Connect with Southern Poly

Facebook link Twitter link YouTube link

Apply to Southern Polytechnic State University

Visit Southern Polytechnic State University

Request information about Southern Polytechnic State University

SPSU Center for Information
Security Education
Building J
Suite 387
1100 South Marietta Pkwy
Marietta, GA 30060

Svetlana Peltsverger, Ph.D.
Director
speltsve@spsu.edu
678-915-4285

Home >> Information Security >> Brown Bag Seminars >> Brown Bag Seminars

Brown Bag Seminars

The CISE Brown Bag Seminar series features CSE faculty and guest speakers on a variety of topics of particular interest to the computing community.

Upcoming Brown Bag Seminars


Date: Friday, November 20, 2009
Time: 10:00am - 11:00am
Location: J-381
Speaker: Mr. Richard Austin, MS, CISSP, MCSE
Title: Forensics in the Large: Multi-Petabyte Storage Arrays

Abstract: As organizations’ appetite for data continues to grow and IT budgets remain under pressure, storage consolidation is one of the tactics chosen to allow continued growth in capacity while simplifying storage management. However, these large storage arrays present a daunting task when it becomes necessary to collect digital evidence. This presentation will review the challenges and best practices when performing digital forensics in the large.

About the Speaker:
Richard Austin Mr. Richard Austin is a seasoned IT professional with over 30 years experience in positions ranging from software developer to security architect. He accepted early retirement from Hewlett Packard in 2007 to pursue his interests in teaching at the university level and providing independent cybersecurity advice. He holds the CISSP certification and is an active member of the Storage Network Industry Association (SNIA) Security Technical Working Group where he contributes to development of industry best practices, standards and whitepapers. He contributes to defining cloud security through participation in Working Group 6 of the Cloud Security Alliance and VoIP security through the baseline standards group of the Internet Security Alliance VoIP Security Project. He is a published author and frequently writes and presents on the subjects of storage network security, ethics and digital forensics. He has a solid track record in assessing security risks and compliance requirements within the enterprise business environment, developing processes and plans to enhance the security posture, articulating those plans to senior management and carrying them through to successful implementation.

For further information, please contact Dr. Andy Wang.

 


Date: Friday, November 13, 2009
Time: 10:00am - 11:00am
Location: J-381
Speaker: Dr. Junfeng Yao, Xiamen University, China

Title: Scene Reconstruction and Visualization with Internet Photo Collections

Abstract: The Internet is becoming an unprecedented source of visual information, with billions of images instantly accessible through image search engines such as Google Images and Flickr. These include thousands of photographs of virtually every famous place, taken from a multitude of viewpoints, at many different times of day, and under a variety of weather conditions. A user simply enters relevant keywords and the system automatically downloads images, reconstructs the site, derives navigation controls, and provides an immersive interface. We will discuss the latest development of algorithms leveraging such photos to create new 3D interfaces and models for virtually exploring our world. This talk is related to mainly Computer Vision and Computer Graphics. Those algorithms reconstructing 3D scenes from 2D Internet photo collections are divided into two kinds: one kind is the new computer vision algorithm required to reconstruct 3D geometry from large Internet photo collections; and the other is 3D navigation algorithm that enable new ways to explore photo collections and scenes in 3D. The advantage, disadvantage and the possible improvement of the algorithms will also be discussed.

About the Speaker:
Dr. Junfeng Yao is an Associate Professor in the Software School at Xiamen University, China. He is currently a visiting scholar in the School of Computing and Software Engineering at SPSU. He received his Ph.D. in Computer Science, specialized in Computer Simulation, from the Central South University in China in 2001. He conducted his post-doctoral research work in Tsinghua University in the area of Electrical Simulation and Controlling. Dr. Yao's primary research area is Computer Simulation theory and application, with a focus on 3D Virtual Human Being.

For further information, please contact Dr. Andy Wang.

