9th International Conference on Security and Privacy in Communication Networks

September 25–27, 2013 | Sydney, Australia

Mike Holm (Operations Manager, AusCERT)

Mike is the Operations Manager at AusCERT, the premier CERT (Computer Emergency Response Team) in Australia and a leading CERT in the Asia/Pacific region. Prior to joining AusCERT Mike spent ten years as an information security specialist and manager within the financial services industry, and five years in the IT service industry caring for small business and education customers. Mike enjoys contributing to the information security community by coordinating AusCERT's incident response and threat analysis services. He's interested in improving awareness of information security issues to combat the range of modern threats facing every Internet user. During those rare times when Mike's laptop is shut, you might find him walking his beagles or perhaps sailing on Moreton Bay.

Title of talk: Challenges in Cyber Security

Abstract – AusCERT takes a collaborative approach and encourages information sharing in order to defend against cyber attacks. In this 21st year of AusCERT's operation, we'd like to share with you a little of our history including our part in founding APCERT and participation in a number of industry bodies. It's our aim to raise awareness and this is more important than ever after cyber threats turned to new industries such as health and industrial control systems. A significant part of AusCERT's operation includes research into new and emerging threats. Earlier this year AusCERT delved into the Internet Census 2012 and was privileged to obtain data from the researcher behind the Carna Botnet (which was responsible for the census). Made available only to AusCERT, this data was the key to discovering approximately 1.2 million compromised devices worldwide. Join us for the Carna Botnet story and see how AusCERT addressed this threat.

James Turner (Chair AISA Advocacy Group)

James Turner is an IBRS Advisor who specialises in information security, data centres and cloud and mobility security. He has more than a decade of experience in enterprise IT security and data centres. Prior to joining IBRS in 2007, James was Frost & Sullivan's industry analyst for IT security. James has also held a range of technical and IT management roles, and has a deep understanding of the day-to-day challenges faced by security professionals, and organisations managing technical risks. A recognised expert in his field, and the only industry analyst focussed on IT security within the Australian and New Zealand markets. James is the Chair of the Australian Information Security Association’s (AISA) Advocacy Group, and is an authorised spokesperson for AISA.

Title of talk: Data breach disclosure and other dinner party games

Abstract – James Turner will present on key issues which he sees impacting the Australian IT security industry. These issues range from the technical to the psychological, to the sociological. James will explore these areas and discuss how the academic community could provide much needed relief to the industry.

Mark Goudie (Regional Manager – Investigations, Dell SecureWorks)

Mark Goudie is the Practice Manager at Dell SecureWorks for the Computer Forensics and Incident Response for the Asia Pacific/Japan region. Prior to Dell SecureWorks, Mark was the Regional Manager at Verizon Investigative Response, Asia Pacific where he led many high profile computer forensics investigations within Australia, New Zealand, United States, Japan, Singapore, India and other countries around the world. Mark has made frequent appearance on regional television and radio programs as an expert on cyber threats. He possesses over 20 years of combined experience in Information Security and has worked on, e--‐crime investigations, Incident Response, software development, security, network and application architectures.

Title of talk: Know thy Enemy

Abstract - Data breaches continue to plague organisations worldwide and in 2013 we are confronted with three different types of attackers. No longer are the attackers simply the stereotypical bored teenager with too much time on their hands, but increasingly they are a mixture of cyber criminals, hacktivists and state sponsored groups. Each of these groups has distinct tools, techniques and targets. Knowing the behaviours and objectives of these groups provides us with insight to prepare the best defences to minimise our chances of being the next victim in the headlines. The presentation will also discuss the motivations of the three groups and how this influences their techniques including the types of organisations and data assets that each group targets. This information provides the attendees with practical advice on how we can best prepare ourselves for an attack and what we can do to minimise our chances of being a victim. First‐hand experience in managing and investigating data breaches from Australia and internationally will be used to provide depth to the presentation, along with live demonstrations of some techniques commonly used by attackers.

Jiankun Hu (Australian Defence Force Academy, UNSW)

Jiankun Hu is full professor and research director of Cyber Security Lab at UNSW@ADFA. Prior to this appointment, he used to work in RMIT and the University of Melbourne. Prof. Hu has been awarded the prestigious German Alexander von Humboldt research fellowship and his main research interest is in the field of cyber security including access control using biometrics, anomaly intrusion detection and wireless sensor key management. He has served as Program Chair and Symposium Chair for many international conferences including IEEE Flagship Conferences ICC and Globecom. Prof. Hu has been awarded 7 ARC (Australia research Council) grants in the field of security. He is the member of the prestigious Mathematics, Information and Computing Sciences (MIC) Panel, ERA (Research in Excellence Australia) 2012 Research Evaluation Committee (REC). Prof. Hu has publications on top venues including IEEE Transactions on Computers, IEEE Transactions on Parallel and Distributed Systems, and IEEE Transactions on Pattern Analysis and Machine Intelligence.

Title of talk: Cyber Security: from Bio-cryptography to Intrusion Detection

Abstract – Cyber security has been placed as Australia National Priority. Yet, we have witnessed a large scale hacking attacks on the accounts of at least 10 federal ministers including then Prime Minister over email network systems in 2011. There exists a perception that cyber security is about cryptography, and hence enormous resources have been devoted to this field. However, cyber security is a system concept: “Security strength depends on its weakest link”! Hacking might not be necessarily related to cryptography. Denial of service attacks have nothing to do with cryptography. Unfortunately such attacks are becoming more and more dominate!. In this talk I’ll introduce latest developments in the emerging bio-cryptography for access control and anomaly intrusion detection. Opening challenges will be discussed.