Difference between revisions of "Cambridge"

From OWASP
Jump to: navigation, search
(??)
 
(77 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
{{Chapter Template|chaptername=Cambridge|extra=The chapter leaders are [mailto:Adrian.Winckles@owasp.org Adrian Winckles ]  and [mailto:Steven.van.der.Baan@owasp.org Steven van der Baan].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Cambridge|emailarchives=http://lists.owasp.org/pipermail/owasp-Cambridge}}
 
{{Chapter Template|chaptername=Cambridge|extra=The chapter leaders are [mailto:Adrian.Winckles@owasp.org Adrian Winckles ]  and [mailto:Steven.van.der.Baan@owasp.org Steven van der Baan].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Cambridge|emailarchives=http://lists.owasp.org/pipermail/owasp-Cambridge}}
  
== Local News ==
+
<!-- first tab -->
 +
= Local News =
 +
=='''Local News'''==
  
'''Cambridge OWASP Chapter Meeting  - Mobile Forensics & Pen Testing'''
+
== ARU CSNRG, OWASP Cambridge, BCS Cybercrime “IoT & ICS/SCADA Forensics Workshop” 2018 ==
 +
Wednesday 10<sup>th</sup> January 2018 09:30– 14:00, Lord Ashcroft Building (LAB002), Anglia Ruskin University, Cambridge.
  
Tuesday 5th March 2013 17:00 – 20:00 (Anglia Ruskin University, East ROad, Cambridge LAB002/LAB006)
+
Hosted by the Cyber Security & Networking Research Group, Anglia Ruskin University, British Computer Society (BCS) Cybercrime Forensics Special Internet Group’s and OWASP (Open Web Application Security Project) Cambridge Chapter.
  
Hosted by the Department of Computing & Technology, Anglia Ruskin University, OWASP (Open Web Application Security Project) Cambridge Chapter and IEEE Industrial Electronics Chapter
+
Industry pundits have predicted that we are about to experience the fourth industrial revolution (Industry 4.0), which is the future of industrial production based on the “Internet of Things” (IoT). As with all previous industrial major transitions, this leads to exciting opportunities but also great challenges. The “perfect world” is that IoT, is expected to offer advanced connectivity of devices, systems, and services that goes beyond machine-to-machine (M2M) communications. The interconnection of these embedded devices will potentially usher in automation in nearly all fields, resulting in improved efficiency, accuracy and economic benefit in addition to reduced human intervention.  However, integrating IoT technologies within an organization means loosening access to the IT infrastructure, thus making it more susceptible to errors and vulnerable to attack. This is a scary proposition as intruders will not stop trying to find new ways of infiltrating business networks.
  
'''Guest speaker(s):'''
+
To better understand these infiltrations a cyber forensics program is necessary but this can be a challenging task when being applied to nontraditional environments, such as IoT and industrial control systems. Modern IT networks, through data exchange mechanisms, data storage devices and general computing components provide a good foundation for creating a landscape used to support effective cyber forensics. However, modern control systems environments are not easily configurable to accommodate forensics programs. Nonstandard protocols, legacy architectures that can be several decades old, and irregular or extinct proprietary technologies can all combine to make the creation and operation of a cyber forensics program anything but a smooth and easy process.
  
Sarantis Makoudis is a professional Penetration Tester working for 7Safe, part of the PA Consulting Group. He received his BSc Degree on Digital Systems during 2010 and decided to continue his academic career on the subject of IT Security. He was awarded with an MSc degree on Information Security from Royal Holloway, University of London after completing his thesis on “Two-Factor authentication protocols for Secure Transactions using Mobile Phones and NFC Tags”. Sarantis joined 7Safe shortly afterwards as a Penetration Tester and security researcher, specialised in Web application security testing.
+
'''Background'''
  
Android (in)Security: The goal of this presentation is to show typical exploitation scenarios of Android applications and how they can be used or manipulated to steal credentials and information from a user. The scenarios include installation of malicious programs, e.g. malicious keyboards, manipulations on the application to bypass security authentications, code injections inside an apk and phishing attacks targeting specific applications.
+
The British Computer Society (BCS) Cybercrime Forensics Special Interest Group (SIG) promotes Cybercrime Forensics and the use of Cybercrime Forensics; of relevance to computing professionals, lawyers, law enforcement officers, academics and those interested in the use of Cybercrime Forensics and the need to address cybercrime for the benefit of those groups and of the wider public.
  
Nikhil Sreekumar is a penetration tester working for UK based organisation - 7Safe, part of PA Consulting Group. He spends a majority of his free time either rock climbing, dreaming about cars or researching new vulnerabilities and attack techniques. And, when we gets time he spends time assessing web applications and network infrastructure for security vulnerabilities and business logic flaws.
+
OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organization focused on improving the security of application software. Their mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.
  
