1st International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures (SecSoft 2019)
Website: SecSoft 2019
June 24, 2019 – Full Day
Room: Room November
9:00 a.m. – 9:10 a.m.
Welcome Session
Session Chair: Matteo Repetto, CNIT, Italy
9:10 a.m. – 10:30 a.m.
TS1 – Cyber-security in NFV/SDN
Session Chair: Panagiotis Sarigiannidis, University of Western Macedonia, Greece
A proposal for trust monitoring in a Network Functions Virtualization Infrastructure
Marco De Benedictis, Politecnico di Torino, Italy
Antonio Lioy, Politecnico di Torino, Italy
A Novel Impact Analysis Approach for SDN-based Networks
Beny Nugraha, Technical University of Chemnitz, Germany
Mehrdad Hajizadeh, Technical University of Chemnitz, Germany
Trung V. Phan, Technical University of Chemnitz, Germany
Thomas Bauschert, Technical University of Chemnitz, Germany
Towards protected VNFs for multi-operator service delivery
Enio Marku, NTNU, Norway
Gergely Biczók, Budapest University of Technology and Economics, Hungary
Colin Boyd, NTNU, Norway
10:30 a.m. – 11:00 a.m.
Coffee break
11:00 a.m. – 11:30 a.m.
Keynote speech #1
On the security of Cyber Physical Systems for Smart, Circular cities
Vasilis Katos, Bournemouth University, UK
11:30 a.m. – 12:30 p.m.
Poster Session – Situational awareness: EU funded projects
ASTRID – AddreSsing ThReats for virtualIseD services
Matteo Repetto, CNIT, Italy
Scope – The growing adoption of cloud technologies and the trend to virtualize applications are inexorably re-shaping the traditional security paradigms, due to the increasing usage of infrastructures outside of the enterprise perimeter and shared with other users. The ASTRID project aims at shifting the detection and analysis logic outside of the service graph of virtualized services, by leveraging descriptive context models and their usage in ever smarter orchestration logic, hence shifting the responsibility for security, privacy, and trustworthiness from developers or end users to service providers.
Web site: https://www.astrid-project.eu/
CYBER-TRUST – Advanced Cyber-Threat Intelligence, Detection, and Mitigation Platform for a Trusted Internet of Things
Dimitris Kavallieros, Center for Security Studies, Greece
Scope – The CYBER-TRUST project aims to develop an innovative cyber-threat intelligence gathering, detection, and mitigation platform to tackle the grand challenges towards securing the ecosystem of IoT devices. The proposed interdisciplinary approach will capture different phases of such emerging attacks, before and after known (even years old) or unknown (zero-day) vulnerabilities have been widely exploited by cyber-criminals to launch the attack. This intelligence information will be used to maintain accurate vulnerability profiles of IoT devices, in accordance with data protection, privacy, or other regulations, and optimally alter their attack surface to minimize the damage from cyber-attacks.
Web site: https://cyber-trust.eu/
SPEAR – Secure and PrivatE smArt gRid
Panagiotis Sarigiannidis, University of Western Macedonia, Greece
Scope – As our society is becoming increasingly dependent on Critical INfrastructures (CIN), new technologies are needed to increase our detection and response capabilities. One of the most vulnerable and high-impact CIN is the Smart Grid. The SPEAR proposal aims at a) detecting and responding to cyber-attacks using new technologies and capabilities, b) detecting threat and anomalies timely, c) developing all-in-one security detection solutions, d) leveraging advanced forensics subject to privacy-preserving, e) confronting Advanced Persistent Threat (APT) and targeted attacks in smart grids, f) increasing the resilience of the smart grid innovation, g) alleviating the lack of trust in smart grid operators.
Web site: https://www.spear2020.eu/
REACT – Reactively Defending against Advanced Cybersecurity Threats
Elias Athanasopoulos, University of Cyprus, Cyprus
Scope – Despite the evolution of computer systems, current security defences – although they have been substantially improved in the last decade – do not seem not really efficient enough to stop advanced cyber-attacks. We believe that the core of this problem is that cyber attackers are almost always one step ahead of the cyber security researchers and practitioners. Instead of following the cyber attackers, researchers should try to forecast where attackers will strike next and to use this information (i) to fortify potential targets to withstand the attack and (ii) to wire targets up with forensic hooks and make them “forensics ready”. To make all this possible at a reasonable performance cost, we propose selective fortification, a mechanism that combines traditional passive and active defence approaches into a new reactive mode of operation.
