An interdisciplinary approach to cyber security and resilience research

As a culturally and economically open nation, the United States (US) has thrived on the wealth that cyberspace and technologies have enabled. However, just as cyberspace and technologies provide new opportunities for governments and businesses to operate and expand their presence and reach, it also presents opportunities for those with criminal intentions and leaves us, as individuals, communities, organizations and as a nation, highly exposed to the threat of cyberattacks and a broad spectrum of malicious activities. An open nation cannot shut down its cyber systems for fear of these threats but instead it must build the national resilience needed to maintain an open yet secure cyber space. Short-term technical measures (e.g. patching known vulnerabilities) are not adequate in addressing the constant evolving cyberthreat landscape and the broad spectrum of attacks. In addition to the technical challenges, there are also associated legal and policy challenges that need to be considered in the design and deployment of such solutions in practice.

In this presentation, we will explore the challenges from technical, legal and policy perspectives. For example, how do we use machine/deep learning to facilitate detection of real-time attacks against IoT devices and systems, and how can we automatically identify and collect digital evidence in a forensically sound manner which can be subsequently used for cyber threat intelligence? In the event that the attackers use sophisticated tools to obfuscate their trails, can we design machine/deep learning techniques to unobfuscate and/or identify and exploit vulnerabilities to get access to digital evidence? What are the potential legal implications and challenges? Can we also design explainable AI techniques to facilitate the explanation and inclusion of such digital evidence and cyber threat intelligence in court proceedings or presentations to C-level or boards in organizations? Based on these discussed challenges, we will identify potential opportunities for stakeholders in academia (e.g., students and researchers), industry and government.

Biography

Kim-Kwang Raymond Choo currently holds the Cloud Technology Endowed Professorship at The University of Texas at San Antonio (UTSA), and is the founding co-Editor-in-Chief of ACM Distributed Ledger Technologies: Research & Practice, and founding Chair of IEEE Technology and Engineering Management Society (TEMS) Technical Committee on Blockchain and Distributed Ledger Technologies. He is also the recipient of the 2019 IEEE Technical Committee on Scalable Computing Award for Excellence in Scalable Computing (Middle Career Researcher), best paper awards from IEEE Systems Journal in 2021, IEEE Computer Society’s Bio-Inspired Computing Special Technical Committee Outstanding Paper Award for 2021, IEEE DSC 2021, IEEE Consumer Electronics Magazine for 2020, Journal of Network and Computer Applications for 2020, EURASIP Journal on Wireless Communications and Networking in 2019, IEEE TrustCom 2018, and ESORICS 2015, and the Outstanding Editor Award for 2021 from Future Generation Computer Systems. His research has been supported by U.S. funding agencies (NASA, National Security Agency, National Science Foundation, U.S. Department of Defense, CPS Energy, LGS Innovations, MITRE, Texas National Security Network Excellence Fund) and Australian funding agencies (Australian Government National Drug Law Enforcement Research Fund, Australian Government Cooperative Research Centre for Data to Decision, Lockheed Martin Australia, auDA Foundation, Government of South Australia, BAE Systems stratsec, Australasian Institute of Judicial Administration Incorporated, Australian Research Council), etc.

Tracking technologies: From James Bond to everyone

Until recently, tracking technologies were a Hollywood fantasy reserved for the likes of James Bond and Jason Bourne. While we suspected that intelligence operatives (and private investigators) had access to such equipment, there was little public awareness. Around ten years ago, consumer devices began to emerge – most notably with the Tile device. Although Bluetooth enabled trackers were technically capable, the absence of a sizable network of sensors mostly limited their appeal to localised tracking (e.g. finding our own keys in the house). Products (and vendors) came and went, but there was no viable option for real-life spy-grade tracking.

In 2021, fantasy became reality when Apple launched the AirTag. With a consumer-grade package backed by a global network of sensors (an estimated one billion Apple devices), the ability to track anything in a public space became an affordable option to the end-user. Since their launch, the AirTags have sold in their millions and are now a key component in a global surveillance network (of which we, the public, are unwitting accomplices). It didn’t take long until AirTags were being used to stalk people and steal possessions. With a technology that is only a year old, we are likely to see much more controversy in the coming years. This talk will explore the world of personal tracking devices and some of the security concerns being explored by researchers around the world.

Biography

Paul Haskell-Dowland is the Professor of Cyber Security Practice and Associate Dean for Computing and Security in the School of Science at Edith Cowan University, Perth, Australia. Paul has delivered keynotes, invited presentations, workshops, professional development/training and seminars across the world for audiences including RSA Security, ITU and IEEE. He has appeared on local, national and international media (newspaper, radio and tv) commenting on current cyber issues with a global audience reach of more than 2 billion people. His contributions through articles published in The Conversation have reached over 3 million readers – joining the top-50 all-time authors in Australia/New Zealand. Paul has more than 20 years of experience in cyber security research and education in both the UK and Australia.

