Sadie Creese is a Professor of Cyber Security in the Department of Computer Science at the University of Oxford. She teaches threat detection, risk assessment and operational aspects of security. Her current research portfolio includes threat modelling and detection, visual analytics for cybersecurity, risk propagation logics and communication, resilience strategies, privacy, vulnerability of distributed ledgers, and understanding cyber-harm. She is Principal Investigator on the AXIS Insurance Company sponsored project “Analysing Cyber Value-at-Risk” focused on developing a method for predicting potential harms arising from cyber-attacks. She is a co-Investigator on the PETRAS EPSRC sponsored Internet of Things Research Hub project “Cyber Risk Assessment for Coupled Systems” which is developing a new risk assessment method aimed at helping organisations prepare for the threats and vulnerabilities we will face as the Internet of Things evolves. She was the founding Director of the Global Cyber Security Capacity Centre (GCSCC) at the Oxford Martin School where she continues to serve as a Director conducting research into what constitutes national cybersecurity capacity, working with countries and international organisations around the world. She was the founding Director of Oxford’s Cybersecurity network launched in 2008 and now called CyberSecurity@Oxford, and is a member of the World Economic Forum’s Global Council on Cyber Security. Sadie is a Fellow of Worcester College, Oxford.
The 2018 edition of Cyber Science took place in Scotland from June 11-12, 2018.
2018 Keynotes & Industry
Professor Sadie Creese
Professor of Cyber Security in the Department of Computer Science at the University of Oxford
Professor Sadie CreeseProfessor of Cyber Security in the Department of Computer Science at the University of Oxford
Michael Matheson, MSP
Cabinet Secretary for Justice, and a Member of the Scottish Parliament
Michael Matheson, MSPCabinet Secretary for Justice, and a Member of the Scottish Parliament
Michael Matheson MSP is the Cabinet Secretary for Justice, and a Member of the Scottish Parliament. He studied at Queen Margaret College, Edinburgh where he obtained a BSc in Occupational Therapy. He also holds a BA and a Diploma in Applied Social Sciences from the Open University.
Prior to becoming an MSP Michael practised as a Community Occupational Therapist with Stirling Council, Central Regional Council, and Highland Regional Council. He was elected as the MSP for Falkirk West following the May 2007 elections. Before that he was a Regional MSP for Central Scotland from 1999-2007. Before being appointed Cabinet Secretary for Justice he was the Minister for Public Health. Michael was Vice Convenor of the European and External Relations Committee. He also sat on the Scottish Parliament’s Health and Sport Committee, and previously served on the Justice and Enterprise and Culture Committees. He was re-elected at the May 5, 2011 election, and thereafter appointed Minister for Public Health.
Dr Cyril Onwubiko
Secretary – IEEE UK & Ireland, and Director, Cyber Security and Intelligence at Research Series Limited
Dr Cyril OnwubikoSecretary – IEEE UK & Ireland, and Director, Cyber Security and Intelligence at Research Series Limited
Dr Cyril Onwubiko is the Secretary – IEEE UK & Ireland, and Director, Cyber Security and Intelligence at Research Series Limited, where he is responsible for directing strategy, IA governance and cyber security. Prior to Research Series, he had worked in the Financial Services, Telecommunication, Health, Government and Public services Sectors. He is experienced in Cyber Security, Security Information and Event Management, Data Fusion, Intrusion Detection Systems and Computer Network Security; and vastly knowledgeable in Information Assurance, Risk Assessment & Management. He holds a PhD in Computer Network Security from Kingston University, London, UK; MSc in Internet Engineering, from University of East London, London, UK, and BSc, first class honours, in Computer Science & Mathematics. He has authored several books including “Security Framework for Attack Detection in Computer Networks” and “Concepts in Numerical Methods.”, and edited books such as “Situational Awareness in Computer Network Defense: Principles, Methods & Applications“, and Cyber Science 2015 – International Conference on Cyber Situational Awareness, Data Analytics and Assessment. He has over 30 articles published in leading and most prestigious academic journals and conferences.
Professor Jens Myrup Pedersen
Associate Professor at Aalborg University, Denmark
Professor Jens Myrup PedersenAssociate Professor at Aalborg University, Denmark
Jens Myrup Pedersen is Associate Professor at Aalborg University, Denmark. After finishing his M.Sc. in Mathematics and Computer science he did his PhD in the field of network planning, and through close collaboration with Danish ISPs the work developed into focusing on cyber security. Today his research is focusing mainly on security from a network point of view, and includes network-based detection of malicious activity using e.g. machine learning and DNS traffic analysis – still carried out in close collaboration with industrial partners. Together with his students he has been exploring the security weaknesses of a number of embedded and IoT devices, including demonstration of poor security in state-of-the art Industry 4.0 production lines. He is an active player in the development of cyber security educations in Denmark, and is currently leading the work of establishing a Danish National Training Platform. He has a strong interest in internationalisation of education and promotion of collaboration between students across countries and disciplines – an interest that has led to coordination of two Erasmus+ Strategic Partnerships. In addition to his employment at Aalborg University he works as external lecturer at Riga Technical University, Latvia, he is board member in companies related to energy and infrastructure, and he also sits on the board of the Society of Telecommunications within the Danish Society of Engineers.