Web site: http://www.react-h2020.eu/
SHIELD – Securing against intruders and other threats through a NFV-enabled environment
Antonio Lioy, Politecnico di Torino, Italy
Topic – The SHIELD project proposes a universal solution for dynamically establishing and deploying virtual security infrastructures into ISP and corporate networks. SHIELD builds on the huge momentum of Network Functions Virtualisation (NFV), as currently standardized by ETSI, in order to virtualize security appliances into virtual Network Security Functions (vNSFs), to be instantiated within the network infrastructure using NFV technologies and concepts, effectively monitoring and filtering network traffic in a distributed manner. Logs and metrics from vNSFs are aggregated into an information-driven Data Analysis and Remediation Engine (DARE), which leverages state-of-the-art big data storage and analytics in order to predict specific vulnerabilities and attacks by analyzing the network and understanding the adversary possibilities, behavior and intent.
Web site: https://www.shield-h2020.eu/
12:30 p.m. – 1:30 p.m.
Lunch break
1:30 p.m. – 2:00 p.m.
Poster Session (cont’d) – Poster session and open discussion
2:00 p.m. – 3:00 p.m.
TS2 – Detection and investigation
Session Chair: Nicholas Kolokotronis, University of Peloponnese, Greece
Secure Edge Computing with Lightweight Control-Flow Property-based Attestation
Nikolaos Koutroumpouchos, University of Piraeus, Greece
Christoforos Ntantogian, University of Piraeus, Greece
Sofia Anna Menesidou, Ubitech Ltd, Greece
Kaitai Liang, University of Surrey, United Kingdom
Panagiotis Gouvas, Ubitech Ltd, Greece
Christos Xenakis, University of Piraeus, Greece
Thanassis Giannetsos, Technical University of Denmark, Denmark
A Survey on Honeypots, Honeynets And Their Applications On Smart Grid
Christos Dalamagkas, , University of Western Macedonia, Greece
Panagiotis Sarigiannidis, University of Western Macedonia, Greece
Dimosthenis Ioannidis, Information Technologies Institute, Greece
Eider Iturbe, Tecnalia, Spain
Odysseas Nikolis, Information Technologies Institute, Greece
Francisco Ramos, Schneider-Electric, Spain
Erkuden Rios, Tecnalia, Spain
Antonis Sarigiannidis, Aristotle University of Thessaloniki, Greece
Dimitrios Tzovaras, Information Technologies Institute, Greece
3:00 p.m. – 3:30 p.m.
Coffee break
3:30 p.m. – 4:00 p.m.
Keynote speech #2
10 immutable security facts in 2019
Pascal Geenens, Radware, Israel
4:00 p.m. – 4:50 p.m.
TS3 – Privacy and forensics
Session Chair: Christoforos Ntantogian, University of Piraeus, Greece
Data Protection by Design for cybersecurity systems in a Smart Home environment
Olga Gkotsopoulou, Vrije Universiteit Brussel, Belgium
Elisavet Charalambous, ADITESS Ltd, Cyprus
Konstantinos Limniotis, University of Peloponnese, Greece
Paul Quinn, Vrije Universiteit Brussel, Belgium
Dimitrios Kavallieros, Center for Security Studies, Greece
Gohar Sargsyan, CGI, The Netherlands
Stavros Shiaeles, University of Plymouth, United Kingdom
Nicholas Kolokotronis, University of Peloponnese, Greece
Blockchain Solutions for Forensic Evidence Preservation in IoT Environments
Sotirios Brotsis, University of Peloponnese, Greece
Nicholas Kolokotronis, University of Peloponnese, Greece
Konstantinos Limniotis, University of Peloponnese, Greece
Stavros Shiaeles, University of Plymouth, United Kingdom
Dimitrios Kavallieros, Center for Security Studies, Greece
Emanuele Bellini, Mathema & Khalifa University, Italy
Clement Pavué, Scorechain SA., Luxembourg
4:50 p.m. – 6:00 p.m.
Panel – Smart infrastructures and cyber-security
Panel Chair: Antonio Lioy, Politecnico di Torino, Italy
Rationale: As more intelligent control and management paradigms are emerging for computing and networking, so new threats arise due to massive softwarization and young technologies, but new opportunities also stand out for new forms of smart protection, detection, and investigation, leveraging autonomicity and adaptability. The main purpose for the panel will be a constructive debate about the challenges and opportunities to apply recent software-defined networking and computing paradigms to fight cyber-threats, with the ambition to cover multiple domains: 5G and NFV, cloud computing, cyber-physical systems.
Panel Moderator: Antonio Lioy, Politecnico di Torino, Italy
Panel Members:
- Pascal Geenens, Radware, Israel
- Ludovic Jacquin, Hewlett Packard Labs, UK
- Olivier Festor, TELECOM Nancy, France