3rd International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures (SecSoft)

2 July 2021 // Tokyo, Japan



Friday, July 2nd, 2021
The time shown in this schedule is the time in Tokyo, Japan (GMT+9)

1:00 p.m. – 1:30 p.m.
Registration / SETUP

1:30 p.m. – 1:40 p.m.
Welcome Session
Session Chair: Fulvio Valenza, Politecnico di Torino, Italy

1:40 p.m. – 2:55 p.m.
Technical Session 1 – Machine Learning techniques for Attack Detection
Session Chair:  Jorg Keller, FernUniversitat in Hagen, Germany

DDoS Attack Detection and Mitigation in SDN using Machine Learning
Fatima Khashab, Carole Bassil, Lebanese University, Lebanon
Joanna Moubarak, Saint Joseph University of Beirut, Lebanon
Antoine Feghali, Potech Labs, Lebanon

Evaluating ML-based DDoS Detection with Grid Search Hyperparameter Optimization
Odnan Ref Sanchez, Raffaele Bolla, University of Genoa, Italy
Matteo Repetto, CNR - IMATI, Italy
Alessandro Carrega, CNIT - S3ITI, Italy

Intrusion Detection using Network Traffic Profiling and Machine Learning for IoT
Joseph Rose, Matthew Swann, Stavros Shiaeles, Gueltoum Bendiab, University of Portsmouth, UK
Nicholas Kolokotronis, University of Peloponnese, Greece

2:55 p.m. – 3:05 p.m.

3:05 p.m. – 4:20 p.m.
Technical Session 2 – Network Traffic Analysis
Session Chair: Thanassis Giannetsos, Technical University of Denmark, Denmark

Transforming Network Traces to Virtual Networks
Daniel Spiekermann, Polizeiakademie Niedersachsen, Germany
Jorg Keller, FernUniversitat in Hagen, Germany

Leveraging the 5G architecture to mitigate amplification attacks
Matteo Repetto, CNR - IMATI, Italy
Alessandro Carrega, CNIT - S3ITI, Italy
Guerino Lamanna, Infocom Srl, Italy
Jaloliddin Yusupov, Turin Polytechnic University in Tashkent, Uzbekistan
Orazio Toscano, Gianmarco Bruno, Michele Nuovo, Marco Cappelli, Ericsson Telecomunicazioni, Italy

Code Augmentation for Detecting Covert Channels Targeting the IPv6 Flow Label
Luca Caviglione, Matteo Repetto, Marco Zuppelli, CNR - IMATI, Italy
Wojciech Mazurczyk, Andreas Schaffhauser, FernUniversitat in Hagen, Germany

4:20 p.m. – 4:30 p.m.

4:30 p.m. – 5:45 p.m.
Technical Session 3 – Security Models and Trust Schemes
Session Chair: Nicholas Kolokotronis, University of Peloponnese, Greece

A novel approach for security function graph configuration and deployment
Daniele Bringhenti, Guido Marchetto, Riccardo Sisto, Fulvio Valenza, Politecnico di Torino, Italy

A Dynamic Recommendation-based Trust Scheme for the Smart Grid
Dimitrios Pliatsios, Panagiotis Sarigiannidis, George F. Fragulis, University of Western Macedonia, Greece
Apostolos Tsiakalos, Dimitrios Margounakis, Sidroco Holdings Ltd, Cyprus

Impacts of Service Decomposition Models on Security Attributes: A Case Study with 5G Network Repository Function
Shanay Behrad, Cao-Thanh Phan, B-com Institute of Research and Technology, France
David Espes, Université de Bretagne Occidentale, France
Philippe Bertin, Orange Labs B-com, France

5:45 p.m. – 5:55 p.m.

5:55 p.m. – 7:05 p.m.
Keynote speech

Session Chair: Riccardo Sisto, Politecnico di Torino, Italy

Adversaries in the Network
Sandra Scott-Hayward, Queen's University Belfast, Belfast, United Kingdom

Abstract – The communication networks on which we rely for so many aspects of our daily lives are constantly under attack. This is increasingly the case as we have adapted to remote working, schooling, health service provision etc. The emergence of technologies such as Software-Defined Networking (SDN), Network Functions Virtualization (NFV), and Multi-Access Edge Computing (MEC) enable innovation in network security, but these technologies create additional attack surfaces. Dramatic advances in Machine Learning (ML) and Artificial Intelligence (AI) techniques are influencing security services and design for security, but they can also be exploited to produce sophisticated attacks.
Short Bio – Sandra Scott-Hayward is a Lecturer (Assistant Professor) with the School of Electronics, Electrical Engineering and Computer Science, and a Member of the Centre for Secure Information Technologies at Queen's University Belfast (QUB). She began her career in industry and became a Chartered Engineer in 2006 having worked as a Systems Engineer and Engineering Group Leader with Airbus. Since joining academia, she has published a series of IEEE/ACM papers on security designs and solutions for softwarized networks based on her research on the development of network security architectures and security functions for emerging networks. She received Outstanding Technical Contributor and Outstanding Leadership awards from the Open Networking Foundation in 2015 and 2016, respectively, having been elected and serving as the Vice-Chair of the ONF Security Working Group from 2015 to 2017. Amongst many other service memberships, she was the TPC Co-Chair for IEEE NFV-SDN 2020 and is an Associate Editor of IEEE Transactions on Network and Service Management. She is Director of the QUB Academic Centre of Excellence in Cyber Security Education (ACE-CSE), one of the first universities to be awarded this recognition by the U.K. National Cyber Security Centre.

