CyberSec 2022

11 Jan Remote
2nd
Edition
1
Day
10
Talks
50+
Attendees

About CyberSec

The second virtual cybersecurity conference organized by the Master's students will be taking place on January 2022. This event will connect anyone with a particular interest in cybersecurity with the students and the expert faculty. The latest cybersecurity trends and the emerging threats will be discussed along with the presentations.

Deadlines

When

Jan 11, 2022

Where

Remote

Submission Template

Overleaf

Paper Submission

EasyChair

Notification Due

Jan 3, 2022

Final Version Due

Jan 9, 2022

Topics

Steganography

IT/OT

Social Engineering

Vulnerability Assessment

RGPD / GDPR

IMD

Data Privacy

Subscribe for news

Schedule

18:30 - 19:00

Opening Session

19:00 - 19:10

Exploiting Social Networks for stealthy communications between users

Pedro Sousa, Antonio Pinto and Pedro Pinto
Privacy is one of the main subjects in regards to social media networks, even more so since the implementation of the GDPR, the awareness towards privacy has increased but it still remains uncharted territory to many people. The concept of cryptography may not be such a foreign idea nowadays, however, the advantages it brings have their own drawbacks as well, the main one being that it is usually quite possible for a third-party to figure out if certain data is encrypted. This in itself is worrisome, as it already gives away information about the person being investigated - the fact that they are hiding information. Even though the secret data may just be impossible to retrieve, knowing that information is being hidden at all may already be sensitive information itself. As such, this article investigates and studies the viability of steganography, the science of hiding secret data in plain sight along with social networks as a way to achieve stealthy communication, where only the sender and the receiver will know about the existence of this data, even if a third party has access to the secret data container. The results of this study show that this idea is viable. The proof-of-concept developed uses the social network Imgur as well as the text sharing website DontPad as proxies to pass an image carrying encrypted secret data in it to another person in a fully anonymous way.

19:10 - 19:20

Infotainment Vulnerability Automated Detection

Luis Pereira
In this paper will be presented an idea of a tool that allows Vulnerability Detection on infotainment systems for that will be analysed some points of enter in the infotainment system will also be created a framework on how to create a vulnerability database.This tool will allow to speed up the detection of vulnerabilities on infotainment systems and increase the security of the vehicles

19:20 - 19:30

An Automated Website Security Assessment Platform

Pedro Dias
Nowadays more and more organizations rely on public facing websites for sharing information and conduction core business activities, transferring normal services to online. These services give benefits for both the company and the end user, although with higher traffic, attacks are more common taking advantage of vulnerabilities in the applications resulting in severe data loss, service interruption, privacy loss and financial loss. Due to the increasing complexity of these platforms has a higher probability of containing some type of vulnerable components due to lack of secure programming practices, miss- configuration or software not updated. The intent is to make a browser plugin that will inform the user of the website score based on his security alongside a platform where all the data captured and produced will be displayed.The application run automated security testing to assess the website security compiling it all to easy to read and understand quantitative score.

19:30 - 19:40

General Data Protection Regulation (GDPR) The Portuguese Municipalities Status Quo

Carlos Sá and Marco Candeias
The EU General Data Protection Regulation (GDPR) is being used every day in our municipalities with some old, obsolete and outdated workflows implemented many of years before this regulation came along. Since REGULATION (EU) 2016/679 OF THE EUROPEAN PAR- LIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR) that has been enforced 25 of May of 2018 to all EU countries and, in Portugal case, the law 58/2019 of the 8th of August, that the public administration was very aware of the changes to be made in the technological, functional and legal scope. Although portuguese public administration, by the the 58/2019 of the 8th of August, Art. 44, nr. 2, may have a 3 year legal hiatus regarding fines being applied. This paper tries to establish the status quo of the portuguese municipalities (Câmaras Municipais in portuguese) towards GDPR compliance.

19:40 - 20:00

Round Table

20:00 - 21:00

Dinner

21:00 - 21:10

Prototyping the Security Components of International Data Spaces Standard in a Textile and Clothing Industry 4.0 Scenario - A Case Study

Vítor Pedreira
The Portuguese textile and clothing industry is in a economic rise since 2009, with the urge to adapt and transition this old fashioned sector to the new era of Industry 4.0, the STVgoDigital project was created, aimed at a set of research initiatives, aligned with Portuguese Textile Cluster strategy, attempts to promote the digitalization and adoption of this technology. Protecting data is one of the most important aspects in developing any kind of solution. With the transition of this sector to a new era of digitalization, data sovereignty, as become one of the top priorities, both for data owners as for the data users. In this article we propose a architecture model for ensuring secure communications between participants using International Data Spaces reference architecture a base model for developing our own solution.

21:10 - 21:20

IT/OT Convergence: Global and National Industry Challenge.

Silvino Santos
The main focus is to analyze the importance of the convergence between IT and OT, in the growing digitization of industry processes, as well as the impact of the introduction of new technologies, such as the integration of SCADA systems and IoT devices in Big Data for real-time analytics. Also noteworthy is the sophistication of attacks and constant cyber threats that put the full functioning of industrial units at a global level at risk. An online survey was carried out with a group of professionals from different areas of the industry, to obtain feedback on their experience in relation to the topic under analysis, in the Portuguese context.

