Elizabeth R Rasnick
Dr. Elizabeth Rasnick is an Assistant Professor at the University of West Florida’s Center for Cybersecurity. As a first-generation college student and a woman in STEM, she is driven to recruit and retain underrepresented populations into the cybersecurity talent pipeline. Her goal for students is that they understand cybersecurity is ever-evolving and they need to continuously update their skills. Dr. Rasnick’s research includes investigating recruitment and retention of underrepresented populations in cybersecurity, cybersecurity education, cybersecurity for critical infrastructure, and cybersecurity issues in supply chains. She has presented research and run workshops at regional, national, and international conferences. Dr. Rasnick often speaks to community groups about cyber essentials. She is currently serving as the president for the Florida affiliate of Women in Cyber Security (WiCyS-FL). Dr. Rasnick holds a B.S. in Computer Science from Longwood University and an M.S. in Computer Science and an M.B.A. and a Ph.D. in Information Technology from Old Dominion University. She has taught computer science and mathematics in public high schools and worked in industry as a programmer and on an incident response team.
Session
Everyone’s talking about securing cloud-native AI—but what about desktop applications, the unsung workhorses powering critical workflows in design, engineering, finance, and content creation? Often seen as “legacy,” today’s desktop apps are evolving—embedding local LLMs, enabling predictive UIs, intelligent automation, and offline inference.
This talk reframes the AI security conversation by spotlighting threats that emerge when AI meets the desktop. We’ll explore how these integrations open up new attack surfaces—prompt injection in embedded models, adversarial inputs, abuse of local inference, and vulnerable plugin ecosystems. These risks don’t replace traditional issues—they amplify them. Longstanding flaws like memory corruption, unsafe file parsing, and protocol-level bugs remain highly relevant.
We’ll demo two real-world attacks: prompt injection on a local model, and file-format fuzzing exposing a legacy crash. Then we’ll look at AI-aware threat modeling for desktop apps, including edge cases like tampered models and insecure automation. Finally, we’ll share practical strategies to integrate validation, fuzzing, and modeling into your secure SDLC.
If you thought desktop security was yesterday’s problem—think again. With AI in the mix, it’s more relevant, more complex, and more important than ever.