7:05 a.m. – 8:35 p.m.
Dinner/Lunch Break

8:35 p.m. – 10:20 p.m.
Cyber Security EU funded projects

ASTRID – AddreSsing ThReats for virtualIseD services
Matteo Repetto, CNR-IMATI, Italy

AbstractThe growing adoption of cloud technologies and the trend to virtualise applications are inexorably re-shaping the traditional security paradigms, due to the increasing usage of infrastructures outside of the enterprise perimeter and shared with other users. The ASTRID project aims at shifting the detection and analysis logic outside of the service graph of virtualised services, by leveraging descriptive context models and their usage in ever smarter orchestration logic, hence shifting the responsibility for security, privacy, and trustworthiness from developers or end users to service providers.
Web site: https://www.astrid-project.eu/

CYBER-TRUST – Advanced Cyber-Threat Intelligence, Detection, and Mitigation Platform for a Trusted Internet of Things
Nicholas Kolokotronis, University of Peloponnese, Greece

AbstractThe CYBER-TRUST project aims to develop an innovative cyber-threat intelligence gathering, detection, and mitigation platform to tackle the grand challenges towards securing the ecosystem of IoT devices. The proposed interdisciplinary approach will capture different phases of such emerging attacks, before and after known (even years old) or unknown (zero-day) vulnerabilities have been widely exploited by cyber-criminals to launch the attack. This intelligence information will be used to maintain accurate vulnerability profiles of IoT devices, in accordance with data protection, privacy, or other regulations, and optimally alter their attack surface to minimise the damage from cyber-attacks.
Web site: https://cyber-trust.eu/

SPEAR – Secure and PrivatE smArt gRid
Panagiotis Sarigiannidis, University of Western Macedonia, Greece

AbstractInformation and Communication Technologies (ICT) evolve the conventional electrical grid into the Smart Grid (SG) that provides several advantages and features. Nevertheless, the integration of ICT increases the attack surface of this domain, generating new potential cyberthreats. This paper introduces the Secure and PrivatE smArt gRid (SPEAR) architecture, which constitutes an integrated solution aiming at protecting SG, by enhancing situational awareness, detecting timely cyberattacks, collecting appropriate forensic evidence and providing an anonymous cybersecurity information-sharing mechanism. Moreover, the paper presents how the ARCADE methodology was adopted and used for designing and developing the SPEAR architecture. The components of the SPEAR architecture are introduced and discussed in terms of technical and integration details. Moreover, the technology behind each component is presented in a comparative way compared to the state of art, the current constrains, and the component functionalities.
Web site: https://www.spear2020.eu/

SIMARGL – Secure Intelligent Methods for Advanced Recognition of Malware and Stegomalware
Joerg Keller, FernUniversitat in Hagen, Germany

Abstract SIMARGL is a project co-funded by the European Commission under Horizon 2020 programme, to combat the pressing problem of malware. It aims to tackle the new challenges in the cybersecurity field, including information hiding methods, network anomalies, stegomalware, ransomware and mobile malware.
Web site: https://simargl.eu/

GUARD – Guarantee Reliability and trust for Digital service chains
Antonino Albanese, Italtel, Italy

Abstract Evolving business models are progressively reshaping the scope and structure of ICT services, with massive introduction of virtualization paradigms and tight integration with the physical environment. Agile composition of digital resources and services into complex business service chains undoubtedly brings more agility in service deployment and operation but also introduces security and privacy concerns that have not been addressed in a satisfactory way yet. In this context, GUARD develops an open and extensible platform for advanced assurance and protection of trustworthy and reliable business chains spanning multiple administrative domains and heterogeneous infrastructures.
Web site: https://guard-project.eu/

PALANTIR - Practical Autonomous Cyberhealth for resilient SMEs & Microenterprises
Antonio Lioy, Politecnico di Torino, Italy

Abstract The rapid advances in digital technology necessitate finding ways to ensure digital security and help small and medium-sized enterprises (SMEs) recover from cyberattacks. The EU-funded PALANTIR project aims to implement a framework combining privacy assurance, data protection, incident detection and recovery aspects. The project will also focus on cyber-resilience and ensure the SMEs' compliance with the relevant data privacy and protection regulations. The outcomes of the project will provide those enterprises with security tools that will boost their resilience at a reasonable cost.
Web site: https://www.palantir-project.eu/

Sotiris Koussouris, SUITE5, Cyprus

Abstract Big Data lay at the core of the strong data economy that is emerging in Europe. Although both large enterprises and SMEs acknowledge the potential of Big Data in disrupting the market and business models, this is not reflected in the growth of the data economy. The lack of trusted, secure, ethical-driven personal data platforms and privacy-aware analytics, hinders the growth of the data economy and creates concerns. The main considerations are related to the secure sharing of personal and proprietary/industrial data, and the definition of a fair renumeration mechanism that will be able to capture, produce, release and cash out the value of data, always for the benefit of all the involved stakeholders. DataVaults aims to address this kind of concerns that pertain privacy, ethics and intellectual property rights , by allowing individuals to take ownership and control of their data and share them at will, through flexible data sharing and fair compensation schemes with other entities (companies or not).
Web site: https://www.datavaults.eu/

Athanasios Giannetsos, Danmarks Tekniske Universitet, Denmark

Abstract Automation in industry, connected cars and critical infrastructure observation with drones are some of the benefits associated with advanced technologies. However, these applications require more properties that can guaranty safety, including real-time reaction, secure and effective data protection and management, and industry-specific safety guidelines as well as energy efficiency. The RAINBOW project will plan and develop an open and secured fog computing platform that will advance the management of extensible, diverse and safe IoT services and cross-cloud applications. The project envisages extending fog computing to its real potential by supplying the development, composition, data and network management to reach secure end-applications.
Web site: https://rainbow-h2020.eu/

10:20 p.m. – 10:30 p.m.
Session Chair: Fulvio Valenza, Politecnico di Torino, Italy