1st International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures (SecSoft)

June 24, 2019 // Paris, France

ASTRID Project Logo SPEAR Project Logo CYBER-TRUST Project Logo REACT Project Logo SHIELD Project Logo 5GENESIS Project Logo

Program

Monday, June 24th, 2019

9:00 a.m. – 9:10 a.m.
Room: TBD

Welcome Session
Session Chair: Matteo Repetto, CNIT, Italy

9:10 a.m. – 10:30 a.m.
Room: TBD

TS1 – Cyber-security in NFV/SDN
Session Chair: Panagiotis Sarigiannidis, University of Western Macedonia, Greece

A proposal for trust monitoring in a Network Functions Virtualisation Infrastructure
Marco De Benedictis, Politecnico di Torino, Italy
Antonio Lioy, Politecnico di Torino, Italy

A Novel Impact Analysis Approach for SDN-based Networks
Beny Nugraha, Technische Universität Chemnitz, Germany
Mehrdad Hajizadeh, Technische Universität Chemnitz, Germany
Trung V. Phan, Technische Universität Chemnitz, Germany
Thomas Bauschert, Technische Universität Chemnitz, Germany

Towards protected VNFs for multi-operator service delivery
Enio Marku, Norwegian Univ. of Science and Technology, Norway
Colin Boyd, Norwegian Univ. of Science and Technology, Norway
Gergely Biczók, Budapest Univ. of Technology and Economics, Hungary


10:30 a.m. – 11:00 a.m.
Coffee break


11:00 a.m. – 11:30 a.m.
Room: TBD

Keynote speech #1

On the security of Cyber Physical Systems for Smart, Circular cities
Vasilis Katos, Bournemouth University, UK
Abstract Many cities and their citizens are witnessing an unprecedented transformation attributed to the high penetration rate of digital technologies and services. The industry leaders racing for the establishment of the 5G standards and the high prioritisation of a sustainable growth agenda seem to be driving the evolution of the smart city paradigm. At the same time, Circular Economy is gaining the attention of major stakeholders (such as the European Commission) and policy makers. Circular Economy is defined as an economy that is restorative and regenerative by design, and which aims to keep products, components and materials at their highest utility and value at all times. In the modern, ICT-driven world, Circular Economy is expected to leverage the data generated and consumed by the assets in order to achieve a high utilisation. The term Data-Driven Circular Economy refers to the development of intelligent assets through the use of digital technologies such as IoT, networking as well as big data and AI to allow real-time decision making and optimisation in order to solve sustainability challenges. Inevitably, such systems are expected to expose a substantially large attack surface. In this talk we will explore through a number of use cases some representative security challenges in data-driven Circular Economy ecosystems in the context of smart cities.
Short BioVasilis Katos is Professor at Bournemouth University, Department of Computing and Informatics, . Vasilis obtained an MEng in Electrical Engineering from Democritus University of Thrace in Greece, an MBA from Keele University in the UK and a PhD in Computer Science (network security and cryptography) from Aston University. He is a certified Computer Hacking Forensic Investigator (CHFI) and ENISA's NIS expert. In a past life, he worked in the Industry as Information Security Consultant (for Novell). Vasilis' research falls in the area of digital forensics and incident response where he has also served as Expert Witness. He is actively involved in a number of funded research projects and in several national and international cyberdefence exercises. He has over 100 publications in journals, book chapters and conference proceedings and serves as a reviewer on several reputable conferences and journals (for example, IEEE Communications Letters, Computers & Security, IEEE Transactions in IoT, ACM Computing Surveys), has coordinated and delivered a number of workshops, both in an academic and a security professionals context. Vasilis is a member of the editorial board of Computers & Security. He is currently leading the development of Bournemouth University’s Computer Emergency and Response Team (BU-CERT).


11:30 a.m. – 12:30 p.m.
Room: TBD

PS – Situational awareness: EU funded projects

ASTRID – AddreSsing ThReats for virtualIseD services
Matteo Repetto, CNIT, Italy
AbstractThe growing adoption of cloud technologies and the trend to virtualise applications are inexorably re-shaping the traditional security paradigms, due to the increasing usage of infrastructures outside of the enterprise perimeter and shared with other users. The ASTRID project aims at shifting the detection and analysis logic outside of the service graph of virtualised services, by leveraging descriptive context models and their usage in ever smarter orchestration logic, hence shifting the responsibility for security, privacy, and trustworthiness from developers or end users to service providers.
Web site: https://www.astrid-project.eu/

