i2 Group is a subsidiary of IBM, specializing in intelligence and investigation management software for law enforcement, defence, national security and private sector organisations. A meeting was conducted with i2 representatives and members of the CS2Lab on 4th November 2011. The meeting was held to discuss how DSV can make the most of i2 Group’s offerings in terms of making use of their advanced analytical and visualization toolsets within the current research and educational activities of the CS2Lab.
A knowledge sharing session initiated by Stewart Kowalski was held on October 14th, 2011, with representatives of Ericsson AB Forensics Department and the CS2Lab. Discussions were held on how both parties can cooperate and mutually benefit from each other’s competence, experience and exposure in the world of Digital Forensics. Cooperation between the 2 entities is currently underway with some students conducting their Master’s Thesis work within the 2 departments in the first quarter of 2012.
MicroSystemation AB, a leading vendor of software for Mobile Forensics, held a conference in Oslo, Norway in October 2011, to unveil the latest version of their Mobile Forensics Suite of software. The conference was attended by members of government intelligence agencies, police forces, military departments and private investigators from the Nordic region. MicroSystemation AB invited the CS2Lab (part of the SecLab Unit) to make a presentation on the education and research being conducted in the area of Digital Forensics at DSV. Three members of the Cyber Systems Security Lab (Spyridon Dossis, Irvin Homem and Andrius Januta), on behalf of Prof. Oliver Popov, were in attendance and gave the presentation.
Seven papers have been presented at the 2011 European Security Conference in Örebro, Sweden, that took place on June 13th and 14th, 2011. The Conference is a European extension of the Annual Security Conference that has been held in Las Vegas (USA) for over a decade. The conference attracts a nice mix of participants from academia, government and industry. The theme of the 2011 event was identity and privacy management. The presented papers:
- Viola Kanule, Geoffrey Karokola, Jeffy Mwakalinga and Stewart Kowalski – Secure e-Government Adoption:A Case Study for Tanzania
- Margaretha Eriksson, Helena Granlund, Louise Yngström and Jonas Hallberg – On the Information Security Posture in an Government Agency – a Longitudinal Study 2008-2011
- Wätterstam Tove, Stewart Kowalski and Robert Hoffmann – A Case Study in Security Mental Models at Swedish Government Agency
- Bilal Al Sabbagh and Stewart Kowalski – A Comparison Study of information security cultures of IT workers and Social Network users in Saudi Arabia
- Ulrika Norman and Stewart Kowalski – Back to School: Integrate Information Security and IT ethics educations in to the Swedish School Systems: A Survey Study
- Rostyslav Barabanov, Stewart Kowalski and Louise Yngström – Information Security Metrics: Research Directions
- Chigozie Nwogu Nwogu and Stewart Kowalski – A case study of reusing an electronic voting system Protection Profile from Europe to an African country
SEClab invites students, researchers, practitioners and staff to a Guest lecture by Dr Colin Armstrong, from Curtin University, Perth, Western Australia on the theme “Forensic Science and Information Systems”.
Time: June 16 at 16.00
Place: Lecture hall C, Forum, Isafjordsgatan 39
Background: Dr Colin Armstrong’s research in forensic science at the University of Western Australia encompass the design and evaluation of a meta model for organizing and managing forensic evidence processes. From the statement “Evidence is the basis for our decision making” meaning that evidences have to be seen in relation to the law, the forensic science is in main focus; forensic scientists use scientific processes ultimately to produce data eventually to become evidence. However, the understanding of law enforcers and the judiciary of what constitutes evidence is not necessarily the same as that of forensic scientists. Within information science the understanding is that raw data organized with some purpose in mind brings information – and parts of that information may in turn be used for decision making. So, in order to form processes adequate for organizing scientific data into information and further into sound basis for decision making within a court specific, detailed and voluminous data must be collected and undergo various systematic procedures. The vision is to have an information system for collecting, processing, storing, maintaining and presenting the decision making material. This would call for at least some common references, vocabularies and definitions to use; however, even though we live in a globalised world, laws and legal systems differ and the area suffers from few and scattered policies, standards and taxonomies to be applied for the management of forensic evidence. Therefore, this piece of research potentially breaks new ground s and contributes with widening – yet structuring – the field of knowledge of forensic science.
The main research question answered is What necessary components are needed for such a tactical management model. The sub questions answered during the cause of the research concern What are the underlying criteria or attributes, How can these be organized into a tactical model, and How do the components of the model interrelate to contribute to the whole model.