21:20 - 21:30

A Review on Recent Advances in Implanted Medical Devices Security

César Brito
The Implanted Medical Devices (IMD) industry has grown over the past few decades and is expected to grow in the coming ones. Being an asset for the health and quality of life of a patient, the availability of IMD-related products, their increasing complexity and advances in communication capabilities do not seem to have been seamlessly accompanied by cybersecurity concerns. Recent IMD can be integrated in the concept of IoT (Internet of Things) and thus, they are also exposed to attacks impacting on privacy and, above all, on the health and even the life of the device users. While in an early stage of the IMD development, the security procedures were based on the existing classic protocols and models and their functional capabilities were the focus of development, recent efforts have been made to address security from the start. In this paper we review the most recent contributions on the cybersecurity of IMD products and we highlight innovative ideas that represent new design and development paradigms of these devices next generations. In this review it is reinforced that the technological evolution and the progressive access of attackers to resources capable of exploiting multiple vulnerabilities can have a crucial impact in the IMD already implanted in the patient's body, designed to remain in operation for many years. Also, it brings the need to develop novel and robust protocols to guarantee security compatible with constrained computing resources and extremely low energy requirements to be feasible. Finally, the security and privacy concerns regarding this kind of devices should be addressed in the design phase and policies must move from damage mitigation to threat prevention.

21:30 - 21:45

Round Table

21:45 - 21:50

Cofee Break

21:50 - 22:00

A Phishing Campaign in a Higher Education Institution - A case study

Ricardo Silveira
The primary intention is to perform spear phishing (this campaign was authorized) and extract non sensitive infor- mation about the targets. We also to have an idea of the awareness of the community to the good practises against phishing menaces. The goals of this work are: • Know the methods and tools available to deploy phishing campaigns • Deploy, collect and analyze results from a phishing cam- paign

22:00 - 22:10

The importance of the organizatio's social awareness in preventing phishing attacks - a comparative real study

Luis Pinto
The security mechanisms of corporate networks and the processes of detecting computer attacks are continually evolving, making the task of illicit intrusion to destroy and steal information or ransom requests harder and more complex. However, the human factor of an organization's employees involved in the equation is still easily available and vulnerable. As organizations still neglect this aspect, an attacker can obtain information to penetrate the system using a stolen legitimate identity, that may even allow him to escalate system privileges. Currently there is no security automatism that can overcome this. Because of it, social engineering techniques in general like phishing are increasingly used as a starting point for subsequent large-scale attacks. According to Karpesky's 2020 Statistical Report on Phishing Attacks [1], Portugal was the second country in the world most attacked by phishing with 19.73% of users affected. Therefore, awareness of human resources for cyber- security and training to react to suspicious actions that may be the beginning of an attack, must play a fundamental role in preventing and mitigating damage. This paper presents the results of a security audit phishing attack on two organizations with very different security practices and habits. In order to evaluate and compare the behavior of their employees, the attack scenarios were identical and had the objective of stealing access credentials. In one of the organizations, it went further and even tested the extent to which personal data was provided. From this analysis, conclusions can be drawn about the degree of impact that a real attack would produce and the damage to the organizations that would result from it.

22:10 - 22:20

Phishing e Whaling: Um Caso de Uso

Marco Candeias and Carlos Sá
Foi pedido pelo Professor Doutor Pedro Pinto que, no âmbito da cadeira de engenharia social para o mestrado em cibersegurança, fosse feito um estudo de um ataque de engenharia social. Um dos alunos do grupo indicou que seria muito interessante fazer este tipo de simulação no âmbito das sessões de sensibilização para a temática da cibersegurança dentro da sua organização que detém certificação ISO/IEC 27001 e por isso foi proposto ao docente este trabalho prático em con- texto empresarial. Foram usadas algumas técnicas avançadas relacionadas com proteções de segurança eletrónica tais como Sender Policy Framework (SPF), Do- mainKeys Identigied Mail (DKIM), Domain-Based Message Authenti- cation Message Conformance (DMARC), Secure Sockets Layer (SSL), Transport Layer Security (TLS), diversas interações com plataformas eletrónicas de combate a spam bem como o uso de Domain Name Sys- tem (DNS) records, Open-Source Intelligence (OSINT), filtros de spam, virtualização e disponibilização de webservices. A aprendizagem foi constante, refinaram-se e aprenderam-se novas técnicas informáticas e pode-se dizer que a simulação foi um sucesso como se irá demonstrar neste relatório. De futuro, há pormenores do foro social e técnico que devem ser en- dereçados. A melhoria deve ser contínua, fazendo este relatório um registo do que se passou e como se poderá melhor numa próxima simulação.

22:20 - 22:35

Round Table

22:35 - 22:40

Closing session

Organization

General Chairs

Luis Pinto / Pedro Pinto (Prof.)

Co-Chairs

Luis Pereira, César Brito, Marco Candeias

Publicity Chairs

Pedro Sousa, Ricardo Silveira, Hugo Gonzaga, Carlos Sá

Technical Chairs

Silvino Santos, Pedro Dias