Free

Exploring Obfuscated Mobile Malware & Cyber Security for AI Systems

Event Information

Share this event

Date and Time

Location

Location

Design Exchange Exhibition Hall - 3rd Floor

234 Bay Street

Toronto, ON M5K 1B2

Canada

View Map

Event description
Join us for two great talks to learn about mobile malware and how to implement cyber security programs for AI systems!

About this Event

Hey hackers! Who is excited for the next DEFCON Toronto event? The group for hackers, cyber security professionals, and enthusiasts. We are excited to have you join us for our joint March meetup with Leading Cyber Ladies at Design Exchange's Exhibition Hall, where we will have two fantastic talks.

This month's meetup is sponsored by Wealthsimple & Portag3 Ventures and hosted by Design Exchange!

Check them out!

Wealthsimple - https://www.wealthsimple.com/

Portag3 Ventures - https://p3vc.com/

Design Exchange - https://www.dx.org/

Talk #1: Adventures in Obfuscated Mobile Malware

Speaker: Kristina Balaam

Abstract: Adware is arguably the most prevalent form of malware targeting mobile device users today. Until now, much of the adware we've seen has been crudely developed and poorly obfuscated; the "low-hanging fruit" of the mobile malware research community. However, as official app stores like the Google Play Store increase security measures to prevent adware from targeting its users, developers are relying on more sophisticated techniques for hiding their malicious functionality and monopolizing on the profitable out-of-app ad revenue stream. One publicly traded company on the NYSE with a cumulative install base of a half-billion users produced some of the most popular applications on Google Play including "TouchPal", "Abs Workout" & "Drink Water Reminder". We'll look at their attempt to circumvent app store antivirus detections as a case study on the increase of sophisticated Adware in the mobile app ecosystem. We’ll discuss how they managed to bypass stringent security checks and the aftermath of their unveiling.

Bio: Kristina Balaam is a Security Intelligence Engineer at Lookout where she reverse engineers mobile malware. Prior to Lookout, she worked as a Mobile Application Security Engineer at Shopify, securing the company's Android applications. Kristina graduated with a Bachelor of Computer Science from McGill University in 2012 and is currently pursuing a MSc. in Information Security Engineering from the SANS Institute of Technology. She blogs about computer security on Instagram, Twitter and Youtube under the handle @chmodxx.

Talk #2: How to Develop a Cyber Security Program for AI Systems

Speaker: Laila Paszti

Abstract: AI systems, like all software systems have to be protected against vulnerabilities that can allow them to be exploited by cyberattackers. Moreover, such cyberattacks will be in novel forms (e.g. attacks targeting AI assistants, adversarial attacks (i.e. GANS), data poisoning, etc.). Companies developing and deploying AI systems should adopt cybersecurity practices that consider AI-specific vulnerabilities and the various modes of AI-specific cyberattacks.

This talk will present an overview of such AI specific vulnerabilities and attacks to be considered. A brief summary of best practices will also be presented. Such practices include implementing processes to monitor and manage AI-specific vulnerabilities in company infrastructure and code bases (e.g. pen testing), as well as incentivizing responsible disclosure of vulnerabilities by third parties (e.g. through 'bug bounty'/vulnerability disclosure programs).

Bio: Laila Paszti is a technology and privacy lawyer at Norton Rose Fullbright and previously was a machine learning engineer at Exxon Mobil. She routinely advises both Fortune 100 and start-up clients in Canada and the US on intellectual property strategy, data privacy and cybersecurity, and open source software usage. She has extensive hands on experience designing and deploying ML algorithms across a number of industrial sectors in North America. She has spoken most recently at the Linux FinTech Forum on open source usage for AI systems, the Toronto Machine Learning Mini Symposium on Healthcare on “Ethical and Legal Considerations in Healthcare,” and the Strata Data Conference on Responsible AI Innovation. Laila was also a faculty member for the Osgoode Certificate in Blockchains, Smart Contracts, and the Law. Laila holds a B.A.Sc. in Chemical Engineering from the University of Toronto, a M.A.Sc. in Chemical Engineering from the University of Waterloo and a J.D. from the University of Toronto. She is admitted to practice law in New York and Ontario (Canada). Laila is a Professional Engineer (P.Eng.).

Is your company hiring? At every DC416 event we give hiring managers the opportunity to do a "Call for Candidates" for open IT, Development, or Cyber Security related roles.

Want to learn more about DC416? Visit our site! http://dc416.com

Missed a DC416 talk? checkout the DC416 archives. https://dc416.com/archives/

Want to give a talk at DC416? Checkout our CFP. https://dc416.com/cfp/

Join the conversation on Twitter! Share and follow along with @defcon_toronto

Interested in sponsoring a DC416 event? Checkout our sponsors page! https://dc416.com/become-a-sponsor/

Not in our slack? Join here: https://dc416.com/slack-group/

Share with friends

Date and Time

Location

Design Exchange Exhibition Hall - 3rd Floor

234 Bay Street

Toronto, ON M5K 1B2

Canada

View Map

Save This Event

Event Saved