The PICS seminar is a PICS forum for research in the fields of privacy and information security and cyber security. We discuss both practice and new research and improve our knowledge about selected practice and research areas of common interest.
If you want to suggest a speaker or give a talk, please write to firstname.lastname@example.org
Date: 9 May 2019, 11.00-12.00 Place: Högskolan i Skövde, Room: Portalen, Insikten.
Title: Resilience to Cyber Attacks
Speaker: Sten F Andler, University of Skövde.
Abstract: We present definitions and aspects of resilience as it relates to cyber attacks and other incidents in critical infrastructures that support vital societal services. The discussion is mainly based on a CIRI webinar on “Cyber Risk Scoring and Mitigation for Resilient Cyber Infrastructure”, which was also presented at the 2019 CIRI Symposium on Resilience of Critical Infrastructures. From the same symposium we will also discuss measure business/economic resilience to disasters. We end by exploring resilience as a countermeasure to attacks exemplified by applications in mobile computing, in warfare, and in wireless networking
Date: 12 April 2019, 11.00-12.00 Place: Högskolan i Skövde, Room: Portalen, Insikten.
Title: The New Swedish Security law - a modern protection for us in a global world that is connected?
Speaker: Carl-Magnus Brandt, CISM, Actea.
Abstract: The threat landscape and stability in our region has changed dramatically, what happens when the threat actors move from physical borders into the digital domain?
What has changed from the previous security law and why is this a new era? How can we face this new challenge?
Why is it important for you as a student in information security to be aware of this shift in power?
Date: 13 March 2019, 14.15-16.00 Place: Högskolan i Skövde at Utsikten (Portalen, P501)
Title: Dynamic Vulnerability Analysis in Cyberphysical Systems
Speaker: Yuning Jiang, PhD student
Abstract: The growth and the complexity scale of Cyber-Physical Systems (CPSs) are ever-evolving due to the fast expansion of networked applications in smart-x systems, which are overseeing critical infrastructures such as the smart-grid. These smart networked systems use a network of embedded sensors, platforms and actuators to perceive and affect a physical process that typically requires guaranteed quality-of-service performances provided by safety-critical applications. The confluence of sensors, platforms and networks is also nourishing the expansion of the emerging Internet of Things (IoT) area. However, these developments lead to increased surfaces that are vulnerable to cyberattacks.Since the capability of attackers and the trust in networked-components are subject to substantial variability, a dynamic-vulnerability assessment is advocated in this study, in contrast to traditional static-approaches.
Recent advances in data analytics prompt dynamic data-driven vulnerability assessments, whereby data contained and produced by CPS cyber-components include hidden traces of vulnerability fingerprints. However, the imprecise nature of vulnerability assessment and the huge volume of scanned data call for computational intelligence techniques to analyse such data. We first investigate computational models to capture semantic properties related to vulnerability concepts revolving around CPS components. This study reveals salient metrics and related measurements used to quantify CPS component vulnerabilities. We show the potential of applying fuzzy-logic techniques to diagnose vulnerability, and infer objective vulnerability scores. Then, we examine computational methods to extract meaning from text by mining online public-repositories of published vulnerabilities and discovering potential vulnerability-matches in a given CPS infrastructure. Graph-mining techniques are also explored to identify critical-assets of CPS infrastructure to weigh vulnerabilities, considering topological structures and functional features.
In this proposal, we explore the state of the art and highlight the drawbacks of current research approaches in CPS vulnerability assessment area, based on which, we build our research questions with the purpose to piece together solution elements for the stated problem. In doing so, computational intelligence techniques such as fuzzy-logic and machine-learning, are investigated in order (a) to reduce existing security management gaps induced by ad-hoc and subjective vulnerability auditing processes, (b) to narrow further the risk window induced by discoverable vulnerabilities, and (c) to increase the level of automation in vulnerability analysis, at various levels of the CPS architecture.
