KEYNOTES

KD NAYAK-206x195-bordered

Dr. K D Nayak

Former Director General (Microelectronics Devices, Computional Systems and Cyber Security), DRDO, Ministry of Defence

 

Title

India's Cyber Security Challenges and opportunities
 
Abstract
 India ranks 3rd in terms of the highest number of internet users in the world after USA and China, the number is projected to grow 6-fold between 2012-2017 with a compound annual growth rate of 44%. India secures a spot amongst the top 10 spam-sending countries in the world alongside USA.

Bio
Dr. K D Nayak  is a distinguished DRDO scientist and former Director General  (Microelectronics and Computional Systems), DRDO, Ministry of Defence. He obtained Bachelor of Engineering from UVCE Bangalore and Doctrate from IIT Kanpur. He joined DRDO in 1984 and served in various positions as  CEO SITAR, Director ANURAG and CC (R&D) (MED & MIST). He is  recipient of numerous accolades and awards, IGMDP Award in 1989, IETE-IRSI (83) Award in 1999, Scientist of the year Award in 2006 and Technology Leadership Award in 2013. He has been the chairman and member of various national cyber policy committee, national cyber infrastructure  indigenization committee, and  Technical Advisory board of SAMEER, CDAC etc. He has more than 40 technical papers in national and international journals.



Mauro Conti-206x195-bordered

Prof. Bimal Kumar Roy

Head, R C Bose Centre for Cryptology and Security, Indian Statistical Institute
Professor, Applied Statistics Unit, Indian Statistical Institute, Kolkata
Head, Cryptology Research Group, Indian Statistical Institute, Kolkata
Founder and General-Secretary, Cryptology Research Society of India

 

Title

Selected Sharing and Matroids
 
Abstract
 The concept of secret sharing will be introduced; some schemes will be presented. As a special case, visual secret schemes will be discussed. Matroids will be introduced with illustrations. Its link with secret sharing will be explored

Bio
Prof. Bimal is a renowned academician and researcher in the field of Statistics Cryptography. He joined the Indian Statistical Institute (ISI), Kolkata in 1984 and has served as a Professor since 1997. He has served ISI as Director during 2010 to 2015. His primary research interest involves all aspects of Statistics and its applications. Currently, he is working on Combinatorics, and application of Statistics in Cryptology and Design of Experiments. He has several awards and honors in his pocket including Padma Shri Award, Government of India in 2015 and Teacher's Award, Indian National Science Academy in 2014. He is Fellow, Indian Society for Probability and Statistics since 2014 and Fellow, National Academy of Sciences, India since 2010. He has published around forty (40) papers in refereed Journals; around twenty (20) book chapters, including proceedings for International Conferences; with over twenty (20) papers in Cryptology and Information Security, in reputed International Conferences and Journals. He is also serving as associate Editor of three journal:Journal of Ad Hoc & Sensor Wireless Networks, Journal of Wireless Sensor Networks, Research & Reviews-Journal of Statistics.

 

Suraj C. Kothari-150x2250-border Prof. Suraj C. Kothari

 Richardson Chair Professor, Electrical and Computer Engineering, Iowa State University, USA
 President, EnSoft Corp., USA

Title

 Software Security Headaches: Analgesic or Hospital?
 
Abstract
 
 The talk will be about analysis of complex security problems in large software - the problems where analgesic will not get rid of the headache. The need for automated analysis is clear given the enormous software. More than 100 feet stack of paper is needed to print software like the Android operating system. Researchers are grappling with automation, from machine learning to formal verification, to analyze software. The practitioners are in a quandary what research to believe. Patching security holes with reactive automation is not the solution when we face zero-day software defects with deadly power for catastrophic destruction. Not only must automated software security analysis scale to large software but also be proactive and highly accurate. This talk will reflect on: what should be the automation for software security analysis and why? It will be reflections based on years of experience of analyzing software with millions of lines of code, and leading large research projects to develop automated software analysis tools for cybersecurity.
 Bio
 Suraj(Suresh) Kothari is the Richardson Professor of Electrical and Computer Engineering (ECE) at Iowa State University (ISU). He has pioneered research on machine-enabled reasoning to solve complex problems of software productivity, security and safety.
He served as a Principal Investigator (PI) for the US Defense Advanced Research Project Agency (DARPA) Automated Program Analysis for Cybersecurity (APAC) program, and a Co-PI for the DARPA Software Enabled Control (SEC) program. Currently he is a PI for the DARPA Space/Time Analysis for Cybersecurity (STAC) program.
EnSoft (http://www.ensoftcorp.com/), the company he founded in 2002, provides software productivity, safety, and security products and services worldwide to more than 330 organizations including all major avionics and automobile companies. He was awarded in 2012 the Iowa State Board of Regents Professor Award for excellence in research, teaching, and service. He has served as a Distinguished ACM Lecturer. He has given more than 100 invited talks worldwide at major conferences, government organizations, universities, and industry.
 