Paul is the Working Group Coordinator and the ACS/Australian Country Member Representative to the International Federation for Information Processing (IFIP) Technical Committee 11 (TC11 – Security and Privacy Protection in Information Processing Systems); secretary to IFIP Working Group 11.1 (Information Security Management); a member of the ACS Cyber Security Committee; a professional member of the Association for Computing Machinery (ACM); a Senior Member of the IEEE and the ACS (Certified Professional); and, a Fellow of the Higher Education Academy, BCS and the Australian Information Security Association.

Privacy Through the Lens of Data Flows

Nowadays we are living in a highly connected cyber-physical world, and we are increasingly depending on others, including organisations such as online service providers and other people, to live our lives and do businesses. As a result, we are disclosing our personal data with many parties online and in the physical world, leading to privacy concerns and genuine leakages of personal information to wrong hands. In this talk, the speaker will look at the user privacy protection problem from a data flows angle, and introduce his ongoing work on building a computational graph-based model to capture how data flow between people and organisations, in order to support research and development of more user-centric privacy solutions. The work is part of a research project PriVELT: PRIvacy-aware personal data management and Value Enhancement for Leisure Travellers, which is led by the speaker and funded by the EPSRC (Engineering and Physical Sciences Research Council), part of the UKRI (UK Research and Innovation).

Biography

Shujun Li is Professor of Cyber Security at the School of Computing, University of Kent in the UK. He is the Director of the Institute of Cyber Security for Society (iCSS), which represents the University of Kent as one of 19 UK government recognised Academic Centres of Excellence in Cyber Security Research (ACEs-CSR). His research interests are mostly around interdisciplinary topics covering cyber security and privacy, human factors, digital forensics and cybercrime, social media analytics, and AI. He has published over 100 research papers at international journals and conferences, and received three Best Paper Awards (at IIEEK IEVC 2012, HAS 2017 and HICSS 2021) and a Honourable Mention (at ICWSM 2020). He published a monograph on cognitive modelling (Springer 2020), and co-edited four books including Handbook of Digital Forensics of Multimedia Data and Devices (John Wiley & Sons, Inc. and IEEE Press 2015). In 2012, he received an ISO/IEC Certificate of Appreciation, for being the lead editor of ISO/IEC 23001-4:2011, the 2nd edition of the MPEG RVC (Reconfigurable Video Coding) standard. He is currently on the editorial boards of a number of international journals, and has been on the organising or technical program committees of over 100 international conferences and workshops. He is a Fellow of BCS, a Senior Member of IEEE, and a Member of ACM. He is a Vice President and Founding Co-Director of the ABCP (Association of British Chinese Professors). More about his research and professional activities can be found at his personal website.

Intrusion Detection Through (Unsupervised) Machine Learning: Pros, Limitations and Workarounds

It is undeniable that new cyber-attacks are continuously crafted against essentially any kind of system and service. Systems are subject to a mix of usual practiced attacks and new ones that were not previously known, motivating the need for building Intrusion Detectors (IDs) that can effectively deal with those zero-day attacks. Different studies have been devised Unsupervised Machine Learning (ML) algorithms belonging to different families as clustering, neural networks, density-based, neighbor-based, statistical, and classification. Those algorithms have the potential to detect even unknown threats thanks to a training phase that does not rely on labels in data. The talk shows how different algorithms are better suited for the detection of specific anomalies of system indicators, which manifest when attacks are conducted against a system. Unfortunately, those algorithms show inferior detection performance of known threats with respect to supervised ML algorithms; to fill this gap, we show improvements achieved when adopting Meta-Learning techniques. In any case, the quality of the best solution that can be devised depends strongly on the problem at hand and demands for high cost for selecting and finding the optimal set up of Unsupervised algorithms. To this end, we conclude the talk by proposing a cheap method to quantitatively understand the achievable results without exercising the full optimization activities.

Biography

Andrea Bondavalli is a Full Professor of Computer Science at the University of Firenze, previously he was a researcher of CNR in Pisa. His research activity is focused on Dependability and Resilience of critical systems and infrastructures. In particular he has been working on designing resiliency, safety, security, and on evaluating attributes such as reliability, availability and performability. His scientific activities have originated more than 250 papers appeared in international Journals and Conferences. He received a Doctor Honoris Causa award from the Budapest University of Technology and Economics – in 2019. Andrea Bondavalli since more than 20 years supports as an expert the European Commission in the selection and evaluation of project proposals. He founded a spinoff – Resiltech – which employs currently 45 people and consults a few companies. He led various national and European projects and coordinated a few. He participates to (and has been chairing) the program committee in several International Conferences including DSN, SRDS, SAFECOMP EDCC, LADC. Finally he is a member of the IEEE and of the IFIP W.G. 10.4 Working Group on “Dependable Computing and Fault-Tolerance.