Mark your calendar and come join us for CAE Forum! CAE Forum is a live, real-time, online academic forum where members of the CAE community give non-technical presentations on topics of value to the CAE community.
CAE Forum is about sharing your ideas, knowledge, and expertise to empower and strengthen our community. It's that simple. CAE Forum presentations are normally held on the third Wednesday of each month during the fall and spring semesters.
Forum flyer
Presentation 1: CyberChef Lessons for Learning Encryption
Date: Wednesday, October 5, 2022
Time: 1:00-1:50 p.m. ET
Location:
Just log in as "Guest" and enter your name; no password required.
Audience: Students, professors, government
Presenter(s): David Hozza, Penn State University
Description: A walkthrough of a lesson that has helped Cybersecurity students understand Asymmetric Cryptography. Public-Private keys and digital signatures are exchanged in this fun exercise.
Presentation 2: Demystifying and exploiting IoT Timeout Behaviors in Smart Home
Date: Wednesday, October 5, 2022
Time: 2:00-2:50 pm EST
Location:
Just log in as "Guest" and enter your name; no password required.
Audience: Students, professors, government
Presenter(s): Chenglong Fu, Universityof North CarolinaCharlotte
Description: Although the Transport Layer Security (TLS) has been widely adopted to protect communications between IoT devices and servers, we find that the timeout detection in the TCP layer is decoupledfrom data protection in the Transport Layer Security (TLS) layer. This makes it possible to delay IoT messages without triggering alerts. Based on observation, we propose novel the Phantom-Delay attack and Delay-based Automation Interference (DAI) attack for smart home IoT systems that can induce hazardous and persistent consequences stealthily. Our evaluation demonstrates the applicability of our attacks on more than 50 popular IoT devices. The problem has been reported to the corresponding vendors and acknowledged by Google, Ring, and SimpliSafe.
A will be available within 48 hours of the presentation.