BU White Hat Conference Targets Online Child Exploitation

Featuring cybersecurity and digital forensics stakeholders from government, the private sector, and academia, the 4th annual International White Hat Conference, held May 31–June 2, 2023, focused on “Targeted Means to Combat Online Child Exploitation and Victimization.” Through workshops, competitions, and keynote sessions with expert panelists, the conference presented the challenges faced by law enforcement in the ongoing effort to curb online child abuse, while examining emerging technologies, laws, and policies designed to address the problem.

Hosted by BU’s Metropolitan College (MET) and the Center for Cybercrime Investigation & Cybersecurity in conjunction with Utica University and with support from the Department of Justice’s (DOJ) Bureau of Justice Assistance (BJA), the annual White Hat Conference is an effort to bring disruptive change to cybercrime investigation through the exploration of innovative techniques and global measures. The objective of the gathering is to establish effective criminal justice policies and preventative measures which can bring about more efficient investigations and successful prosecutions.

Overall attendance surpassed 1,300 participants from 71 countries worldwide, representing the continents of Africa, Asia, Australia, Europe, North America, and South America. The conference’s substantial international participation underlined the urgent need for strategies to combat online child exploitation and victimization worldwide. Historically a virtual conference, this year marked the first time the White Hat Conference had a physical presence on campus at Boston University.

Participants at the 2023 White Hat Conference pose for a group photo

Opening Ceremonies

As with last year, the conference was emceed by one of the inaugural graduates of MET’s Master of Science in Criminal Justice with concentration in Cybercrime Investigation & Cybersecurity program, Chris Kayser (MET’16), president and CEO of Cybercrime Analytics Inc., who also earned his Graduate Certificate in Cybercrime Investigation & Cybersecurity at MET. Presiding over the opening ceremonies, Kayser introduced Boston Police Captain Therese Kozmiski, MET Senior Associate Dean for Academic Affairs Lou Chitkushev (ENG’96), and MET Professor of the Practice and Director of Cybercrime Investigation & Cybersecurity Programs Kyung-Shick Choi (MET’02).

Following welcome remarks by Captain Kozmiski and Dr. Chitkushev, Dr. Choi—who is also founder of the White Hat Conference—outlined the distressing surge in online child sexual abuse, which exceeded 32 million reported cases in 2022 alone.

“The possession, manufacturing, and distribution of child sexual abuse material (CSAM) are the most prevalent from of abuse, accounting for 99.6 percent of reported cases last year,” explained Choi. “A growing body of research reveals a profound connection between those possessing CSAM and those committing actual-contact offenses with children. This connection underscores the urgency of addressing this issue as it poses a serious risk to child safety.”

Unfortunately, many law enforcement agencies lack the resources and expertise to extract potential evidential artifacts from technology, said Choi, noting that the conference is designed to tackle the crucial elements necessary for successful prosecution and prevention.

“We aim to pioneer new techniques and discuss effective criminal justice policies that facilitate proactive measures and efficient investigation,” he said. “We’ve invited international speakers and cyber experts from 15 countries, all gathered here to share knowledge and collaborate on a global solution to cybercrime. I am delighted to announce esteemed keynote speakers, expert panelists, and special guests from respected institutions and government agencies worldwide.”

Keynote Session I: State Agency

The first keynote session was introduced and moderated by Dr. Hannarae Lee, assistant professor of criminal justice at Bridgewater State University and co-chair of Bridgewater’s cybercriminology and cybersecurity graduate certificate program. Representing the perspective of state agencies, the session featured Jacquelyn Lamont and Ashley Polin of the Suffolk County, Massachusetts, District Attorney’s office, and focused on the safety, healing, and justice for child victims of online exploitation.

Lamont, who is supervisor of the forensic interview (FI) team and the director of youth safety and outreach for the DA’s office and Children’s Advocacy Center (CAC) of Suffolk County, explained that there were close to two thousand children referred to the CAC in Suffolk County (comprising the cities of Boston, Chelsea, Revere, and Winthrop) in 2019—the latest numbers available due to disruptions from COVID-19.

