Safeguarding Industry 5.0 Ecosystems Through Digital Twins
Cristina Alcaraz, University of Malaga, Spain
Covert & Side Stories: Threats Evolution in Traditional and Modern Technologies
Mauro Conti, University of Padua, Italy
Security, Privacy and the “Human Factor”: Making Sense of the Paradoxes of Security and Privacy Behavior
Spyridon Kokolakis, University of the Aegean, Greece
Safeguarding Industry 5.0 Ecosystems Through Digital Twins
Cristina Alcaraz
University of Malaga
Spain
Brief Bio
Cristina Alcaraz is an Associate Professor in the Computer Science Department at UMA. She was awarded two
competitive postdoctoral fellowships (Marie-Curie in 2012 and Ramón-y-Cajal in 2015) and was a guest researcher at
NIST (2011–2012), visiting the Royal Holloway (2012–2014, under the Marie-Curie Confund postdoctoral fellowship),
UCBM (2017, Rome) and Neurosoft (2019 and 2022, Athens). She is interested in the security of cyber-physical systems,
Industry 4.0/5.0, smart grids, IIoT and digital twins, focusing the research on situational awareness and resilience, considering
advanced detection and response.
She has published 80+ papers, is a member of the editorial boards of 8+ international journals in the area (e.g., IEEE
Transactions on Industrial Informatics, IEEE Transactions on Dependable and Secure Computing, ACM Distributed
Ledger Technologies, IEEE Networking Letters, IJCIP, IJIS, among others), received the Women in Homeland Security
Award by the IEEE SMC TC on Homeland Security in 2021, and she is the Vice-Chair of IEEE ComSoc SIG on Green
Digital Twin Network.
Abstract
Increasingly, we observe that new technologies are changing automation processes in many industrial sectors, and this is thanks to the acceptance of new industrial paradigms such as Industry 5.0. Among the technologies we highlight the Digital Twins and their communication networks, whose functions are not only to improve production processes, but also to support the security of critical industrial systems. Therefore, this talk will explore how simulation capabilities are able to prevent anomalies and threats, taking into account the complexities of current control systems and their implicit weaknesses in the face of Advanced Persistent Threats.
Covert & Side Stories: Threats Evolution in Traditional and Modern Technologies
Mauro Conti
University of Padua
Italy
Brief Bio
Mauro Conti is Full Professor at the University of Padua, Italy. He is
also affiliated with TU Delft and University of Washington, Seattle. He
obtained his Ph.D. from Sapienza University of Rome, Italy, in 2009.
After his Ph.D., he was a Post-Doc Researcher at Vrije Universiteit
Amsterdam, The Netherlands. In 2011 he joined as Assistant Professor at
the University of Padua, where he became Associate Professor in 2015,
and Full Professor in 2018. He has been Visiting Researcher at GMU,
UCLA, UCI, TU Darmstadt, UF, and FIU. He has been awarded with a Marie
Curie Fellowship (2012) by the European Commission, and with a
Fellowship by the German DAAD (2013). His research is also funded by
companies, including Cisco, Intel, and Huawei. His main research
interest is in the area of Security and Privacy. In this area, he
published more than 550 papers in topmost international peer-reviewed
journals and conferences. He is Editor-in-Chief for IEEE Transactions on
Information Forensics and Security, Area Editor-in-Chief for IEEE
Communications Surveys & Tutorials, and has been Associate Editor for
several journals, including IEEE Communications Surveys & Tutorials,
IEEE Transactions on Dependable and Secure Computing, IEEE Transactions
on Information Forensics and Security, and IEEE Transactions on Network
and Service Management. He was Program Chair for TRUST 2015, ICISS 2016,
WiSec 2017, ACNS 2020, CANS 2021, CSS 2021, WiMob 2023 and ESORICS 2023,
and General Chair for SecureComm 2012, SACMAT 2013, NSS 2021 and ACNS
2022. He is Fellow of the IEEE, Fellow of the AAIA, Senior Member of the
ACM, and Fellow of the Young Academy of Europe.
Abstract
Alongside traditional Information and Communication Technologies, more
recent ones like Smartphones and IoT devices also became pervasive.
Furthermore, all technologies manage an increasing amount of
confidential data. The concern of protecting these data is not only
related to an adversary gaining physical or remote control of a victim
device through traditional attacks, but also to what extent an adversary
without the above capabilities can infer or steal information through
side and covert channels!
In this talk, we survey a corpus of representative research results
published in the domain of side and covert channels, ranging from TIFS
2016 to more recent Usenix Security 2022, INFOCOM 2023, CCS 2023, and
including several demonstrations at Black Hat Hacking Conferences. We
discuss threats coming from contextual information and to which extent
it is feasible to infer very specific information. In particular, we
discuss attacks like inferring actions that a user is doing on mobile
apps, by eavesdropping their encrypted network traffic, identifying the
presence of a specific user within a network through analysis of energy
consumption, or inferring information (also key one like passwords and
PINs) through timing, acoustic, or video information.
Security, Privacy and the “Human Factor”: Making Sense of the Paradoxes of Security and Privacy Behavior
Spyridon Kokolakis
University of the Aegean
Greece
http://www.icsd.aegean.gr/sak/
Brief Bio
Dr. Spyros Kokolakis is a Professor in the Department of Information and Communication Systems Engineering of the University of the Aegean. He holds a B.Sc. (Informatics) and a Ph.D. (Information Systems) from the Athens University of Economics & Business (GR). He has served as the Dean of the School of Engineering at the University of the Aegean. His research interests include Information Systems Security Management, Information Privacy and Data Protection, and Business Information Systems. He has extensive consulting experience in the field of information security management and he is a certified ISO22301 Lead Auditor and ISO9001 Internal Auditor.
Abstract
Why do people who claim to be concerned about privacy disclose their personal information on social media? Why do users that are aware of security threats often neglect to take protective measures? Why do loyal employees sometimes fail to comply with security policies? Why do infosec managers often insist on practices and policies that have been proven to be ineffective? These and several more questions arise whenever we observe individuals’ security and privacy behavior and despite the vast amount of research in the field, we still lack a comprehensive explanation.
In this talk, we’ll explore privacy and security behavior from multiple perspectives, including cognitive biases and decision-making heuristics, latent incentives, socio-cultural dispositions, and organizational politics. We’ll show that no single theoretical model can provide sufficient guidance and, thus, it is important to adopt a multidisciplinary and multi-theoretical approach.