Asia-Pacific and MEA Round 2014
The ‘CyberSecurity for the Next Generation’ conference will be hosted at Korea University, March 11-13, 2014.
Eligible countries: Bachelor, Master and Ph.D. students from the following countries can participate in the Asia-Pacific & MEA round of the conference: Australia, Bangladesh, Brunei, Cambodia, China, Hong Kong, India, Indonesia, Iran, Iraq, Japan, Jordan, The Republic of Korea, Kuwait, Lebanon, Malaysia, Mongolia, Myanmar, Nepal, New Zealand, Oman, Pakistan, Philippines, Saudi Arabia, Singapore, Sri Lanka, Syria, Taiwan, Thailand, Turkey, United Arab Emirates, Vietnam, Yemen, all countries of Africa.
Participation is free. Kaspersky Lab will cover all participants’ travel and accommodation expenses. By submitting a paper, participants give their consent for Kaspersky Lab to publish their work at www.academy.kaspersky.com
The best projects will be given awards and valuable prizes (1st place $1500, 2nd place $1000 and 3rd place $750) from Kaspersky Lab and the authors will be invited to attend the international ‘CyberSecurity for the Next Generation’ conference.
Paper Submission Process and Paper Format
Submissions should be made using our conference paper management system, details of which will be sent upon registration. Papers should be in Word (DOC), or Rich Text Format (RTF) only (i.e. other formats will NOT be accepted). If necessary, files may be compressed, using ZIP format only. The ZIP file must contain two documents, .DOC format – i.e. an abstract of your paper and your full paper. Papers that do not meet the formatting instructions will be returned to the authors for revision. We are unable to accept PDF or PS files.
Please download and read the strict formatting guidelines. Failure to do so will mean us having to return papers for proper completion.
In addition, please use the supplied document template to help conform to the guidelines.
The total length of the paper should not exceed ten pages, including all figures, tables and references. Hyperlinks should be removed from the paper for both email addresses and web pages.
Wednesday, March 12, 2014
|09:45 - 10:15||Guest Registration, Welcome coffee||Korea University, Inchon Memorial Hall Auditorium (1st floor)VIP Restaurant|
|10:15 - 10:30||Welcoming Remarks: Harry Cheung, Managing Director, Kaspersky Lab APAC, Natalya Obelets/ Deputy Head of Education Initiatives , Kaspersky Lab, Professor Jong In Lim/ Dean of Graduate School of Information Security, Korea University.||Korea University, Inchon Memorial Hall Auditorium (1st floor)|
|10:30 - 11:00||Cyber Security Policy in Korea/ presentaion by Mr. Seong Ju Kang/IT Strategy Bureau Director-General Ministry of Science, ICT and Future Planning|
|11:00 - 11:30||Cyber-Underground Evolution/presentation by Marco Preuss/Director, Europe, Global Research & Analysis Team, Kaspersky Lab|
|11:30 - 11:45||A Design for a Task-Role-Based Access Control for a Personal Health Record System/Rose Ann Sale Zuniga/University of the Philippines Diliman/Philippines|
|11:45 - 12:00||The Vulnerability of Malicious Record and Replay Attack in Radio Frequency Level…/Park Sangbin/Korea University/Korea|
|12:00 - 12:20||Coffee break||VIP Restaurant|
|12:20 - 12:50||Korea University, Inchon Memorial Hall Auditorium (1st floor)|
|12:50 - 13:05||Towards an Cyber Security Education Campaign for Fostering a Societal, Cyber Security Culture/Rayne Reid/Nelson Mandela Metropolitan University/South Africa|
|13:05 - 13:20||A Security Solution for Cassandra based on RBAC module/Xi Ju/City University of Hong Kong/Hong Kong|
|13:20 - 13:35||Evaluating the Effect of Multi-Touch Behaviours on Android Unlock Patterns/Weizhi Meng/City University of Hong Kong/Hong Kong|
|13:35 - 14:40||Lunch||VIP Restaurant|
|14:40 - 15:10||How to pwn an Enterprise for Dummie/ presentation by David Jacoby/Senior Security Researcher, Global Research & Analysis Team||Korea University, Inchon Memorial Hall Auditorium (1st floor)|
|15:10 - 15:25||DDoS Detection System Using Hybrid Genetic Algorithm and Artificial Neural Network/Mehdi Barati/Universiti Putra Malaysia (UPM) /Malaysia|
|15:25 - 15:40||BYOD Trend and Security Challenges/Ka Man Chan/City University of Hong Kong/Hong Kong|
|15:40 - 15:55||A Study on Unknown Malware Detection using Digital Forensic Techniques/Jaeho Lee/Center for Information Security Technologies (CIST)/Korea|
|15:55 - 16:15||Coffee break||VIP Restaurant|
|16:15 - 16:45||Biometrics A Triumph of Convenience over Security?/ presenttaion by Steven Furnell/Professor of Information Security, Plymouth University||Korea University, Inchon Memorial Hall Auditorium (1st floor)|
