Joint Colloquium Distinguished Lecture Series
On the Attack
Wednesday, November 18, 2009
Discovering new attacks can be fun and exciting, combining the cat-and-mouse intrigue of a spy movie with practical implications for millions of users. Done right, it can also be serious research, teaching us to build stronger systems, inspiring new kinds of defenses, and producing important real-world change. In this talk I will describe my work attacking voting machines, copy protection techniques, censorship software, and other systems, and show how studying security through the lens of security failures helps close the gap between research and reality. In contrast to “hacking,” this work requires careful science, often incorporating techniques from other kinds of failure investigations, case studies, user studies, and measurement studies. To anticipate attacks and mount strong defenses, I will argue, we need to understand technology at all levels--from silicon to social impacts.
J. Alex Halderman is an assistant professor of Electrical Engineering and Computer Science at the University of Michigan. His research spans applied computer security and tech-centric public policy. Dr. Halderman has studied topics ranging from passwords, data privacy, electronic voting, digital rights management, and cybercrime to technological aspects of intellectual property law and government regulation. In 2008, he was the lead author of the study that introduced the cold-boot attack, which defeats hard disk encryption by extracting secret keys from residual memory. He is also widely known for his investigation of the Sony CD-DRM "rootkit," in which he examined how DRM can be a threat to users' security, and his security analysis of the Diebold AccuVote touch-screen voting machine, which demonstrated the first voting machine virus.
|Return to EECS Joint Colloquium|