We are proud to announce the confirmed speakers of ESORICS 2015:
George Mason University Fairfax, US
Adversarial and Uncertain Reasoning for Adaptive Cyber Defense: Building the Scientific Foundation
Abstract: Today’s cyber defenses are largely static. They are governed by slow deliberative processes involving testing, security patch deployment, and human-in-the-loop monitoring. As a result, adversaries can systematically probe target networks, pre-plan their attacks, and ultimately persist for long times inside compromised networks and hosts. A new class of technologies, called Adaptive Cyber Defense (ACD), is being developed that presents adversaries with optimally changing attack surfaces and system configurations, forcing adversaries to continually re-assess and re-plan their cyber operations. Although these approaches (e.g., moving target defense, dynamic diversity, and bio-inspired defense) are promising, they assume stationary and stochastic, but non-adversarial, environments. To realize the full potential, we need to build the scientific foundations so that system resiliency and robustness in adversarial settings can be rigorously defined, quantified, measured, and extrapolated in a rigorous and reliable manner.
Sushil Jajodia is University Professor, BDM International Professor, and the founding director of Center for Secure Information Systems in the Volgenau School of Engineering at the George Mason University, Fairfax, Virginia. He is also the founding site director of the recently approved NSF I/UCRC Center for Configuration Analytics and Automation at Mason. He served as the chair of the Department of Information and Software Engineering during 1998-2002. He joined Mason after serving as the director of the Database and Expert Systems Program within the Division of Information, Robotics, and Intelligent Systems at the National Science Foundation. Before that he was the head of the Database and Distributed Systems Section in the Computer Science and Systems Branch at the Naval Research Laboratory, Washington and Associate Professor of Computer Science and Director of Graduate Studies at the University of Missouri, Columbia. He has also been a visiting professor at the University of Milan, Italy; Sapienza University of Rome, Italy; Isaac Newton Institute for Mathematical Sciences, Cambridge University, England; King’s College, London, England; and Paris Dauphine University, France.
Read more about Sushil Jajodia.
University of Cambridge, UK
Cybercrime data: Big, Biased and Beyond Review?
Abstract: I spend my academic life generating and processing data about cybercrime. These datasets are big and getting bigger. Some people say that’s true of cybercrime as well, but I don’t entirely agree! My datasets are also significantly biased, but once you accept that the bias is there it can lead one to find some really useful results. But perhaps the greatest problem that we all have with cybercrime data is an inability to reproduce each other’s work — an essential technique for detecting inadvertent errors and improving analysis techniques. At Cambridge we have a new approach to cybercrime data sharing; and I’ll be explaining how it is possible to get involved.
Richard Clayton is a software developer by trade. In the 1980s he co- founded a software house that created the system software for Amstrad CPC and PCW machines — which sold in the millions. In the first half of the 1990s the company produced one of the first Internet access and Internet email systems for Windows. The company was sold to the UK’s largest ISP and he worked there until in 2000 he returned to Cambridge to study for a PhD.
He has remained an academic („because it’s more fun than working“) in the field of ’security economics‘. In particular he has been studying wickedness on the Internet for years; be it spam, DDoS attacks (intentional and unintentional), or crimes such as phishing. His approach generally involves identifying datasets of cybercrime activity, often of substantial size, and then attempting to turn raw data into illuminating Information
As of October 2015 he will become Director of the Cambridge Cloud Cybercrime Centre. The Centre intends to build one of the largest and most diverse data sets about cybercrime that any organisation holds and more importantly aims to make this data available to other academics for them to apply their own skills to address cybercrime issues. Academics currently face considerable difficulties in researching cybercrime and the centre intends to drive a step change in the amount of cybercrime research by making datasets available, not just of URLs but content as well, so that other academics can concentrate on their particular areas of expertise and start being productive immediately.
Read more about Richard Clayton.
Trust & Security Unit, European Commission
The European Strategic Agenda for Research and Innovation in Cybersecurity
Abstract: This talk will present the European Strategic Research and Innovation Agenda (SRA) for cybersecurity as it is being released by the Working Group on Secure ICT Research and Innovation (aka WG3) of the Network and Information Security Platform, which is a public-private partnership put in place by the European Commission in 2013. Members of WG3 are close to two hundred. They address issues related to cybersecurity research and innovation in the context of the EU Strategy for Cyber Security and of the Network and Information Security Platform. WG3 identified the key challenges and corresponding desired outcomes in terms of innovation-focused, applied but also basic research in cybersecurity, privacy, and trust. The European SRA for cybersecurity designed by WG3 serves as main input for the drafting of Horizon 2020 Work Programmes by the European Commission and is source of inspiration for the coordination of, and collaboration between, research agendas across Europe, including industry research roadmaps and national research and innovation programmes of the Member States.
Afonso Ferreira is currently in charge, amongst others, of the general secretariat of the Working Group on “Secure ICT Research and Innovation” of the European Network and Information Security Platform, which provides the input for Horizon 2020 Work-Programmes in Digital Security, and is leading the planning and financing of cybersecurity activities through the Connecting Europe Facility programme. He has been seconded as a French expert to the European Commission since 2011, working now as policy officer at the Trust and Security unit of the DG CONNECT. Other assignments included the Future and Emerging Technologies unit and the Digital Futures task force.
Read more about Afonso Ferreira.