Welcome Note

Dear Colleagues,

It is our pleasure to welcome you to the 5th Network and Information Security (NIS'18) Summer School, taking place in Crete, Greece, 24 September - 28 September 2018. This event, having a different "special theme" every year, is jointly organised by the European Union Agency for Network and Information Security (ENISA) and the Foundation for Research and Technology - Hellas (FORTH).

The theme for this year is "The Challenge of the Changing Risk Landscape".

The Changing Risk Landscape refers to the dynamics, dependencies and complexity inherent to Information Technology. In this context, the changing security “ecosystem” is the one of the main challenges of Information Security. The relevant community needs to speed-up reaction, collaboration and information exchange in order to achieve timely and effective response to the challenges involved. This indeed seems to be the only option for Information Security in the continuous race of defense strategies to offer adequate protection against offense attempts.

ENISA is dedicated to promoting a culture of security in Europe that will improve the ability of EU Member States to respond to cyber-attacks. It does so, by pursuing a strategy of mitigating risks through awareness, studies, reports and position papers on current NIS matters. Towards this objective, ENISA and FORTH, a research institute devoted to advancing the State-of-the-Art in ICT, bring together in this Summer School a distinguished faculty from around the world with the purpose to identify current trends, threats and opportunities against the background of recent advances on NIS measures and policies.

Recognising the multi-dimensional facets and intricacies causing changes in the information risks landscape, an array of lectures will cover a variety of key aspects on policy, economic, legal and research matters. The audience includes policy makers from EU Member States and EU Institutions, decision makers from industry and members of the academic community.

By going through a natural evolution cycle, but also by adopting current trends in networking and exchange of knowledge, this year’s Summer School aims at increasing interaction among participants. Targeted breakout sessions will enhance dialogue and exchange of ideas, while cutting edge security issues will be collected before the event through publicly accessible fora and will be channelled to the discussions. Wrap-ups of these interactive sessions will be worked out and distributed during the event.

We would like to thank our keynote speakers, facilitators and faculty for contributing to a programme of such high quality, and we are confident that the participants of NIS'18 will both benefit from, and enjoy the programme.

Overview

Prof. Dr. Udo Helmbrecht

Executive Director of ENISA

Overview

Prof. Nektarios Tavernarakis

President of FORTH

Call for Posters

The organizers of the NIS Summer School would like to offer the opportunity to non-profit organizations/activities in the area of Cyber Threat Intelligence, such as EU Horizon 2020 projects, national academic research and developments projects, open source communities, etc. to disseminate their work through this event. This can be achieved by means of posters, flyers, tool demonstrations etc.

Interested organizations are encouraged to contact the organizer to express their interest, together with some information about the dissemination material (short description of the item to be presented, relevance to CTI, method of presentation, particular presentation requirements). The organizer will review this material via its stakeholder and will inform the project about the acceptance of their presentation. The review of the material is thought as a filter for the relevance and quality of the submissions but also spatial availabilities at the venue of the event.


Interested organizations may contact us through the functional mailbox event.management@nis-summer-school.enisa.europa.eu


Posters will be presented at Room: Mezzo I and II, GROUND LEVEL throughout the duration of conference.

Speakers

More speakers TBA

Committees

Conference Chairs

Sotiris Ioannidis Foundation for Research and Technology - Hellas
Louis Marinos European Union Agency for Network and Information Security

Organising Committee

Panos Chatziadam Foundation for Research and Technology - Hellas
Maria Mastoraki Foundation for Research and Technology - Hellas

Programme Committee

Ioannis Askoxylakis Foundation for Research and Technology - Hellas
Gabi Dreo Rodosek Universität der Bundeswehr München - UniBW
Stefanie Frey DEUTOR Cyber Security Solutions GmbH
Pierre Girard Gemalto
Magnus Harlander Genua GmbH
Vasilis Katos Bournemouth University
Katerina Mitrokotsa Chalmers University of Technology
Kai Rannenberg Goethe Universität Frankfurt
Annemarie Zielstra TNO
Paul Theron Thales

Summer School Program

This is a draft, final Program will be announced soon

08:00-09:30
Conference Hall

Conference Registration

Welcome Addresses

Speaker:
Prof. Dr. Udo Helmbrecht, Executive Director of ENISA
Prof. Nektarios Tavernarakis, President of FORTH

Keynote Address

Speaker: TBA

Ilias Chantzos

Understanding cybersecurity innovation – Real life examples of the process, the challenges and the way to make it work

