SCSIII - Call for Talks (CFT)

Dr. Peter A. Gloor, Research Scientist, MIT Center for Collective Intelligence, Chief Creative Officer, galaxyadvisors AG
Collective Prediction in Digital Social Networks Through Discovery of Collaborative Innovation Networks

Peter A. Gloor is a Research Scientist at the Center for Collective Intelligence at MIT's Sloan School of Management where he leads a project exploring Collaborative Innovation Networks (www.ickn.org). He also teaches at the University of Cologne and Aalto University, Helsinki and is Chief Creative Officer of startup galaxyadvisors. Earlier, Peter was a Partner and European e-Business Practice leader with Deloitte Consulting, a Partner with PricewaterhouseCoopers and Section Leader for Software Engineering at UBS. His new book “Coolfarming: Turn Your Great Idea into the Next Big Thing” will come out this June at AMACOM. Peter blogs at swarmcreativity.blogspot.com.

In this talk we introduce a wide range of methods for predictive analytics based on social network analysis and the emerging science of collaboration. Our methods are based on analysis of large corpora of digital traces of human activity, in particular the Web, Blogs, online forums, social networking sites, e-mail archives, phone logs, and face-to-face interaction through using sociometric badges.

ENISA – European Network Information Security Agency, PSG (Permanent Stakeholders Group)
UNICRI – United Nations Interregional Crime & Justice Research Institute, Senior Advisor, Strategic Alliances & Cybercrime Issues
ISECOM – Institute for Security and Open Methodologies, Board of Directors
CLUSIT – Italian Information Security Association, Founder, Board of Directors, Technical Committee
OWASP Italian Chapter – Open Web Application Security Project, Board of Directors
 

Raoul "Nobody" Chiesa was born in Torino, Italy, in 1973. After being among the first italian hackers back in the 90's (1986-1995), Raoul decided to move to professional InfoSec, founding in 1997 @ Mediaservice.net Srl, a vendor-neutral and well known security consulting company. The company operates worldwide, being as well the oldest ISECOM Training Partner for the OPST, OPSA, OPSE and OWSE international security certifications. The company's Red Team held also the following industry certifications: PCI-DSS QSA, PCI-DSS ASV, ISO/IEC 27001 Lead Auditor, CISA, CISSP, ITIL, SANS GCFA, ECCE.

Raoul is a founder member of CLUSIT - the Italian Information Security Association - and he is a Board of Directors member at ISECOM, CLUSIT, OWASP Italian Chapter, Italian Privacy Observatory (AIP/OPSI). Both Raoul and its security team work on research areas such as X.25 and PSDN networks, VoIp Security, Malware Analysis, Social Engineering, SCADA & Industrial Automation, Home Automation, Satellite communication, Mobile Security, SS7 threats and much more.

Since 2003 he started its cooperation with the UN agency "UNICRI" (United Nations Interregional Crime and Justice Research Institute), working on "HPP", the Hackers Profiling Project run by ISECOM and UNICRI; in 2005 he has been official recognized by UNICRI's Director, Mr. Sandro Calvani, as a cybercrime advisor. Nowadays his role at UNICRI is "Senior Advisor, Strategic Alliances and Cybercrime Issues, Technical Contact Officer". More info on UNICRI's Cybercrime Trainings maybe found at: http://www.unicri.it/wwd/cybertraining/index.php

