2018년 May 14일

ITCS 2018 Program

The International Workshop on the Internet of Things Cybersecurity and Safety

 

Tuesday, 17 July 2018
18:00-21:00

Welcome Reception

 

Wednesday, 18 July 2018

09:00 – 09:30

Opening and Introduction (Dr DongSeong Kim and Dr HuyKang Kim)

09:30 – 10:30

Keynote 1 (Chair: Dr Dong Seong Kim)

Speaker: Dr Surya Nepal, Data61/CSIRO, Australia

Title: Building Trustworthy IoT Data Lifecycle

10:30 – 11:00

Coffee/Tea Break

11:00 – 11:30

Talk 1 (Chair: Dr Ian Welch)

Speaker: Dr Dong Seong Kim, University of Canterbury, New Zealand

Title: IoT security modelling and analysis

11:30 – 12:00

Talk 2 (Chair: Dr William Liu)

Speaker: Dr Huy Kang Kim, Korea University, South Korea

Title: IoT security – Intrusion Detection for Autonomous Vehicles

12:00 – 13:00

Lunch

13:00 – 13:30

Talk 3 (Chair: Dr Julian Jang-Jaccard)

Speaker: Hwang, Tae Yoon, A student from Dr Ji Won Yoon’s group, Korea University, South Korea

Title: Recent trends of malware and their analysis in IoT

13:30 – 14:00

Talk 4 (Chair: Dr Dong Seong Kim)

Speaker: Dr Dong Joo Kang

Title: IoT security – Autonomous Operation and Anomaly Detection Scheme in Home IoT based Energy Management System

14:00 – 14:30

Talk 5 (Chair: Dr Dong Seong Kim)

Speaker: Dr Ian Welch, Victoria University of Wellington, New Zealand

Title: Towards Secure Smart Home IoT: Manufacturer and User Network Access Control Framework

14:30 – 15:00

Coffee/Tea Break

15:00 – 15:30

Talk 6 (Chair: Dr Huy Kang Kim)

Speaker: Dr Julian Jang-Jaccard, Massey University, New Zealand

Title: Benchmarking the Performance of CP-ABE Schemes for Lightweight Internet-of-Things (IOT) Devices

15:30 – 16:00

Talk 7 (Chair: Dr Dong Joo Kang)

Speaker: Dr William Liu

Title: Building the Resilient and Energy-efficient Internet of Things (IoT) Networks.

16:00 – 17:00

Discussions and Wrap-up.

17:30 – 20:00

Dinner (location to be determined) and Social Networking

 

Thursday, 19 July 2018
10:00-12:00

Korea-New Zealand researcher business meeting I

12:00-13:00

Lunch

13:00-15:00

Korea-New Zealand researcher business meeting II

15:00-16:00

Coffee/Tea Break

16:00-18:00

Korea-New Zealand researcher business meeting III

 

Friday, 20 July 2018
10:00-12:00

Korea-New Zealand researcher business meeting IV

12:00-13:00

Lunch

13:00-15:00

Korea-New Zealand researcher business meeting V

15:00-16:00

Coffee/Tea Break

16:00-18:00

Korea-New Zealand researcher business meeting VI

 

Speakers’ bio and talk abstract


Keynote Speech

Speaker: Dr Surya Nepal

Title: Building Trustworthy IoT Data Lifecycle

Biography: Dr Surya Nepal is a Principal Research Scientist at CSIRO Data61 and leads the distributed systems security research group comprising 10+ staff and 40+ PhD students. He has been with CSIRO since 2000. Over the last 17 years, his main research focus has been in the development and implementation of technologies in the area of distributed systems (including cloud, IoT and edge computing) and social networks, with a specific focus on security, privacy and trust. He obtained his BE from National Institute of Technology (NIT) Surat, India; ME from Asian Institute of Technology (AIT), Thailand; and PhD from RMIT University, Australia. He has more than 200 peer-reviewed publications to his credit; his papers are published in international journals such as IEEE Trans. Parallel and Distributed Systems, IEEE Trans. on Service Computing, ACM Trans. on Internet Technologies, and IEEE Trans. on Computers. He has co-edited three books including security, privacy and trust in cloud systems by Springer, and co-invented 3 patents. He currently serves as an associate editor in an editorial board of IEEE Transactions on Service Computing.


Talk 1

Speaker: Dr Dong Seong Kim

Title: IoT security modelling and analysis

Abstract:

In this talk, first, research activities on the graphical security modelling and analysis at UC will be briefly introduced. Second, a framework and method to model and analyze the security of IoT networks will be presented. Third, two network level defense for IoT network will be presented (Software defined IoT and IoT with deception). Finally, the future research ideas for IoT security modelling and analysis will be introduced.

