7, 8 and 9 September 2018
Lizzie Coles-Kem – Beyond CIA: locating information security in the wider security landscape
We are taught to think about information security in terms of Confidentiality, Integrity and Availability of information, data and technology. These principles have stood us in good stead for the last fifty years but are they sufficient for the next fifty? In this talk, I sketch the wider security landscape and ask whether it is time to consider how information security connects to issues of social, economic, political and individual security.
Christopher Cutajar – A Popularity based Application Filtering Algorithm for Application Collusion Detectors
Android malware has been on the rise! On the other hand, anti-malware software has continued to improve to mitigate the risk of a user being infected. What if I can still evade any anti-malware software using two mobile applications? During this presentation, Christopher will present the phenomenon of application collusion, what it is, how this is being used by malware developers to perform malicious activities and present the challenges to detect such malicious applications when having millions of applications in the search space. Finally, Christopher will highlight the solution developed which uses application popularity features together with static analysis and public information to reduce the application search space while also providing a level of application collusion plausibility to those applications that were not filtered. He will present the benefits of such solution to be used by application collusion detectors. At the end of the present, Chris will provide some tips and hints on how to finish successfully.
Joseph Da Silva – What makes an effective Information Security strategy
There is much discourse on the need for an Information Security strategy, but little consensus or guidance as to what makes such a strategy effective. Often, these strategies can be too intangible or too high level to be really effective or even understandable; in other cases, they can be too specific to be really considered strategies. Regardless of the level of detail, they regularly become 'shelfware', documents that exist solely for their own sake or to tick a bureaucratic box. This talk will discuss what core features an Information Security strategy should display, including examples from industry, and will propose a simple model with which any strategy can be evaluated for effectiveness.
Amy Ertan – Deception in Cyberspace: Nation-States and False Flag Operations
Cyber-attribution, determining who is responsible for a given cyber-attack, is an effort with several significant barriers and complexities. It is an art, and often a complicated challenge without any obvious solution. The barriers to attribute are more pronounced when considering nation-state attacks, where attribution is often considered highly desirable in terms of national security interests and possible retribution. Simultaneously, these are more difficult exercises, with sophisticated threat actors and associated capabilities to carry out convincing deceptive attack strategies. This presentation will reflect on a three month project into the nature of 'false flag' operations in cyber attacks, where a state actor has deliberately tried to shift the blame towards a third party. It will consider the practitioner’s point of view and highlight possible opportunities to minimise these barriers, examining the importance of geopolitical analysis in the intelligence process, aiding the attribution process.
Amy Ertan – Interdisciplinary Cyber Security (Economics, International Relations, Human Aspects and Everyday Security)
It is increasingly recognised that cyber security is an interdisciplinary exercise and does not take place in a (technical) vacuum. Several research fields are becoming increasingly active, including at Royal Holloway. This talk will explore these through highlighting various recent interdisciplinary initiatives, from our participation through the "9 ⁄ 12 Cyber competition", government-sponsored cyber security behavioural reviews, as well as numerous active projects currently being researched by students within the ISG. It will also touch across areas where there are a number of opportunities for research, including ethics, economics, law, and psychology.
Rory Hopcraft – Pirates, Polar Bears, Programs & Portholes
What do Pirates and Polar Bears have in common? Sounds like the opening to a bad joke, but, they could hold the answer to helping the maritime industry develop robust cybersecurity regulation. There has been an unrelenting proliferation of technology into the maritime industry over the last decade, with the desire to increase both the efficiency and profit of the industry. However, because of the speed of technological change, the International Maritime Organisation (IMO), has struggled to produce robust maritime cybersecurity regulations. Leaving the industry at risk from a cyberattack. This presentation will argue that to successfully regulate maritime cyberspace the IMO needs to create a Cyber Code. This Code would contain regulation that addresses the unique challenges of maritime cyberspace. It would consider how collaboration from the international community was used to tackle piracy in the Indian Ocean. It will then look to the success of other IMO codes, specifically those pertaining to the Polar Regions, and suggest a blueprint that regulators could use to create this Cyber Code.
Irwin Raymond Lyttle – Firefighting, Fatalism or Fortune? SME perspectives on Ransomware
Ransomware as a form of malware has been a problem for many years and has caused a significant and often high-profile impact on companies and individuals. The methods used to encrypt and destroy data have continued to evolve, with each new variant and strain being implemented with increasingly fewer flaws. Therefore, prevention of a Ransomware infection is much preferred over dealing with the aftermath and recovery efforts involved. In this session we will look at the common methods and vectors used by many types of Ransomware to gain the initial infection, the sequence of an attack and why Ransomware continues to be a problem, often leveraging complex psychological social engineering methods to take advantage of users, increasing the potential to infect systems and destroy data. We will also look at the kinds of publications that are available specifically targeted at SME stake-holders to help them protect against Ransomware, what recommendations are made and how effectively these can help combat Ransomware by comparison with known attack methods. Organisations can potentially prevent the majority of Ransomware attacks and infections through following publicly available advice and by implementing other standard IT security principles and best practice recommendations, and in this session we will explore why Ransomware still poses a threat despite this.
Cen Jung Tjhai – Hybrid post-quantum key-exchange for IKEv2 VPN
Current key-exchange protocol (IKEv2) that is used in VPN uses the Diffie-Hellman (DH) or Elliptic Curve Diffie-Hellman (ECDH) algorithm to establish a shared secret between an initiator and a responder. The security of the DH and ECDH algorithms relies on the difficulty to solve a discrete logarithm problem in multiplicative and elliptic curve groups respectively when the order of the group parameter is large enough. While solving such a problem remains difficult with current computing power, it is believed that general purpose quantum computers will be able to solve this problem, implying that the security of IKEv2 is compromised. There are, however, a number of cryptosystems that are conjectured to be resistant against quantum computer attack. This family of cryptosystems are known as post-quantum cryptography (PQC). This presentation talks about the challenges in upgrading the IKEv2 protocol to be post-quantum secure