“That’s not every report to Child Protective Services,” said Lamont. “Those are only the ones that were sent for review to law enforcement. The majority of those were sexual abuse. Some of those involved online crimes against children.”

This trend, Lamont explained, is consistent worldwide. “In all the research I’ve seen, it’s in all countries that online crimes against children have been increasing. The numbers are continuing to increase both in 2021, 2022.”

Polin and Lamont outlined three main channels for reporting online child exploitation in Suffolk County: cyber tips, child disclosures, and multidisciplinary team (MDT) reports, which are designed to ensure comprehensive incident reporting, investigation, and victim support. Furthermore, the speakers explained that in Massachusetts, mental health professionals, law enforcement, and prosecutors work together at the local Child Advocacy Center to investigate potential cases.

Describing an initiative called “Stop Block Talk,” Polin explained that the primary purpose of the program is to educate parents, caretakers, and children to react when encountering something suspicious online—stop engaging, block the user, and talk to a trusted adult or file a report. Drawing a parallel between children learning to drive or learning how to play baseball, Polin noted that one doesn’t simply explain how to operate a motor vehicle or throw a ball—one has to teach them through hands-on practice.  “We want to shift that narrative and try to encourage parents and caretakers to show the child how to be safe online,” she said.

Keynote Session II: Federal Agency

Moderated again by Dr. Lee, keynote session two featured Special Agent Edward Bradstreet of the Department of Homeland Security, Homeland Security Investigations (HSI). Special Agent Bradstreet focused on four main points: how the Internet Crimes Against Children (ICAC) Task Force Program collaborates with Suffolk County and the Child Advocacy Center; how the dark web receives the bulk of attention when it comes to child exploitation content, even while end-to-end encryption (E2EE) apps, such as Snapchat and Instagram, also host such content; how “financial sextortion” blackmails minors for financial gain by threatening to expose then via CSAM; and how AI and deep fakes are muddying the waters around CSAM.

In a follow-up question, Dr. Lee inquired about the ability of law enforcement to take advantage of ChatGPT and other artificial intelligence functions in investigations. Agent Bradstreet noted that it will take time for government agencies to come up with policies around utilizing AI tools, due to the potential for misuse.

“A lot of our tools are integrating AI for detection algorithms, where you image a phone or a computer that forensics seized from a crime scene or search warrant and the algorithm will go through and detect chat—grooming chat or sexually explicit chat,” explained Bradstreet. “That is a big time saving for an examiner so they don’t have to manually go through. So, it’s embedded now in a lot of the tools we use but we’re going to need policies as well.”

Competitions

A major component to the proceedings were the competitions. The White Hat Cybercrime Investigation Competition featured 20 teams made up of college students and practitioners from countries such as Argentina, Brazil, Bolivia, Colombia, Peru, Spain, South Korea, Mexico, and the United States. The teams engaged in cybercrime investigation-focused activities centered on digital forensics and defended their evidence in “mock trials” presided over by an international panel of judges. Winning the Cybercrime Investigation Competition was Team Hungary: Fifty Shades of Grey Hat, comprising Krisztián Patrik Ari, Rebeka Tóth, and
Márió Mile.

The Student Paper Competition was judged on original, unpublished papers presented at the conference, with the first place going to one of Boston University’s own, Julia Stavola (MET’23), for her paper “The Victimization of Deep Fake in the Metaverse: Building Practical Management Framework.” Stavola is a recent graduate of BU MET’s Criminal justice master’s program, Crime Analysis concentration.

Career Fair

An essential part of the conference, especially for criminal justice students, recent graduates, and those seeking career options, was the career fair. Taking place on day two of the proceedings, the fair included a discussion between FBI Special Agent Alla Lipetsker and the Director of Cyber Range Programs Megan Martinez, moderated by MSCJ graduate and FBI Cybercrimes Analyst Madeline Nay (MET’18).