|16:45 - 17:00||Security Analysis of Unmanned Aerial Vehicles (UAVs)/Divyajyoti Das/KIIT University/India|
|17:00 - 17:15||AdaBoost and SVM based Cybercrime Detection and Prevention Model/Hanif Mohaddes Deylami/Multimedia University (MMU)/Malaysia|
|17:15 - 18:15|
Thursday, March 13, 2014
|09:30 - 10:00||Welcome coffee||Korea University, Inchon Memorial Hall Auditorium (1st floor)/VIP Restaurant|
|10:00 - 10:30||Korea University, Inchon Memorial Hall Auditorium (1st floor)|
|10:30 - 10:45||Enhancing Collaborative Intrusion Detection Networks Using Intrusion Sensitivity in Detecting Insider Attacks/Wenjuan Li/City University of Hong Kong/ Hong Kong|
|10:45 - 11:00||Conceptual Design of an Effective Tracking Framework for Cloud Intrusion Detection/Linghua Zhang/City University of Hong Kong/ Hong Kong|
|11:00 - 11:15||Communect: Secure Community Connection Using OpenBTS as an Alternative Base Station/Adelen Victoria Festin/University of the Philippines Diliman/ Philippines|
|11:15 - 11:30||SecuriThief: An Online Security Education Tool For the Youth Using True-to-Life Simulations in a Game/Camille Salazar/University of the Philippines Diliman/ Philippines|
|11:30 - 11:45||Arcanum - Client Side Encryption Based File Storage System/Yashin Mehaboobe/College of Engineering Poonjar/India|
|11:45 - 12:30||Coffee break & Program Committee Meeting||Korea University, Inchon Memorial Hall Auditorium (1st floor)/VIP Restaurant|
|12:30 - 13:10||Cyber Inferno: Seven Circles/presentation by Eugene Kaspersky/ CEO and Chairman, Kaspersky Lab||Korea University, Inchon Memorial Hall Auditorium (1st floor)|
|13:10 - 13:30||Awards Ceremony|
|13:30 - 14:20||Lunch|
Friday, March 14, 2014
|up to 12:00||Departure day||according to flights|
Department of Computer Science, City University of Hong Kong
Enhancing Collaborative Intrusion Detection Networks Using Intrusion Sensitivity in Detecting Insider Attacks
Nowadays, network intrusions (e.g., Trojans) are becoming more sophisticated to detect by an isolated intrusion detection system (IDS). To improve the detection capability, collaborative intrusion detection networks (CIDNs) have been proposed which enables an IDS to collect information and learn experience from other IDS nodes. By means of IDS collaboration, a CIDN is expected to be more powerful in detecting some complicated attacks like Denial of Service. However, such a CIDN may suffer from insider attacks like pollution attacks, in which a group of malicious nodes cooperate together by providing false alarm rankings to compromise the network. This attack can greatly lower the effectiveness of a CIDN. In real deployment, we identify that each IDS may have different levels of sensitivity in detecting different types of intrusions. In this paper, we therefore propose and evaluate an intrusion sensitivity-based approach regarding the detection of insider attacks within a CIDN. The experimental results demonstrate that our approach is more effective in detecting malicious nodes under pollution attacks and reducing the negative impact on alarm aggregation
Hanif Mohaddes Deylami
Faculty of Computing and Informatics, Multimedia University
AdaBoost and SVM based Cybercrime Detection and Prevention Model
This paper aims to propose cybercrime detection and prevention model by using Support Vector Machine (SVM) and AdaBoost algorithm in order to reduce data damaging due to running of malicious codes. The performance of this model will be evaluated on a Facebook dataset, which includes benign executable and malicious codes. The main objective of this paper is to find the effectiveness of different classifiers on the Facebook dataset for crime detection. Finally, we try to compare the classifier accuracy of SVM and AdaBoost by using Weka 3.7.4 software in order to choose the best model to classify the Facebook dataset with high accuracy
Department of Computer Science, City University of Hong Kong
Evaluating the Effect of Multi-Touch Behaviours on Android Unlock Patterns
