FloCon 2022 has ended
Back To Schedule
Wednesday, January 12 • 12:45pm - 1:15pm
Discord Poster and Networking Session

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Posters will be presented via dedicated Discord channels. Attendees will have the opportunity to network with each other, discuss poster content with presenters, and continue conversations with speakers.

Enriching Honeypot Data Using Cyber Threat Intelligence
Speaker: Caitlin Allen
Cybersecurity is a rapidly growing field that becomes more complex as time goes on. There are numerous aspects of security that branch out into their own equally complex fields. Many companies and organizations struggle to properly prepare for attacks against them, and fail to utilize threat intelligence or offensive security measures to mitigate these attacks.
This project aims to take data gathered by honeypots to enrich reports that can be provided to cybersecurity experts to improve their security posture. While honeypots and threat intelligence are properly established in the field and have copious research behind their workings and capabilities, the knowledge around applying them to a readable format is limited. This research aims to bridge that gap between threat intelligence and security hardening. The project will be accomplished by creating a virtual network that emulates an enterprise network. Offensive security mechanisms will be installed on these machines in the appropriate sections to produce the results needed for enriching reports.

Cloud Maturity Benchmarking Survey
Speaker: Anokhy Desai
The COVID-19 pandemic has forced businesses to consider a shift from in-person work and managed operations to remote work and cloud-based operations. These changes put companies’ cloud capabilities to the test, as every business that uses the cloud wants to ensure a secure cloud-based working environment. On top of individual business requirements, industry requirements for cloud services vary by industry and even by business function. Therefore, it has become increasingly important for organizations to benchmark their cloud capabilities with other organizations in their industry in order to make adjustments, identify gaps, and note improvements to make between their current state and target future state. To capture this shift to the cloud and help organizations identify their cloud-related improvement areas, we were tasked with creating a benchmarking survey to help our client better understand the extent to which their clients were aware of, trained for, and have implemented strategies for cloud usage. In order to create that benchmarking survey, we had to develop a fitting cloud maturity model to provide survey respondents with their position within that model. After researching available cloud maturity models and their primary functions and audiences, we ultimately created a hybrid maturity model based primarily on Microsoft Azure’s and Open Alliance’s cloud maturity models. Our maturity model provides four stages that a survey respondent's organization would be matched to, from least to most proactive: preliminary, defined, quantitatively managed, and optimized. To determine the maturity level of the respondent’s organization, the survey is created to evaluate the organization’s transition to cloud in relation to its people, process and innovation. Upon taking the survey, respondents will be able to see where they stand at an appropriate maturity level overall and among their industry. Ideally, respondents would be matched to the highest maturity stage relative to their industry. If not, our client company would be able to view their clients’ outcomes and provide transformation services based on these results.

Application Labeling Using Time-Based Network Flow Features as an Alternative to Packet Payload-Based Methods 
Speaker: Anusha Sinha
Application labels have been used by network administrators and analysts to optimize and defend networks for decades. We created a pipeline to generate labeled data and train supervised classifiers to assign application labels to flow data. We used this pipeline to train a model using time-based flow features and compare it to the performance of a model trained directly on packet payload strings. We used these comparisons to draw conclusions on the importance of payload data for the characterization of 18 different application protocols. We also provided public access to the large labeled data-set used in our work.

A Taxonomy of Cyber Attacks in Smart Manufacturing Systems Through the Perspective of the NIST Cybersecurity Framework Manufacturing Profile
Speaker: Bethanie Williams
A revolution in manufacturing systems is underway with smart manufacturing becoming an integral component of the broader push towards Industry 4.0. As the modern manufacturing industry continues to bridge digital and physical environments through the use of Internet of Things (IoT), cloud systems, data analytics, and machine learning, this integration has led to an increase in cyber-physical attacks with ongoing discovery of new security challenges. We present a comprehensive study of the common security challenges and attacks faced by smart manufacturing systems today and use the NIST Cybersecurity Framework Manufacturing Profile as a guideline to address cyber incidents that have occurred within the manufacturing sector. The attack taxonomy we present identifies, defines, and classifies cyber-attacks in the smart manufacturing sector and will aid both researchers and manufacturers to determine which business function(s) is/are at risk as a result of such attacks and take protective measures accordingly.

avatar for Caitlin Allen

Caitlin Allen

Security Operations Analyst, Stripe
Caitlin M. Allen is a graduate from Champlain College with a degree in Computer Networking & Cybersecurity now working for Stripe as a Security Ops Analyst. Prior to making the transition to working in financial technology, Caitlin worked for Managed Services provider, NuHarbor Security... Read More →
avatar for Anokhy Desai

Anokhy Desai

Master's Student, Carnegie Mellon University
Anokhy Desai is an Information Security Policy and Management Master's student at Carnegie Mellon University and a law student at the University of Pittsburgh. She will be presenting with Abhilash Kashyap (Deloitte) and Pavithra Pradip (Intuit), both recent alums of the Information... Read More →
avatar for Abhilash R Kashyap

Abhilash R Kashyap

Abhilash is a Deloitte Advisory Analyst in the Model Risk Management practice. He graduated from Carnegie Mellon University with Master’s in Information Security Policy Management in 2021. His bachelor’s degree was in Computer Science with Data Science specialization from PES... Read More →
avatar for Pavithra Pradip

Pavithra Pradip

Security Analyst, Intuit
Pavithra is a Security Analyst in the Governance, Risk and Compliance group at Intuit. She graduated from Carnegie Mellon University with a Master’s in Information Security Policy and Management in 2021. Her bachelor’s degree was in Finance and Technology Management from Indiana... Read More →
avatar for Anusha Sinha

Anusha Sinha

Associate Machine Learning Research Scientist, CERT Division - SEI/CMU
Anusha Sinha is an Associate Machine Learning Research Scientist in the CERT Division of Carnegie Mellon University's Software Engineering Institute. She began working at CERT in 2018 and has contributed to the design and development software used to monitor and defend large networks... Read More →
avatar for Bethanie Williams

Bethanie Williams

Research Assistant, Tennessee Technological University
As a CyberCorps SFS Scholar and graduate student attending Tennessee Tech, Marena Soulet is currently researching security in smart manufacturing. In her spare time she enjoys hiking and swing dancing.Bethanie Williams is also a graduate student at Tennessee Tech. She is a full-time... Read More →

Wednesday January 12, 2022 12:45pm - 1:15pm EST