Objectives

  • Increase awareness of information security in the information technology community.
  • Bring together researchers, technology experts and students interested in the area of information security to discuss current and potential challenges in the field and discuss possible solutions.
  • Strengthen academic and industrial relations and provide a common ground to explore possible venues of collaboration in the area of information security.
  • Raise the level of interest in information security among students and promote security programs and courses offered at KFUPM.

Targeted Audience

  • Experts in the Communications and Information Technology (ICT) fields.
  • Experts in the fields of secured critical infrastructures and embedded systems.
  • Academics in the ICT and Information Systems fields.
  • Specialists in the ICT fields.
  • Students of the ICT and Information Systems majors.
  • General audience interested in Information Security, Cyber Security and Cyber Terrorism.

Speakers

Prof. Mustaque Ahamad

Georgia Institute of Technology
Information Security and Assurance Center of Excellence

View details »

Prof. Shiu-Kai Chin

Syracuse University

View details »

Mr. James Fox

Booze-Allen-Hamilton MEA

View details »

Mr. Vijay Srinivas

Syracuse University
Senior Director, Corporate Relations and Technical Alliances

View details »

Mr. Fadi Mantash

Enterprise Account Manager

View details »

Dr. Sami Zhioua

King Fahd University of Petroleum and Minerals

View details »

Dipl. Ing. Peter Weinzierl

View details »

Dr. Basil AsSadhan

View details »

Mr. Mohanned Hassan

View details »

Venue

King Fahd University of Petroleum and Minerals, Dhahran, KSA
Building 20, Room 103




Agenda



Sunday - 13 April
Time Speaker Title
12:15 - 1:00 PM Registration
01:00 - 1:30 PM Dr. Adel Ahmed
Chairman, Information of Computer Science Department
Welcome speech
His Excellency the Rector Dr. Khaled Al-Sultan Opening speech
Distribution of plaques to sponsors
Opening the Exhibition
01:35 - 02:30 PM Dr. Sami Zhioua
King Fahd University of Petroleum and Minerals
Recent Advances in Cyber Threat and Cyber Security
02:30 - 03:00 PM Mr. Fadi Mantash
Enterprise Account Manager – RSA
RSA Advanced Security Operation Center in Action
03:00 - 03:30 PM Dr. Basil AsSadhan
Consultant, the Center of Excellence in Information Assurance (COEIA)
Botnet Detection through Analyzing Network Traffic using Statistical Signal Processing Methods
03:30 - 04:00 PM Exhibition


Monday - 14 April
Time Speaker Title
08:30 - 09:25 AM Prof. Shiu-Kai Chin
Professor in the Department of Electrical Engineering and Computer Science at Syracuse University
Educating and Equipping Engineers to Design Secure and Trustworthy Systems
09:25 - 10:20 AM Mr. James F. Fox
Booz Allen Hamilton Cyber Security Practice Lead MENA
Cyber Security in a Mobile and Always-On World
10:20 - 10:40 AM Coffee Break & Exhibition
10:40 - 11:10 AM Mr. Peter Weinzierl
ATOS Wordline company
“Strong Authentication – Really know your users” A flexible approach based on smart cards, biometrics, soft and hard tokens
11:10 AM - 12:05 PM Prof. Mustaque Ahamad
Professor of Computer Science, Georgia Institute of Technology
Global Professor, New York University Abu Dhabi
Ground-Truth Driven Cyber Security Research: Some Examples
12:05 - 01:30 PM Prayer & Lunch
01:30 - 02:10 PM Mr. Vijay Srinivas
Senior Director, Corporate Relations and Technical Alliances
Security and Privacy Issues in integrating Vehicle-to-Grid (V2G) concepts of Plug-in Electric Vehicles (PEVs) in the Smart Grid
02:10 - 02:40 PM Mr. Mohanned Hassan
Sr. Information Security Consultant at IT Security Training & Solutions (ITS2)
Insight on today's Digital forensics
02:40 - 03:40 PM Session moderator: Dr. Ashraf Al-Fagih
Panelists:
• Prof. Shiu-Kai Chin
• Prof. Mustaque Ahamad
• Mr. James F. Fox
Panel Discussion
Cyber Security: Future Directions
03:40 - 04:40 PM Prayer & Exhibition

Event Details

Prof. Mustaque Ahamad

Georgia Institute of Technology
Information Security and Assurance Center of Excellence

Download Slides

Ground-Truth Driven Cyber Security Research: Some Examples

11:10 AM - 12:05 PM, Monday 14th April

Like other fields of security, cyber security must make assumptions about trust in systems and people, and the threats that will target systems that need to be secured. Based on such assumptions, we strive to provide certain security guarantees. There is much talk about the growing sophistication of cyber security threats. However, making realistic assumptions about such threats requires access to data that can reveal the ground-truth.Thus, data becomes an enabler for research that seeks to understand threats proactively and to develop defenses against them. This talk will cover several examples of research projects that would not have been successful without access to data. These range from malware analysis to attacks that use the converged telephony infrastructure to craft automated and large-scale accounts. The talk will conclude by arguing that data sharing and coordination is a key requirement for us to address future cyber security threats.