Currently, graphical passwords are considered as one of the potential alternatives to mitigate the shortcomings of text-based passwords. Due to the increased processing power of mobile phones, graphical password-based authentication systems like Android Unlock Patterns have been deployed on such mobile platforms to authenticate legitimate users and detect impostors. We identify that users can utilize more behaviours like multi-touch on a mobile phone with a touchscreen than on a keyboard-based computer. The action of multi-touch, which refers to the process of touching a touchscreen with multiple fingers simultaneously, is a distinguished feature for a touch-enabled mobile phone. In this paper, we attempt to investigate the effect of multi-touch behaviours (i.e., using two fingers) on creating graphical passwords like Android Unlock Patterns regarding security and usability. In particular, we conducted a user study with up to 35 participates and performed two major experiments under different conditions. The results demonstrate that the behaviour of multi-touch can make a positive impact on creating Android Unlock Patterns
Department of Information Systems, City University of Hong Kong
A Security Solution for Cassandra Based on RBAC Module
In today’s technologically emerging society of web 2.0, NoSQL is rapidly developing. In addition to attracting global attention, it is also relies on expansibility, high performance of magnanimous data processing and flexible data models. As an important tool of the big data era, NoSQL is widely used in Social Networking Service. Cassandra, a typical NoSQL database, such as Google's BigTable, is a growing interest nowadays. However, its security issue has been repeatedly denounced as NoSQL databases, in comparison to relational databases, trade on consistency, security for performance and scalability. It is evident that security is an extremely important element for any data, especially with the increasing sensitive data stored in NoSQL databases. As NoSQL's representative, Cassandra's security is not fully guaranteed. Moreover, NoSQL has been criticized for its lack of security, with a minimal number of effective solutions generated. To fill this gap, a RBAC solution is proposed for the security of Cassandra. This paper analyses Cassandra's security part and offers a solution —— Role Based Access Control which protects data better. Through experiment, by testing the RBAC solution for Cassandra, it is proved that RBAC improves the security of Cassandra in the aspects of authentication, authorization and, protect data from being modified and leaked.
Security Lab., Faculty of Computer Science and Information Technology University Putra Malaysia (UPM)
DDoS Detection System Using Hybrid Genetic Algorithm and Artificial Neural Network
Distributed Denial of Service (DDoS) attack is one of the most significant threats among all security issues. To address these security issues, some detection methods have been proposed by researchers, but due to inefficiency of their techniques in terms of accuracy and computational cost, proposing more efficient detection methods for DDoS attack is still an interesting research. In this paper, architecture of DDoS attack detection system is proposed. A hybrid method using Genetic Algorithm (GA) and Artificial Neural Network (ANN) is used in both feature selection and attack detection of this architecture. Firstly, the most efficient features are selected by deploying wrapper method using GA. Then, Multi-Layer Perceptron (MLP) of ANN is applied to improve the DDoS attack detection rate. Results show that the proposed method is capable in DDoS attack detection accurately and produces deniable False Positive which are very promising results
Security Analysis of Unmanned Aerial Vehicles (UAVs)
Ever since man ventured into aerospace engineering, Unmanned Aerial Vehicles (UAVs) have attracted considerable attention of innovators and researchers. These Vehicles have revolutionized modern day warfare and are slowly replacing manned fighting aircrafts. In the upcoming years they will become a part of our daily life. Thousands of drones will hover in the sky, creating an all new medium of transportation. They will reduce the delivery time of our products from 24 hours to as much as 30 minutes or even less. Their increasing acceptance and use will certainly attract the attention of Hackers and terrorists who will try to create havoc by hacking these vehicles. Thus, it is high time the security of UAVs is discussed. It is about the security of an industry that will dominate the skies in future and will revolutionize the way we think about transportation, mapping and surveillance. This paper is an attempt to discuss the security of UAVs in details, exposing the vulnerabilities that currently exist and finally discussing innovative ways to secure UAVs from being hacked. Though the security of both military and civilian UAVs is discussed, but focus is more on Civilian UAVs that will be an integral part of our lives in future.