Power On, Powershell: The heart starts pounding, the brain goes into overdrive with adrenaline and a smile starts appearing. You just got access into a Windows box using a user account. Then you realise there is an AV runing on the system, and the user account using which you got in is actually a restricted account.
+
The '''Cyber Security and Networking''' ('''CSN''') Research Group at Anglia Ruskin University has close working strategic relationships with industry, professional bodies, law enforcement, government agencies and academia in the delivery of operationally focused applied information and application security research.  We have strong international links with professional organisations such as OWASP, BCS, ISC2, IISP & the UK Cyber Security Forum amongst others.  The primary aims of CSNRG are to help the UK and partner nations to tackle cybercrime, be more resilient to cyber attacks and educate its users for a more secure cyberspace and operational business environment. These will be achieved through the investigation of threats posed to information systems and understanding the impact of attacks and creation of cyber-based warning systems which gathering threat intelligence, automate threat detection, alert users and neutralising attacks.  For network security we are researching securing the next generation of software defined infrastructures from the application API and control/data plane attacks. Other key work includes Computer forensic analysis, digital evidence crime scenes and evidence visualisation as well as Cyber educational approaches such as developing Capture the Flag (CTF) resources and application security programs. 
  
 +
'''Speaker Biographies'''
  
----
+
'''Ken Munro, Pen Test Partners'''  
 +
 
 +
Ken is a regular speaker at events such as the ISSA Dragon’s Den, (ISC)2 Chapter events and CREST (Council of Registered Ethical Security Testers), where he sits on the board. He’s also an Executive Member of the“Internet of Things Security Forum”, a body that aims to promote best security practice and the application of controls in smart device manufacturing, and spoke out on IoT security design flaws at the forum’s inaugural event. He’s also not averse to getting deeply techie, regularly participating in hacking challenges and demos at Black Hat, 44CON, DefCon and Bsides.
 +
 
 +
Ken has a wealth of experience in penetration testing but its the systems and objects we come into contact with on an everyday basis that really pique his interest. This has seen him hack everything from keyless cars and a range of Internet of Things (IoT) devices, from wearable tech to children’s toys and smart home control systems. This has gained him notoriety among the national press, leading to regular appearances on BBC TV and BBC News online as well as the broadsheet press. He’s also a familiar contributor to industry magazines, penning articles for the legal, security, insurance, oil and gas, and manufacturing press.
 +
 
 +
'''Aleksander Gorkowienko, Principal Cyber Security Consultant and Penetration Tester at PA Consulting/7Safe Ltd. (UK): “Securing sub-sea control systems from cyber-attack: vulnerabilities found by an experienced penetration tester”'''
 +
 
 +
In the IT industry since 1997, always being happy to play with various high-tech toys. With wide area of interests and rich business experience (development, design and maintenance of software, dealing with various IT systems) now deeply involved into IT Security area. For everyday helping to strengthen the security of business applications and corporate infrastructure for enterprises across the UK: banks, e-commerce, production, public sector, etc. Specially interested in databases and applications security (web applications and windows apps). Also responsible for preparing and delivering training courses (i.e. Certified Application Security Tester -CAST or Secure Coding for Web Developers) and creating a variety of hacking challenges.
 +
 
 +
'''Abstract: “Securing sub-sea control systems from cyber-attack: vulnerabilities found by an experienced penetration tester”'''
 +
 
 +
7Safe has recently helped to remediate serious security vulnerabilities in a sub-sea control system for a global provider of industrial solutions of oil and gas that will be deployed on a Floating, Production, Storage and Offloading vessel (FPSO).
 +
 
 +
Aleksander ‘Aleks’ Gorkowienko conducted simulated attacks - demonstrating that an attacker could connect to the network and carry out Man-In-The-Middle attacks, change time data coming from the ship GPS system and to intercept and modify network traffic whilst remaining virtually unnoticed. As a result, the client was satisfied that we had enabled them to significantly harden their system and in so doing protect their prestigious reputation in the Oil & Gas industry.
 +
 
 +
Aleks will outline how he approached this task in collaboration with the development engineers and what lessons have been learned from penetration testing.
 +
 
 +
'''Karl Williams, Principal Consultant  - PA Consulting, “ICS Demonstrator”'''
 +
 
 +
Karl Williams is a Principal Consultant with PA Consulting’s Energy & Utilities Cyber team and has extensive experience in conducting and delivering complex assignments on Industrial Control Systems (ICS) across energy and transport Critical National Infrastructure (CNI) clients.
 +
 
 +
'''Abstract: ICS Demonstrator'''
 +
 
 +
The PA Consulting Energy & Utilities Cyber team developed the ICS Demonstrator to support industry operating with ICS in place. The tool uses real life ICS equipment and networks to provide demonstrations of potential cyber-attacks, security testing of ICS/OT devices and the integration and testing of security solutions. Currently the OT on the rig has been configured to simulate the cooling process found within a nuclear reactor but its flexible architecture means that it can be changed to simulate other industrial processes much like those found in gas and power generation plants. Combined with our test rig and our CREST approved cyber security arm 7safe we have the capability to carry out comprehensive testing on a range of products, devices and systems, highlight where vulnerabilities lie and recommend risk reducing controls. The demonstrator rig has already been In front of various multi-sector clients, government bodies and regulators and has been well received at many industry conferences and workshops this year.
 +
 
 +
'''Maxim Silin, Technical Architect , GSK - TBC'''
 +
 
 +
Maxim Silin is a CTO and Committee Member with International Operational Technology Security Association (IOTSA).  Maxim has extensive experience in ICS Cyber Security consultancy and solutions in Automation Industry (Power, Nuclear, Utilities, Chemical, Oil& Gas and Pharma) across worldwide.
  
