2nd Cyber Security Workshop in the Netherlands

2nd Cyber Security Workshop in the Netherlands

13 October 2016

11:30-12:00

Registration

12:00-12:50

Lunch

12:50-13:00

Introduction / Opening

13:00-14:00

Keynote by Dr. Cristiano Giuffrida (VU Amsterdam)

Title: Imagine a World Without Software Bugs (Hint: It Ain't that Pretty)

Abstract: What would the world be like if software had no bugs? Software systems would be impenetrable and our data shielded from prying eyes? Not quite. In this talk, I will present evidence that reliable attacks targeting even "perfect" software are a realistic threat. Such attacks exploit properties of modern hardware and software to completely subvert a system, even in absence of software or configuration bugs.

To substantiate this claim, I will illustrate practical attacks in real-world systems settings, such as browsers and clouds. The implications are worrisome. Even bug-free (say formally verified) software can be successfully targeted by a relatively low-effort attacker. Moreover, state-of-the-art security defenses, which have proven useful to raise the bar against traditional software exploitation techniques, are completely ineffective against such attacks. It is time to revisit our assumptions on realistic adversarial models and investigate defenses that consider threats in the entire hardware/software stack. Pandora's box has been opened.

14:00-15:30

Poster Session + Coffee

Accurate Quantification of Timing Channels with Symbolic Execution
By Roeland Krak (UTwente)

Context-security in self-supported and spatially context-aware Android-systems
By Aksel Harrewijn (Open University)

Counting sheep: Analysing end user security six years after Firesheep
By Marc Sleegers and Hugo Jonker (Open University)

Go Ahead Steal My Sensor: Secure and Privacy Preserving Data Aggregation In Wireless Sensor Networks
By Parul Gupta, Zekeriya Erkin and Christian Doerr (TU Delft)

Bring Your Own Authenticator/Authentication Security in Physical Access Control Systems
By Uraz Seddigh, Fei Liu (Nedap), and Andreas Peter (UTwente)

Linking Data and Process Perspectives for Deviation Analysis
By Mahdi Alizadeh and Nicola Zannone (TU/e)

Efficient and Secure Outsourced Computations Toward Creating Trusted e-Healthcare System
By Majid Nateghizad, Zekeriya Erkin and Reginald L. Lagendijk (TU Delft)

Improving SCADA security of a local process with a power grid model
By Justyna J. Chromik, Anne Remke, and Boudewijn R. Haverkort (UTwente)

Lessons Learned in Booters Investigation: The DDoS for Hire Phenomenon
By José Jair Santanna, Ricardo de O. Schmidt, and Aiko Pras (UTwente)

Private Sharing of IOCs and Sightings
By Tim van de Kamp, Andreas Peter, Maarten H. Everts, and Willem Jonker (UTwente)

Prospects and Privacy Threats of In Silico Genome
By Chibuike Ugwuoke, Zekeriya Erkin and Reginald L. Lagendijk (TU Delft)

Optimizing the discretization in Zero Leakage Helper Data Systems
By Taras Stanko, Fitria Nur Andini, and Boris Skoric (TU/e)

Feature Selection Metrics for Anomaly-based Network Intrusion Detection
By Ömer Yüksel (TU/e)

Privacy preserving genome analysis using context trees
By Lieneke Kusters and Tanya Ignatenko (TU/e)

15:30-17:00

Selected Talks

On the Use of DDoS Protection Services
By Mattijs Jonker and Anna Sperotto (UTwente)

Preserving Privacy in Model-based Analysis of Software
By Gamze Tillem, Zekeriya Erkin and Reginald L. Lagendijk (TU Delft)

Towards Creating Believable Decoy Project Folders for Detecting Data Theft
By Stefan Thaler, Jerry den Hartog, and Milan Petkovic (TU/e)

17:00-18:00

Drinks + Award Ceremony + Closing