About the Speaker

Dr. Mustaque Ahamad received the B.E.(Hons.) degree in Electrical and Electronics Engineering from the Birla Institute of Technology and Science, Pilani, India in 1981 and the M.S. and Ph.D. degrees in Computer Science from the State University of New York, Stony Brook, in 1983 and 1985, respectively. Dr. Ahamad's research interests are in distributed operating systems, computer security, and fault-tolerant systems. Dr. Ahamad is working as a professor at College of Computing, Georgia Institute of Technology. In addition, he is a co-founder & chief scientist at Pindrop Security and a global professor at New York University Abu Dhabi.

Prof. Shiu-Kai Chin

Syracuse University
Download Slides

Educating and Equipping Engineers to Design Secure and Trustworthy Systems

08:30-09:25 AM, Monday 14th April

The ever-growing Internet of Things (IoT) makes it imperative that we avoid the false choice between practicality or rigorous assurances of security, safety, and integrity. The number of networked objects with computer and network enabled command-and-control (C2) is approaching 50 billion. Every aspect of our society, from banking, telecommunications, power, and health care, to the fuel injection and locks in our cars, depends on correct and secure computer-enabled C2. Physical space and cyberspace are becoming ever more intertwined. A well-known and accepted fact of systems engineering is that flaws due to errors of commission or omission are cheapest to fix when on the drawing board while prohibitively expensive to fix on deployed systems. This fact, coupled with the explosive growth in size of the IoT, makes correcting security flaws in the post-design phase of systems prohibitively expensive and impractical. A trustworthy IoT requires designed-in security from the start. The question is, how? This talk describes our research and educational programs whose objective is to vastly increase the number of engineers capable of designing, implementing, and verifying custom hardware and software that are assured to satisfy security properties. The theory, practice, tools, examples, textbook, summer internships, and educational programs described here are a result of an eleven-year partnership with the US Air Force Research Laboratory. Over three hundred engineering students (mostly undergraduates) from over fifty US and UK universities have learned these methods. We have applied these methods to military systems with computer-enabled C2, banking protocols for high-value commercial transactions, and smart power grids in support of C2 to manage demand/response during peak load periods.

About the Speaker

Dr. Shiu-Kai Chin is a Professor in the Department of Electrical Engineering and Computer Science at Syracuse University. He is Co-Director (with Scott Bernard) of the Center for Information and Systems Assurance and Trust (CISAT). Professor Chin’s research applies mathematical logic to the engineering of trustworthy systems. Shiu-Kai supports the research program of the Air Force Research Laboratory’s Cyber Operations Branch in the Information Grid Division (RIG) in trustworthy systems and hardware-based computer security. His focus is on access control and policy-based design and verification. He is a member of the National Institute of Justice’s Electronic Crime Technical Working Group. Shiu-Kai is co-author, with Dr. Susan Older, of the textbook Access Control, Security, and Trust: A Logical Approach, CRC Press, 2011.

Mr. James Fox

Booze-Allen-Hamilton MEA
Download Slides

Cyber Security in a Mobile and Always-On World

09:25-10:20 AM, Monday 14th April

As mobile devices proliferate in the world, the attacks on mobile devices are increasing dramatically. This presentation discusses the various cyber threats to mobile devices, typical means of exploiting them and how organizations can begin to defend themselves.

About the Speaker

Mr. Fox has over two decades of experience developing real-world cyber security solutions. He was one of the co-founders of McKinsey & Company's financial services technology practice and has founded and led multiple cyber security and mobile technology start-ups. He is a graduate of the United Stated Naval Academy and holds an MBA from the Wharton School at the University of Pennsylvania. Presently, Mr. Fox leads Booz Allen Hamilton's cyber security practice in the Middle East North Africa region.