 
Akka Zemmari

Dr. Akka Zemmari

Associate Professor, LaBRI - University of Bordeaux, France  

Title

Android Malware: Will machine learning be help in hand?

 Abstract
 
 Android is one of the most widely used mobile operating systems of smart devices. According to Gartner and IDC statistical report, Android dominates mobile platform with more than 0.345 million devices worldwide, 86% market shares in Q3 2016. The growing popularity has a cost. Android platform has become an attractive target of cyberattacks. Cyber criminals are employing tailored malware to target such a vibrant ecosystem by gaining access to confidential and sensitive user information.
Machine learning is a branch of artificial intelligence which aims to construct programs that can learn from and make predictions on data. There is an arsenal of machine learning methods that can be applied to learn a separation between malicious and benign applications, but only a few are capable of producing efficient results.
This report will present advantages and limitations of machine learning when used to detect Android malwares. It discusses how prominent features can be extracted from the components of Android apps when using static analysis and how the set of features can be enhanced by additional ones when using dynamic analysis. Then it shows the performance of some machine learning models when trained on available data, using the extracted features.

Bio

 Dr. Akka Zemmari has received his Ph.D. degree from the University of Bordeaux, France, in 2000. He is an Associate Professor in Computer Science since 2001 at University of Bordeaux, France. His research interests include distributed algorithms and systems, graphs, randomized algorithms, machine learning and security. He is heading the Distributed algorithms team at the University of Bordeaux. He has participated to national research projects, European research projects, and Europe-India projects. He has about 50 research papers published in international journals and conference proceedings and he is involved in program committees and organization committees of international conferences.

 

Mohamed MOSBAH Prof. Mohamed Mosbah

 Professor, Polytechnic Institute of Bordeaux (Bordeaux INP), France
 Director of Industrial Partnerships, France
 Deputy Director of LaBRI, France

 Title

Models and Approaches for the Safety and the Security of Distributed Systems

Abstract

 Problems related to distributed systems are a major concern of research in computer science. We can particularly mention design and development of distributed architectures, distributed programming environments, specification and verification of distributed algorithms, as well as the study of (wired or wireless) communication networks. For the success of all those undertakings it is crucial to master the mechanisms and small-scale phenomena at the foundations of such systems. This talk will focus of different models that are used to check the safety and the security these systems. By combining different approaches, it is possible to formally prove the correction of distributed algorithms. Many examples will be presented including classical distributed algorithms.

 Bio
 Dr. Mohamed Mosbah is a Professor in Computer Science at the Polytechnic Institute of Bordeaux, France. He is currently the Director of Industrial Partnerships and Innovation. He carries his research in LaBRI in computer science common with the University of Bordeaux and CNRS, where he is currently the Deputy Director. His research areas include distributed systems and algorithms, simulation tools, safety and security protocols, and wireless networks. In particular, he is leading a project over the last years to develop a new model together with an integrated methodological framework for distributed algorithms. In addition to capturing classical distributed systems concepts, this framework provides methods and software tools to design, prove and implement distributed algorithms and protocols. This platform is used to teach courses in distributed systems for Graduate computer science students, and also to test and prototype algorithms. He has written more than 60 articles and developed software tools, and he is involved in various technical program committees and organizations of many international conferences. He is also involved in many research projects, mainly with industrial aeronautic companies. He has directed over 52 Master’s theses and over 18 PhD dissertations.


Priyadarsi Nanda-206x195-bordered

Dr. Priyadarsi Nanda

Senior Lecturer, University of Technology Sydney, Ausrtalia 
Core Member, INEXT - Innovation in IT Services and Applications
Core Member, CRIN - Centre for Realtime Information Networks

Title

 Software Defined Perimeter : "A new way to protect Network Systems against Cyber Threats"
 
Abstract
 
Due to large variety of devices present in computer network systems, cyber security plays a major role to secure and improve the network and system performances. In recent days, cyber security has been gaining lots of global interest and remains an open research space for future connected technologies. Traditional TCP/IP oriented networks implement security solutions after connections are established across devices in the network. In such scenario, attackers get a chance to enter the data communication stage before authentication process even takes place. To overcome such situation, Cloud Security Alliance recently came up with a novel idea called "Software Defined Perimeter (SDP)" to authenticate first before communication. SDP is designed with three major elements. First, a security model is used to verify identity of the devices or users, and roles for access before granting devices for connection to the protected systems. Second, verification using different advanced crypto schemes are then used to ensure that, the security model is being strictly followed. Finally, any security solution to above two issues are then proven in public domain security controls. In this talk we explore above schemes using various examples and present strategies to combat future threats using SDP.
 
