NISlectures is a free monthly event addressing current issues in information security. The lectures are streamed live (from approximately 10 minutes before the lecture streaming starts, connect to online streaming). After the lecture recordings will be made available online (see individual lectures). Some of the lectures have also been made available as hyper interactive presentations (HIP).For more information on the series of NISlectures please contact Head of NISlab Laura Georg (firstname.lastname@example.org).
NISlecture 2017/1 (27.01.2017, 12.15-13.00 in K105)
Title: Enhancement of human performance in military cyber operations by facilitating the application of behavioral science in cyber defense practice
Speaker:Øyvind Jøsok & Benjamin Knox. Performance & Applied Cognitive Engineering Cyber Operations Research Group (PACE-CybORG): conducting theoretical and experimental research on human factors in the cyber domain.
In cyber operations, we are less directly confronted with the outcomes of our action than in situations of physical or direct engagement. Our anticipation of futureoutcomes are more abstract or differently specified, less detailed, and typically decision-making processes are conducted under multiple converging and diverging pressures. These circumstances, are assumed but not yet well understood aspects of cognition, such as a increased tolerance to uncertainty or management of cognitive load, all contribute to how judgements and decisions are made to act and determine the overall performance. The effects of digitization on decision-making and the contribution of behavioural sciences are largely not investigated within the cyber domain, but this can nonetheless have immediate effects on cyber security at national and international level. In the wake of Cyber Pledge, this calls for an intensified effort in research, training and education of personnel with cyber competence. This talk will focus on human factors in cyber operations. What has been done so far by the research group *PACE-CYBORG*, and the future landscape ahead.
About the Speaker
Contributors to PACE-CybORG: Ricardo G. Lugo is a lecturer in psychology at Lillehammer University College. His research interests involve health and performance psychology, with a focus on aspects of developmental, behavioral, and emotional regulation of performance in several domains.
Stefan Sütterlin is a professor in Psychology at Lillehammer University College and affiliated with Oslo University Hospital, Norway. His research interests include psychophysiology of behavioral control, decision-making, and cognitionemotion interaction.
Benjamin J. Knox is a teacher in International Studies at the Norwegian Defense Cyber Academy currently studying MSc in Development Management, and his research interests lie in improving human performance in digitisation.
Lieutenant Commander Øyvind Jøsok is an instructor in Leadership at the Norwegian Defense Cyber Academy. He holds an MSc in leadership and is currently a PhD candidate within the area of psychology. His research interest lies in the area of physical and cognitive development and performance.
Kirsi Helkala is an associate professor at the Norwegian Defense Cyber Academy, holding a PhD within Information Security from the University of Oslo, Norway. Her research interests lies within information and cyber security, especially in its human aspects.
The industry introduced username and passwords more than 40 years ago and has subsequently seen incremental improvements to maintain an adequate security posture. Complexity rules, password change frequency, and requirements to avoid password re-use were added over time to improve the security of username+password infrastructure. Since then, (a) the average number of accounts has increased to a level that it is unfeasible for users to memorize distinct passwords per account and (b) mobile devices without physical keyboards are proliferating. Typing in passwords on such devices is cumbersome and prone to error. On the other hand, new attacks have appeared that demonstrate the fundamental security limitations of the existing password concept. Several variations of one-time-password schemes have been invented to fix the password security problem (e.g. one-time passcode (OTP) tokens, SMS OTP, OTP generator Apps). Unfortunately, such schemes further reduced usability and did not succeed in protecting against scalable attacks (e.g. Phishing, MITM). Biometric user verification, initially used for Government purposes, can be more convenient for users than typing passwords. We will look into the security aspects of the unattended nature of mobile biometrics and the implications for a secure implementation of secure and biometrics based authentication.