Mr. Vijay Srinivas

Syracuse University
Senior Director, Corporate Relations and Technical Alliances

Download Slides

Security and Privacy Issues in integrating Vehicle-to-Grid (V2G) concepts of Plug-in Electric Vehicles (PEVs) in the Smart Grid

01:30-02:10 PM, Monday 14th April

Rapid deployment of advanced communication and networked computer control is revolutionizing the electric power system. The “Smart Grid” as it is often referred, requires a high degree of connectivity between devices controlled by different parties. The US fleet of plug-in electric vehicles (PEVs) is expected to expand rapidly in the coming decades, with recent estimates suggesting that there will be a million or more PEVs on the road by 2016 and more than ten million by 2030. Deployment of PEVs on this scale will present new cyber security challenges for the electrical grid. Charging a large, distributed, and mobile fleet of PEVs will require secure and trustworthy communications and control systems that meet the needs of many stakeholders: vehicle owners; utilities responsible for the transmission and distribution infrastructure; system operators responsible for balancing electricity supply and demand in real time; private parties operating networks of charging stations; and third party firms providing energy and ancillary services to wholesale electricity markets. The energy storage capacity available in PEVs could help facilitate the integration into the grid of intermittent renewable energy sources, such as wind and solar by storing some of the output in PEV batteries (a distributed storage network) to be drawn down later in the afternoon, via V2G discharging of the PEV batteries, at a time of peak demand. However, realizing these benefits will require secure, bidirectional control and communication between vehicles, key components of the distribution and transmission network (particularly as other smart grid technologies are deployed), and utilities or third party firms providing demand response services. Such communications and control mechanisms will need to provide trustworthy accountability for the purposes of billing, contracts and even forensic analysis in the event of security breaches. Also key is the protection of personal identifiable information (PII), and thus privacy of stakeholders such as the PEV owners, for widespread adoption.

About the Speaker

Vijay is the Senior Director for Corporate Relations and Technical Alliances, at Syracuse University. Vijay’s responsibilities include the identification and development of university-corporate partnerships – in the domestic and international markets. He works closely with the cybersecurity faculty and provides programmatic and marketing support for the 18-credit Cyber Engineering Semester. He is a member of the PreSAGE group that conducts research on security and privacy issues in Smart Grid implementation. Vijay also mentors faculty-led and student-lead entrepreneurial ventures and served as the business mentor for a Syracuse University team in the NSF I-Corps program. Vijay has over 20 years of industry experience and has held leadership positions in systems engineering, program execution and business development. Vijay holds MS (Manufacturing), MBA (Operations and International Finance), and is a graduate of the Central New York Advanced Course in Engineering (CNY-ACE) - all from Syracuse University. He is currently pursuing the Doctorate of Professional Studies from the School of Information Studies at Syracuse University, and his research is in academic entrepreneurship.

Mr. Fadi Mantash

Enterprise Account Manager


RSA Advanced Security Operation Center in Action

02:30-03:00 PM, Sunday 13th April

About the Speaker

Fadi Mantash works within RSA as an Enterprise Account Manager covering multiple verticals and sectors within the KSA. He has over 11 years of experience in the field of Information Security and IT. He currently holds multiple industry certifications such as CISSP, CISM, ISO 27001 and many others. He has developed an excellent understanding of the Information Security and Information Technology industries working closely with major Educational Institutions, Enterprises, Telecommunication Providers, Financial Institutions and the Public Sector. He has a wide experience in the field of monitoring solutions especially from a security and operations angle, both from an In-House and Managed Services perspectives.

If you are interested in getting the slides, you can send an email to fadi.mantash@emc.com

Dr. Sami Zhioua

King Fahd University of Petroleum and Minerals

Recent Advances in Cyber Threat and Cyber Security

01:35-02:30 PM, Sunday 13th April

Cyber Security is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. One of the most problematic elements of cybersecurity is the quickly and constantly evolving nature of security risks. In this regard, the cyber security field can be considered as a playground of a cat and mouse game; A constant pursuit to fortify the vulnerabilities revealed by cyber criminals met with more diverse methods of attack, forcing each side to perpetually adapt their offensive and defensive tactics. Unfortunately, cyber criminals are winning the game so far and remain one step ahead in this battle. The main focus of this talk is to give an overview of the state of the art in cyber threat and in cyber security. Recent cyber threats include sophisticated state-sponsored malware, ingenious covert communication channels, drive-by downloads, exploit kits, advanced password cracking techniques, etc. On the defensive side, new cyber security tactics include proactive security approaches, penetration testing, new generations of security tools, etc.

