The Defense Advanced Research Projects Agency (DARPA) is the wellspring of U.S. government technology innovation. Now the agency is looking at what they’ve called a “cognitive fingerprint.” DARPA’s main goal with the project is to bypass what’s become the “current standard method,” for authentication: memorizing long passphrases.
Browsing Category: Slideshow
Researchers at the American University of Beirut in Lebanon have been working on software that doesn’t analyze what passwords are typed, but rather how words are typed.
The British Comedy troupe Monty Python famously joked about the strange strides emanating from the farcical Ministry of Funny Walks. But even normal looking walks can be quite distinctive. According to researchers at Shinshu University in Tokida, Japan, computers aided by 3D image processing technology can identify an individual with up to 90% accuracy just based on their gait.
In 2009, the U.S. Department of Homeland Security hatched a plan to use body-odor as a method of identifying individuals. The DHS wanted to establish odor based biometric signatures that could uniquely identify both friend and foe. It then might be able to determine if changes in odor could be used as a tool to provide evidence of deception. Civil liberty groups cried foul.
In his presentation on Friday, “Lateral Movement and Other APT Interaction Patterns within the Enterprise,” HBGary CEO Greg Hoglund reviewed a multitude of modern day Advanced Persistent Threats (APTs) while breaking down the four stages of an attack.
Terry McCorkle, a Seattle-based researcher presented the results of an independent study on Supervisory Control and Data Acquisition Systems (SCADA) and Industrial Control Systems (ICS) where he and his research partner Billy Rios attempted to find 100 bugs in 100 days. They wound up finding 1000+ bugs in 8-9 months, 95 that were easily exploitable. McCorkle went on to call many of them “blatantly obvious” and “straight outta of the ‘90s.”
Gathering his statistics from the Kaspersky Security Network, Denis Nazarov, head of Kaspersky Lab’s Anti-Malware Research US, compared infection rates on x86 and x64 versions of Windows while describing Kernel Patch Protection technology.
In a presentation on the second day, “Humans Are the Weakest Link,” Valery Boronin, Director DLP Research, R&D at Kaspersky Lab and Vera Trubacheva, a System Analyst at Kaspersky Lab, put DLP 1.0 (or at least a small stuffed animal) on trial, so to speak. Underscoring that when it comes down to it, end-users are responsible for security, the two discussed why human awareness is of the utmost importance when it comes to understanding potential security threats.
Investigators from Interpol, the Dutch High Tech Crime Unit (NHTCU), Germany’s Bundeskriminalamt (BKA), and the General Directorate for the Romanian Intelligence and Internal Protection (GDIIP) participated in a panel moderated by Threatpost editor Paul Roberts on the first day of the conference. The officials stressed that stagnant law, a lack of internal cooperation and advocates staunchly in favor of privacy frequently impede justice.
In a talk titled “To Boldly Go!” Peter Zinn, Senior Cybercrime Advisor for the Dutch National High Tech Crime Unit (NHTCU) spoke on his agency’s battles against online crime. Zinn detailed how the NHTCU was able to apprehend the operator of the Bredolab botnet after his girlfriend posted to her Facebook on his laptop and how social media tools like Google Maps and Flickr to hunt down cybercriminals responsible for child pornography and other “victimless” crimes. Looking to grow exponentially in the near future, Zinn claims the NHTCU will double in size this year – from 30 to 60 people.