Ka Man CHAN
Department of Information Systems, City University of Hong Kong
BYOD Trend and Security Challenges
Bring Your Own Device (BYOD) has become a growing trend which could improve employees’ productivity and satisfaction. While BYOD help businesses gain extra productivity from staff, business also faces a higher security threats. This paper begins with literature study of BYOD trends, advantage, and security threats. Additionally, research interviews and survey analysis show the trends, security concern and threats of BYOD. Base on the investigation of existing BYOD security solutions (Virtual Desktop and MDM solution), the study proposed 3-Tier BYOD Security Solution that overcomes the weaknesses of traditional BYOD security solution.
Center for Information Security Technologies(CIST), Korea University
A Study on Unknown Malware Detection using Digital Forensic Techniques
DDoS attack and APT attack cause a social turmoil and threaten national security by making zombie computers attack a certain computer simultaneously. These attacks require a lot of zombie computers that carry out the attacker’s commands and unknown malware that bypass anti-virus products which will be executed on the zombie computers. Therefore, when a symptom is detected during an incident handling process, the initial response to collect the unknown malware from zombie computers is required.
In this paper, we propose a way of detecting unknown malware with information obtained from digital forensic techniques. With the proposed method, it is possible to detect unknown malware regardless of analyst’s abilities during an incident handling process
Computer Security Group, University of the Philippines Diliman, Quezon City, Philippines
Communect: Secure Community Connection Using OpenBTS as an Alternative Base Station
Communication is of primary importance in today's world; however, there are still areas that do not experience this kind of convenience. To address this issue, this paper presents Communect, a system that caters to the communication needs of a community. Being OpenBTS-based, Communect can be a good alternative to the already-existing network providers that may not be constantly reliable due to network congestion, maintenance, or area unreachability. It features secure operational activities for OpenBTS and modules that empower community development. The added security mechanisms include securing the following: user accounts, login mechanisms, rates' configuration management system, short codes activation, and CLI-phone messaging. For community development, Communect has applications for the centralization of information dissemination, such as community alerts and inter-agency communication, and the organization of disaster risk management activities, such as emergency message monitoring and survivor recording. It also comes with a graphical user interface that provides an intuitive feel so that it can be easy-to-use for anyone, even with little or no training at all. Being low-cost and easy-to-deploy, Communect can be an alternative secure communication system in areas that do not have access to conventional mobile networks or areas with damaged telecommunication systems.
Computer Security Group, University of the Philippines Diliman, Quezon City, Philippines
SecuriThief: An Online Security Education Tool For the Youth Using True-to-Life Simulations in a Game
The continued exposure of the youth to the different risks online gives rise to the need for children to be educated in the subject of online security. It is the aim of this paper to present an alternate way to educate the youth in their online interactions by the use of true-to-life simulations in a computer game. SecuriThief is one such game that aims to provide a more in-depth learning experience as it places the child in a situational environment where he can use his decision skills to choose the appropriate action in a given scenario. With guidelines as to how the child should go about his online activities, SecuriThief’s goal is to show the children the dangers of the World Wide Web without exposing them to the harm they bring, and in the process, teach them how to act appropriately. SecuriThief’s prototype demonstrations show a positive change in the responses of the children to different security scenarios from before they played the game and after, with a 115% increase in correct answers. These show that, indeed, SecuriThief can be an alternative tool for online security education.
