5th International Workshop on Cyber-Security in Software-defined and Virtualized Infrastructures (SecSoft)

19 June 2023 // Madrid, Spain

FLUIDOS Logo PALANTIR Logo Sifis-home Logo ELECTRON Logo RIGOROUS Logo CATRIN Logo

Program

Monday, June 19th, 2023
The time shown in this schedule is the time in Madrid - Central Europe time zone (GMT+2)


8:30 a.m. – 9:00 a.m.
Registration / SETUP


9:00 a.m. – 9:20 a.m.
Opening
Session Chairs: Domenico Siracusa, Fondazione Bruno Kessler, Italy; Antonio Skarmeta, University of Murcia, Spain; Panagiotis Sarigiannidis, University of Western Macedonia, Greece


9:20 a.m. – 11:00 a.m.
Technical Session 1 – Threat and Intrusion Detection and Mitigation

Session Chair: Paola Grosso, University of Amsterdam, Netherlands

Information Leakages of Docker Containers: Characterization and Mitigation Strategies
Marco Zuppelli, CNR - IMATI, Italy
Matteo Repetto, CNR - IMATI, Italy
Luca Caviglione, CNR - IMATI, Italy
Enrico Cambiaso, CNR - IEIIT, Italy

Process Slicing: A New Mitigation Tool for Cyber-attacks against Softwarised Industrial Environments
Angel Gama Garcia, University of the West of Scotland, United Kingdom & Universidad de Alicante, Spain
Jose Maria Alcaraz Calero, University of the West of Scotland & School of Engineering and Computing, United Kingdom
Higinio Mora, Universidad de Alicante, Spain
Qi Wang,University of the West of Scotland, United Kingdom

A Model for Automated Cybersecurity Threat Remediation and Sharing
Francesco Settanni, Politecnico di Torino, Italy
Leonardo Regano, Politecnico di Torino, Italy
Cataldo Basile, Politecnico di Torino, Italy
Antonio Lioy, Politecnico di Torino, Italy

Service Templates to Emulate Network Attacks in Cloud-Native 5G Infrastructures
Matteo Repetto, CNR - IMATI, Italy

Enhancing Network Intrusion Detection: An Online Methodology for Performance Analysis
Simone Magnani, University of Genova & Fondazione Bruno Kessler, Italy
Roberto Doriguzzi-Corin, Fondazione Bruno Kessler, Italy
Domenico Siracusa, Fondazione Bruno Kessler, Italy


11:00 a.m. – 11:30 a.m.
Coffee Break


11:30 a.m. – 12:30 p.m.
Keynote speech

Session Chair: Riccardo Sisto, Politecnico di Torino, Italy

Keynote Title: Network and security in supply chains. A fable of mutual utility
Diego R. López, Telefónica I+D, Spain

Abstract – The concerns about the security of supply chains have grown in the recent years, as systems become more dependent on software, and the nature of software evolves including an increasing number of suppliers. There is a clear need for mechanisms supporting transparent registries, notarial interactions, and auditability. Network services constitute an essential foundation to properly address supply chain security, and there are a number of initiatives aiming at an open, distributed approach to support it, and even leveraging these approaches to include other kinds of supply chains, from food to manufactured goods. On the other hand, the current trends towards network virtualization and softwarization place networks themselves among the most relevant application scenarios for distributed supply chain security infrastructures.

Short Bio – Diego R. Lopez joined Telefonica I+D in 2011 as a Senior Technology Expert, and is currently in charge of the Technology Exploration activities within the GCTIO Unit. Before joining Telefónica he spent some years in the academic sector, dedicated to research on network services, and was appointed member of the High-Level Expert Group on Scientific Data Infrastructures by the European Commission. Diego is currently focused on applied research in network infrastructures, with a special emphasis on virtualization, data-driven management, new architectures, security, and quantum communications. Diego is an ETSI Fellow and chairs the ETSI ISGs ZSM (on network automation) and the NOC of ETSI ISG NFV. Apart from this, Diego is a more than acceptable Iberian ham carver, and extremely fond of seeking and enjoying comics, and good discussions on any (in)appropriate matter. More can be found at https://www.linkedin.com/in/dr2lopez/



12:30 p.m. – 1:10 p.m.
Technical Session 2 – Security Orchestration

Session Chair: Domenico Siracusa, Fondazione Bruno Kessler, Italy

Security automation for multi-cluster orchestration in Kubernetes
Daniele Bringhenti, Politecnico di Torino, Italy
Riccardo Sisto, Politecnico di Torino, Italy
Fulvio Valenza, Politecnico di Torino, Italy

By-default Security Orchestration on distributed Edge/Cloud Computing Framework
José M. Bernabé Murcia, University of Murcia, Spain
José F. Pérez Zarca, University of Murcia, Spain
Alejandro Molina Zarca, University of Murcia, Spain
Antonio Skarmeta, University of Murcia, Spain


