DARPA Wants a “Cognitive Fingerprint”

The Defense Advanced Research Projects Agency (DARPA) is the wellspring of U.S. government technology innovation. Now the agency is looking at what they’ve called a “cognitive fingerprint.” DARPA’s main goal with the project is to bypass what’s become the “current standard method,” for authentication: memorizing long passphrases.

Smell You Later

In 2009, the U.S. Department of Homeland Security hatched a plan to use body-odor as a method of identifying individuals. The DHS wanted to establish odor based biometric signatures that could uniquely identify both friend and foe. It then might be able to determine if changes in odor could be used as a tool to provide evidence of deception. Civil liberty groups cried foul.

Greg Hoglund

In his presentation on Friday, “Lateral Movement and Other APT Interaction Patterns within the Enterprise,” HBGary CEO Greg Hoglund reviewed a multitude of modern day Advanced Persistent Threats (APTs) while breaking down the four stages of an attack.

Terry McCorkle

Terry McCorkle, a Seattle-based researcher presented the results of an independent study on Supervisory Control and Data Acquisition Systems (SCADA) and Industrial Control Systems (ICS) where he and his research partner Billy Rios attempted to find 100 bugs in 100 days. They wound up finding 1000+ bugs in 8-9 months, 95 that were easily exploitable. McCorkle went on to call many of them “blatantly obvious” and “straight outta of the ‘90s.”

Denis Nazarov

Gathering his statistics from the Kaspersky Security Network, Denis Nazarov, head of Kaspersky Lab’s Anti-Malware Research US, compared infection rates on x86 and x64 versions of Windows while describing Kernel Patch Protection technology.

In a presentation on the second day, “Humans Are the Weakest Link,” Valery Boronin, Director DLP Research, R&D at Kaspersky Lab and Vera Trubacheva, a System Analyst at Kaspersky Lab, put DLP 1.0 (or at least a small stuffed animal) on trial, so to speak. Underscoring that when it comes down to it, end-users are responsible for security, the two discussed why human awareness is of the utmost importance when it comes to understanding potential security threats.

Investigators from Interpol, the Dutch High Tech Crime Unit (NHTCU), Germany’s Bundeskriminalamt (BKA), and the General Directorate for the Romanian Intelligence and Internal Protection (GDIIP) participated in a panel moderated by Threatpost editor Paul Roberts on the first day of the conference. The officials stressed that stagnant law, a lack of internal cooperation and advocates staunchly in favor of privacy frequently impede justice.

Peter Zinn

In a talk titled “To Boldly Go!” Peter Zinn, Senior Cybercrime Advisor for the Dutch National High Tech Crime Unit (NHTCU) spoke on his agency’s battles against online crime. Zinn detailed how the NHTCU was able to apprehend the operator of the Bredolab botnet after his girlfriend posted to her Facebook on his laptop and how social media tools like Google Maps and Flickr to hunt down cybercriminals responsible for child pornography and other “victimless” crimes. Looking to grow exponentially in the near future, Zinn claims the NHTCU will double in size this year – from 30 to 60 people.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.