Department of Information Systems, City University of Hong Kong
Conceptual Design of an Effective Tracking Framework for Cloud Intrusion Detection
The deployment of each component varies in cloud system. What is commonly known is traditional IDSs are not quite suitable in cloud computing. Adjusted methods and techniques are applied to better support the detection system in cloud. Some agile framework provides respectively efficient detecting process but only with amended network intrusion detection and omitting the individual behaviors. Complex and comprehensive deployment system which covers all these components however lacks a fast tracking solution which is important especially in real time detection. In this research, the positioning of the Network Intrusion Detection System (NIDS) has been changed to behind virtual termination point instead of separating it as an independent module capturing external network packets and a conceptual model has been built to balance the cost and security
Institute of ICT Advancement, Nelson Mandela Métropolitain University
Towards an Cyber Security Education Campaign for Fostering a Societal, Cyber Security Culture
The need for an information security culture has moved beyond its traditional organizational boundaries. Information security is becoming a necessity for all information technology users. Many countries are thus recognizing the need for their citizens to be cyber-aware and cyber-safe. Consequently many countries are beginning to implement national cyber security campaign and efforts. Literature suggests that these campaigns should aim to foster a national/societal cyber security culture to be truly effective. Currently there are no guidelines for how to foster a cyber security culture at a societal level. However one of the elements of the process required to foster a societal cyber security culture would have to be education. If people do not know how to be secure or why they should be secure, they cannot possibly be expected to behave securely. For such education to be relevant it should be effectively conducted. Therefore a scalable, culture fostering campaign from which guidelines can be abstracted is needed. This paper reports on the campaign which shall evolve into this needed campaign. Currently being implemented in the Nelson Mandela Metropolis in South Africa, this campaign which aims to begin fostering a cyber-security culture amongst society’s youth
College of Engineering, Poonjar
Arcanum - Client Side Encryption Based File Storage System
Arcanum is a file storage service that uses a client server architecture as well as client side encryption. The server’s only role is user management, file storage as well as public key storage. The client is the most important part, serving the function of private key storage, encryption and decryption. This paper defines the working as well as the scope and function of this project
Rose Ann Sale Zuniga
Department of Computer Science, University of the Philippines - Diliman
A Design for a Task-Role-Based Access Control for a Personal Health Record System
We proposed in this research a design for a Task-Role-Based Access Control System for Personal Health Record System. Role-Based Access Control and Task-Based Access Control were the foundations used to limit the user’s behavior. Multiple constraints were added to provide a more fine-grained access control. Furthermore, specific policies for PHR systems were also defined. We conducted a survey of 23 available PHR systems and we concluded that our work is novel and it provides the needed security for the limitations of the others. A prototype was created and through a testing with possible users, it was confirmed that the system is secure and usable despite the security levels provided.
Park Sang Bin
Division of Information Security, Korea University, Korea
The Vulnerability of Malicious ‘Record and Replay Attack’ in Radio Frequency Level and Its propagation of Misinformation through Social Network Service
FM radio and DMB signals are good prey for malicious attackers. We clarified that any media that communicates with radio wave can be intentionally 'replayed' through record and replay attack. Also, the spread of misinformation is much easier owing to the development of Social Network Service (SNS). If the misinformation is delivered to several people by replay attack and such incorrect information is spread out through SNS, numerous people will experience social unrest. Furthermore, the spreading of the misinformation on SNS by record and replay attack has a special characteristics in that since it leaves little trace. Thus, it is essential to carefully and seriously consider the counter-plans for delivering misinformation through radio wave or propagating it on SNS. We will discuss removal of the spread of misinformation on SNS by searching advanced researches and also the fundamental prevention of record and replay attack. Finally, we suggest the prediction about developed attacking technique in related realms. Finally, we suggest the prediction about developed attacking technique in related realms
First prize goes to Weizhi Meng for “Evaluating the Effect of Multi-Touch Behaviours on Android Unlock Patterns”
Second prize goes to Jaeho Lee for “A Study on Unknown Malware Detection using Digital Forensic Techniques”
Third prize goes to A.V.P. for “ Festin Communect: Secure Community Connection Using OpenBTS as an Alternative Base Station”
Best presentation skills prize goes to C.G. Salazar
Professor Ji Won Yoon
Professor, Graduate School of Information Security at Korea University
Ji Won Yoon received the B.Sc. degree in information engineering at the SungKyunKwan University, Korea. He obtained the M.Sc. degree in School of informatics at the University of Edinburgh UK in 2004 and the Ph.D. degree in signal processing group at the University of Cambridge UK in 2008 respectively. He worked for robotics group, Oxford University, UK and statistics department, Trinity C ollge Dublin, Ireland. Between 2008 and 2011. In 2012, he also joined in IBM Research laboratory as a research scientist for a year. Currently, he is an assistant professor at graduate school of information security and cyber defense department, Korea University, Korea. His research interests include Bayesian statistics, Signal processing, Machine Learning, data mining, Cyber Security and Biomedical engineering.