About the Speaker

Dr. Sami is working as an assistant professor at Information and Computer Science Department of King Fahd University of Petroleum and Minerals. Before joining KFUPM, he was a post-doctoral research and teaching fellow at McGill University, Canada. He graduated from Laval University (Ph.D. 2008 and M.Sc. 2003). His research interests include Anonymity Protocols, Hacking techniques, Reinforcement Learning and Java virtual machines. Dr. Sami is the author of three books and several conference and journal papers.

Dipl. Ing. Peter Weinzierl


Download Slides

“Strong Authentication – Really know your users” A flexible approach based on smart cards, biometrics, soft and hard tokens

10:40-11:10 AM, Monday 14th April

About the Speaker

Mr. Weinzierl graduated from Vienna University of Technology in Electrical Engineering – Control and Industrial Electronics in 1989 and started his career at Siemens AG in Austria in the R&D of mobile communications technology subsequently working in the development of synchronous digital hierarchy network elements in international projects. In year he joined the security, biometrics and recognition technology within Siemens and contributed in building up the Siemens competence center for biometrics in 2005. The Siemens Biometric Center with Peter Weinzierl heading delivered the biometrics extensions in 7 national ID projects all over Europe and a large number of strong authentication solutions to private enterprises and industry customers in Europe and USA. Mr. Weinzierl and the biometrics & strong authentication portfolio is now with Atos Worldline which eventually was formed out of the merger of Atos Origin and Siemens IT Solutions and Services in 2011. He has been co-authoring the chapter “Biometric Authentication” in the book “Enterprise Securityedited by Siemens AG and is lecturer for the biometrics security module within University course “Information Security Management” at Danube University Krems and coaching master degree thesis students.

Dr. Basil AsSadhan


Download Slides

Botnet Detection through Analyzing Network Traffic using Statistical Signal Processing Methods

03:00-03:30 PM, Sunday 13th April

Network traffic analysis is an essential component in the management and security of current networks and in the design and planning of future networks With the growth of high bandwidth applications in the Internet, network traffic analysis increasingly demands methods that can scale up. In my research work, I propose to look at the control plane traffic as an alternative to the total traffic (control and data planes combined) to minimize the amount of network traffic to consider in order to increase efficiency and scalability. I show the benefits of using statistical signal processing methods to analyze and monitor aggregate network traffic with focusing on botnet detection as it is became a major threat to the communication and information infrastructure.

About the Speaker

Dr. Basil AsSadhan received his Ph.D. degree in Electrical and Computer Engineering from Carnegie Mellon University, Pittsburgh, PA, USA in 2009. He is currently an assistant professor at the Electrical Engineering Department, and consultant at the Center of Excellence in Information Assurance (COEIA), King Saud University, Riyadh, Saudi Arabia. He also works as a cyber security consultant at International Systems Engineering. His research interests are in the areas of network security, network traffic analysis, anomaly detection, and pattern recognition. He is a recipient of the King Abdullah University of Science and Technology Scholar Award, which was awarded to him during his studies at Carnegie Mellon and was only given to a limited number of distinguished Ph.D. students worldwide.

Mr. Mohanned Hassan


Download Slides

Insight on Today's Digital Forensics

02:10-02:40 PM, Monday 14th April

Introduction to Digital Forensics, Computer Forensic Incidents and example, Investigation Process , Disk Storage Concepts, Investigation Process, Digital Acquisition and Analysis, Digital Evidence Presentation, Electronic Discovery of Information, Cell phone and USB forensics and Reporting.

About the Speaker

Mohanned is a Sr. Information Security Consultant at IT Security Training & Solutions (ITS2) Amman- Jordan. He has over twenty years of Information Security & IT Consulting, Training and Implementation experience. Prior to ITS2 Mohanned worked for SISCOM, Security Wits Technologies, IT Security C&T, the Government of Jordan, Bright Point Technologies, Depaul University, Isra’a Private University, Philadelphia Private University in the areas of Information Security Training, Ethical Hacking, Computer Forensics, Pentesting, Network Implementation, OS’s, security testing, network troubleshooting, project management, CCTV systems, Fire Alarm and Fighting Systems, GPS Tracking Systems, RFID Systems, information security and risk management, IT Governance, IT Service Management and business continuity.

Registration

Thank you for your interest. This event has passed. Please check back next year.

Sponsors


Contact Us

If you have some qustions or comments, you can leave them bellow
Send Message
Your message has been sent successfully!
Unable to send your message, please try later.