As a culturally and economically open nation, the United States (US) has thrived on the wealth that cyberspace and technologies have enabled. However, just as cyberspace and technologies provide new opportunities for governments and businesses to operate and expand their presence and reach, it also presents opportunities for those with criminal intentions and leaves us, as individuals, communities, organizations, and as a nation, highly exposed to the threat of cyberattacks and a broad spectrum of malicious activities. An open nation cannot shut down its cyber systems for fear of these threats but instead, it must build the national resilience needed to maintain an open yet secure cyberspace. Short-term technical measures (e.g., patching known vulnerabilities) are not adequate in addressing the constantly evolving cyber threat landscape and the broad spectrum of attacks. In addition to the technical challenges, associated legal and policy challenges need to be considered in the design and deployment of such solutions in practice.
In this presentation, we will explore the challenges from technical, legal, and policy perspectives. For example, how do we use machine/deep learning to facilitate the detection of real-time attacks against IoT devices and systems, and how can we automatically identify and collect digital evidence in a forensically sound manner that can be subsequently used for cyber threat intelligence? In the event that the attackers use sophisticated tools to obfuscate their trails, can we design machine/deep learning techniques to unobfuscate and/or identify and exploit vulnerabilities to get access to digital evidence? What are the potential legal implications and challenges? Can we also design explainable AI techniques to facilitate the explanation and inclusion of such digital evidence and cyber threat intelligence in court proceedings or presentations to C-level or boards in organizations? Based on these discussed challenges, we will identify potential opportunities for stakeholders in academia (e.g., students and researchers), industry, and government.
Kim-Kwang Raymond Choo received a Ph.D. in Information Security in 2006 from Queensland University of Technology, Australia. He currently holds the Cloud Technology Endowed Professorship at The University of Texas at San Antonio. He is the founding co-Editor-in-Chief of ACM Distributed Ledger Technologies: Research & Practice, and the founding Chair of IEEE Technology and Engineering Management Society Technical Committee (TC) on Blockchain and Distributed Ledger Technologies. He is the recipient of the 2022 IEEE Hyper-Intelligence TC Award for Excellence in Hyper-Intelligence Systems (Technical Achievement award), the 2022 IEEE TC on Homeland Security Research and Innovation Award, the 2022 IEEE TC on Secure and Dependable Measurement Mid-Career Award, and the 2019 IEEE TC on Scalable Computing Award for Excellence in Scalable Computing (Middle Career Researcher).
His research has been supported by funding agencies in the U.S. (NASA, National Security Agency, National Science Foundation, U.S. Department of Defense, U.S. Office of Juvenile Justice and Delinquency, CPS Energy, LGS Innovations, MITRE, Texas National Security Network Excellence Fund) and Australia (National Health and Medical Research Council, Australian Government National Drug Law Enforcement Research Fund, Australian Government Cooperative Research Centre for Data to Decision, Lockheed Martin Australia, auDA Foundation, Government of South Australia, BAE Systems stratsec, Australasian Institute of Judicial Administration Incorporated, Australian Research Council).