Date: CANCELLED! Will return later
7 Feb 2019, 11.00-12:00. Place: Högskolan i Skövde. Portalen, P401.
Title: The New Swedish Security law - a modern protection for us in a global world that is connected
Speaker: Carl-Magnus Brandt, CISM, Actea
Abstract: The threat landscape and stability in our region has changed dramatically, what happens when the threat actors move from physical borders into the digital domain?
What has changed from the previous security law and why is this a new era? How can we face this new challenge? Why is it important for you as a student in information security to be aware of this shift in power?
Date: 17 Jan 2019, 11.00-12:00. Place: Högskolan i Skövde. Portalen, P401.
Title: When we talk about privacy, what are we really talking about?
Speaker: PhD Oskar MacGregor, School of Bioscience, Högskolan Skövde
Abstract: Recent developments in areas such as data analysis, in combination with the staggering ubiquity of different forms of smart technology, have engendered renewed interest in individual privacy, in particular its ethical and legal dimensions. The concept of privacy itself is , however, deeply contested, in both philosophical (conceptual) and legal (applied) domains. This is partly due to the contingent specifics of its historical development, and partly due to the concept's emotional force. In this talk, I give an overview of these issues, in order to begin sketching an answer to the question: "When we talk about privacy, what are we really talking about?"
Date: 6 dec 2018, 10:30-12:00. Place: Högskolan i Skövde. G207.
Title: A Socio-Technical Modeling Approach to Secure Digital Transformation.
Speaker: Prof Stewart Kowalski, NTNU, Norway.
Abstract: We use a number of different types of models every day in their day-to-day work to protect their organization’s information assets. For compliance work we often us a check-list model i.e. a table with a list of requirements with checks and evidence indicating if they are fully compliant, partially compliant, or even non complaint to the requirements. For capital expenditures on new security equipment we use the return on security investment model which is expressed as ROSI= (ALE * mitigation ratio Cost Security Solution/Cost of Security Solution). These models are suitable for solving a number of security problems.
However, these models can be problematic when formulating a secure digital transformation strategy that needs to be reviewed and communicated not only internally in an organization but also with digital partners and customers. To help support with the formulation and communication of a secure digital transformation strategy, Professor Stewart Kowalski presented a socio-technical modeling approach. The presentation covered three areas: history, theory and practice of socio-technical modeling
- Presentation from the seminar
Date: 19 April 2018, 11:00-12:00. Place: Högskolan i Skövde. Portalen room P407. Title: Cyber Deterrence. Speaker: Gazmend Huskaj. Abstract: Cyber deterrence is a strategy employed to deter attackers from conducting cyber-attacks in the first place. However, several issues exist when implementing cyber deterrence. The findings show (1) non-existence of the deterrence strategy (2) no doctrine or decision competence to retaliate to an adversary, (3) the armed forces have no authority to retaliate when Swedish sovereignty in Cyberspace is threatened, (4) no norms or regulations exist concerning retaliation, (5) no clear governance on using offensive cyber capabilities, and finally, (6) no credibility in its cyber deterrence posture regarding how much Sweden is willing to sacrifice to protect its electoral system, which is a Swedish national interest. Therefore, this research investigates how cyber deterrence can practically be implemented in Swedish cyber security policy.
- Date: 1 March 2018 11:00-12:00. Place: Högskolan i Skövde. Portalen room P502. Title: Information Security Management - what is it and why do we need it? Speaker: Rose-Mharie Åhlfeldt from Högskolan i Skövde. Abstract: Information is an important tool in any organization. The consequence of losing critical information can be devastating to both organizations and individuals. The organization's information security requirements are based on internal business requirements, but also external requirements from stakeholders, legal and contractual requirements as well as industry requirements. In order to protect information in a proper way, organizations need to work systematically with information security. Information Security Management (ISM) is a systematic process of effectively coping with information security threats and risks in organizations. One way to work systematically with information security is therefore to implement an Information Security Management System (ISMS).
