The Dutch
Security Cluster
 
 
The Dutch
Security Cluster

Gratis seminar - Reliable infiltration detection by packet tagging

25
Jan
Date:
25 January 2018
Time:
14:00 - 16:00 hrs
Location:
Maanplein 55, Den Haag
Organised by:
KPN

Het maandelijkse gratis te bezoeken Guest Hacker Program van KPN komt terug in 2018! Met als eerst spreker op 25 januari Ben Gras, PhD student aan de Vrije Universiteit. Ben zal spreken over 'Betrouwbare infiltratiedetectie door packet tagging'. Zorg dat je je aanmeldt via [email protected]

Bio spreker:
Ben is a PhD student in the systems security research group of prof. Herbert Bos of the VU University in Amsterdam, working on software reliability, defensive research projects, and most recently, offensive research, most noticeably publishing on making cross-VM Rowhammer exploitation reliable and a microarchitectural MMU cache side channel attack. He is pursuing a PhD in mischief there. This work was developed during a 6 months internship with Cisco in Knoxville, TN, with their security research, evaluation and forensics group.

Samenvatting:
Reliable router malware detection. Infrastructure compromise (i.e. hacking into routers and switches) is the purview of very advanced attackers, commonly assumed to be Advanced Persistent Threat (APT) groups. These are frequently cyber-capability units of military or intelligence branches of nation states governments. As recently leaked documents show, NSA spends a significant amount of resources to be able to intercept traffic, and implanting switches and routers is one of the strategies.

We propose a cryptographic tagging based system that can reliably detect malware packets originating from a router (after router compromise), without any cooperation (i.e. trust) from the possibly-compromised devices themselves. We evaluate the classification reliability and performance overhead in the lab.

As a side effect of doing the lab evaluation of this talk at Cisco, I was able to access real malware collected in the field from customers' routers memory, and we did significant binary analysis on one of the samples. This work also includes deep technical details of cryptographic properties and packet processing mechanics and capabilities of one of the malware samples. I'm not allowed to speculate which threat actor this was, but from context we can infer this is a "Very advanced adversary" - some of the fingerprints one of them is known to leave are public knowledge, so that adds some excitement to this talk - this malware was not supposed to be discovered yet we can talk about a lot of the details.

More events

22
Nov

HSD Café: Human Factor in Physical Security

location:
HSD Campus, 7th Floor.
organised by:
The Hague Security Delta.
HSD event
22
Nov

Congres 'Nieuwe perspectieven in crisismanagement'

location:
Hotel Restaurant Oud London
organised by:
SVDC en DIEM (Daily Impact Emergency Management)
HSD event
22
Nov

Hâck Den Haag 2018

location:
City Hall. The Hague
organised by:
Cyberspint, City of The Hague
HSD event
23
Nov

Security according to Zero Trust (using VMware NSX)

location:
Waardenburg, The Netherlands
organised by:
ON2IT
HSD event
26-30
Nov

Amsterdam Drone Week 2018

location:
RAI Amsterdam
organised by:
RAI Amsterdam in collaboration with Ministry of Infrastructure and Water Management
HSD event
27-28
Nov

Congres Drones in het publieke domein

location:
RAI Amsterdam
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
27-28
Nov

Cyber Investor Days

location:
Berlin, Germany
organised by:
European Cyber Security Organisation (ECSO), secunet Security Networks AG and IT security association TeleTrusT Bundesverband IT-Sicherheit e.V.
HSD event
28-29
Nov

CyberMatch London Brokerage Event

location:
London
organised by:
Enterprise Europe Network (EEN) London
HSD event
29
Nov

Opleiding bibob coordinator

location:
Regardz La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
29-30
Nov

Congres Veiligheid bij Evenementen

location:
RAI Amsterdam
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
29
Nov

Jaarcongres Witwassen 2018

location:
Hotel veenendaal
organised by:
Studiecentrum Kerckebosch
HSD event
29
Nov

Amsterdam Security Conference

location:
RAI Amsterdam Europaplein 1078 GZ Amsterdam Nederland
organised by:
Rai Amsterdam Exhibitions & VPN
HSD event
04-19
Dec

Cursus Crisismanagement in de praktijk

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
04-18
Dec

Opleiding Inzicht in Criminologie

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
05-07
Dec

Counterterrorism (CT) and Applied Intelligence Course (8th edition)

location:
Park Hotel, The Hague, Netherlands
organised by:
Twickelerveld Intelligence and Investigations
HSD event
05-07
Dec

Cyber Security Indonesia (CSI) 2018

location:
Jakarta Convention Centre
organised by:
Tarsus Indonesia
HSD event
05-06
Dec

Security Research Event (Announcement)

location:
The Square Rue Mont des Arts 1000 Brussels
organised by:
European Commission & the Chairman of the European Union
HSD event
06-20
Dec

Cursus Bestuursrechtelijk handhaven

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
06-20
Dec

Cursus Waarheidsvinding

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
06-20
Dec

Cursus Predictive profiling

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
13
Dec

Opleiding beleidsmedewerker Openbare Orde en Veiligheid

location:
Regardz La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
08-12
Jan-Mar

Cursus Bestuurlijke aanpak van ondermijning

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
10
Jan

Opleiding Fire Safety Manager

location:
BVO
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
15
Jan

Cursus Drones in de openbare ruimte

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
16-18
Jan

TUS Expo Europe 2019

location:
Ahoy Rotterdam, the Netherlands.
organised by:
Gielissen Tradeshows | Conferences
HSD event
08-12
Jan-Mar

Cursus Bestuurlijke aanpak van ondermijning

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
05
Feb

Opleiding Resilience Officer

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
07
Feb

Cursus Bestuurlijke aanpak van radicalisering en terrorisme

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
14-15
Feb

Congres Milieucriminaliteit

location:
The Hague Security Delta Campus
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
08-12
Jan-Mar

Cursus Bestuurlijke aanpak van ondermijning

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
05-19
Mar

Cursus Openbare Orde, Rampen en Noodbevoegdheden

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
14
Mar

Cursus Wet- en regelgeving in Openbare Orde en Veiligheid

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
14
Mar

Opleiding Overlastcoördinator

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
27-29
Mar

ASIS Europe 2019 - From Risk to Resilience

location:
WTC Rotterdam
organised by:
ASIS International
HSD event
15-16
Apr

(ISC)² Secure Summit EMEA 2019

location:
World Forum, The Hague.
organised by:
(ISC)² & Pepler Lee Events
HSD event
04-06
Jun

Infosec London 2019

location:
Olympia, London. The United Kingdom.
organised by:
Infosecurity Europe
HSD event
16-20
Jun

Hack in Paris 2019

location:
La Maison de la Chimie, Paris, France.
organised by:
SysDream IT Security Services
HSD event
19-20
Jun

EuroDIG 2019 The Hague

location:
The Hague, the Netherlands.
organised by:
The Ministry of Economic Affairs
HSD event

The Hague Security Delta is required by law to ask permission for using cookies. We use functional cookies, and cookies for managing website statistics.
The cookies are processed anonimously. By continuing on our website, you accept the use of cookies. 
Read our privacy and cookie policy for more information.

 

Close