DI Eamonn Keane
DI Eamonn KeaneDetective Inspector
Detective Inspector Eamonn Keane has worked with the Irish and Scottish Police for 33 years principally in the investigation of terrorism, serious crime, criminal investigation, public protection and most recently digital crime and forensic delivery.
His current portfolio is with the Cybercrime, Police Scotland, investigating all aspects of serious and organised crime across Scotland with particular emphasis on technology facilitated crime to include malware proliferation, cybercrime, acquisitive crime, child sexual exploitation, drug supply, and social network abuse.
Eamonn also works extensively with the Scottish Business Resilience Centre championing the ethos of prevention through preparation and intelligence sharing for the Scottish and UK business community.
Head of Security Engineering at Photobox Group
Stu HurstHead of Security Engineering at Photobox Group
Stu Hurst is currently the Head of Security Engineering at Photobox Group (which includes Moonpig, PosterXXL and Hofmann).
He was instrumental in building Skyscanner’s Security team from 2015-2017, having led them to the final of SC Magazine’s Security Team of The Year 2017.
He has previously worked in security at The Trainline and was part of the Cyber Leadership Team at Capital One UK.
He has twice been nominated as a finalist for Cyber Evangelist of The Year at the Scottish Cyber Awards and runs one of Scotland’s leading Tech Meet Ups; Security Scotland.
Stu has appeared at numerous leading Security events such as InfoSec Europe, Cloud Expo Europe and Future of Cyber Security.
Professor Karen Renaud
Professor of Cyber Security at the University of Abertay, and Professor Extraordinarius, University of South Africa
Professor Karen RenaudProfessor of Cyber Security at the University of Abertay, and Professor Extraordinarius, University of South Africa
Karen is a professor of Cyber Security at the University of Abertay, and Professor Extraordinarius, University of South Africa. She is a recipient of various awards including the Fulbright Cyber Security Scholarship.
Her research focuses on human-centred security, a branch of Human Computer Interaction (HCI). She is interested in the interplay between users and security in the context of societal and industrial use. She wants to work towards creating a natural easy yet secure interaction between humans and devices. Her work has a strong development, experimental and deployment focus, testing solutions in practical situations. She has come up with several novel solutions to improve usability in a wide range of situations; and has also done fundamental work in understanding people’s mental models of security in a variety of applications and contexts.
She has a wide range of other interests, including electronic voting, accessible technology, mobile phone design for elderly users, knowledge visualisation and the use of email in organisations.
Accepted Papers, Extended Abstracts and Posters
- Anthony Arrott, Arun Lakhotia, Ferenc Leitold and Ledoux Charles – Cluster analysis for deobfuscation of malware variants during ransomware attacks
- Patrik Lif, Teodor Sommestad and Dennis Granåsen – Development and evaluation of information elements for simplified cyber-incident reports
- Christopher McDermott, Andrei Petrovski and Farzan Majdani – Towards Situational Awareness of Botnet Activity in the Internet of Things
- Zahid Maqbool, V.S. Chandrasekhar Pammi and Varun Dutt – Cybersecurity: Influence of patching vulnerabilities on the decision-making of hackers and analysts
- Adam Zibak and Andrew Simpson – Can We Evaluate the Impact of Cyber Security Information Sharing?
- Wei Xu, Yaodong Tao and Xin Guan – The Landscape of ICS Devices on the Internet
- Sungyoung Cho, Insung Han, Hyunsook Jeong, Jinsoo Kim, Sungmo Koo, Haengrok Oh and Moosung Park – Cyber Kill Chain based Threat Taxonomy and its Application on Cyber Common Operational Picture
- Yara Bayoumy, Per Håkon Meland and Guttorm Sindre – A Netnographic Study on the Dark Net Ecosystem for Ransomware
- Yogachandran Rahulamathavan, Xuewen Yao, Rahulamathavan Sutharsini, Muttukrishnan Rajarajan and Kanapathippillai Cumanan – Redesign of Gaussian Mixture Model for Efficient and Privacy-preserving Speaker Recognition
- Shane Miller, Kevin Curran and Tom Lunney – Multilayer Perceptron Neural Network for Detection of Encrypted VPN Network Traffic
- Karen Renaud and Lynsay Shepherd – How to Make Privacy Policies both GDPR-Compliant and Usable
- Eliana Stavrou – Enhancing Cyber Situational Awareness Tools: A New Perspective of Password Auditing
- Nima Asadi, Aunshul Rege and Zoran Obradovic – Analysis of Adversarial Movement Through Characteristics of Graph Topological Ordering
