Difference between revisions of "AFSecurity Seminar"

From mn/ifi/AFSecurity
Jump to: navigation, search
Line 1: Line 1:
== Cybersecurity Challenges ==
+
== Machine Learning in Cybersecurity ==
  
'''DATE:'''  Monday 4 December 2017
+
'''DATE:'''  Friday 9 February 2018
  
'''LOCATION:'''   Lille Aud, Kristen Nygaard's House (Old IFI Building).  
+
'''LOCATION:'''   Kristen Nygaards sal (room 5370), Ole Johan Dahl's House.  
  
'''AGENDA:'''
+
'''TITLE:''' ''Research Challenges for Applying Machine Learning in Cybersecurity'', 
  
14:00h Welcome at IFI
+
'''SPEAKER:''' Fabio Massimo Zennaro
  
14:15h Invited Talks:
+
'''ABSTRACT:'''
 +
This talk provides an overview of some topics at the intersection of cybersecurity and machine learning with the aim of illustrating the possibilities offered by machine learning and surveying recent promising lines of research at the border between the two disciplines. The first part of the talk gives a brief introduction to machine learning from a conceptual point of view. The second part then explores research topics in three main domains: applications of machine learning to security; security aspects of machine learning; and, finally, safety concerns related to machine learning.
  
* '''The Usual Insecurity of Things''',&nbsp; ''Keith Martin'',&nbsp; ''Prof. at Royal Holloway College, University of London.''<br/> While the Internet of Things is used to describe a host of new lightweight technologies, when it comes to security it pays to focus less on the novelty of IoT, and more on what IoT applications have in common with previous technologies that have learned about security the hard way (by first getting it wrong). It's time to go back to basics, and reflect on what security means in cyberspace. Only once this is understood, can we hope to secure any type of application that resides there.
+
'''SPEAKER BIO:'''
* '''System-wide Probabilistic Vulnerability Assessment Using Attack Graphs''',&nbsp; ''Mathias Eckstedt'',&nbsp; ''Prof. at Royal Institute of Technology (KTH), Stockholm.''<br />IT-systems are today highly complex and interconnected into large systems-of-systems. With the ongoing digitalization systems are becoming even more all encompassing and integrated. Ensuring a high-level of security in such system environments is a challenge that thus requires a holistic approach addressing multiple and a diverse set of attack surfaces and potential attack vectors. This presentation describes previous and ongoing work with combining probabilistic attack graphs and system architecture modelling as a means to produce design and maintenance support for security engineering of system architectures.
+
Fabio Massimo Zennaro is a PostDoc researcher in security group of the Informatics Department at UiO, working on the Oslo Analytics project. He holds a PhD in machine learning from the University of Manchester.  
* '''Cybersecurity in the Norwegian Energy Sector''',&nbsp; ''Janne Hagen'',&nbsp; ''Chief Engineer at the Norwegian Water Resources and Energy Directorate (NVE).''<br />Norway has been awarded the title as being one of the world’s most digitized countries. However, with technological innovation comes cyber risks. In 2015, the Norwegian Digital Vulnerability Committee assessed the Norwegian society's digital vulnerabilities and recommended how the government could improve and coordinate emergency preparedness in the digitalized society. NVE has recently evaluated and reviewed current regulation on cyber security in the energy sector. A huge dilemma is that digital innovations, like for instance smart cities and more automation, impose new cyber risks and challenge the trustworthiness of digital systems. The presentation outlines Norway’s position with emphasis on protection of the energy sector against cyber threats and digital risks.
 
* '''Improving Cybersecurity by Building Security Into your Devops Pipeline''',&nbsp; ''Tord Persokrud'',&nbsp; ''Chief Security Analyst at Conax.''<br />As we are moving towards faster release cycles for products and services it is important to integrate tools and practices into your development process to create hacker-resistant software. Not everyone can afford to run a fully-fledged Secure Developement Lifecycle program with one security guy per developer. In Conax we have defined a more minimal approach and I will share some experiences and ideas from how we have approached this challenge.
 
* '''Defending Critical Infrastructure from Espionage and Sabotage''',&nbsp; ''Frode Hommedal'',&nbsp; ''Head of Telenor SOC and CERT.''<br />This presentation is about how you can structure your analysis to increase the chances of success when attempting to evict an advanced attacker. It's my thoughts on how to think when deciding how and when to respond and attempt to evict a mission driven attacker from your infrastructure. This is a continuation of my previous work on the Cyber Threat Intelligence Matrix.  
 
  
16:00h Panel and Discussion<br />
+
'''AGENDA:'''
Chair: ''Audun Jøsang''
+
 
 +
14:00h Welcome at IFI
  
 +
14:15h Invited talk
  
'''SPEAKER BIOS:'''
+
15:00h Discussion
* '''Keith Martin''' is Professor and a former Director of the Information Security Group at Royal Holloway College, University of London.
 
* '''Mathias Ekstedt''' is Professor in Industrial Information and Control Systems at KTH Royal Institute of Technology, Sweden. His research interests include software, systems, and enterprise architecture modeling and analyses with respect to information and cyber security. In particular the research is applied in the power industry and information systems related to physical monitoring and control. He is currently engaged in the EU FP7 project SEGRID (security for smart electricity grids) and the nationally funded Resilient Information and Control Systems (RICS) center. He is also co-founder of foreseeti, a start-up company developing a tool for cyber security modeling and analysis.
 
* '''Janne Hagen''' is Chief Security Engineer at the Norwegian Water Resources and Energy Directorate which is responsible for the national power grid. She previously worked as researcher at the Norwegian Defence Research Establishment. 
 
* '''Tord Persokrud''' works as Chief Security Analyst at Conax AS which develops technology and operates services that enable secure content revenues for 400 operators representing 140 million pay-TV consumers in 85 countries globally over broadcast, broadband and connected devices.
 
* '''Frode Hommedal''' is a senior incident responder and analyst. He is currently head of incident response and security analytics at Telenor CERT, where he’s part of the team that is establishing the global CERT/SOC capability of Telenor, Norway’s biggest telco, with over 200 million customers and presence in South-East Asia, Easter Europe and the Nordics. He has previously worked seven years for the Norwegian national CSIRT, NorCERT, mostly with targeted intrusions. One of Frode’s main interests is modelling CSIRTs to improve performance.
 
  
 
{| border="0" cellpadding="1" cellspacing="1" width="100%"
 
{| border="0" cellpadding="1" cellspacing="1" width="100%"

Revision as of 08:46, 1 February 2018

Machine Learning in Cybersecurity

DATE:  Friday 9 February 2018

LOCATION:  Kristen Nygaards sal (room 5370), Ole Johan Dahl's House.

TITLE: Research Challenges for Applying Machine Learning in Cybersecurity

SPEAKER: Fabio Massimo Zennaro

ABSTRACT: This talk provides an overview of some topics at the intersection of cybersecurity and machine learning with the aim of illustrating the possibilities offered by machine learning and surveying recent promising lines of research at the border between the two disciplines. The first part of the talk gives a brief introduction to machine learning from a conceptual point of view. The second part then explores research topics in three main domains: applications of machine learning to security; security aspects of machine learning; and, finally, safety concerns related to machine learning.

SPEAKER BIO: Fabio Massimo Zennaro is a PostDoc researcher in security group of the Informatics Department at UiO, working on the Oslo Analytics project. He holds a PhD in machine learning from the University of Manchester.

AGENDA:

14:00h Welcome at IFI

14:15h Invited talk

15:00h Discussion

AFSecurity is organised by the University of Oslo SecurityLab Logo-UiO-SecurityLab-colour.jpg