Towards a secure, safe and resilient digital society

INTERSCT. conference 2022

Date
Thursday May 19, 2022 from 9:00 AM to 6:30 PM
Location
De Grolsch Veste, Colosseum 65, 7521 PP Enschede
Address
Colosseum 65, 7521 PP Enschede
Co-organizer
ACCSS

About this event

 

 

The 2022 edition of the INTERSCT. Conference on cyber security of Internet-of-Things is part of the FUSION event co-organized by the INTERSECT public-private partnership and ACCSS, and hosted by the Twente University Centre for Cyber security Research.

The program is in English.

With the Internet-of-Things (IoT) we are seamlessly connecting the cyber and the physical worlds extending the risk area to safety requiring a broader perspective on security. IoT is turning out to be one of the weakest spots in our infrastructure. With billions and in the near future potentially trillions of devices, the security risks are growing at great rates. Our economic and societal forces are creating a perfect storm, a pervasive infrastructure of trillions of IoT devices which on one hand will oversee our lives and economy, and on the other hand will be completely unmanageable from a security perspective. To compound the risk, IoT systems are often devised and engineered in places where we have no control on, and unless we want to basically surrender our digital sovereignty by only relying on foreign solutions for our national cyber security, we need to find a way to secure them regardless of provenance and built-in malicious intents.

We cannot secure something we cannot manage, we need to rethink the security paradigm, delegating part of the security management to the system that needs to autonomously adapt to the changing environment, while remaining under our supervision, and rethink accordingly all our security technologies. We need to be able to design, develop and manufacture IoT systems-of-systems in a fundamentally different way enabling the overall system to become robust, resilient and trustworthy, even in the presence of individual IoT devices that are insecure or even compromised in a Zero-trust environment and providing the right ecosystem for their wide adoption within industry. We actually need to be able to design, develop and manufacture new types of IoT devices with security-by-design, security-by-default, robustness and resilience in mind; while continuously preserving all safety requirements, these devices must pro-actively manage their security, actively respond to attacks, recover from attacks, resume and restore themselves to a predefined level of operation following an attack etc.,

During the 2022 edition of the INTERSCT. Conference on cyber security of Internet-of-Things, we will address many of these issues with an impressive lineup of invited speakers, panelists, and moderators.

 

Program

 

 

09:00 - 10:00 Reception

10:00 - 11:30 Parallel Tracks (for details, see below)

11:30 - 12:15 Presentation session

12:15 - 13:30 Lunch

13:30 - 14:30 Presentation session

14:30 - 15:00 Break

15:00 - 16:00 Panel session

16:00 - 17:00 Dutch Cyber Security Best-Paper Award (for details, see below)

17:00 - 18:30 Networking session annex Reception

Details

10:00 - 11:30 Parallel Tracks

Track "Attack"

Moderated by prof. Herbert Bos and dr. Cristiano Giuffrida with

  • Introduction by Cristiano Giuffrida (VU) and Herbert Bos (VU)
  • Güneş Acar (RU) on “Fast Web-based Attacks against IoT Devices
  • Asier Moneva (NWO-i NSCR) on “Using online ads to reduce cyber attacks: lessons learned and future directions”
  • Michele Campobasso (TU/e) on “Impersonation-as-a-service: Characterizing the emerging criminal infrastructure for user impersonation at scale
  • Erieke Weitenberg (TNO) on "Web API fuzzing"
  • Discussion

Track "Defense"

Moderated by dr. Jerry den Hartog with

  • Introduction by Jerry den Hartog (TU/e)
  • Andrea Continella (UT) on "Semi-Supervised App Fingerprinting on Encrypted Network Traffic"
  • Luca Morgese (TNO) on "Stepping out of the MUD : Network threat information for IoT devices with manufacturer-provided behavioural profiles"
  • Discussion.

Track "Design"

Moderated by dr. Erik Poll with

  • Introduction by Erik Poll (RU)
  • Cristian Daniele (RU) on "Fuzzing stateful systems"
  • Edward van Veggel (HSL) on "the HS Leiden IoT Forensic Lab @HSD"
  • Ronald Begeer (TNO ESI) on "Security in Systems-of-Systems (incl. IoT)"
  • Discussion on tbc

Track "Governance & Privacy"

Moderated by prof. Michel van Eeten and dr. Lorenzo Dalla Corte with

  • Introduction by Michel van Eeten (TUD) and Lorenzo Dalla Corte (TiU)
  • Elsa Turcios Rodriguez (TUD) on "Super-spreaders: Quantifying the Role of IoT Manufacturers in Device Infections"
  • Paul Wijninga (Agentschap Telecom) on "How new legislation (the EU Radio Equipment Directive 3.3) contributes to improve the cyber security of IoT devices"
  • Simon Parkin (TUD) on "'The Thing doesn't have a name': Learning from Emergent Real-World Interventions in Smart Home Security"
  • Discussion on the emerging governance of IoT security and privacy

Track "Federated Lab"

Moderated by dr. Luca Allodi and dr. Savio Sciancalepore with

  • Introduction by Luca Allodi (TU/e) and Savio Sciancalepore (TU/e)
  • Savio Sciancalepore (TU/e) on "Federated Lab: Rationale, Current Status, and Live Demo"
  • Gürkan Kirca (Agentschap Telecom) on "How Agentschap Telecom tests IoT devices and prepares for the new Radio Equipment Directive 3.3"
  • Yvo Verschoor (Consumentenbond) on "How Consumentenbond tests IoT devices"
  • Discussion

Track "Impact Plan"

Moderated by Harold Weffers and Frank Fransen

  • Introduction by Harold Weffers (TU/e) and Frank Fransen (TNO)
  • Short introduction to NWO approach to "Impact Plan"
  • Introduction to INTERSECT Impact Plan
  • Discussion on future directions of strategic agenda for R&D and (technological) impact

Details

16:00 - 17:00 Dutch Cyber Security Research

This part of the program is organized by ACCSS and partly sponsored by KPN Security and Compumatica

16:00 - 17:00 Dutch Cyber Security Best-Research Paper

  • Marc Damie c.s. on “A Highly Accurate Query-Recovery Attack against Searchable Encryption using Non-Indexed Documents
  • Enes Göktaş c.s. on “Speculative Probing: Hacking Blind in the Spectre Era
  • Cristiano Giuffrida c.s. on “TRRespass: Exploiting the Many Sides of Target Row Refresh

Details

 

 

17:00 - 18:00 ACCSS GAM (Members Only)

17:00 - 18:00 ACCSS General Assembly Meeting

Please note that members of ACCSS are requested to register for the specific type of tickets.

Even more on cyber security innovation

People attending our event on 19 May 2022 in Enschede, may also want to consider attending the mini-symposium entitled "Boosting Cyber security innovation and entrepreneurship" on 20 May 2022 organized by Twente University Centre for Cyber security Research as part of the dies natalis festivities of University of Twente, during which Jaya Baloo will receive her honorary doctorate. This mini-symposium will be held at Building Gallery at University of Twente. If you would like to also join this TUCCR event, then please register here.

INTERSECT public-private partnership

INTERSECT is a public private partnership funded by the Dutch National Research Council (NWO, Grant NWA.1160.18.301) and more than 45 organizations in the context of their commitment to the Dutch National Science Agenda. It focuses on R&D and (technological) innovation for a novel approach to the cyber security of Internet-of-things.