Biography:

Dr. Dong-Seong “Dan” Kim is the Head of Cyber Security Lab at the University of Canterbury (UC), Christchurch, New Zealand. He is a Senior Lecturer in Cyber Security in the Department of Computer Science and Software Engineering at UC. He was a visiting scholar at the University of Maryland, College Park, Maryland in the US in 2007. From June 2008 to July 2011, he was a postdoc at Duke University, Durham, North Carolina in the US. His research interests are in cyber security and dependability for various systems and networks.


Talk 2

Speaker: Dr Huy Kang Kim

Title: IoT security – Intrusion Detection for Autonomous Vehicles

Abstract:

Controller Area Network (CAN) is a bus communication protocol which defines a standard for reliable and efficient transmission between in-vehicle nodes in real-time. Since CAN message is broadcast from a transmitter to the other nodes on a bus, it does not contain information about the source and destination address for validation. Therefore, an attacker can easily inject any message to lead system malfunctions. In this talk, I will introduce various attacks in automobile environment; and I will present recent intrusion detection methods based on the CAN traffic analysis, OTIDS.

Biography:

Prof. Huy Kang Kim received his PhD in industrial and systems engineering from Korea Advanced Institute of Science and Technology (KAIST) in 2009. He received an MS degree from KAIST in 2000. He received a BS degree in industrial management from KAIST in 1998.
He founded A3 Security Consulting, the first information security consulting company in South Korea in 1999. Also, he was a member and the last leader of KUS (KAIST UNIX Society), the legendary hacking group in South Korea. Currently he is an associate professor in Graduate School of Information Security, Korea University. Before joining Korea University, he was a technical director (TD) and a head of information security department of NCSOFT (2004-2010), one of the most famous MMORPG companies in the world.
His team (Hacking and Countermeasure Research Lab)’s main research area is data-driven security which is based on machine learning and data mining technology to extract and learn useful knowledge from massive data. Especially, HCR Lab has its unique and valuable dataset collected from real-world service, for example, online game service data, mobile payment and e-commerce transaction data, car-driving and attack data. HCR Lab developed intrusion detection system (IDS) for automotive based on CAN traffic data analysis.
HCR Lab is continuously contributing to the data-driven security field by sharing this dataset to the public. One of HCR Lab’s contributions is holding and maintaining Information Security R&D Data challenge (http://datachallenge.kr/) from 2017. In this event, HCR Lab managed “data-driven automotive IDS challenge”.
Based on this research activities, he is an editor of ITU-T SG17 Q13/17 X.ITSSEC-4, “Methodologies for intrusion detection system on in-vehicle systems”.


Talk 3

Speaker: Hwang, Tae Yoon

Title: Recent trends of malware and their analysis in IoT

Biography: A student from Dr Ji Won Yoon’s group, Korea University, South Korea


Talk 4

Speaker: Dr Dong Joo Kang

Title: IoT security – Autonomous Operation and Anomaly Detection Scheme in Home IoT based Energy Management System

Abstract :

As smart meters are deployed to residential consumers in connection with various IoT devices, home is becoming a new source of big data produced from utility service meters and home environment sensors. In conventional energy systems, the main decision-making factor was economic feasibility. However, it is changing as energy systems are segmented into autonomous and smaller units. Smart grid is being decentralized with self-sufficient microgrids at community level, and microgrid is again segmented into nanogrids such as HEMS (Home Energy Management System). As energy systems evolve into the society of smaller systems, the economics is no more the only variable for decision-making. And the security issues should be also dealt with differently from the scheme in centralized energy systems. In this talk, I will present the security issues and a proposed solution in home IoT environment focusing on energy management problem.

Biography:

Dr. DJ Kang received his PhDs in business from Yonsei University in 2017, and in electrical engineering from Hong-ik University in 2011 respectively. He received an MS degree in electrical engineering from Hong-ik University in 2001, another MS degree in financial engineering from Sungshin Women’s University in 2009, and an MBA from Kookmin University in 2013. He received his BS degree in electrical and electronic engineering from Hong-ik University in 1999.
He had worked for KERI (Korea Electro-technology Research Institute) from 2001 to 2016. As a senior researcher of national research institute, he worked on many research projects funded by the Korean government, public organizations, and utility companies. He had contributed to an international collaboration activity, ISGAN (International Smart Grid Action Network), an initiative in IEA (International Energy Agency) as the national expert from Korea and the Annex 2 lead for 5 years. He moved to BNK Financial Group in 2016 and worked for Busan Bank as a technology analyst for loan services to SMEs (small and medium sized companies). After 1 year of job experience as a banker, he has worked for several startup companies as outside directors. Now he is a research professor in the graduate school of information security in Korea University, and running his own startup company as a founder on HEMS technology.