- Date: 7 February 2018 10:15-11:30. Place: Högskolan i Skövde. Portalen room P101. Applied Mathematics Seminar. Coding theory theme, part 4: Post-quantum cryptography with error-correcting codes. Speaker: Stefan Karlsson and Klara Stokes (Högskolan i Skövde). Abstract: In 1994 Shor showed that the integer factorization problem can be solved in polynomial time on a quantum computer. As a consequence, cryptographic public-key protocols relying on the integer factorization or the discrete logarithm problems, like the popular RSA and elliptic curve cryptography, are unsecure against attacks using quantum computers. Post-quantum cryptography is the research area studying cryptographic protocols that remain secure against such attacks. Code-based cryptography has arisen as a strong candidate for post-quantum cryptography. In this talk we explain how code-based cryptography works, we give a short historical background and a short current state-of-the art.
- Date: Thu 1 February 2018 10:15-11:45. Place: Högskolan i Skövde. Portalen room P502. Title: Vulnerabilities and Countermeasures in Smart Grids. Speaker: Sten Andler (Högskolan i Skövde). Abstrakt: We present two KTH papers on 1) a study of software vulnerabilities and weaknesses of cyber components in smart grids, and 2) an analysis of the effectiveness of attack countermeasures in such a system. The focus of both papers is on embedded devices in power substations and generation plants, typically controlled by a SCADA system (for Supervisory Control And Data Acquisition). The vulnerabilities study is on actual systems with intelligent components from major manufacturers. The study uses publicly available data on the types of systems and identified vulnerabilities and weaknesses from publicly available databases and the manufacturer’s websites. The study summarizes the types and severity of common vulnerabilities and shows that they mostly result from a small number of fairly simple weaknesses. It is also apparent that not all manufacturers are keen on disclosing their vulnerabilities and weaknesses. The analysis of countermeasures, on the other hand, constructs abstract models of typical electric power systems, based on publicly available information as well as expert elicitation and certain assumptions. The models are used to evaluate the overall cyber security posture and the effectiveness of protection strategies, using attack graph evaluation (securiCAD). In summary, the most effective measures are network securement (including passwords) and network segmentation (firewalls). Frequent patching is prohibitively expensive and running intrusion detection systems is not usually possible on the heterogeneous hardware. Our own approach in Elvira proposes to perform such intrusion analysis on a common operational picture, separate from the operational system, obtained by extracting data from the operational system itself.
- Date: 19 January 2018 11:00-12:00. Place: Högskolan i Skövde. Portalen room 502. Threat Modeling and Resilience of Critical Infrastructures. Speakers: Yasine Atif, Manfred Jeusfeld, Jianguo Ding (Högskolan i Skövde). Abstract: The smart grid is the current trend to upgrade the ageing energy infrastructure leading to a further distribution of the energy market. However, alongside the expected enhancement in efficiency and reliability, the induced cyber-connectivity prompted by Supervisory Control And Data Acquisition (SCADA) systems that monitor critical infrastructures, expose the grid’s cyberphysical systems to potential cyberattacks. The inherent third-party devices in those cyberphysical systems have a significant dependency on digital communications, which raise concerns over a growing risk from cyberattacks. Conventional security approaches are limited by the scale of the grid and the velocity of data reporting dynamic energy flows. ELVIRA is a project supported by the European Fund on Internal Security (ISF) at University of Skövde, which aims at modelling the grid-infrastructure networks and developing a corresponding testbed facility for testing critical infrastructures’ resilience to cyberthreats. Situation-awareness, vulnerability assessments, and cascading-effects analysis due to cyber-threats are some of the core work-packages in ELVIRA project. In this seminar, we show a conceptual modelling approach to power-grid infrastructures, then discuss cyberthreat modelling for power-grid resilience, and finally reveal a cyberthreat-intelligence based design of the proposed testbed facility that use distributed agents for real-time simulation of cyberphysical-systems security.
- Date: 18 January 2018 11:00-12:00. Place: Högskolan i Skövde. Portalen room P101. Applied Mathematics Seminar. Coding theory theme, part 3: Self-dual codes. Speaker: Yohannes Tadesse (Högskolan i Skövde). Abstract: This is a continuation of the seminar series on code theory and this time we consider self-dual codes. The focus will mainly be construction/classification of self-dual codes and their relations with algebraic objects like groups and invariant rings. Concrete examples of the Hamming codes and the Golay codes, and some applications will be presented.