Speaker: Ilias Chantzos, Symantec

11:30-12:00
TBA

Coffee Break

Policy Panel

Panelists TBA

13:00 - 14:30
TBA

Lunch

Thomas Poeppelmann

Introduction to Post-Quantum Cryptography

Speaker:Thomas Poeppelmann

"Bridging 1st PQC-functions and principles with the smart card world"

program

Lawful interception and the never-ending crypto wars

Speaker: Prof. Bart Preneel
Speaker short CV

Bart Preneel is a full professor at the KU Leuven, where he heads the Imec-COSIC research group, that has 80 members. He has authored numerous scientific publications & is inventor of five patents. His research interests are cryptography, cybersecurity & privacy. He is president of LSEC & has been president of the IACR (International Association for Cryptologic Research).
Bart has been invited speaker at more than 120 conferences in more than 40 countries. In 2014 he received the RSA Award for Excellence in the Field of Mathematics & in 2016 he received the Kristian Beckman Award from IFIP TC11.

16:00 - 16:30
Room:TBA

Coffee Break

Gabi Dreo

Smart Attacks require Smart Defence

Speaker: Professor Gabi Dreo

Keynote Lecture in the area of Incident Handling

Damien Cauquil

Rapid innovation harms the Internet of Things

Speaker: Damien Cauquil

Vangelis Gazis

An overview of the standards landscape related to IoT security.

Speaker: Vangelis Gazis

11:00-11:30
TBA

Coffee Break

program

Keynote Lecture in the area of Cyber Threat Intelligence

Speaker: Piotr Kijewski and David Watson

"Encountering Cyberthreats within the Shadowserver Foundation"

Angelos Keromytis

Keynote Lecture in the area of Cyber Threat Intelligence

Speaker: Angelos Keromytis

"Active Cyber-Defence"

13:30 - 15:00
TBA

Lunch

Demonstrators

Short presentation from the demonstrators participating in the Summer School
8 Presentations (ca. 15 Minutes time slot each)

Social Dinner

Introduction to the IoT Ecosystem: Terms, Definitions, Components

Speaker: TBA

  • Typical IoT components
  • IoT platforms (development, operation)
  • IoT protocols
  • Threats to IoT
  • IoT security technologies and approaches
  • IoT security architectures

11:00-11:30
TBA

Coffee Break

Introduction to the IoT Ecosystem: Terms, Definitions, Components

Speaker: TBA

12:30 - 14:00
TBA

Lunch

Typical IoT attacks: understanding the case

Speaker: TBA

  • Communication channel attacks & Introduction to Bluetooth Low Energy (BLE)
  • Lab Exercise on BLE attacks
    • Install assessment framework & familiarise
    • Assess a vulnerable set up
    • Perform successfully man-in-the-middle attack

15:15 - 15:45
TBA

Coffee Break

Typical IoT attacks: understanding the case

Speaker: TBA

Incident Handling overview: Basis of Incident handling

Speaker: TBA

  • Incident handling workflow
  • Roles definition
  • Constituency and services definition
  • PoC (Point of Contacts establishment)

11:00 - 11:30
TBA

Coffee Break

Incident Handling overview: Basis of Incident handling

Speaker: TBA

12:30 - 14:00
TBA

Lunch

Incident classification, analysis and resolution

Speaker: TBA

  • Incident classification
    • Taxonomy
    • Triage
  • Incident analysis and resolution
    • Basic Malware and artefact analysis
    • Line of actions definition
  • Incident reporting and final remarks

15:15 - 15:45
TBA

Coffee Break

Incident classification, analysis and resolution

Speaker: TBA

CTI overview: Terms, Definitions, Available Models

Speaker: TBA

  • CTI Models (kill chain, OODA, Diamond Model, F3EAD, etc..)
  • Examples
  • Key CTI Concepts
  • Kinds and scope – operational, tactical, strategic CTI
  • Interfaces to other security processes

11:00 - 11:30
TBA

Coffee Break

CTI overview: Terms, Definitions, Available Models

Speaker: TBA

12:30 - 14:00
TBA

Lunch

Operational and tactical CTI: good practices and tools

Speaker: TBA

  • CTI standardisation
  • IoC Management and TIPs
  • TIP case study: MISP
  • Operational Intelligence
  • Example with operational data analysis: Maltego
  • Sharing Intelligence: what , when and how
  • CTI and IR
  • CTI and Active Defense / Hunting

15:15 - 15:45
TBA

Coffee Break

Operational and tactical CTI: good practices and tools

Speaker: TBA

Tanja Lange

Introduction: Terms, Definitions, Policy context

Speaker: Prof. Tanja Lange
Speaker short CV

Prof Dr. Tanja Lange joined the Technische Universiteit Eindhoven (The Netherlands) as Full Professor in 2006. Her work bridges the gaps between algebraic geometry, theoretical cryptography, and real-world information security. She is an expert on curve-based cryptography and post-quantum cryptography.
Prof. Dr. Lange is on the editorial board for 3 journals and serves on 3 steering committees, including the workshop series on Post-Quantum Cryptography. She coordinated the EU-H2020 project PQCRYPTO -- Post-quantum cryptography for long-term security https://pqcrypto.eu.org
She is a regular speaker at crypto and security conferences and has written more than 70 articles and books, including a paper in Nature on Post-Quantum Cryptography.