The speakers touched on career opportunities and roles in the FBI and the private sector, covering topics such as technical proficiency, continued education in the evolving field of cybersecurity, the importance of skills in critical thinking and communication, and the various paths to employment in the field, including internships.

According to Dr. Choi, “The White Hat Conference program is a foundational effort that enhances the current capacity of higher education to better serve students in cybercrime investigation and cybersecurity.”

“[The conference’s] primary objective is to advance the method and techniques employed in cybercrime investigation and enhance training provided to future law enforcement professionals,” Choi elaborated. “Furthermore, this conference will assist us with providing students with internship opportunities within this critical field through its career fair. This will help establish a collaborative approach that can further promote the development and implementation of successful internships in the core program.”

“See You Next Year”

Bringing the 4th International White Hat Conference to a close, Associate Dean Chitkushev observed that the reach of the conference has continued to expand over the years.

“It’s a pleasure to be here to close the conference after two very fruitful and excellent days full with connections, talks, establishing future collaborations, and really exploiting the future of both education but also industry and the government relations in the area of cyber security,” said Dr. Chitkushev, who is also an associate professor of computer science and cofounder and associate director of Boston University’s Center for Reliable Information Systems & Cyber Security (RISCS). “It was amazing to look at the problems that we discussed this year.”

Chitkushev thanked the speakers and panelists, the audience, and conference organizers Dr. Choi and Dr. Kyungseok Choo, who is associate dean of the Endicott College School of Social Science, Communication, and Humanities. He concluded by extending an invitation to attend the closing reception at BU’s new Center for Computing & Data Sciences.

“See you next year,” he said to applause.

MET Senior Associate Dean for Academic Affairs Lou Chitkushev (ENG’96), and MET Professor of the Practice and Director of Cybercrime Investigation & Cybersecurity Programs Kyung-Shick Choi (MET’02) pose with participants at the 2023 White Hat Conference

Sponsors

The White Hat Conference is sponsored by the US Department of Justice’s Bureau of Justice Assistance (BJA), part of a $880,000 research grant awarded to Dr. Chitkushev (PI), Dr. Choi (co-PI), and Dr. Choo (co-PI, representing Utica University) to advance the nation’s professional competency in combating cybercrime. According to Choi, “The BJA awarded BU MET’s CIC program a federal grant to support the project titled, ‘Student Computer Forensics and Digital Evidence Educational Opportunity Programs.’ This BJA program is a large-scale initiative to equip criminal justice practitioners and students with cybercrime investigation capabilities.”

Other sponsors included the US Department of Homeland Security, the FBI, Interpol, Europol, the Korean National Police University, and Utica University, among many other international organizations. See the full list of sponsors.

About BU’s Programs in Cybercrime Investigation & Cybersecurity

BU MET introduced criminal justice programs in 1973 and has been offering trailblazing graduate programs in Cybercrime Investigation & Cybersecurity (CIC) since 2015. The following are available fully online or in part-time formats on campus:

  • MS in Criminal Justice, concentration in Cybercrime Investigation & Cybersecurity: This eight-course program can be completed in as few as 8–16 months, and has been ranked among the top four Best Online Master’s in Criminal Justice Programs each year since 2015 (S. News & World Report). The program offers opportunities to develop essential skills within BU MET’s Virtual Security Lab, including hands-on experience with state-of-the-art digital forensic tools such as EnCase.
  • Graduate Certificate in Cybercrime Investigation & Cybersecurity: The four-course certificate program can be completed in 8–12 months and offers an interdisciplinary approach to criminal justice and cybersecurity. Students who earn the certificate will be eligible to take forensic examiner exams and can apply credits toward MET’s master’s programs in criminal justice or computer science.

Learn More

Learn more about the 4th International White Hat Conference and watch recordings of the entire event at live.bu.edu/whitehat/live-conference.

View all posts