 


Past Brown Bag Seminars


Date: Friday, October 2, 2009
Time: 11:30am - 12:30pm
Location: J-131
Speaker: Mr. Haim Sternberg, President/CEO - Cherry Systems
Title: The Missing Links to Understanding the Value of Data

Abstract: Due to the lack of common “language” to describe our relation to data, we use terms such as “vital, critical, very important, can’t live without; My whole life depends on it, etc.” Data, unlike many other valuable we interact on a regular basis, has no physical dimensions we can commonly relate too. We may all agree that all data, large or small, have an exact monetary “value”, which is one very important attribute but still very loosely defined.

I would like to suggest that data have at least 5 additional attributes (and quite likely more) which are important to clearly define so that we can more precisely communicate our needs, access, usage and protection in regards to the data:

  1. Static value (This is the value most likely mentioned)
  2. Physical dimension
  3. Dynamic (time) value
  4. Cost to keep it “flowing”
  5. Emotional value
  6. Legal value
  7. Reputation
  8. The trade value
If we could attach all or some of the attributes above to a “data-element” and have those attribute being a part of the data record just like the file name, the size, the creation date etc., then our communications in the board room, the data centers, the data security meetings will be much clearer and consistent for all attendees. Then we can truly talk about spending XX% to safeguard the data, based on its “true value” to the organization.

About the Speaker:
Haim Sternberg Haim is a 40 year experienced IT professional focusing in the past 20 years in data recovery technology and as a data availability advocate. He has served for the past 20 years as the President of Cherry Systems Data Recovery, providing services of data recovery, forensic and computer/network administration. Cherry Systems serves a wide range and variety of customers, from the large to the micro small business and individual. Haim has strived to maintain a balance between the technology and the human experience with data loss, erring on the human issues of data availability.

Prior to Cherry Systems, Haim was Vice President of Technical Services and Customer Service at Agency Management Services, a travel-related turnkey computer system provider also in Atlanta. In that capacity he learned first hand the “value of data”.

Haim received both an undergraduate degree in Industrial Engineering and a Master of Industrial Management from the prestigious Technion Israeli Institute of Technology in Haifa, Israel where he also served as assistant professor in Statistics.

For further information, please contact Dr. Andy Wang.

 


Date: Friday, September 18, 2009
Time: 10:00am - 11:00am
Location: J-381
Speaker: Dr. Junfeng Yao, Xiamen University, China
Title: Research and Applications of the 3D Virtual Human Being

Abstract: 3D graphics and visualization technology are gaining popularity and more applications in business, academia, as well as everyday life. With its displaying power and immersive interactivity, 3D technology brings users better experience with the content that is otherwise not adequate or even possible. It is interesting to apply 3D technology to model and simulate human beings for various purposes, including hairstyle design, facial expression animation, virtual human modeling, garment fitting and virtual human walking. The technology can be widely used in cartoon design, game development, fashion design, process simulation, and so on. In this talk, we will present some key algorithms applied to modeling and simulation of virtual human beings, virtual texture, and virtual fitting. A 3D middleware of virtual human being will also be introduced which can be applied in software systems adapted for mobile computing devices, and execute on computer and worldwide web. We will talk about some of our research on the VR (virtual reality) systems we have developed, and demonstrate some example applications in modeling industrial processes, equipment assembling, handicraft designing, flower blooming process and so on. This talk does not assume any knowledge on 3D graphical algorithms or VR, thus it will be suitable (and hopefully interesting!) for a general audience.

About the Speaker: Dr. Junfeng Yao is an Associate Professor in the Software School at Xiamen University, China. He is currently a visiting scholar in the School of Computing and Software Engineering at SPSU. He received his Ph.D. in Computer Science, specialized in Computer Simulation, from the Central South University in China in 2001. He conducted his post-doctoral research work in Tsinghua University in the area of Electrical Simulation and Controlling. Dr. Yao's primary research area is Computer Simulation theory and application, with a focus on 3D Virtual Human Being.