  • Terms, Definitions Cryptology, cryptography, cryptanalysis.
  • Definitions, meanings, requirements.
  • Public key cryptography Challenges
  • Use – confidentiality, signatures, etc.

11:00 - 11:30
TBA

Coffee Break

Nineta Polemi

Introduction: Terms, Definitions, Policy context

Speaker: Prof. Nineta Polemi
Speaker short CV

Nineta Polemi has obtained a Ph.D. in Applied Mathematics (Coding Theory) from The City University of New York (Graduate Center). She held teaching positions in Queens College, Baruch College of City University of New York and the State University of New York. She acted as President of the BoD and Technical Manager in the security consultancy company ExpertNet. She is currently Programme Manager in the European Commission in DG CONNECT (Cyber Security and Digital Privacy Unit H1), she is under suspension of duties as tenure Associate Professor in the University of Piraeus (Dept. of Informatics) and as Director of the UNIPI Security Lab. She has taught cryptography, security of ICT systems, port security and e-business. She has over one hundred publications, organised numerous security scientific events and has received a plethora of research grants. She has been PM and TM in over than 50 security projects of various international, EU and national programmes including National Security Agency (NSA), Dr. Nuala McGann Drescher Foundation, Greek Ministry of Defence, INFOSEC, IST Programme, FP5-FP7 and Horizon2020 EU Programmes.

  • Policy context for securing information/personal data (NISD, GDPR, etc.)
  • Protection measures and security requirements in securing information i.e. protection against data breaches

12:30 - 14:00
TBA

Lunch

Introduction to Post Quantum cryptography

Speaker: Michael Groves
Speaker short CV

Michael Groves is a technical director for cryptographic research at NCSC, having held a number of research positions over a period of about 20 years. He has also had a variety of advisory roles on cryptography and cyber security and has been prominent in the public debate on quantum topics in the UK. Michael is the author of three internet RFCs on identity-based cryptography (IETF RFCs 6507, 6508 and 6509) which have been adopted and standardized by 3GPP for public safety applications. For the past four years he has served as Vice Chair of the specialist ETSI Industry Specification Group studying quantum-safe cryptography.

  • Introduction to Post Quantum cryptography
  • Quantum cryptographic constructions, principles, algorithms

15:15 - 15:45
TBA

Coffee Break

Bart Preneel

Quantum computing and introduction in post quantum cryptography: Terms, Definitions and Challenges

Speaker:Prof. Bart Preneel
Speaker short CV

Bart Preneel is a full professor at the KU Leuven, where he heads the Imec-COSIC research group, that has 80 members. He has authored numerous scientific publications & is inventor of five patents. His research interests are cryptography, cybersecurity & privacy. He is president of LSEC & has been president of the IACR (International Association for Cryptologic Research).
Bart has been invited speaker at more than 120 conferences in more than 40 countries. In 2014 he received the RSA Award for Excellence in the Field of Mathematics & in 2016 he received the Kristian Beckman Award from IFIP TC11.

Migration strategies:

  • Quantum cryptographic limitations and challenges; When will be this needed?
  • - Competition; Standardisation; Open problems

Assessment and implementation of IoT security solutions

Speaker: TBA

  • Security assessment frameworks for IoT
    • OWASP IoT Security Framework
    • European Union Agency for Network and Information Security IoT Baseline Security Recommendations Tool
    • GSMA IoT Security Framework
  • IoT & Mobile device Authentication attacks
  • IoT device vulnerability assessment
  • Lab Exercise on IoT device security assessment
    • Install assessment tools & familiarise
    • Assess a simulated IoT device

11:00-11:30
TBA

Coffee Break

Assessment and implementation of IoT security solutions

Speaker: TBA

12:30 - 14:00
TBA

Lunch

Team exercise

Speaker: TBA

15:15 - 15:45
TBA

Coffee Break

Team exercise

Speaker: TBA

Incident handling and basic artifact analysis

Speaker: TBA

  • Artefact categorization & Prioritization
  • Network Artefact Collection
  • Tools
  • Forensics Procedures
  • Building a Timeline

11:00 - 11:30
TBA

Coffee Break

Incident handling and basic artifact analysis

Speaker: TBA

12:30 - 14:00
TBA

Lunch

Practice triage and incident handling processes

Speaker: TBA

  • Quiz / Examination
  • Real life scenarios
  • Mitigation Strategy

15:15 - 15:45
TBA

Coffee Break

Practice triage and incident handling processes

Speaker: TBA

Strategic CTI: good practices and tools

Speaker: TBA

  • APT Landscape
  • Strategic CTI Reporting - tradecraft
  • CTI reporting that makes sense
  • Example CTI report writing
  • Interfaces to other security processes

