The Dutch
Security Cluster
 
 
The Dutch
Security Cluster

Gratis seminar - Reliable infiltration detection by packet tagging

25
Jan
Date:
25 January 2018
Time:
14:00 - 16:00 hrs
Location:
Maanplein 55, Den Haag
Organised by:
KPN

Het maandelijkse gratis te bezoeken Guest Hacker Program van KPN komt terug in 2018! Met als eerst spreker op 25 januari Ben Gras, PhD student aan de Vrije Universiteit. Ben zal spreken over 'Betrouwbare infiltratiedetectie door packet tagging'. Zorg dat je je aanmeldt via guesthackerprogram@kpn.com

Bio spreker:
Ben is a PhD student in the systems security research group of prof. Herbert Bos of the VU University in Amsterdam, working on software reliability, defensive research projects, and most recently, offensive research, most noticeably publishing on making cross-VM Rowhammer exploitation reliable and a microarchitectural MMU cache side channel attack. He is pursuing a PhD in mischief there. This work was developed during a 6 months internship with Cisco in Knoxville, TN, with their security research, evaluation and forensics group.

Samenvatting:
Reliable router malware detection. Infrastructure compromise (i.e. hacking into routers and switches) is the purview of very advanced attackers, commonly assumed to be Advanced Persistent Threat (APT) groups. These are frequently cyber-capability units of military or intelligence branches of nation states governments. As recently leaked documents show, NSA spends a significant amount of resources to be able to intercept traffic, and implanting switches and routers is one of the strategies.

We propose a cryptographic tagging based system that can reliably detect malware packets originating from a router (after router compromise), without any cooperation (i.e. trust) from the possibly-compromised devices themselves. We evaluate the classification reliability and performance overhead in the lab.

As a side effect of doing the lab evaluation of this talk at Cisco, I was able to access real malware collected in the field from customers' routers memory, and we did significant binary analysis on one of the samples. This work also includes deep technical details of cryptographic properties and packet processing mechanics and capabilities of one of the malware samples. I'm not allowed to speculate which threat actor this was, but from context we can infer this is a "Very advanced adversary" - some of the fingerprints one of them is known to leave are public knowledge, so that adds some excitement to this talk - this malware was not supposed to be discovered yet we can talk about a lot of the details.

More events

22-02
Jul-Aug

Summerschool 2019 AIVD-MIVD

location:
organised by:
AIVD/MVID
HSD event
22-02
Jul-Aug

Summerschool 2019 AIVD-MIVD

location:
organised by:
AIVD/MVID
HSD event
19-23
Aug

National Cyber Security Summer School 2019

location:
organised by:
Dcypher, CGI, CSR, Nederland ICT, TU Delft, NWO, Microsoft, Radboud Universiteit, Crisisplan, Schiphol Group, NCSC, KPN
HSD event
25-30
Aug

International Cyber Security Summer School 2019

location:
organised by:
NATO C&I Agency, Europol,EY, Leiden University and The Hague Security Delta.
HSD event
07
Sep

Challenge the Cyber

location:
Dutch Innovation Factory, Zoetermeer
organised by:
NCSC, dcypher
HSD event
07
Sep

Global CyberLympics 2019

location:
Oshawa, Canada
organised by:
EC-Council Foundation
HSD event
12
Sep

HSD Café: Quantum Computing

location:
HSD Campus, 7th Floor
organised by:
The Hague Security Delta
HSD event
18-19
Sep

Conference en matchmaking innovative defence technologies for the virtual battlefield

location:
Kajaani, Finland
organised by:
European Commission Kainuun Etu – a regional development company of the Kainuu Region in Finland Association of Finnish Defence and Aerospace Industries (AFDA) European Association of Development Agencies
HSD event
23-27
Sep

hardwear.io Security Conference and Training

location:
NH Hotel Den Haag
organised by:
hardwear.io
HSD event
25-26
Sep

IDnext '19 - The European Digital IDentity (un)-conference, The Netherlands

location:
New Babylon Meeting Center, The Hague, The Netherlands
organised by:
IDnext
HSD event
25
Sep

Congres ‘Vormgeving van Informatiegedreven Criminaliteitsbeheersing’

location:
Sociëteit de Witte, Plein 24, 2511 CS Den Haag
organised by:
Universiteit Leiden, Scienceworks i.s.m. Fox-IT, Nationale Politie,PricewaterhouseCoopers en HSD
HSD event
01-03
Oct

International One Conference

location:
World Forum, The Hague
organised by:
Ministry of Economic Affairs and Climate Policy, Ministry of Justice and Security, National Cyber Security Centre
HSD event
07-08
Oct

Unleashing Cyber Security

location:
Rode Hoed Keizersgracht 102, 1015 CV Amsterdam
organised by:
Global Executive Events
HSD event
08-09
Oct

Congres Aanpak Radicalisering en Terrorismebestrijding

location:
The Hague Security Delta Wilhelmina van Pruisenweg 104 2595 AN The Hague
organised by:
Studiecentrum voor Bedrijf en Overheid (SBO)
HSD event
09-11
Oct

7th Europol-Interpol Cybercrime Conference

location:
Europol HQ
organised by:
Europol, Interpol, European Cybercrime Centre (EC3)
HSD event
15
Oct

ECSO Cyber Investor Day

location:
Luxembourg
organised by:
ECSO, SECURITYMADEIN.LU
HSD event
22-24
Oct

WorldPensionSummit 2019

location:
Louwman Museum, The Hague
organised by:
Pensions & Investments
HSD event
28
Oct

Overheidsbrede Cyberoefening: wat zou jij doen?

location:
Media Plaza Utrecht, Jaarbeurs, Entree Oost, Croeselaan 6, Utrecht
organised by:
Ministerie van Binnenlandse Zaken en Koninkrijksrelaties
HSD event
29-30
Oct

The Future of Quantum Computing, Quantum Cryptography and Quantum Sensors

location:
Louwman Museum, The Hague
organised by:
QuTech, 3DR Holdings and Inside Quantum Technology (Industry Analysis and Consulting)
HSD event
14
Nov

KVNRO Symposium “Defensie Structureel Partner Nationale Veiligheid”

location:
Generaal-Majoor Kootkazerne Wolweg 100 3776 LT Stroe
organised by:
Koninklijke Vereniging van Nederlandse Reserveofficieren (KVNRO)
HSD event
14-15
Nov

Dataprotectie & Privacy Congres – 7e editie

location:
Van der Valk Exclusief Winthontlaan 4 3526 KV Utrecht Nederland
organised by:
IIR
HSD event
19-22
Nov

Milipol Paris 2019: Leading event for homeland security and safety

location:
Paris-Nord Villepinte Exhibition Centre
organised by:
Comexposium
HSD event
21
Nov

NISA Conference 2019

location:
HSD Campus, Wilhelmina van Pruisenweg 104, The Hague
organised by:
The Netherlands Intelligence Studies Association
HSD event
03
Dec

dcypher Symposium 2019

location:
MediaPlaza (in het jaarbeurs gebouw) Jaarbeursplein 3521 AL Utrecht
organised by:
dcypher
HSD event
09-12
Dec

11th IEEE International Workshop on Information Forensics and Security

location:
Delft, The Netherlands
organised by:
Delft University of Technology, University Federico II of Naples, University of Innsbruck, Austria
HSD event

The Hague Security Delta is required by law to ask permission for using cookies. We use functional cookies, and cookies for managing website statistics.
The cookies are processed anonimously. By continuing on our website, you accept the use of cookies. 
Read our privacy and cookie policy for more information.

 

Close