Skip to main content



Find us on

facebook youtube flickr twitter itunes u logo

Past Talks

John Stewart EPRI

John Stewart
Sr. Technical Leader, Cyber Security, EPRI
Securing Grid Control Systems
Friday, January 12, 2018
Sudikoff L045 Trust Lab
12:00 Noon

M. Todd Henderson

M. Todd Henderson
Professor of Law, University of Chicago
Hacking Trust: How the Social Technology of Cooperation Will Revolutionize Government
Thursday, January 11, 2018
Room 003, Rockefeller Center
Sponsored by: Rockefeller Center

Dr. Liz Bowman

Dr. Elizabeth Bowman
U.S. Army Research Laboratory
Artificial Intelligence, Machine Learning and Information: Army Social Computing Research
Tuesday, December 5th
Haldeman 041 Kreindler Conference Room
4:00 PM

Dr. Fabio Pierazzi

Dr. Fabio Pierazzi
Royal Holloway University of London
Network Security Analytics for Detection of Advanced Cyberattacks
Tuesday, November 28th
Sudikoff Trust Lab (L045)
12:30 PM

V.S. Subrahmanian

V.S. Subrahmanian
Dartmouth Distinguished Professor in Cybersecurity, Technology, and Society
Bots, Socks, and Vandals
Tuesday, November 14th
Carson L01
5:00 PM 

Rand Beers

Rand Beers ('64)
Big Data, the Internet, and Social Media:  The Road to the November 2016 Election
Wednesday, November 8th
Haldeman 41 (Kreindler Conference Hall)
4:30 PM 

Fright Night Imge

Wanna See Something REALLY Scary?
ISTS Looks at the Dark Web on Halloween Night
Tuesday, October 31st
udikoff  045 Trust Lab (dungeon)
7:30 PM - RSVP
Space is Limited 

Sal Stolfo

Salvatore J. Stolfo 
Columbia University
A Brief History of Symbiote Defense
Tuesday, October 31st
Rockefeller 003
5:00 PM

Dan Wallach

STAR-Vote: A Secure, Transparent, Auditable and Reliable Voting System

Professor Dan Wallach
Rice University
Thursday April 27, 2017
Carson L01, 5:00 PM

Ben Miller Dragos

Pandora's Power Grid - What Can State Attacks Do and What Would be the Impact?

Ben Miller
Chief Threat Officer, Dragos, Inc.
Tuesday May 2, 2017
Kemeny 007, 4:30 PM
Brendan Nyhan




Factual Echo Chambers? Fact-checking and Fake News in Election 2016.

Professor Brendan Nyhan
Dartmouth College
Thursday May 4, 2017
Rocky 001, 5:00 PM

Dickie George


Espionage and Intelligence

Professor Dickie George
Johns Hopkins University
Thursday May 11, 2017
Rocky 001, 5:00 PM

Dan Wallach

A Nation Under Attack: Advanced Cyber-Attacks in Ukraine

Ukrainian Cybersecurity Researchers
Thursday April 6, 2017
Oopik Auditorium 5:30 PM

ISTS Information Pamphlet



Institute for Security, Technology, and Society
Dartmouth College
6211 Sudikoff Laboratory
Hanover, NH 03755 USA

2015 Agenda

Tuesday, July 14, 2015

8:30 a.m.

Conference Registration and Full Buffet Breakfast 

Location: The Hanover Inn, Hayward Room

9:00 a.m.

Welcoming Remarks

Ellen Waite-Franzen
Vice President for Information Technology and Chief Information Officer, Dartmouth College 

9:30 a.m.

Keynote Address

Devon Chaffee, Executive Director of the ACLU of New Hampshire

View slides

10:45 a.m.

Break - Conference moves to Hopkins Center, Alumni Hall

11:15 a.m.

What is this, a school for ants? In Search of a Better Model for Information Security in Higher Ed

Joshua Beeman
Information Security Officer, University of Pennsylvania

View references for this presentation 

12:15 p.m.

Hopkins Center, Alumni Hall

1:30 p.m.

Future of IDS: Considerations for Keeping Up with Increasing Network Growth

Harry Hoffman
Director, Security and Resilience, Massachusetts Institute of Technology

View slides

2:30 p.m.

Using DNS to Protect Clients from Malicious Domains

Melissa Muth
Senior Information Security Analyst, University of Pennsylvania

View slides

3:30 p.m.

Beverages available in Alumni Hall

4:00 p.m.

Panel Discussion: Privileged Account Management and Multi-Factor Authentication 

Richard Biever, Chief Information Security Officer and Director of Identity Management, Duke University
Matt Brabazon, Dartmouth College


5:00 p.m.


