The First AMSEC workshop featured a keynote, research talks from all the participating organisations, much discussion and a lively panel.
Date : May 15, 2019
Time : 13:00-17:00
Place : HG-08A00 (VU Campus)
The first AMSec workshop on May 15, 2019 featured presentations from the various disciplines, accessible to a wide audience, as well as a keynote by Michel van Eeten, professor of Governance of Cybersecurity at TU Delft and member of Cyber Security Council for the Netherlands.
Workshop Program
13:00-13:15 Introduction to AMSec
13:15-14:00 Keynote: Michel van Eeten
<coffee break>
14:15-14:35 Drink from the fire hose: how your CPU shouts out your deepest secrets
Speaker Kaveh Razavi, VUSec, Vrije Universiteit Amsterdam
Abstract This talk will introduce the recently disclosed RIDL vulnerability in Intel processors in a manner that is understandable to everyone. RIDL allows attackers to leak sensitive data (such as files containing password information) across any security boundary.
14:35-14:55 Exploring the social dimension of cybercriminal networks.
Speaker Rutger Leukfeldt, NSCR
Abstract We analysed 40 cybercriminal networks that were involved in phishing, banking malware and hacking to see if they could be labelled loners, colleagues, peers, teams, or formal organizations. In contrast with prior research, the majority of our cases can be labelled a team or a formal organization.
14:55-15:15 Lattice-based cryptography: Standardization and security estimation
Speaker Leo Ducas, CWI
Abstract In this talk, I will present the status of the ongoing standardization process for quantum-safe cryptography, highlight some lattice base candidates, and discuss advances in their cryptanalysis.
<coffee break>
15:30-15:50 Law and cybersecurity
Speaker Anne de Hingh, VU-Centre for Law and Internet
Abstract Breaking security is both prohibited (e.g. hacking) and allowed (police, intelligence agencies). The law is still struggling with designing the right framework in the area of cybercrime, -security, -war. Some issues are enforcement and attribution.
15:50-16:10 SarNet: Autonomous Response Network
Speaker Ralph Koning, SNE, UvA
Abstract Self defending systems or networks can offload security teams and enable them to focus on new and pressing threats. This talk will cover such systems in the context of the SARNET (Secure Autonomous Response NETworks) project: the experimentation environment, a method for evaluating defense performance, and how we orchestrate defenses in single networks and in collaborations of multiple network domains.
<coffee break>
16:30-17:15 Panel
- Jos Baeten (CWI)
- Jaya Baloo (KPN)
- Marc Witteman (Riscure)
- Joshua Serrao (City of Amsterdam)
17:15-18:00 Drinks
Information about speakers and panellists
Keynote speaker
Michel van Eeten is professor at Delft University of Technology. He studies the interplay between technological design and economic incentives in cybersecurity. His team analyses large-scale Internet measurement and incident data to identify how the markets for Internet services deal with security risks. He is also a member of the Cyber Security Council, an advisory body of the Dutch government.
Panel
Jaya Baloo is Chief Information Security Officer at KPN Telecom.
Marc Witteman is CEO at Riscure
Joshua Serrao is Innovation Officer & Smart City Liaison at Chief Technology Office, City of Amsterdam
Jos Baeten is General Director of CWI, Amsterdam
Research talks
Kaveh Razavi is assistant professor at VUSec (Vrije Universiteit Amsterdam)
Rutger Leukfeldt is senior researcher Cybercrime at the NSCR and lector Cybersecurity and SMEs at The Hague University of Applied Sciences.
Leo Ducas is researcher in the Crypto group at CWI
Anne de Hingh is researcher in the Internet Law group within the faculty of Law at Vrije Universiteit Amsterdam
Ralph Koning is PhD student in the System and Network Engineering research group of the University of Amsterdam