About the Speaker
: Rolf Lindemann works for Nok Nok Labs, Inc. as Senior Director Products & Technology and brings more than 15 years of experience in product management, R&D and operations from the IT security industry. He has contributed to various FIDO specifications and has been a frequent speaker at industry events. Prior to Nok Nok Labs Rolf Lindemann worked as Senior Director Product Management in the user authentication group at Symantec where he was responsible for research and product strategy on device authentication in smart grids and mobile networks. Before Symantec's acquisition of TC TrustCenter, he was Executive Director Product Strategy at TC TrustCenter GmbH. Named to that position in 2009 he was responsible for analyzing market trends and aligning the overall product portfolio to new market opportunities. Rolf Lindemann received his PhD from the Technical University in Hamburg-Harburg and holds a master's degree in electrical engineering.
Smart devices are all around us nowadays. These little angels/devils are making our lives much easier, while also opening up a lot of security/safety holes, esp. those safety critical devices have the potential of physically harming or even killing us. In this NIS lecture, in order to demonstrate the real threats of these devices, I will use a case study of a software intensive medical device (the Insulin Pump) from one of our previous projects at the McMaster Centre for Software Certification, McMaster University, Canada. Based on the insulin pump example, I will give an overview and discuss some important aspects of the key approach to make these systems safer and more secure: software certification.
About the Speaker
Hao Wang, Ph.D., is an associate professor and the head of the Big Data Lab in Faculty of ICT and Natural Sciences, Norwegian University of Science and Technology, Ålesund. Before this, he was a research scientist with IBM Canada R&D Centre, (still) collaborating with Profs Ridha Khedri, Mark Lawford, Tom Maibaum and Alan Wassyng in McMaster Centre for Software Certification (<http://www.mcscert.ca/>), McMaster University, Canada. McSCert leads the Software Certification Consortium, consisting of many top researchers, government regulators, and industrial companies. Hao¹s research focuses on big data&IIoT, software engineering, and safety&security and he has published 50+ peer-reviewed papers. More details can be found in his webpage www.haowang.no.
A biometric system is a technological system that uses information about a person to identify that person. We will discuss the connection between Biometric systems and Information/Communication theory. Several authentication system implementations will be explained and their performance analysed. We will pay attention to the tradeoff between information security and reliability of biometric data.
About the Speaker
A.J. Han Vinck is a senior professor in Digital Communications at the University of Duisburg-Essen, Germany, since September 2014. His interest is in Information and Communication theory, Coding and Network aspects in digital communications. He is the author of the book "Coding Concepts and Reed-Solomon Codes" <http://www.martinvinck.com/page3/assets/bookHan.pdf>. He was president of the IEEE Information theory Society (2003). He received a number of accolades including the election by the IEEE as Fellow for his Contributions to Coding Techniques, the IEEE ISPLC 2006
Achievement award for contributions to Power Line Communications and the 2015 Aaron D. Wyner Distinguished Service Award <http://www.itsoc.org/news-events/recent-news/han-vinck-2015-wyner-award> for longstanding contributions to the IEEE Information Theory society.
NISlecture 2017/5 (26.05.2017, 12.15-13.00 in K105)
Title: The Modern Cybersecurity Stack: Data-driven Network Monitoring with Bro
Speaker:Robin Sommer, International Computer Science Institute (ICSI) in Berkeley, California
Faced with today´s sophisticated cyberattacks, classic intrusion detection systems often leave defenders with playing games of whack-a-mole. Offering an alternative, the open-source network security monitor Bro has become a driver behind a recent paradigm shift inside the incident response community: By facilitating data-driven, site-specific network traffic analyses, Bro empowers operators to defend their organizations against a broad range of attacks, from indiscriminate to highly targeted. This talk will recap Bro`s evolution from a niche software developed by a small academic research group into a widely deployed system that`s now protecting some of the world`s largest organizations. We will examine Bro`s scientific foundation, discuss experiences transitioning the system from a research platform to large-scale operational deployment, and present current research efforts that seek to further advance today`s network defense capabilities.
About the Speaker
: Robin Sommer is a senior researcher at the International Computer Science Institute (ICSI) in Berkeley, California, where he leads the team developing Bro. He is also the CTO of Corelight, a recent network security startup offering professional Bro solutions to corporations and government organizations. He is furthermore an affiliated researcher at Lawrence Berkeley National Laboratory, where he works with the Lab¹s security team. Robin Sommer holds a doctorate degree from TU München, Germany.