1:10 p.m. – 2:30 p.m.
Lunch Break


2:30 p.m. – 3:30 p.m.
Technical Session 3 – Security Automation, Configuration and Verification

Session Chair: Antonio Skarmeta, University of Murcia, Spain

Automating the configuration of firewalls and channel protection systems in virtual networks
Daniele Bringhenti, Politecnico di Torino, Italy
Riccardo Sisto, Politecnico di Torino, Italy
Fulvio Valenza, Politecnico di Torino, Italy

Automated Placement of In-Network ACL Rules
Wafik Zahwa, University of Lorraine, France
Abdelkader Lahmadi, University of Lorraine, France
Michael Rusinowitch, University of Lorraine, France
Mondher Ayadi, Numeryx, Spain

Investigation of FlexAlgo for User-driven Path Control
Julia Kułacz, University of Amsterdam, Netherlands
Martyna Pawlus, University of Amsterdam, Netherlands
Leonardo Boldrini, University of Amsterdam, Netherlands
Paola Grosso, University of Amsterdam, Netherlands


3:30 p.m. – 4:30 p.m.
Cyber Security EU funded projects (Part I)
Session Chair: Matteo Repetto, CNR-IMATI, Italy

FLUIDOS – Flexible, scaLable, secUre, and decentralIseD Operating System
Domenico Siracusa, Fondazione Bruno Kessler, Italy

Abstract FLUIDOS (Flexible, scaLable, secUre, and decentralIseD Operating System) aims to leverage the enormous, unused processing capacity at the edge, scattered across heterogeneous edge devices that struggle to integrate with each other and to coherently form a seamless computing continuum.
Web site: https://www.fluidos.eu/



RIGOUROUS – secuRe desIGn and deplOyment of trUsthwoRthy cOntinUum computing 6G Services
Antonio Skarmeta, University of Murcia, Madrid

Abstract RIGOUROUS project aspires to identify and address the major cybersecurity, trust, and privacy risks, threatening the next generation of mobile networks, devices, computing infrastructure, and services. RIGOUROUS will address these challenges by introducing a new holistic and smart service framework leveraging new machine learning (ML) and artificial intelligence (AI) mechanisms, which can react dynamically to the ever-changing threat surface on all orchestration layers and network functions.
Web site: https://cordis.europa.eu/project/id/101095933




CATRIN - Controllable, Accountable, Transparent: the Responsible Internet
Paola Grosso, University of Amsterdam, Netherlands


Abstract CATRIN will startup the Responsible Internet, a novel security-by-design concept and extension to the Internet that enables higher levels of trust and sovereignty. It turns the Internet infrastructure from a black box into a ‘glass box’. The Responsible Internet addresses the problem of Digital Sovereignty. CATRIN integrates technology, economics, and policy research to deliver a first operational multi-operator Responsible Internet.
Web site: https://www.catrin.nl/



4:30 p.m. – 5:00 p.m.
Coffee Break


5:00 p.m. – 6:00 p.m.
Cyber Security EU funded projects (Part II)
Session Chair: Matteo Repetto, CNR-IMATI, Italy


PALANTIR - Practical Autonomous Cyberhealth for resilient SMEs & Microenterprises
Francesco Settanni, Politecnico di Torino, Italy

Abstract The rapid advances in digital technology necessitate finding ways to ensure digital security and help small and medium-sized enterprises (SMEs) recover from cyberattacks. The EU-funded PALANTIR project aims to implement a framework combining privacy assurance, data protection, incident detection and recovery aspects. The project will also focus on cyber-resilience and ensure the SMEs' compliance with the relevant data privacy and protection regulations. The outcomes of the project will provide those enterprises with security tools that will boost their resilience at a reasonable cost.
Web site: https://www.palantir-project.eu/




ELECTRON - rEsilient and seLf-healed EleCTRical pOwer Nanogrid
Panagiotis Sarigiannidis, University of Western Macedonia, Greece

Abstract The Electrical Power and Energy Systems (EPES) is a complex yet critical infrastructure that is also vulnerable to cyberattacks. Protecting these systems is vital for the smooth operation of sectors like transportation, communication, industry, finance, disaster, response, water and energy. In this context, the EU-funded ELECTRON project will address the need to shield against a variety of threats – from cybersecurity incidents and privacy violations to electricity disturbances and severe human errors caused by a lack of relevant training. Specifically, the project will develop a new-generation EPES platform capable of empowering the resilience of energy systems through risk assessment, anomaly detection/prevention, failure mitigation and energy restoration.
Web site: https://electron-project.eu/



6:00 p.m. – 6:20 p.m.
Closing
Session Chairs: Domenico Siracusa, Fondazione Bruno Kessler, Italy; Antonio Skarmeta, University of Murcia, Spain; Panagiotis Sarigiannidis, University of Western Macedonia, Greece