11:00 - 11:30
TBA

Coffee Break

Strategic CTI: good practices and tools

Speaker: TBA

12:30 - 14:00
TBA

Lunch

CTI Capability Maturity

Speaker: TBA

  • Issues of CTI capability – understanding the requirements
  • Levels of CTI maturity – implementation level of CTI requirements
  • Good practices of CTI capability according to organisation
  • Manage level of expectation/fulfilment - CTI KPIs/Metrics

15:15 - 15:45
TBA

Coffee Break

CTI Capability Maturity

Speaker: TBA

program

Lattice based post quantum cryptography

Speaker: Vadim Lyubashevsky
IBM

Speaker short CV

Vadim Lyubashevsky is a researcher in the cryptography group at IBM Research – Zurich. His main area of research is post-quantum cryptography based on the hardness of lattice problems. In particular, he has done extensive foundational work on constructions of efficient cryptographic primitives, including encryption, digital signatures, and zero-knowledge proofs, based on the hardness of ideal-lattice problems. His designs have been used as blueprints for submissions, by many various groups, to the ongoing NIST post-quantum standardization process. Vadim's research is currently supported by a starting ERC grant FELICITY.
Vadim received his Ph.D. in 2008 from UCSD, after which he spent two years as a post-doc at Tel-Aviv University. Prior to joining IBM, he was a researcher at Inria in France from 2010 - 2015.

11:00 - 11:30
TBA

Coffee Break

Post quantum cryptography: Case studies

Speaker: TBA

12:30 - 14:00
TBA

Lunch

Case study on PQ identity-based cryptography

Speaker: Michael Groves

15:15 - 15:45
TBA

Coffee Break

program

Hash-based Signatures

Speaker: Stefan-Lukas Gazdag
genua GmbH

Speaker Short CV

Stefan-Lukas Gazdag is research engineer and firewall developer at genua GmbH. After starting out with network security, monitoring of security critical systems, intrusion detection and event management he switched his interest field to cryptography. Currently he works on bringing post-quantum cryptography into practice. He holds a Master of Science in Computer Science.

Plenary of all trainings

  • Present IoT security to executives
  • Present Incident Handling to executives
    • Team presentation to “virtual” decision makers: Incident Handling pros and cons for “Inno-Soft SME”
    • Incident Handling maturity levels, tools, human resources, costs
  • Present CTI Approach to executives
    • Team presentation to “virtual” decision makers: CTI solution for “Inno-Soft SME”
    • CTI capability/maturity level, tools, human resources, costs
  • Present Quantum Crypto to executives

Clossing Session

12:30 - 14:00
TBA

Lunch

16:45 - 19:30
Knossos

End of Event

Visit to archaeological site of Knossos

Venue & Accomodation

The venue of the Summer School is Galaxy Hotel Iraklio . Galaxy Hotel is simply the place to be whether you seek to combine business with leisure or leisure with pleasure.

Hotel Reservation:

Hotel reservation will be available through the registration process, subject to availability

Travel Information

Information about how to get to the conference venue Galaxy hotel can be found in the link provided from the hotel: How to Reach Galaxy Hotel

Registration

There are four types of registration available:

  • Complete: Participant can attend all events
  • Conference only: Participant can attend the conference event only
  • Training Course only: Participant can attend one of the 4 available training courses, subject to availability:
    • Internet of Things Security
    • Incident Handling
    • Cyber Threat Intelligence
    • Introduction to Post Quantum Cryptography
  • Poster presentation: Includes invitation for 2 persons

Registation Fees

industry academia/public sector students
Complete Event 500 € 400 € 200 €
Conference only 250 € 200 € 100 €
Training session only 250 € 200 € 100 €
Poster Presentation 500 € 500 € 500 €

Registration is available through:

CCBS GREECE P.C. Cretan Conference and Business Services P.C
6 Pediados Str, 71201, Heraklion GR
Tel: +30 2810 331010, Fax: +30 2810 330606

A cancellation fee of €50 applies. No cancellation will be allowed after July 30, 2018. If you cannot attend you may transfer the registration to another person.

Contact Information


European Union Agency for
Network and Information Security Agency

1 Vasilissis Sofias Str Maroussi 151 24
Attiki, Greece
Tel: +30 28 14 40 9711


Foundation for Research and Technology - Hellas


N. Plastira 100, Vassilika Vouton
Heraklion, GR-700 13, Crete, Greece
Tel.: +30 2810 391945