- Date: Friday 15 December 11:00-12:00. Place: P101. Applied Mathematics Seminar. Coding theory theme, part 2: Different types of codes.Speaker: Yohannes Tadesse (Högskolan i Skövde). This is part of the Applied Mathematics Seminar series which deals with Coding theory. The speakers in the previous seminar talked about linear codes and some applications. As a continuation, in this seminar I will talk about some aspects of cyclic codes and Goppa codes and, if time allows, algebraic geometry codes. The talk is aimed at anyone with/out any background in the subject. So everyone is welcome!
- Date: Mån 11 Dec 2017 09:00 – 10:00. Place: Högskolan i Skövde. Portalen room P502. Recent developments on integral privacy. Speaker: Navoda Senavirathne (Högskolan i Skövde). Data privacy studies methods and tools to avoid the disclosure of sensitive information. Quite a few data privacy models have been introduced in the literature. They define when a data set can be considered protected and/or offer degrees of privacy. The definition of privacy models is a first step towards the definition of data protection mechanisms that are compliant with these models. Examples of privacy models include re-identification, k-anonymity, and differential privacy. Nowadays there exists a plethora of data protection methods for each of these models. Different data protection methods compete on the type of data to be considered (e.g., databases, streaming data), the quality of the protected data (e.g., low information loss), the level of privacy achieved. In a recent paper, we introduced the concept of integral privacy, which is based on the databases that are updated frequently. The definition of integral privacy is based on the idea that models inferred from a dataset should not allow disclosure on the training data or on how data has been updated (records deleted, records modified, etc.). In this talk, we will present theprivacy model and our last results in this area.
- Date: 20 November 13:15- 14:30. Place: Vänern och vättern (Portalen). (Applied Mathematics Seminar) Error-correcting codes and applications (Stefan Karlsson and Klara Stokes from Högskolan i Skövde) In the transmission of information, errors occur. By coding the information before transmission using an error-correcting code, it is possible to correct such errors and to recover the sent information. Error-correcting codes are used in various applications like data storage, data transmission, data compression, and cryptography. This seminar is divided in two parts. The first part is an elementary introduction to linear error-correcting codes, with many simple examples. In the second part we will see examples of how error-correcting codes are used in some applications. SLIDES (PART 2)
- Date: 24 February. Place: G110. Data privacy: an introduction. (Vicenç Torra and Klara Stokes from Högskolan i Skövde). The Swedish government wants Sweden to be best in the world to take advantage of the possibilities of digitalization. Digitalization implies many advantages, but there are also problems. One important problem is the privacy of the citizen, the individual and the user of the system. Industry 4.0, pervasive computing, IoT, and big data, in general, all share the privacy concern. The consciousness of this problem has grown as the data driven services have become more and more important in our society. Recently, new laws and regulations were adopted, which implies great responsibilities for anyone who treat personal data, in business or in research. Data privacy studies and develops methods and tools for avoiding the disclosure of sensitive information about individuals from data. There are three communities working on technical solutions for data privacy. They are the Privacy preserving data mining (PPDM), the privacy enhancing technologies (PETs) and the statistical disclosure control (SDC) community. This talk will have two parts, one elementary introduction and a continuation. In the first part we introduce the area of data privacy and its applications. In the second part we will describe some of the privacy problems, and make a classification of tools for data privacy. Then, we will focus on database privacy, outlining the type of research problems we consider. In particular, we will mention privacy models and disclosure risk assessment methods, information loss measures, and data protection methods (also known as masking methods). SLIDES (PART 1) and SLIDES (PART 2)
Date: 9 May 2019, 11:00-12:00 Place: Högskolan i Skövde. Portalen, Room: Tba.
Title: Reciliens to Cyber Attacks.
Speaker: Sten Andler, IIT, Högskolan Skövde