Bio
 Dr. Nanda joined UTS in 2001. His roles have combinations of research, teaching and administration. Dr. Nanda established the Network Security Research Group at UTS since 2008 and is currently leading the group on various cybersecurity projects. He has been constantly engaged in expanding his research activities through various projects and research student supervision, collaborating with academics and industry researchers in the area of Cyber Security, IOT Security, Networks Quality of Service (QoS), Assisted Health Care using Sensor Networks, and Wireless Sensor Networks. Dr. Nanda has supervised eight research students in the past and currently supervising seven PhD students. Dr. Nanda has published over 80 refereed high quality research publications and many of them appear in Tier A and Tier A* Journals and Conferences.


Mauro Conti-206x195-bordered

Mauro Conti

Associate Professor, University of Padua, Italy 
EU Marie Curie Fellow

Title

Can't You Hear Me Knocking: Novel Security and Privacy Threats to Mobile Users
Abstract
 
 While Smartphone and IoT devices usage become more and more pervasive, people start also asking to which extent such devices can be maliciously exploited as "tracking devices". The concern is not only related to an adversary taking physical or remote control of the device, but also to what a passive adversary without the above capabilities can observe from the device communications. Work in this latter direction aimed, for example, at inferring the apps a user has installed on his device, or identifying the presence of a specific user within a network.
In this talk, we discuss threats coming from contextual information and to which extent it is feasible, for example, to identify the specific actions that a user is doing on mobile apps, by eavesdropping their encrypted network traffic. We will also discuss the possibility of building covert and side channels leveraging energy consumption and audio signals.
Bio
 Mauro Conti is an Associate Professor at the University of Padua, Italy. He obtained his Ph.D. from Sapienza University of Rome, Italy, in 2009. After his Ph.D., he was a Post-Doc Researcher at Vrije Universiteit Amsterdam, The Netherlands. In 2011 he joined as Assistant Professor the University of Padua, where he became Associate Professor in 2015. In 2017, he obtained the national habilitation as Full Professor for Computer Science and Computer Engineering. He has been Visiting Researcher at GMU (2008, 2016), UCLA (2010), UCI (2012, 2013, 2014, 2017), TU Darmstadt (2013), UF (2015), and FIU (2015, 2016). He has been awarded with a Marie Curie Fellowship (2012) by the European Commission, and with a Fellowship by the German DAAD (2013). His main research interest is in the area of security and privacy. In this area, he published more than 200 papers in topmost international peer-reviewed journals and conference. He is Associate Editor for several journals, including IEEE Communications Surveys & Tutorials and IEEE Transactions on Information Forensics and Security. He was Program Chair for TRUST 2015, ICISS 2016, WiSec 2017, and General Chair for SecureComm 2012 and ACM SACMAT 2013. He is Senior Member of the IEEE.



Sushmita Ruj

Sushmita Ruj

Assistant Professor, Indian Statistical Institute, Kolkata 
Senior Member of IEEE and ACM

Title

Blockchains for Secure Data Storage
Abstract
 
 Individuals and enterprises often outsource data to Cloud. Cloud service providers can be malicious and tamper with the data. Cloud service providers can also give access to unauthorized individuals and organizations. Cryptographic techniques to protecting the security and privacy of cloud data/users will be discussed. Blockchains are recently being used for a variety of purposes. In this talk I will present protocols to secure store and share data using blockchains. I will also talk about some of our ongoing efforts.
Bio
 Sushmita Ruj is an Assistant Professor at Indian Statistical Institute, Kolkata. She received her B.E. degree from Indian Institute of Engineering, Science and Technology (IIEST), Shibpur, India and Masters and Ph.D. from Indian Statistical Institute, India, all in Computer Science. She was a Erasmus Mundus Post Doctoral Fellow at Lund University, Sweden, Post Doctoral Fellow at University of Ottawa, Canada. She was an Assistant Professor at Indian Institute of Technology, IIT, Indore. She was a visiting researcher at KDDI R&D Labs, Japan, University of Wollongong, Australia, INRIA, France, Kyushu University, Japan and has been on short visits to many universities around the world. Her research interests are in applied cryptography, security and network analysis. She is currently working on blockchains, cryptocurrencies, cloud security, security and privacy in IoT, mobile ad hoc networks, vehicular networks, smart grids, social networks and analysis of complex networks, combinatorics and cryptography. Sushmita has served as Program Co-Chair for many IEEE/ ACM workshops and have served as TPC member of many top tier conferences. She won best paper awards at ISPA 2007 and IEEE PIMRC 2011. She received Samsung GRO award, NetApp Faculty Fellowship, Cisco University Research Grant. Sushmita is a Senior member of ACM and IEEE.