Professor Seungjoo Kim
CIST(Center for Information Security Technologies), Korea University
Prof. Seungjoo Kim received my B.S. (1994), M.S. (1996), and Ph.D. (1999) in information engineering from Sungkyunkw an University (SKKU) in Korea. Prior to joining the faculty at Korea University (KU) in 2011, he served as Assistant & Associate Professor of School of Information and Communication Engineering at SKKU for 7 years. Before that, he served as Director of the Cryptographic Technology Team and the (CC-based) IT Security Evaluation Team of the Korea Information Security Agency (KISA) for 5 years. Now he is a Pofessor of Graduate School of Information Security at KU, a member of KU's Center for Information Security Technologies (CIST), and Founder/Advisory Director of a hacker group, HARU and an international security & hacking conference, SECUINSIDE. Also, he has served as an executive committee member of Korean E-Government, and advisory committee members of several public and private organizations such as National Intelligence Service of Korea, Digital Investigation Advisory Committee of Supreme Prosecutors' Office, Ministry of Justice, The Bank of Korea, ETRI(Electronic and Tel e communication Research Institute), and KISA, etc.
Kyeong ho, Son
Kyeong ho Son majors in genetic engineering, mass communications and journalism in Kyung-Hee University, Korea. He holds a master degree in journalism from Semyung University, Korea. Kyeong ho works for ZDNet Korea in Seoul since 2010. His current beat is security and he interested in Bitcoin ecosystem, technology innovation. In security field his main focus is hacking issue targeting South Korea like as 'Dark Seoul', March 20 and June 25, 2013 mass Cyber Attack to government organizations, broadcasting companies and main banks. He interviewed some Korean members of Anonymous hacking group and other famous hackers recently. Previously he also covered semiconductor industry.
Professor of Information Security, Plymouth University
Prof. Steven Furnell is the head of the Centre for Security, Communications & Network Research at Plymouth University in the United Kingdom, and an Adjunct Professor with Edith Cowan University in Western Australia. His interests include security management and culture, computer crime, user authentication, and security usability. Prof. Furnell is active within three working groups of the International Federation for Information Processing (IFIP) - namely Information Security Management, Information Security Education, and Human Aspects of Information Security & Assurance. He is the author of over 240 papers in refereed international journals and conference proceedings, as well as books including Cybercrime: Vandalizing the Information Society (2001) and Computer Insecurity: Risking the System (2005). He is also the editor-in-chief of Information Management & Computer Security, and the co-chair of the Human Aspects of Information Security & Assurance (HAISA) symposium (www.haisa.org). Steve is active in a variety of professional bodies, and is a Fellow of the BCS, a Senior Member of the IEEE, and a full member of the Institute of Information Security Professionals. Further details can be found at www.plymouth.ac.uk/cscan, with a variety of security podcasts also available via www.cscan.org/podcasts. Steve can also be followed on Twitter (@smfurnell).
