Abstract: Billions of users trust the telephone network with their most sensitive communications, including commerce, banking, industry, and personal communications. These users trust that the telephone network functions reliably despite the fact that telephones are the instrument of billions of dollars of fraud and abuse annually. This fraud is possible because telephony networks, including landline, cellular, and VoIP, have weak or non-existent abilities to identify and authenticate users. In this talk, we will examine how phone networks are being misused for authentication and secure communications. We will then see how new systems leveraging techniques from networking, cryptography, and signal processing can provide strong authentication of phone calls. These techniques will pave the way for a more trustworthy telephone infrastructure.

Short Bio: Brad Reaves is a doctoral candidate at the University of Florida, where he serves as the lead graduate student for the Florida Institute for CyberSecurity (FICS) Research. His research is dedicated to measuring and improving the security and privacy of computer systems, with a particular emphasis on telephony networks and software for mobile platforms. This work has addressed detection and measurement of mobile malware in the wild, identified systemic risks in developing world mobile money systems, and provided new techniques to distinguish legitimate and fraudulent phone calls. He holds an MS in Computer Science from Georgia Tech as well as a BS and MS in Computer Engineering from Mississippi State University. His work has been recognized with two best paper awards, and he was named an NSF Graduate Research Fellow in 2010.