Talk 5

Speaker: Dr Ian Welch

Title: Towards Secure Smart Home IoT: Manufacturer and User Network Access Control Framework

Abstract :

The vulnerable smart home IoT poses huge security threats. It puts smart home network security at risk as it can be used as an entry point into the network, also it exposes users privacy due to the amount of personal data it collects. Meanwhile, as IoT increases in popularity, it has a significant impact on the security of the rest of the Internet community (e.g. forming botnets). Enforcing standard security solutions on IoT devices is a challenge due to its limited resources. Previous research delegates IoT security to a third party (e.g. ISP) and ignores to consider social and contextual factor. In this paper, we propose an SDN-based framework for enforcing network- wide static and dynamic access control, where manufacturers, security providers, and users can cooperate to enhance the smart home IoT security. Our approach has three features: a) it allows the manufacturers to enforce the least privileged needed for IoT function, and hence reduce the risk associated with exposing IoT to the Internet; b) it enables to enforce access policy as a feedback from security services; c) it enables users to customize IoT access based on social and contextual needs (e.g. only permits LAN access to the IoT through his/her mobile), which reduce the attack surface within the network. We also proposed IPv4 ARP server as an NFV security service to mitigate ARP spoofing attack by replying to ARP requests in the network. We implement a prototype to demonstrate the functionality of the framework against common attack scenarios (i.e. network scanning, ARP spoofing).

Biography: –


Talk 6

Speaker: Dr Julian Jang-Jaccard (Massey University)

Title: Benchmarking the Performance of CP-ABE Schemes for Lightweight Internet-of-Things (IOT) Devices

Abstract :

Lightweight Internet-of-things (IoT) devices, such as smart phones, tablets and laptops, have limited battery constraints and storage capacity and have become a bottleneck for many security applications. Ciphertext policy attribute-based encryption (CP-ABE) has been hailed as a viable solution as the scheme allows the encryptor to decide the access structure so that only authorized users can decrypt and have access to the sensitive data. However, most existing techniques are based on costly bilinear maps and require long decryption keys. These demands significant computation costs during encryption and decryption stage which the costs is linear to the number of attributes involved in the access policy. These drawbacks prevent CP-ABE to be used in the wider IoT based applications. We have been working on benchmarking the encryption and decryption performance and resource usages of the new breed of CP-ABE techniques and will share the insights of our key findings.

Biography:

Julian is an experienced and passionate computer scientist whose career has spanned over 20 years across industries, universities, and a top government research agency. Her core research focuses sit in two broad categories: cyber security and data science. In the cybersecurity area, her research focuses on developing algorithms and protocols to protect user, system, and data. In data science, combining with her background in database research, her research focuses on developing privacy preserving techniques for big data platform (such as Hadoop and Spark) and algorithms (such as ML and deep learning network) to enhance the scope of big data analytics without privacy concerns. Her techniques have been applied in real-life telco and health informatics trials with success. Prior to joining Massey, she was a research scientist at CSIRO (Commonwealth Scientist Industrial Research Organisation) in Australia working on multi-million dollar projects within Australia and across Pacific. Before CSIRO, she briefly worked at the University of Sydney and was a professional java developer and a certified database administrator working at cutting edge Australian software development industries. She was trained under Prof Alan Fekete (Harvard, MIT) who is the world renowned database researcher. She is an active member of several database, cyber security and data science research communities and has published more than 50 articles in the leading conferences and journal venues including IEEE and ACM.


Talk 7

Speaker: Dr William Liu

Title: Building the Resilient and Energy-efficient Internet of Things (IoT) Networks.

Abstract :

The Internet of Things (IoT) networks are rapidly growing as an emerging information platform to share information and deliver new services, while it still has some challenging problems to be addressed such as service resilience and energy efficiency. The network service resilience is usually assured through the network survivability mechanisms such as over-provisioning of diverse and backup network resources. On the other hand, the network resource efficiency could be approached by switching off the unused network resources as much as possible. Therefore, there is an inherent contradiction involved in satisfying both service resilience and energy efficiency simultaneously. In this talk, I will discuss the IoT network design requirements for service resiliency and resource efficiency, as well as present our recent work to alleviate this conflict.

Biography:

William Liu is currently a Senior Lecturer in the Department of Information Technology and Software Engineering, School of Engineering, Computer and Mathematical Sciences at the Auckland University of Technology, New Zealand. He holds a Masters degree and a PhD degree in Electrical and Computer Engineering, both obtained at the University of Canterbury, New Zealand in 2005 and 2010 respectively. He had been working as a network planner and designer in Beijing Telecom in China for 5 years before he immigrated to New Zealand in 2002. He has co-authored more than 80 papers published in international journals and conferences, and he participates in the Program Committees of several premier IEEE conferences including INFOCOM, GLOBECOM, ICC, GreenCom, CloudNet, DRCN, RNDM and ATNAC. He is the Founding Chair of IEEE Vehicular Technology Society (VTS) New Zealand North Chapter. His main research interests are in the design and performance evaluation of the architecture and protocols for packet-oriented networks. He is working especially in the areas of network survivability, sustainability and trustworthy computing.