About the lecturer: Dr Colin Armstrong is presently a lecturer at the School of Information Systems at Curtin University, where he lectures and advises master students in information security and forensics. Prior to his university career he was the communication specialist with the Flying Doctors in Australia. He holds a BSc in Communication and IT from Edith Cowan University, a Master by Research in Information Systems from Curtin University and a PhD from the Centre for Forensic Science at the University of Western Australia.
On Wednesday, June 15, Jeffy Mwakalinga is going to present his PhD research entitled “A Framework for Adaptive Information Security Systems – A Holistic Investigation”. The defense will take place between 13:00 and 15:00 in the lecture hall C, Forum building, Kista. Everyone is welcome to attend! Please find further information below.
Title: A Framework for Adaptive Information Security Systems – A Holistic Investigation
Respondent: Jeffy Mwakalinga
Opponent: Assoc. Prof. Helen Armstrong
Committee: Prof. Uno Fors, Stockholm University; Prof. Bengt Carlsson, Blekinge Institute of Technology; Assoc. Prof. Mathias Ekstedt, The Royal Institute of Technology; Rep: Prof. Emeritus Bengt Wangler, HS
Supervisors: Prof. Louise Yngström and Assoc. Prof. Stewart Kowalski
For more information, welcome to the Thesis Presentation Bot.
On Friday, May 13th, Stewart Kowalski participated in the Opentext Expert Panel on Cloud Security at the Canadian Embassy. The topic of the seminar was “Managing Content in the Cloud” which was presented by Tom Jenkins, Executive Chairman and Chief Strategy Officer at OpenText, and followed by comments and analysis by the Expert Panel. Read more details and find the programme of this event in the announcement.
Deus/Diabolus Ex Machina? – Artificial Intelligence and Information Security Organization and Management
This is an open seminar and all are welcome!
Time: 19th May, 15:00-19:30
Place: DSV Forum, lecture hall A
Svensk versionen återfinns längre ner på denna sida
Automatisation (i.e. AI) can be used both to defend and to attack information systems and social networks. Students from the 2010/2011 Master Program in Information and Communication Systems Security (ICSS) will debate if an artificial intelligence system should be used for access control at a company. The union at the company is against using such a system and claims that workers have the right to know if they are talking to a human or a machine when they log on to an IT system.
Listen how future information security managers debate about potential cyber security problems of the 21st century.
Following the student debates at 17:15, Robert Hoffmann (DSV) will present current projects at the department that use artificial intelligence for teaching.
At 17:30 Markus Huber (former ICSS student, now working as a researcher at Secure Business Austria) will present his research on using AI techniques to trick and attack users on social networks, such as Facebook.
After the presentations the Swedish Association for Information Security (SAISec) will have a wine and cheese gathering to celebrate professor Louise Yngström’s more than 30 years of teaching holistic security at DSV.
|15:00-17:00||ICSS students debate on using an artificial intelligence (AI) system for access control in a company|
|17:15-17:30||Using artificial intelligence to teach risk analysis
(Robert Hoffmann, DSV)
|17:30-18:30||Social network security and automated social engineering attacks
(Markus Huber, Secure Business Austria)
|18:30-19:30||Swedish Association for Information Security (SAISec) celebrates more than 30 years of security with professor Louise Yngström|
IS/IT systems around the world are being attacked by both external and internal attackers. Organizations in the public and private sectors are investing more capital and operational resources to deal with these attacks. However without an adequate model of the attackers it is difficult to measure how effective and efficient the use of these resources will be in the long run. It can be that the IS/IT security measures that are being implemented only turn the current situation into a never ending cat and mouse game where the mouse always finds new ways to keep the cat busy.
On Tuesday 12/4/2011 Stewart Kowalski gave a presentation “Modeling the Attacker” in the Norwegian Information Security laboratory (NISlab) which is the information security group at Gjøvik University College, Norway. In his lecture Stewart Kowalski presented his past and current research in modeling the attackers of IS/IT systems using a socio-technical engineering approach.
SEC lab warmly congratulates Stewart Kowalski who has been ranked in the top 10 of Sweden’s best IT security experts by Computer Sweden. Stewart has a vast experience as a security and risk manager at Ericsson, security architect at Huawei, associate professor in the Department of Computer and System Sciences at Stockholm University and in participation, together with FOI, in multiple research projects focused on information security in the public sector.
See the entire list of Sweden’s best security experts at Computer Sweden.