- Kay Michel and Michael King – Towards An Adaptable System-based Classification Design for Cyber Identity
- Arun Lakhotia – Malware Economics and its Implication to Anti-Malware Situational Awareness
- Hanan Hindi, Elike Hodo, Ethan Bayne, Amar Seeam, Robert Atkinson and Xavier Bellekens – A Taxonomy of Malicious Traffic for Intrusion Detection Systems
- Zachary Hills, David Arppe, Amin Ibrahim and Khalil El-Khatib – Compound Password System for Mobile
- Andrea Cullen and Lorna Armitage – A Human Vulnerability Assessment Methodology
- Cyril Onwubiko – CoCoa: An Ontology for Cybersecurity Operations Centre Analysis Process
- Domhnall Carlin, Phillip O’Kane and Sakir Sezer – Dynamic Opcode Analysis of Ransomware
- Ensar Seker and Hasan Huseyin Ozbenli – The Concept of Cyber Defence Exercises: Planning, Execution, Evaluation
- Sean Mckeown, Gordon Russell and Petra Leimich – Sub-file Hashing Strategies for Fast Contraband Detection
- André Sørensen, Maxime Jerome Remy, Nicolaj Kjettrup, Rasmi Vlad Mahmoud and Jens Myrup Pedersen – An Approach to Detect and Prevent Cybercrime in Large Complex Networks
- Shuai Fu and Nizar Bouguila – An Intrusion Detection Model based on Asymmetric Gaussian mixtures with Reversible Jump MCMC
- Andres Robles-Durazno, Naghmeh Moradpoor, James McWhinnie and Gordon Russell – A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system
- Mahdi Madani and Camel Tanougast – Combined and Robust SNOW-ZUC Algorithm Based on Chaotic System
- Egon Kidmose, Matija Stevanovic and Jens Myrup Pedersen – Detection of malicious domains through lexical analysis
- Dimitrios Kavallieros, Christina Chalanouli, Georgios Kokkinis, Anastasios Papathanasiou, Efthimios Lissaris, Georgios Leventakis, Georgios Giataganas and Georgios Germanos – Searching for crime on the web: Legal and Ethical perspectives
- Halldis Søhoel, Martin Gilje Jaatun and Colin Boyd – OWASP Top 10 – Do Startups Care?
- Anastasios Balaskas and Virginia N. L. Franqueira – Analytical Tools for Blockchain: Review, Taxonomy and Open Challenges
- Baskoro Adi Pratomo, Pete Burnap and George Theodorakopoulos – Unsupervised Approach for Detecting Low Rate Attacks on Network Traffic with Autoencoder
- Paul Wortman, Fatemeh Tehranipoor and John Chandy – An Adversarial Risk-based Approach for Network Architecture Security Modeling and Design
- Martin Gilje Jaatun, Marie Moe and Per Erik Nordbø – Cyber Security Considerations for Self-healing Smart Grid Networks
- Vladimir Eliseev and Olga Eliseeva – Lightweight Distributed Attack Detection and Prevention for the Safe Internet of Things
- Bob Duncan – Attackers Constantly Threaten the Survival of Organisations, but there is a New Shark in the Water: Carcharodon Carcharias Moderator Europa Universalis
- Kimberly Tam and Kevin Jones – Cyber-Risk Assessment for Autonomous Ships
- Yassine Lemmou and El Mamoun Souidi – Infection, Self-reproduction and Overinfection in Ransomware: The Case of TeslaCrypt
- Mirko Bottarelli, Gregory Epiphaniou, Dhouha Kbaier Ben Ismail, Petros Karadimas and Haider Al-Khateeb – Quantisation feasibility and performance of RSS-based secret key extraction in VANETs
- Daniel Fraunholz, Daniel Krohmer, Carolina Nogueira and Hans Dieter Schotten – Introducing Falcom: A Multifunctional High-Interaction Honeypot Framework for Industrial and Embedded Applications
- Martin Span, Logan Mailloux and Michael Grimaila – A Systems Security Approach for Requirements Analysis of Complex Cyber-Physical Systems
- Santhosh Parampottupadam and Arghir-Nicolae Moldovan – Cloud-based Real-time Network Intrusion Detection Using Deep Learning
- Farhad Foroughi and Peter Luksch – Observation Measures To Profile User Security Behaviour
- Obinna Omego, Eckhard Pfluegel, Martin Tunnicliffe and Charles Clarke – Ensuring Message Freshness in A Multi-Channel SMS Steganographic Banking Protocol
- Sean Mckeown, Gordon Russell and Petra Leimich – Reducing the Impact of Network Bottlenecks on Remote Contraband Detection
- Jason Koepke and Siddarth Kaza – Information flow on Twitter surrounding regional events
- Terézia Mézešová and Hayretdin Bahsi – Expert Knowledge Elicitation for Skill Level Categorization of Attack Paths
- Basil Alothman – Network Traffic Data Preparation for Automatic Botnet Detection by Incident Response Teams
- Ganbayar Uuganbayar, Artsiom Yautsiukhin and Fabio Martinelli – Cyber Insurance and Security Interdependence: Friends or Foes?
- Per Håkon Meland and Fredrik Seehusen – When to Treat Security Risks with Cyber Insurance
- Daniel W. Woods and Andrew C. Simpson – Towards Integrating Insurance Data into Information Security Investment Decision Making
- Erin Kenneally, Lucien Randazzese and David Balenson – Cyber Risk Economics Capability Gaps Research Strategy