaks or even planned hacktivist
attacks, using their open-source tools, and suggest other workflows for a robust proactive security system.

Nirav Dave of SRI International—“Smten and the Art of Satisfiability-Based Search.” The presentation will
introduce Smten, a tool that makes Satisfiability Modulo Theories (SMT)-based queries easier to use and enables
automated exploration of a program's security posture.

Artem Dinaburg and Andrew Ruef of Trail of Bits—“Static Translation of X86 Instruction Semantics to LLVM
with McSema.” They will demonstrate how their open-source and licensed McSema translator allows the analysis
of software downloaded from the Internet as though you wrote it yourself.

Michael Goffin and Wesley Shields of MITRE—“CRITs: Collaborative Research into Threats.” The presentation
will describe the open-source malware and threat repository used by hundreds of organizations to work
cooperatively to centralize their intelligence.

Brendan Dolan-Gavitt of Columbia University—“Reverse All the Things with PANDA.” He will describe how to
use the new, open-source tool for whole-system reverse engineering.

Laszlo Szekeres of Stonybrook University—“Code-Pointer Integrity.” He will introduce new exploit mitigations
that guarantee the integrity of all code pointers in a program (e.g., function pointers and saved return addresses) and
thereby prevent control-flow hijack attacks, including exploits that use return-oriented programming.

Omar Ahmed of Etsy and Tyler Bohan of the NYU Polytechnic School of Engineering—“Augmenting Binary
Analysis with Python and Pin.” The researchers will profile several real-world use cases for the Intel Pin framework
and introduce an easy-to-use Python wrapper to lower the bar for wider adoption.
-more-
For more information and to register, visit https://csaw.isis.poly.edu/threads.
Institutions supporting CSAW include: Gold Sponsor—the U.S. Department of Homeland Security; Silver Sponsors—
GitHub and Yahoo; Bronze Sponsors—Facebook, National Security Agency, NCC Group North America, Palantir, and
Raytheon; and Supporting Sponsors—Accuvant, BlackRock, Cigital, FireEye, Intel, NYU Information Systems and Internet
Security, Microsoft, MIT Lincoln Laboratory, PwC, Sandia National Laboratories, Stroz Friedberg, Trail of Bits (founding
sponsor of THREADS), Two Sigma, United States Secret Service, and Yelp.
The NYU Polytechnic School of Engineering was one of the first universities to develop a cyber security program, launching
its master’s degree in cyber security in 2009. Since then, graduates have gone on to careers as developers of security
products, security application programmers, security analysts, penetration testers, vulnerability analysts, and security
architects. The school also offers numerous cyber security courses and extra-curricular opportunities for undergraduates. It
has received all three Center of Excellence designations from the National Security Agency and the United States Cyber
Command. Its cyber security program was previously singled out by the Sloan Consortium as the outstanding graduate online
program.
The NYU Polytechnic School of Engineering dates to 1854, when the NYU School of Civil Engineering and Architecture as well
as the Brooklyn Collegiate and Polytechnic Institute (widely known as Brooklyn Poly) were founded. Their successor
institutions merged in January 2014 to create a comprehensive school of education and research in engineering and applied
sciences, rooted in a tradition of invention, innovation and entrepreneurship. In addition to programs at its main campus in
downtown Brooklyn, it is closely connected to engineering programs in NYU Abu Dhabi and NYU Shanghai, and it operates
business incubators in downtown Manhattan and Brooklyn. For more information, visit http://engineering.nyu.edu.
###