Dr. Stefano Ortolani
Educational Initiatives Manager, Kaspersky Lab
Stefano Ortolani joined Kaspersky Lab in 2012 as Security Researcher. Since then his responsibilities have included conducting scientific research in collaboration with universities and governmental agencies. His research interests comprise intrusion detection, malware analysis, systems security, and communications privacy. Prior to joining Kaspersky Lab, since 2008 Stefano worked as a Systems Security Researcher at Vrije Universiteit Amsterdam, The Netherlands. As Ph.D. Candidate, he published a number of papers in international conference proceedings, as well as in international journals; he later earned his Ph.D. by successfully defending his dissertation titled "Keylogger Detection and Containment". Stefano also holds an MSc in Computer Science awarded summa cum laude from the Ca' Foscari University of Venice, Italy
Director, Europe, Global Research & Analysis Team, Kaspersky Lab
Marco was appointed Director of Europe for the company’s Global Research & Analysis Team in March 2013. Prior to becoming Director of Europe, Marco served as the Head of Kaspersky Lab’s Global Research & Analysis Team in Germany. Marco brings more than 13 years of IT security experience to his role and is responsible for managing the threat landscape in Europe while specializing in web and social networking threats and Apple OS security. Apart from research, Marco is responsible for maintaining close contact with independent testers and security partners. Marco began his career with Kaspersky Lab back in 2004 as a Technical Consultant, providing expert knowledge on Linux and Unix-based systems. He has also been involved in corporate sales management, before moving on to become the technical contact for the OEM department, supporting customized solutions. Marco has participated in the
Principal Security Researcher, Global Research & Analysis Team, Kaspersky Lab
Vitaly joined Kaspersky Lab in 2005 as an Infrastructure Services Developer for the Antivirus lab. In 2008, he was appointed to the position of Senior Antivirus Expert before becoming Director of the EEMEA Research Center in 2009. In 2010, Vitaly spent working in Japan as a Chief Malware Expert, leading a group of local researchers. He specializes in threats focusing on global network infrastructures, malware reverse engineering and cybercrime investigations. Prior to joining Kaspersky Lab, Vitaly worked as a software developer and system administrator. Vitaly is a graduate of the Belarussian State University
Senior Security Researcher, Global Research & Analysis Team, Kaspersky Lab
David joined Kaspersky Lab in 2010 as a senior security researcher for the Nordic region. From his base in Stockholm, Sweden, he is also responsible for technical PR activities for the same region and also for Benelux, where he acts as a technical spokesperson.
David has a passion for researching vulnerabilities and threats. His research often focuses on identifying vulnerabilities and threats in not only enterprise environments but also identifying social and psychological threats in, for example, social media. He also has a true passion for alternative operating systems such as UNIX, Linux, BSD etc. Prior to joining Kaspersky Lab, David worked in vulnerability research and vulnerability management. He was a senior security researcher, advisor and consultant at TrueSec AB. Before joining TrueSec AB in 2008, David worked for seven years at Outpost24, starting out as chief researcher and rising to vice president for customer experience by the time he left the company.
Dr. Priyadarsi Nanda
Senior Lecturer (Associate Professor) at the University of Technology, Sydney (UTS), Australia
Dr. Priyadarsi Nanda is a Senior Lecturer (Associate Professor) at the University of Technology, Sydney (UTS), Australia, in the Faculty of Engineering and Information Technology. He has over 23 years of experience in teaching and research and has served various positions around the world. Dr. Nanda is a core research member of UTS Research Centre for Innovation in IT Services and Applications (iNEXT). Dr Nanda’s research is mainly in the area of network security, network quality of service, assisted health care using sensor networks, and wireless sensor networks. Dr. Nanda is the leader of Network Security and Application research group within the iNEXT research centre at UTS. He is currently supervising Five PhD students. Dr. Nanda has published over 40 refereed research publications including 9 journal articles, 7 book chapters, 1 conference tutorial and 24 refereed conference papers. Dr. Nanda is a Senior Member of IEEE
Deputy Director, Global Research & Analysis Team, Kaspersky Lab
Sergey joined Kaspersky Lab in 2002 and was appointed Deputy Director of the company’s Global Research & Analysis Team in March 2013. Prior to becoming Deputy Director, Sergey was head of the company’s Global Research & Analysis Team in the EEMEA region. Sergey is responsible for managing the department’s operational activities in addition to organizing Kaspersky Lab’s annual Security Analyst Summit. Each year the summit brings the world’s best IT security experts together to collaborate and exchange research alongside international organizations, law enforcement agencies and technology companies. Sergey has a degree in Applied Mathematics from the Moscow State University of Railway Engineering and holds a postgraduate degree in IT Security. He is based in Moscow