Adam Goldstein
IT Security Engineer, Dartmouth College Information Technology Services

5:30 p.m.


Location: Dartmouth Outing Club House on Occom Pond

7:00 p.m.

Free Time for Dinner

Wednesday, July 15, 2015  
Haldeman Center

8:30 a.m.

Continental Breakfast
Location: Haldeman Center, Russo Gallery

9:00 a.m.

Day 2 Kick-off
Location: Haldeman Center, Kreindler Auditorium, Room 041

9:15 a.m.

Prioritizing Web Application Vulnerabilities – A Hacker’s Perspective 

Nick Silver
Principal Solutions Architect at Veracode

View slides

10:15 a.m.

VDI for Workstation Security

Loren Hudson, Tuck School of Business, Dartmouth College
William Daugherty, Norris Cotton Cancer Center

11:15 a.m.

From Data Straight-jacket to Armored Data: Duke's Protected Network for Conducting Research with Sensitive Data

Richard Biever
Chief Information Security Officer and Director of Identity Management, Duke University 

Mark DeLong
Director of Research Computing, Duke University

View slides

12:30 p.m.

Location: Dartmouth Outing Club House on Occom Pond

1:20 p.m.

Conference Wrap-Up
Location: Dartmouth Outing Club House on Occom Pond

Steve Nyman
Chief Information Security Officer, Dartmouth College 

The Conference will conclude at 2:00 p.m.

Talk Abstracts

What is this, a school for ants?  In Search of a Better Model for Information Security in Higher Ed - Joshua Beeman

Despite decades of concerted effort, we continue to see 0-days, bugs, and breaches worldwide.  Some security practitioners have come to the discouraging conclusion that we are not much better off than when we started, and that success may be unobtainable.  This session proposes that the way we frame Information Security shapes not only our professional outlook, but how successful we will be at affecting change across the many layers of our organization.  Mental models such as "cyberwar" and “cybercrime” will be discussed, as will the fictional character Derek Zoolander, and a suggestion for a "really, really, ridiculously good" mental model for information security in higher education.


Future of IDS: Considerations for Keeping Up with Increasing Network Growth - Harry Hoffman

Campus networks are now planning 40G and 100G upgrades. This talk will focus on various strategies, both architectural and hardware based, to keep up with the growth in these networks. We'll look at several popular solutions that exist and what the future might hold.


 Using DNS to Protect Clients from Malicious Domains - Melissa Muth 

Protecting against security threats is especially difficult on large University networks without centralized network security controls. Antivirus software and patching aren't enough to protect clients from zero-day threats, polymorphic malware, and malicious third-party ads hosted on otherwise legitimate websites. A DNS sinkhole is a lightweight method that the University of Pennsylvania is using to protect against these threats, leading to a 97% reduction in compromises. This talk will describe the architecture and lessons learned when going from pilot to production.


 Prioritizing Web Application Vulnerabilities – A Hacker’s Perspective - Nick Silver

The best application risk models not only capture technical risk factors, but also the business context in which an asset lives. Traditionally, this is done by auditing application owners on an array of questions in order to properly classify the asset and its data – but that takes time which could be better spent elsewhere. We interviewed dozens of hackers and asked them which vulnerabilities they would look for first depending on the type of attack they wanted to carry out. We’ll walk through several examples of how to use this data as a shortcut means for prioritizing risk without the need for any pesky audit questionnaires.


From Data Straight-jacket to Armored Data: Duke's Protected Network for Conducting Research with Sensitive Data - Richard Biever and Mark DeLong

In 2011, Duke started work on a “protected network” to house administrative sensitive data (e.g. SSNs). Since that time, Duke OIT, the IT Security Office, and research groups have made technical and policy modifications to the network resulting in over 30 research groups using the environment and relying on technical controls such as multi-factor for remote access, audit logging and analysis within Splunk, and segmentation within the environment. The model has shifted from a completely isolated and unplugged network with fixed resources to a model of well partitioned and isolated network with flexibly allocated computational and storage resources. Thanks to the involvement of Duke’s research groups, especially in the social sciences, a new set of IT and analysis tools are being developed and tested to provide fast and secure movement of data into the environment (SDN) and browser-based, fast-provisioning of desktop environments with research analysis tools built in. Tools to deploy on-demand cluster computing resources are also under development. Work is underway to use Internet2 technologies to federate authentication, making access to the Protected Network easier for collaborators at other universities. The result is that researchers are finding that computational resources can be matched to the demands of their analysis and their research teams, and the security context is less a constraint on their research plans.


Last Updated: 2/25/16