6th International Workshop on Cyber-Security in Software-defined and Virtualized Infrastructures (SecSoft)

28 June 2024 // St. Louis, USA



Friday, June 28th, 2024
The time shown in this schedule is the time in St. Louis (GMT-5)

8:30 a.m. – 9:00 a.m.
Registration / SETUP

9:00 a.m. – 9:20 a.m.

9:20 a.m. – 10:30 p.m.
Keynote speech

Session Chair: Fulvio Valenza, Politecnico di Torino, Italy

Keynote Title: Securing Smart Grid Resources via Knowledge-driven Threat Modeling, Analysis, and Mitigation
Prasad Calyam , University of Missouri-Columbia and Mizzou CERI, USA

Abstract – Smart grid resources present unique cybersecurity challenges due to their digital control systems and network connectivity across the grid. They can be subject to cyber attacks that can disrupt grid operations and stability, compromise data, or cause physical damage to equipment. To address these challenges, it is essential to establish robust cybersecurity measures that meet and exceed existing industry standards. In this talk, a knowledge-driven strategy to bolster the cybersecurity of exemplar and emerging inverter-based resources will be discussed. Specifically, a framework for knowledge-driven analysis consisting of a fusion of knowledge graphs in cybersecurity and the electric grid will be presented to guide informed decision-making for threat mitigation. The talk will conclude with a futuristic vision of next-generation cybersecurity where intelligent agents utilize knowledge bases and game strategies to defend smart grid systems autonomously, with minimal or no human intervention.
Short Bio – Prasad Calyam is the Greg L. Gilliom Professor of Cybersecurity in the Department of Electrical Engineering and Computer Science at University of Missouri-Columbia, and Director of the Center for Cyber Education, Research and Infrastructure (Mizzou CERI). His research and development areas of interest include: Cloud Computing, Machine Learning, Artificial Intelligence, Cyber Security, and Advanced Cyberinfrastructure. Previously, he was a research director at the Ohio Supercomputer Center at The Ohio State University. He has published over 200 peer-reviewed papers in various conference and journal venues. As the Principal Investigator, he has successfully led teams of graduate, undergraduate and postdoctoral fellows in Federal, State, University and Industry sponsored R&D projects totaling over $30 Million. His research sponsors include: National Science Foundation (NSF), Department of Energy (DOE), National Security Agency (NSA), Department of State (DOS), Army Research Lab (ARL), VMware, Cisco, Raytheon-BBN, Dell, Verizon, IBM and others. His basic research and software on multi-domain network measurement and monitoring has been commercialized as ‘Narada Metrics’. He is a Senior Member of IEEE. He currently serves as an Associate Editor for IEEE Transactions on Network and Service Management.

10:30 a.m. – 11:00 a.m.
Coffee Break

11:00 a.m. – 12:30 p.m.
Technical Session 1 – Threat and Intrusion Detection and Mitigation

Session Chair: Antonio Matencio Escolar, University of the West of Scotland, UK

Online Learning and Model Pruning Against Concept Drifts in Edge Devices
Simone Magnani, University of Genova & Fondazione Bruno Kessler, Italy
Seshu Tirupathi, IBM Research, Ireland
Roberto Doriguzzi-Corin, Fondazione Bruno Kessler, Italy
Liubov Nedoshivina, IBM Research, Ireland
Stefano Braghin, IBM Research, Ireland
Domenico Siracusa, Fondazione Bruno Kessler, Italy

Resource-Efficient Federated Learning for Network Intrusion Detection
Roberto Doriguzzi-Corin, Fondazione Bruno Kessler, Italy
Silvio Cretti, Fondazione Bruno Kessler, Italy
Domenico Siracusa, Fondazione Bruno Kessler, Italy

Explainable AI for Process-Aware Attack Detection in Industrial Control Systems
Léa Astrid Kenmogne, Grenoble-INP- & UGA, France
Mocanu StéphaneLaboratoire D'Informatique de Grenoble, France

DDoS Mitigation while Preserving QoS: A Deep Reinforcement Learning-Based Approach
Shurok Khozam, Télécom SudParis & Institut Polytechnique de Paris, France
Gregory Blanc, Télécom SudParis & Institut Polytechnique de Paris, France
Sebastien Tixeuil, Sorbonne University & LIP6, France
Eric Totel, Télécom SudParis & Institut Polytechnique de Paris, France

