Programme

  Monday, 11 Tuesday, 12 Wednesday, 13 Thursday, 14 Friday, 15
9h00

Registration
ISP welcome reception 

room 6.1.27

 


Cryptography 

Zbigniew Kotulski
WUT

room 6.1.27

Project and ISP Welcome reception

room 6.2.56

 
9h30
10h00


Fault and intrusion tolerance

Paulo Verissimo
UL

room 6.1.27


Distance Bounding protocols

Rolando Trujillo
UL

room 6.1.27


Searchable encryption schemes

Afonso Arriaga 
UL

room 6.1.27


Individual and Group Anonymity. Introduction

Oleg Chertov
KPI

room 6.1.27

10h30
11h00
11h30
12h00 Lunch Lunch Lunch Lunch Lunch
14h00


Spaces of conflit and digital forensics: situational analysis

Rogério Bravo
ULisboa and Portuguese Criminal Police

room 6.1.27

 

city tour 

(14h-20h)


Modern malware

Krzysztof Cabaj
WUT

room 6.3.38


Critical Infrastructures Protection

António Casimiro
ULisboa

Pedro Dias Rodrigues
EDP (portuguese electricity operator)

room 8.2.10


Introduction to Multimedia Data Protection. Digital
Steganography Techniques.

Yevgeniya Sulema
KPI

room 6.1.27

14h30
15h00
15h30
16h00  
16h30
17h00        
20h00       Dinner  

 

Spaces of conflit and digital forensics: situational analysis
This lecture will present the situational analysis of international legislation, along with the views of cybersecurity, and cyberdefence, explaining the role of digital forensics in all this.                    
                    
Critical Infrastructures Protection
This lecture will start by introducing a set of fundamental concepts on critical infrastructure protection, characterizing these infrastructures and the profile of typical threats. Then, focus will be given to control and automation systems' architectures, components and networking technologies, through which, or to which, attacks may be directed. A brief overview of the concrete problems that seldom leave these infrastructures vulnerable will be given. Finally, students will be guided through the five main steps for effectively protecting a critical infrastructure: identifying assets, protecting them, detecting attacks, reacting to them and recovering the infrastructure after an attack.
                              
Distance Bounding protocols
In wireless systems connection points are no longer fixed, but mobile. However, current wireless technology standards keep employing authentication mechanisms that were designed in an era when network connections were fixed. This has cleared the way to practical implementations of relay attacks; a security attack first documented in 1987 and brought back to popularity in the 21st century thanks to the boom of RFID technology. This lecture is an introduction to this type of security attack and how to prevent it.                    

 Searchable encryption schemes
With the urgent need to protect outsourced data in cloud computing applications, the concept of Search in Encrypted Data (SED) has become a highlight in cryptography. A SED scheme enables a client to have third-party server(s) to perform certain search functionalities on his encrypted data. In this lecture, I aim at giving a systematic review on SED schemes. Firstly, I will describe some application scenarios and identify the desirable security requirements. Secondly, I will explain the related security models for different SED schemes. Thirdly, I will show how to construct secure SED schemes using standard cryptographic techniques.                    
                    
Fault and intrusion tolerance
This advanced course addresses the problem of dependability and security of computer systems and communication networks --- with a slant toward distributed systems --- under the tolerance paradigm, or how to prevent failures, especially security, under the allowed presence of accidental and malicious faults (vulnerabilities, attacks and intrusions).
                    
Individual and Group Anonymity. Introduction
The objective of this class is to introduce students to some key ideas for guaranteeing of individual and group data anonymity. Major challenge in Privacy-preserving data publishing is to simultaneously preserve both the privacy and information utility in the anonymous data. Privacy is a double-edged sword – there should be enough privacy to ensure that sensitive information about the individuals is not disclosed by the views and at the same time, there should be enough data to perform the data analysis.                    

Introduction to Multimedia Data Protection. Digital Steganography Techniques.
The objective of this class is to introduce students to methods of digital steganography and techniques of steganalysis. Special emphasis is placed on protection of multimedia data in computer systems and networks.                 

Cryptography
In the lectures the outline of three basic cryptographic techniques will be introduced: keyless (hash functions), secret key (symmetric) and public key (asymmetric) cryptography. In each case a general formulation as well as some recent algorithms and constructs will be presented allowing wide spectrum of applications, including lightweight cryptography.                     
                    
Modern malware 
The lecture presents malware and its' history which changes it from simple ""funny programs"" to modern highly solicited threats used for stealing money and as a cyber warfare. Students will be familiarized with basis threats like viruses, worms or trojan horses. Later evolution of these threats from late '90 to present day will discuss. During lecture most of described threats, techniques or attacks will be presented using real live examples. Complete attack of the Bot from exploit, through downloading of the main malware and connection to the Command and Control server (C&C) ending at the hostile activity will be discussed with details.