Auditing the Hacker’s Mind : wrong myths, real facts and the Hackers Profiling Project (HPP): Since years we hear about hackers described as asocial, young criminals, while reading reports written by infrastructures commonly linked to Law Enforcement Agencies or mass-media.
In all of these cases, these entities pick up a small part of the busted people and analyze them from the psycological or criminal point of view only, obtaining a generalistic analysis of the goals issued by the worldwide hacking community. This talk will deeply describe the Hacker's Profiling Project managed by UNICRI, the United Nations Interregional Crime & Justice Research Institute (www.unicri.it). HPP started back in 2004, and became a co-jointed UNICRI-ISECOM project back in 2006 (hpp.recursiva.org and www.isecom.org/hpp). HPP funds itself on an interdisciplinary team, aiming to defend both of the technical aspects, as well as the criminal and psycological ones. In the last 4 years the project analyzed more than 1.200 questionnaires, being able to build a profiling approach to the underground IT world. We will explain and analyze most of the false myths surrounding the hacker's world and tell you some of the funny things that happened to us, trying to let the audience deeply understand such a complex and always changing phenomenon

Bruce Nikkel is the head of IT Investigation & Forensics at UBS AG. He has worked for the bank's IT Security and Risk departments since 1997. He is an editor for Digital Investigation Journal and has published a number of papers in the field of digital forensics. He regularly speaks at security conferences and participates in a number of technical ecrime working groups. Nikkel holds a PhD in network forensics and is CISSP certified. He has been an IT/Network professional since 1990 and has specialized in computer security since 1996.

This talk gives a short introduction to digital forensics, and an overview of current freely available open-source forensics tools. The focus is on Linux/Unix based post-mortem disk forensic tools such as Sleuthkit, Foremost, Pyflag, dcfldd, Afflib, etc. Various forensic methods are explained using these tools, including:
• performing forensically sound disk acquisition/imaging
• disk layout and partition table analysis, and deleted partition recovery
• file system analysis and recovery of unallocated blocks and deleted files
• file system timeline analysis for event reconstruction
• carving techniques for unstructured data
• searching, filtering , and using NSRL databases
• OS and application artifact analysis
 

Christiaan Beek has been working in the security field for several years. Working for national and international companies, he gained knowledge of hacking techniques, forensic analysis and incident response. Currently he is working as a security consultant/ethical hacker & trainer for a Dutch company, TenICT. He developed and lectured an internet forensics training and a digital evidence training for attorneys. As a SME he acted for the Duth News Agency on prime-time news about the TJX hack. In 2009 he gave a training about file carving at ITUnderground 2009 in Warsaw. In 2010 Christiaan spoke on Blackhat EU and Blackhat USA. His free time is spent with security research, his family, theology and synthesizers. He keeps his own blog at: http://securitybananas.com

This presentation will be about the problems we are facing when forensic research has to be done on environments which are virtualized. What are the differences between 'tradional' system forensics, what techniques & tools can be used?Which files are important when performing forensic research on virtual environments? What to expect in the future? Most of these questions will be answered in combination with irl examples and research results.

Reto Inversini studied Climatology at the University of Berne. During his studies he worked for several organizations as a system and network engineer. Since 2002 he has been employed at the Federal Office of Information Technology, Systems and Telecommunication of the Swiss government as a Security Architect. The main topics of his work are risk analysis and incident response. 

Governmental organizations are exposed to various risks: some are well known and are affecting enterprises as well, some are specific to a government. The increasing amount of interaction between citizens and/or enterprises with governmental organizations results in exposing once internal applications towards the internet. The talk is going to highlight various aspects of these risks and appropriate technical and organizational countermeasures at different levels of detail.

Marc Henauer ist Chef der Sektion MELANI beim Nachrichtendienst des Bundes (NDB) im Departement für Verteidigung, Bevölkerungsschutz und Sport VBS. Zuvor war er im Dienst für Analyse und Prävention (DAP) als Analytiker für Wirtschafts- und Internetkriminalität tätig und Sektionschef bei MELANI/KOBIK.
Er studierte Wirtschaftswissenschaften an der Universität Zürich und Medien- und Kommunikationsmanagement and der Universität St. Gallen. Marc Henauer erlangte seinen Master of Arts in Foreign Service and National Security Studies an der Georgetown University, Washington DC ab.
 

Is Switzerland and Europe under Attack? Learn more from our experience and what we see from the MELANI team.