Débute à 
Prix: free
316
3644, rue Peel
Montréal (QC) Canada  H3A 1W9

Le Centre des politiques en propriété intellectuelle de McGill et le Centre de Recherche en droit public accueillent Alana Maurushat (University of New South Wales).


Abstract


This presentation looks at how big data analytics are used to monitor security vulnerability disclosures in the dark market, and how to prevent the zero day vulnerabilities from becoming escalated acts of persistent advanced cybersecurity threats. A software vulnerability is a weakness in a computer system that can be exploited by an attacker.  A zero data exploit is a vulnerability that is exploited against a target on the day on which public awareness of the existence of the vulnerability occurs (that is, zero days have elapsed since between the awareness and the use).


Vulnerabilities are lucrative commodities in the dark market as well as in legitimate markets. For example, the US government purchased vulnerabilities to launch the Stuxnet virus that slowed down Iran’s nuclear power program. This also includes monitoring of hacktivists and ethical hackers through social media, the dark market, 4chan, and through FBI infiltrated technology services.


The paper draws on work undertaken over the last six years both in the fields of security vulnerabilities, and ethical hacking drawing on analytics from the media and blogs, as well as analytics run on a number of hacking and cyber jihad dark market forums. It will be demonstrated that there are fewer safeguards in place for this type of big data surveillance than there are for more traditional (and the focus of media stories) big data uses in national security, and in particular for terrorism. It will be argued that more transparency and safeguards are required for less known forms of big data surveillance.


About the speaker


Alana Maurushat is currently Senior Lecturer at the Faculty of Law, and Director of The Cyberspace Law and Policy Centre at the University of New South Wales. Her areas of expertise include big data for national security and law enforcement; cybersecurity, cybercrime and cyberwar; ethical hacking; digital copyright; and online civil liberties.



Cette activité ne fait pas l’objet d’une reconnaissance pour la formation continue au Barreau du Québec et à la Chambre des notaires du Québec.


En conséquence, aucune heure de formation continue n’est attribuée à cette activité.

Hacktivism & Cybercrime
Consulté 77 fois