Norwegian Information Security Seminar

NISseminar is a weekly research seminar, which targets professors, researchers, PhD candidates, MSc and BSc students at NTNU i Gjøvik. It shall bring together researchers and students to have an academic exchange on a topic in information security presented by one of NISlab researchers. The seminar takes place on Fridays during the lunch break 12.15 - 13.00, and is open to all interested.To follow the online series, please find the playlist of recordings here: https://www.youtube.com/playlist?list=PL17KQCa8hhvApcc1LO8aarrNmm5sFgmni

*********************************************

19.01.2018, 12:15 – 13h, 153, A building

Speaker: Kaja Hannestad, Technical student @ CERN

Title: One year as a Technical Student at CERN  

Recorded stream

Abstract : The presentation will give an insight in the life of a Technical Student working as a network administrator at CERN. How is it to work there? What did I do? What challenges did I face? This will hopefully be answered in the presentation, in addition to going into detail about my main project which evolved around Quality of Service (QoS).

About Speaker: Got my trader certificate within computer electronics before starting my bachelor in Computer Science and Engineering at NTNU in Gjøvik in 2014. Spent 2017 as an exchange student working at CERN in Geneva.

*********************************************

02.02.2018, 12:15 – 13h, A146, A building

Speaker: Jan William Johnsen, PhD candidate

Title: Identifying Central Individuals in Organised Criminal Groups and Underground Marketplaces

Recorded stream

Abstract: Traditional organised criminal groups becomes more active in the cyber domain. They form online communities used as marketplaces for illegal materials, products and services, which drives the Crime as a Service business model. These underground marketplaces allow them to operate with little interference from law enforcements. The challenge of disrupting the underground marketplaces is to know which individuals to focus law enforcement’s effort on. Because taking down a few selected people can have more effect on disrupting the services provided by cyber criminals. We presents our recent study on centrality measures’ performance for identifying important individuals on two networks. We focus our analysis on two distinctly different network structures: Enron – which replace an organised criminal group – have a hierarchical structure, while the hacker forum Nulled.IO is more loosely structured. Our result show that centrality measures favours individuals with more communication rather than people usually considered more important: organised crime leaders and cyber criminals who sell illegal material, products and services.

About Speaker: Jan William is currently a Ph.D. candidate at Norwegian University of Science and Technology (NTNU). He earned his Master in Information Security at NTNU in 2016. In his thesis work he focused on identifying people of interest through social network analysis and he has published one article based on this work. After completing his Masters, Johnsen continued to pursue an academic carrier within his research interest: the detection and prevention of financial crimes such as fraud and money laundering.

*********************************************

09.02.2018, 12:15 – 13h, A153, A building

Speaker: Dmytro Piatkivskyi, PhD candidate

Title: Payment splitting in the Lightning network — leaving micro-payment network for micro-payments

Recorded stream

Abstract: Lightning network is a payment channel network that utilises Bitcoin off-chain transactions to allow for higher transaction volume. Being a protocol, its properties are to be defined by its adoption. While the existing research on the Lightning network assumes its use for conventional payments, we propose to leave it to micro-payments only, transforming a money transfer into a stream of money. Such a transformation arguably improves the network properties such as efficiency, privacy and security.

About Speaker: Received a Bachelor degree in Information security from National Technical University of Ukraine “Kyiv Polytechnic Institute” in 2012. Graduated Gjøvik University College in 2014 with a Master degree in Information secuirty. Before joining Testimon Forensics Research Group at NISlab as a PhD student, was employed at UBS AG as a software developer, Investment Banking department.

*********************************************

16.02.2018, 12:15 – 13h, A153, A building

Speaker: Odin Jenseg and Simen Lybekk, students @ NTNU

Title: European Cyber Security Challenge

Recorded stream

Abstract: European Cyber Security Challenge (ECSC) is an initiative by the European Union Agency for Network and Information Security (ENISA). The goal of this challenge is to find cybersecurity talents and to encourage young people for a career in cybersecurity. The object of the challenge is to attack and defend computer infrastructure, as well as solving problems in the field of; cryptography, forensic, programming, reverse engineering, web, and hardware hacking.
2017 was the first year Norway competed in this challenge. The Norwegian team consisted of ten members who were sent to Malaga in Spain to compete in ECSC. This talk will be about the experience of competing in a challenge at this level, and why professors and students should be interested in these types of competitions.

About Speaker:
Odin Jenseg is a student at NTNU Gjøvik in Master of Information Security, with specialization in digital forensics. He received his Bachelor degree in Information Security from NTNU Gjøvik summer 2017.

Simen Lybekk is a student at NTNU Gjøvik in Bachelor of Information Security.

*********************************************
02.03.2018, 12:15 – 13h, A254, A building

Speaker: Håkon Gunleifsen, PhD candidate

Title:

Abstract:

About Speaker:

*********************************************
09.03.2018, 12:15 – 13h, A153, A building

Speaker: Isuf Deliu, Master thesis awardee

Title: Extracting Cyber Threat Intelligence From Hacker Forums

Abstract: Cyber-protection is a top priority for modern civilization. Even though tradition security controls can detect and prevent a large proportion of cyber-attacks, they are struggling to keep pace with the increasing sophistication of attack tools and methodologies. For this reason, the cyber security community has recently focused on more proactive approaches such as Cyber Threat Intelligence (CTI). The main idea of CTI is the enrichment of traditional security controls by using information collected from multiple diverse sources, both in-house and external. Hacker forums and other social platforms may contain vital information about cyber security threats. But using manual analysis to extract relevant threat information from these sources is a time consuming and error-prone process that requires a significant allocation of resources. In our research, we utilized a combination of supervised and unsupervised Machine Learning algorithms to locate hacker posts that are of high relevance for cyber security. The findings of the experiments performed using the data from a real hacker forum include zero-day exploits, leaked credentials, IP addresses of malicious proxy servers, etc. suggesting the use of these sources as an integrated part of CTI solutions.

About Speaker: Isuf Deliu is originally from Kosovo and holds a Bachelor’s degree in Computer Engineering from the University of Prishtina. After spending a semester as an exchange student in Gjøvik, Isuf joined NTNU in 2015 and received his Master’s degree in Information Security last June (2017). His interests are mainly the applications of Machine Learning algorithms in different application domains with a focus on Information Security and Digital Forensics. Isuf was selected as one of the winners for Master Thesis Award by Telenor-NTNU AI Lab. This award is given to Master’s thesis that have significant impact for Norway or society at large and contribute to building of awareness for the latest trends in the field of Artificial Intelligence. Isuf currently lives in Oslo and works as an Associate at Forensic Technology Services in BDO. In the daily basis, he works with identification, collection, and analysis of digital evidence, as well as data visualization.

*********************************************
23.03.2018, 12:15 – 13h, A254, A building

Speaker: Martin Stokkenes, PhD candidate

Title:

Abstract:

About Speaker:

*********************************************
06.04.2018, 12:15 – 13h, A153, A building

Speaker: Edgar Alonso Lopez Rojas, Post-Doc

Title:

Abstract:

About Speaker:

*********************************************
13.04.2018, 12:15 – 13h, A153, A building

Speaker: Gunnar Alendal, PhD candidate

Title:

Abstract:

About Speaker:

*********************************************
20.04.2018, 12:15 – 13h, A254, A building

Speaker: Shao-Fang Wen, PhD candidate

Title:

Abstract:

About Speaker:

*********************************************