12:30 p.m. – 1:30 p.m.
Lunch Break

1:30 p.m. – 3:00 p.m.
Technical Session 2 – Attack Mitigation and Defense Mechanisms

Session Chair: Gregory Blanc, Télécom SudParis & Institut Polytechnique de Paris, France

Self-reconfiguration of industrial control systems as a response to cyberattacks
Jolahn Vaudey, Université Grenoble Alpes, France
Mocanu Stéphane, Laboratoire D'Informatique de Grenoble, France
Eric P. Rutten, INRIA Grenoble, France
Gwanaël Delaval, INRIA Rhône-Alpes, France

An intent-based solution for network isolation in Kubernetes
Francesco Pizzato, Politecnico di Torino, Italy
Daniele Bringhenti, Politecnico di Torino, Italy
Riccardo Sisto, Politecnico di Torino, Italy
Fulvio Valenza, Politecnico di Torino, Italy

Network slicing as 6G security mechanism to mitigate cyber-attacks: the RIGOUROUS approach
Antonio Matencio Escolar, University of the West of Scotland, UK
Jorge Bernal Bernabe, University of Murcia, Spain
Jose Maria Alcaraz Calero, University of the West of Scotland & School of Engineering and Computing, UK
Qi Wang, University of the West of Scotland, UK
Antonio Fernando Skarmeta Gomez, University of Murcia, Spain

Vulnet: Learning Navigation in an Attack Graph
Enzo D'Andrea, INRIA, France
Jérôme François, INRIA Nancy Grand Est & University of Luxembourg, France & Luxembourg
Abdelkader Lahmadi, University of Lorraine, France
Olivier Festor, INRIA Nancy, France

3:00 p.m. – 3:30 p.m.
Coffee Break

3:30 p.m. – 3:55 p.m.
Technical Session 3 – Attack Propagation

Session Chair: Reza Tourani, Saint Louis University, US

How Fast do Malwares Leveraging EternalBlue Propagate? The case of WannaCry and NotPetya
Anh Do Duc Nguyen, IMT Atlantique, France
Pierre Alain, SOTERN - IRISA & Université de Rennes, France
Fabien Autrel, IMT Atlantique, France
Ahmed Bouabdallah, IMT Atlantique, France
Jérôme François, INRIA Nancy Grand Est & University of Luxembourg, France & Luxembourg
Guillaume Doyen, IMT Atlantique, France

3:55 p.m. – 4:40 p.m.
Cyber Security funded projects
Session Chair: TBD

FLUIDOS – Flexible, scaLable, secUre, and decentralIseD Operating System
Abstract FLUIDOS (Flexible, scaLable, secUre, and decentralIseD Operating System) aims to leverage the enormous, unused processing capacity at the edge, scattered across heterogeneous edge devices that struggle to integrate with each other and to coherently form a seamless computing continuum.
Web site: https://www.fluidos.eu/

RIGOUROUS – secuRe desIGn and deplOyment of trUsthwoRthy cOntinUum computing 6G Services
Abstract RIGOUROUS project aspires to identify and address the major cybersecurity, trust, and privacy risks, threatening the next generation of mobile networks, devices, computing infrastructure, and services. RIGOUROUS will address these challenges by introducing a new holistic and smart service framework leveraging new machine learning (ML) and artificial intelligence (AI) mechanisms, which can react dynamically to the ever-changing threat surface on all orchestration layers and network functions.
Web site: https://rigourous.eu/

Abstract - The SuperviZ project is part of the "system security" axis of the PEPR cybersecurity program. It addresses the field of "system, software and network security". More precisely, it targets the detection, response and remediation to computer attacks, subjects grouped under the name of "security supervision". The digitization of all infrastructures makes it almost impossible today to secure all systems a priori, as it is too complex and too expensive. Supervision seeks to reinforce preventive security mechanisms and to compensate for their inadequacies.
Web site: https://superviz.inria.fr/

4:40 p.m. – 5:00 p.m.