For further information, please contact Dr. Andy Wang.

 


Date: Friday, October 24, 2008
Time: 10:00am - 11:00am
Location: J-381
Speaker: Dr. Orlando Karam and Dr. Svetlana Peltsverger
Title: Database Security: A Buffet of Topics

Abstract: In this talk we will provide pointers to discussions of several topics, including the pros and cons of prepared SQL statements and its implications for SQL injection attacks; second-order SQL injection attacks, stored procedures and their implications for SQL injection attacks, and the applications of security typing for databases.

For further information, please contact Dr. Andy Wang.

 


Date: Friday, November 7, 2008
Time: 11:00am - 12:00 noon
Location: J-381
Speaker: Mr. Nanlin Xiao
Title: IPlatform: Advanced Computing Paradigm and R&D Vision from CyberObject (to be finalized)

Abstract: To be posted soon.

For further information, please contact Dr. Andy Wang.

 


 

Date: Tuesday, September 16, 2008
Time: 2:00pm - 3:00pm
Location: J-381
Speaker: Dr. Jingshan Huang, Benedict College, SC
Title: Ontology and Semantic Integration Techniques

Abstract: Ontologies are formal, declarative knowledge representation models. They form a semantic foundation for many domains, such as Web services, E-commerce, and service-oriented computing. However, because their designers have different conceptual views of the world, the resultant ontologies are heterogeneous, which can lead to misunderstandings. Therefore, ontologies from different partners need to be related and to reuse each other’s concepts. Three systems are described in this seminar, Puzzle, Compatibility Vector System (CVS), and Similar Ontology Concept ClustERing (SOCCER), with the focus on the last one. These semantic integration techniques aim to reconcile the heterogeneity from distributed ontologies. Finally, direction on future research, i.e., to integrate semantic integration techniques into component-based software engineering, is briefly discussed.

Bio Sketch of Speaker: Dr. Jingshan Huang earned his Ph.D. degree in Computer Science and Engineering in 2007 from Computer Science and Engineering Department at the University of South Carolina, and is an Assistant Professor in Mathematics and Computer Science Department at Benedict College. Dr. Huang is a member of Sigma Xi, IEEE, AAAI, SIAM, and a review board member of Journal of Open Research on Information Systems (JORIS). He has published 20 peer review papers, and has served as a program committee member for 16 international conferences and is a technical paper reviewer for 13 journals and conferences. Dr. Huang’s research interests include ontology matching/aligning, ontology quality, semantic integration, Web services, and service-oriented computing. He can be reached at huangj@benedict.edu.

For further information, please contact Dr. Andy Wang.

 


Date: Friday, August 29, 2008
Time: 10:30am - 11:30am
Location: J-381
Speaker: Dr. Kai Qian
Title: SQL Injection Attacks and Web Services Security

Abstract: Recently SQL Injection Attack (SIA) has become a major threat to Web applications. The REST web services is a web service architecture replacing SOAP-based web services in SOA. The SIA vulnerabilities are major security issue in REST web services as well. Via carefully crafted user input, attackers can expose or manipulate the back-end database of a Web application. This seminar talk describes the security holes in REST web services and proposes the strategies for protecting the REST web services.

If time allows, the speaker will also discuss various options for maintaining states in web services. We will look at JAX-WS web services in particular to demonstrate the methods in order to compare and contrast them according to their strengths and weakness.

Here are the PPT slides for this Brown Bag discussion:

Kai_SQL_Injection_8-29-2008.pdf and
Kai_WS_Security_8-29-2008.pdf

For further information, please contact Dr. Andy Wang.