CYBER-TRUST – Advanced Cyber-Threat Intelligence, Detection, and Mitigation Platform for a Trusted Internet of Things
Dimitris Kavallieros, Center for Security Studies, Greece
AbstractThe CYBER-TRUST project aims to develop an innovative cyber-threat intelligence gathering, detection, and mitigation platform to tackle the grand challenges towards securing the ecosystem of IoT devices. The proposed interdisciplinary approach will capture different phases of such emerging attacks, before and after known (even years old) or unknown (zero-day) vulnerabilities have been widely exploited by cyber-criminals to launch the attack. This intelligence information will be used to maintain accurate vulnerability profiles of IoT devices, in accordance with data protection, privacy, or other regulations, and optimally alter their attack surface to minimise the damage from cyber-attacks.
Web site: https://cyber-trust.eu/

SPEAR – Secure and PrivatE smArt gRid
Panagiotis Sarigiannidis, University of Western Macedonia, Greece
AbstractAs our society is becoming increasingly dependent on Critical INfrastructures (CIN), new technologies are needed to increase our detection and response capabilities. One of the most vulnerable and high-impact CIN is the Smart Grid. The SPEAR proposal aims at a) detecting and responding to cyber-attacks using new technologies and capabilities, b) detecting threat and anomalies timely, c) developing all-in-one security detection solutions, d) leveraging advanced forensics subject to privacy-preserving, e) confronting Advanced Persistent Threat (APT) and targeted attacks in smart grids, f) increasing the resilience of the smart grid innovation, g) alleviating the lack of trust in smart grid operators.
Web site: https://www.spear2020.eu/

REACT – Reactively Defending against Advanced Cybersecurity Threats
Elias Athanasopoulos, University of Cyprus, Cyprus
AbstractDespite the evolution of computer systems, current security defences – although they have been substantially improved in the last decade – seem not really enough to stop advanced cyber-attacks. We believe that the core of this problem is that cyber attackers are almost always one step ahead of the cyber security researchers and practitioners. Instead of following the cyber attackers, researchers should try to forecast where attackers will strike next and to use this information (i) to fortify potential targets to withstand the attack and (ii) to wire targets up with forensic hooks and make them “forensics ready”. To make all this possible at a reasonable performance cost, we propose selective fortification, a mechanism that combines traditional passive and active defence approaches into a new reactive mode of operation.
Web site: http://www.react-h2020.eu/

SHIELD – Securing against intruders and other threats through a NFV-enabled environment
Marco De Benedictis, Politecnico di Torino, Italy
AbstractThe SHIELD project proposes a universal solution for dynamically establishing and deploying virtual security infrastructures into ISP and corporate networks. SHIELD builds on the huge momentum of Network Functions Virtualisation (NFV), as currently standardised by ETSI, in order to virtualise security appliances into virtual Network Security Functions (vNSFs), to be instantiated within the network infrastructure using NFV technologies and concepts, effectively monitoring and filtering network traffic in a distributed manner. Logs and metrics from vNSFs are aggregated into an information-driven Data Analysis and Remediation Engine (DARE), which leverages state-of-the-art big data storage and analytics in order to predict specific vulnerabilities and attacks by analysing the network and understanding the adversary possibilities, behaviour and intent.
Web site: https://www.shield-h2020.eu/


12:30 p.m. – 1:30 p.m.
Lunch break


1:30 p.m. – 2:00 p.m.
Room: TBD

PS2 (cnt’d) – Poster session and open discussion

2:00 p.m. – 3:00 p.m.
Room: TBD

TS2 – Detection and investigation
Session Chair: Nicholas Kolokotronis, University of Peloponnese, Greece

Secure Edge Computing with Lightweight Control-Flow Property-based Attestation
Nikos Koutroumpouchos, University of Piraeus, Greece
Christoforos Ntantogian, University of Piraeus, Greece
Sofia-Anna Menesidou, Ubitech Ltd, Greece
Kaitai Liang, University of Surrey, UK
Panagiotis Gouvas, Ubitech Ltd, Greece
Christos Xenakis, University of Piraeus, Greece
Thanassis Giannetsos, Technical University of Denmark, Denmark

A Survey On Honeypots, Honeynets And Their Applications On Smart Grid
Christos Dalamagkas, University of Western Macedonia, Greece
Panagiotis Sarigiannidis, University of Western Macedonia, Greece
Dimosthenis Ioannidis, Center for Research and Technology Hellas, Greece
Eider Iturbe, Fundacion Tecnalia Research & Innovation, Spain
Odysseas Nikolis, Center for Research and Technology Hellas, Greece
Francisco Ramos, Schneider Electric, Spain
Erkuden Rios, Fundacion Tecnalia Research & Innovation, Spain
Antonios Sarigiannidis, Sidroco Holdings, Cyprus
Dimitrios Tzovaras, Center for Research and Technology Hellas, Greece


