In recent years, the majority of the world’s Critical Infrastructures CIs evolved to become more flexible, cost efficient and able to offer better services and conditions for business opportunities. Towards this evolution, CIs and companies offering CI services had to adopt many of the recent advances of the Information and Communication Technologies (ICT) field. As part of this framework CIPSEC offers a complete security ecosystem of additional services that can support the proposed technical solutions to work reliably and at professional quality. These services include vulnerability tests and recommendations, key personnel training courses, public-private partnerships (PPPs) forensics analysis, standardization and protection against cascading effects. All solutions and services will be validated in three pilots performed in three different CI environments (transportation, health, environment). CIPSEC will also develop a marketing strategy for optimal positioning of its solutions in the CI security market.
The workshop is collocated with the 21st International Symposium on Research in Attacks, Intrusions and Defenses ( RAID 2018)
|Notification to Authors:||August 5, 2018|
|Final version:||August 15, 2018|
Call for papers
The recent advancements of ICT have given the opportunity to companies, public administrations and various Critical Infrastructures to offer new and innovative services and at the same time lower their operational costs. These advancements however, were quickly adopted without proper evaluation of their impact on security, leaving current IT (Information Technology) and OT (Operation Technology) systems vulnerable to various kinds of cyberattacks. The International workshop on Information & Operational Technology (IT & OT) security systems aims to bring together viewpoints from diverse areas to explore the commonalities of security problems and solutions for advancing the collective science and practice of IT and OT security protection.
List of Topics
- Security architectures and frameworks for enterprises, SMEs, public administration or critical infrastructures
- Threat models for systems and communication networks
- Threat detection, classification and profiling, Incident management
- Security training
- Risk assessment – safety and security
- Security validation, testing platforms and developments
- Hardware security, Cryptographic engineering
- Intrusion Detection, Intrusion Prevention
- Secure Software Development, Malicious Code Analysis
- Digital Forensics
- Identity and access management
- Privacy Enabling Technologies
Papers will be judged on novelty, significance, correctness, and clarity. We expect all papers to provide enough detail to enable reproducibility of their experimental results.
Accepted papers will be publised as post-proceedings in LNCS (*Initial agreement with Springer, final confirmation pending).
Each paper must include an abstract and a list of keywords, and must not exceed 10 pages in total length, formatted in LNCS-style and including the bibliography and any appendices. Position papers of maximum 4 pages describing early research work are also accepted. Papers can be submitted on the following link: https://easychair.org/conferences/?conf=iosec2018
|Kostas Lampropoulos||University of Patras|
|Eva Marín Tordera||Universitat Politècnica de Catalunya|
Publication and Publicity Chair
|Apostolos P. Fournaris||University of Patras|
Technical Program Committee
|Apostolos P. Fournaris:||University of Patras|
|Odysseas Koufopavlou:||University of Patras|
|Xavi Masip:||Universitat Politècnica de Catalunya|
|Stefan Katzenbeisser:||Technical University of Darmstadt|
|Neeraj Suri:||Technical University of Darmstadt|
|Sotiris Ioannidis:||Foundation for Research and Technology - Hellas|
|Christos Papachristos:||Foundation for Research and Technology - Hellas|
|Vassilis Prevelakis||TU Braunschweig|
|Samuel Fricker||FHNW Fachhochschule Nordwestschweiz|
|Elias Athanasopoulos||University of Cyprus|
|Sharon Keidar-Barner||ΙBM Israel|
|Marco Spruit||Universiteit Utrecht|
|Spyros Denazis||University of Patras|
|Dimitrios Serpanos||ISI/ATHENA, University of Patras|
|Nicolas Sklavos||University of Patras|
|Paris Kitsos||Technological Educational Institute of Western Greece|
A printable version can be downloaded from this link
The workshop's hall is (Neorion Hall). Venue
Title: Big and messy data: analyzing security telemetry for incident response and risk assessment
Dr Petros Efstathopoulos (Symantec Research Labs (SRL))
1st Session:Critical Infrastructure CyberSecurity Issues
Chair: Apostolos P. Fournaris
A Cipher Class based on Golden S-Boxes for Clone-Resistant Identity
Saleh Mulhem, Ayoub Mars and Wael Adi.
A Secure and Efficient File System Access Control Mechanism (FlexFS)
Jihane Najar and Vassilis Prevelakis
Protecting Cloud-based CIs: Covert Channel Vulnerabilities at the Resource Level
Tsvetoslava Vateva-Gurova, Salman Manzoor, Ruben Trapero and Neeraj Suri
Detecting In-Vehicle CAN Message Attacks using Heuristics and RNNs
Simon Woo, Shahroz Tariq, Sangyup Lee and Huy Kang Kim
2nd Session: CyberSecurity Threats, Assessment and Privacy
Chair: Odysseas Koufopavlou
A Questionnaire Model for Cybersecurity Maturity Assessment for Critical Infrastructures
Bilge Yigit Ozkan and Marco Spruit.
Threat Modeling the Cloud: An Ontology Based Approach
Salman Manzoor, Tsvetoslava Vateva-Gurova, Ruben Trapero and Neeraj Suri.
Automated Measurements of Cross-Device Tracking
Konstantinos Solomos, Panagiotis Ilia, Sotiris Ioannidis and Nicolas Kourtellis.
Incognitus: Privacy-Preserving User Interests in Online Social Networks
Alexandros Kornilakis, Panagiotis Papadopoulos and Evangelos Markatos.
3rd Session: Vulnerability and Malware Detection
Chair: Konstantinos Lampropoulos
AngelEye: Deep ahead-of-threat virtual patching of application vulnerabilities
Fady Copty, Andre Kassis, Sharon Keidar-Barner and Dov Murik.
Malware Clustering Based on Called API During Runtime
János Gergő Széles and Adrian Coleșa.
CloudNet Anti-Malware Engine: GPU-Accelerated Network Monitoring for Cloud Services
George Hatzivasilis, Konstantinos Fysarakis, Ioannis Askoxylakis and Alexander Bilanakos.
Full Content Search in Malware Collections
Andrei Mihalca and Ciprian Oprisa.
Chair: Sotiris Ioannidis
Security in the era of complex systems
|Organizing Committee:||Eva Marín Tordera||eva [at] ac.upc.edu|
|Organizing Committee:||Kostas Lampropoulos||klamprop [at] ece.upatras.gr|
|Publication and Publicity Chairs:||Apostolos P. Fournaris:||apofour [at] ece.upatras.gr|