Date: Friday, August 15, 2008
Time: 10:30am - 11:30am
Location: J-381
Speaker: Dr. Andy Wang & Dr. Frank Tsui
Title: Secure Software Development

Abstract: Software security is a key element for information security. Software vulnerabilities jeopardize software products, software applications, and information assets in general. For commerial-off-the-shelf (COTS) component users, it is essential to make sure that the component does not contain any Trojan horses before purchase it. For software component vendors, it is important to build security in every stage of software life cycle rather than add security on a released product as patches or revisions. Current software development process does not work well for generating secure software. This seminar will focus on how to enhance the development life cycle to produce secure software.

Here are the PPT slides used during discussion: Andy_8-15-2008.pdf, and Frank_8-15-2008.pdf

For further information, please contact Dr. Andy Wang.


Date: Friday, July 18, 2008
Time: 10:00am - 11:00am
Location: J-390
Speaker: Dr. Andy Wang and Mr. Neil Bhadsavle
Title: Research Issues in Cell Phone Forensics

Abstract: This seminar reports our on-going research project in the area of cell phone forensics. The main difference between cell phone forensics and computer forensics is that in cell phone forensics, one has to deal with multiple different "operating system" software standards, which makes creating a universal standard tool near to impossible. Since the software is embedded and more special purpose than computers, solutions for obtaining data are non-standardized thus causing a need for vast solutions. With the advent of new phones coming into the market at an exponential rate, as well as new companies coming into the market using a whole different blend of proprietary software, the problem has been even more compounded as time progresses. The purpose of a cell phone forensic tool is to obtain data from a cell phone without modifying the data. The tool should provide critical updates in time to keep pace of the rapid changes of cell phone hardware and software. The tools can be either forensic or non-forensic, which each of them providing different challenges as well as allowing for different solutions. Forensic tools are tools that are designed primarily for uncovering data from cell phones, while non-forensic tools are not designed for uncovering data but can be manipulated for that purpose. Two different methodologies have been used to address this situation, either reduce the latency period between the introduction of the phone and the time the cell phone forensic software is available for that phone or create a baseline to determine the effectiveness of a tool on a certain device. We will discuss our progress using these two methods in this seminar discussion.

For further information, please contact Dr. Andy Wang.

 


Date: Monday, December 10, 2007
Time: 2:00pm - 3:20pm
Location: J-381
Speaker: Dr. Charles L. Isbell, Jr., Georgia Tech
Title: Implementing Threads: Practical Issues in Restructuring a Computing Curriculum

Abstract: Georgia Tech's College of Computing has recently overhauled its undergraduate degree based upon Threads, a new structuring principle for computing curricula. For those interested in computer science education, Threads provides a clear path for reinventing and re-invigorating computer science degree programs. For students, parents and employers, Threads provides a cohesive, coordinated set of contexts for understanding computing skills.
The union of all threads covers the breadth of computer science. The union of any two threads is sufficient to cover a computer science degree. In this talk, I describe what Threads is and, just as importantly, what it is not; the process our department followed to create and update our set of threads; the actual threads we have created; support mechanisms we have developed to make them a part of a successful undergraduate experience; the impact they have had so far; our efforts at assessment and evaluation; practical issues that have arisen in rolling out the new curriculum; and some of our future plans.

About the Speaker: Dr. Charles L. Isbell, Jr. received his B.S. in Computer Science in 1990 from the Georgia Institute of Technology. Awarded a fellowship from AT&T Bell Labs, he continued his education at the AI Lab at the MIT. After earning his Ph.D. in 1998, Charles joined AT&T Labs/Research. In the fall of 2002, he returned to Georgia Tech to join the faculty of the College of Computing.
Charles' research interests are varied, but the unifying theme of his work in recent years has been the application of statistical machine learning to domains involving many intelligent and autonomous agents, especially when some of those agents may be humans. In addition to his scientific articles, his research work has been featured in the popular media, including The New York Times, the Washington Post and books on cartography and art.

For further information, please contact Dr. Andy Wang.


Comments and suggestions: Please contact 678-915-4292 or jwang@spsu.edu.