3:00 p.m. – 3:30 p.m.
Coffee break


3:30 p.m. – 4:00 p.m.
Room: TBD

Keynote speech #2

Title: 10 immutable security facts in 2019
Pascal Geenens, Radware, Israel
AbstractThe presentation deals on security topics around public cloud, cloud native, cloud based, automated threats, and IoT botnets. It will explain the latest threat landscape from the experience of one worldwide vendor of security solutions. Cloud native security is for those that develop/build microservice architectures or service meshes. Cloud based security is for anyone that is running infrastructure or applications in the cloud – many service providers have a cloud first strategy and start to move and refactor their applications for the cloud, there is also some chatter to run NFV as containers in the cloud. The analysis will also extend to 5G security which is mainly NFV/MEC based infrastructure. The outcome of the presentation are the next 10 facts:1. The Attack Surface of the Public Cloud is defined by Permissions – 2. The Insider thread of the Public Cloud is the Outsider – 3. HIDs, NIDs, and Flow Collectors are pointless for Securing Cloud-based Applications – 4. WAF does not keep up with Cloud Native Applications – 5. East-West Traffic is getting Encrypted – 6. Attackers are getting Automated – 7. Attacks are getting more Sophisticated – 8. APIs are the new Front-end – 9. Machine and Deep Learning.
Short BioAs the EMEA Cyber Security Evangelist for Radware, Pascal helps execute the company’s thought leadership on today’s security threat landscape. Pascal brings over two decades of experience in many aspects of Information Technology and holds a degree in Civil Engineering from the Free University of Brussels. As part of the Radware Security Research team Pascal develops and maintains the IoT honeypots and actively researches IoT malware. Pascal discovered and reported on BrickerBot, did extensive research on Hajime and follows closely new developments of threats in the IoT space and the applications of AI in cyber security and hacking. Prior to Radware, Pascal was a consulting engineer for Juniper working with the largest EMEA cloud and service providers on their SDN/NFV and data center automation strategies. As an independent consultant, Pascal got skilled in several programming languages and designed industrial sensor networks, automated and developed PLC systems, and lead security infrastructure and software auditing projects. At the start of his career, he was a support engineer for IBM’s Parallel System Support Program on AIX and a regular teacher and presenter at global IBM conferences on the topics of AIX kernel development and Perl scripting.


4:00 p.m. – 4:50 p.m.
Room: TBD

TS3 – Privacy and forensics
Session Chair: Christoforos Ntantogian, University of Piraeus, Greece

Data Protection by Design for cybersecurity systems in a Smart Home environment
Olga Gkotsopoulou, Vrije Universiteit Brussel, Belgium
Elisavet Charalambous, ADITESS Ltd., Cyprus
Konstantinos Limniotis, University of Peloponnese, Greece
Paul Quinn, Vrije Universiteit Brussel, Belgium
Dimitris Kavallieros, Center for Security Studies, Greece
Gohar Sargsyan, CGI, The Netherlands
Stavros Shiaeles, University of Plymouth, UK
Nicholas Kolokotronis, University of Peloponnese, Greece

Blockchain Solutions for Forensic Evidence Preservation in IoT Environments
Sotirios Brotsis, University of Peloponnese, Greece
Nicholas Kolokotronis, University of Peloponnese, Greece
Konstantinos Limniotis, University of Peloponnese, Greece
Stavros Shiaeles, Plymouth University, UK
Dimitris Kavallieros, Center for Security Studies, Greece
Emanuele Bellini, Mathema s.r.l., Italy
Clément Pavué, Scorechain S.A., Luxembourg


4:50 p.m. – 6:00 p.m.
Room: TBC

Panel – Smart infrastructures and cyber-security
AbstractAs more intelligent control and management paradigms are emerging for computing and networking, so new threats arise due to massive softwarization and young technologies, but new opportunities also stand out for new forms of smart protection, detection, and investigation, leveraging autonomicity and adaptability. The main purpose for the panel will be a constructive debate about the challenges and opportunities to apply recent software-defined networking and computing paradigms to fight cyber-threats, with the ambition to cover multiple domains: 5G and NFV, cloud computing, cyber-physical systems.
Panel Chair: Antonio Lioy, Politecnico di Torino, Italy
Panelists:
Pascal Geenens, security evangelist, Radware, Israel
Ludovic Jacquin, senior researcher, Hewlett Packard Labs, UK
Olivier Festor, director of TELECOM Nancy, France