 +
Maxim is ENISA ICS CERT member focusing on red team scenarios and advising organizations how to protect their OT environment from attacks. He is visiting lecture within different r training organizations, including universities in Scotland and other countries focusing on network and security programmes for OT Environment and researcher with numbers of cyber security programmes like ENISA FP7 framework (Cockpit CI, Atena and more).  He likes to cook and active outdoors activities: hiking and mountain climbing.
  
'''Agenda'''
+
The International Operational Technology Security Association (IOTSA) and like-minded partners from the public and private sectors are working together and collaborating to reduce the risk of a significant compromise of our Operational Technology, ICS, SCADA, IT and IoT environments.
  
17:30 – 17:45 Welcome from the OWASP Cambridge Chapter Leader,  Adrian Winckles, Senior Lecturer in  Information Security, Anglia Ruskin University 
+
'''Provisional Agenda'''
  
17:45 18:30 Nikhil Sreekumar  (7Safe, PA Consulting) - Power On, Powershell:
+
09:30 10:00 Registration & Refreshments (LAB006)
  
18:30 19:15 Sarantis Makoudis (7Safe, PA Consulting) - Android (in)Security
+
10:00 10:05 Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Director of Cyber Security & Networking Research Group, Anglia Ruskin University (LAB002)
  
19:15 19:30 Q & A
+
10:05 11:00 Ken Munro, Pen Test Partners.
  
19:30 20:00  Refreshments & Networking (coffee, tea, juice) in LAB006
+
11:00 11:30 Aleksander Gorkowienko, PA Consulting & 7Safe: “Securing sub-sea control systems from cyber-attack: vulnerabilities found by an experienced penetration tester”
  
----
+
11:30 – 12:00 Karl Williams, PA Consulting “Live hacking Industrial Control Systems with the ICS Demonstrator”
  
'''Registration:'''
+
12:00 – 13:00 Maxim Silin, Technical Architect, GSK - TBC
  
To register for this free event, please register online at
+
13:00 – 14:00 Lunch & Networking (LAB006)
  
[http://www.surveymonkey.com/s/CQ9G6N7] Cambridge Chapter Registration
+
'''Registration'''
  
Please note there is no automatic notification or confirmation.
+
To register for this free event, please register online at
  
 +
https://www.eventbrite.com/e/aru-csnrg-owasp-cambridge-bcs-cybercrime-forensics-iot-icsscada-forensics-workshop-10th-january-2018-tickets-41515777809
  
The conference will be held in the Lord Ashcroft Building, Room LAB002 (Breakout Room LAB006 for networking & refreshments).
+
The meeting will be held in the Lord Ashcroft Building, Room LAB002 (Breakout Room LAB006 for networking & refreshments).
  
 
Please enter through the Helmore Building and ask at reception.
 
Please enter through the Helmore Building and ask at reception.
  
 
Anglia Ruskin University
 
Anglia Ruskin University
 +
 
Cambridge Campus
 
Cambridge Campus
 +
 
East Road
 
East Road
 +
 
Cambridge
 
Cambridge
 +
 
CB1 1PT
 
CB1 1PT
  
Get further information on travelling to the university.  
+
Please note that there is no parking on campus.
Get further information on travelling to the university.
  
http://www.anglia.ac.uk/ruskin/en/home/your_university/anglia_ruskin_campuses/cambridge_campus/find_cambridge.html
+
<nowiki>http://www.anglia.ac.uk/ruskin/en/home/your_university/anglia_ruskin_campuses/ca</nowiki> mbridge_campus/find_cambridge.html
  
 +
== Joint OWASP Cambridge, BCS Cybercrime Forensics SIG UK Cyber Security Forum – Cambridge Cluster “Cyber Security & AI Day” 2018 ==
 +
Thursday 18<sup>th</sup> January 2018 9:30– 17:00, Lord Ashcroft Building (LAB002), Anglia Ruskin University, Cambridge.
  
'''Meeting Location'''
+
Hosted by the Cyber Security & Networking Research Group, Anglia Ruskin University, British Computer Society (BCS) Cybercrime Forensics Special Internet Group’s, UK Cyber Security Forum Cambridge Cluster and OWASP (Open Web Application Security Project) Cambridge Chapter
  
Everyone is welcome to join us at our chapter meetings.
+
Over the past couple of year’s 2016-17 significant advancements in artificial intelligence in self-driving cars, language translation, and big data have been observed. However, during the same time period, we have also witnessed the rise of ransomware, botnets, and attack vectors as popular forms of malware attack, with according to Malware Byte's State of Malware report, cybercriminals continually expanding their methods of attack (e.g., attached scripts to phishing emails and randomization), To complement the skills and capacities of human analysts, organizations are turning to machine learning (ML) in hopes of providing a more forceful deterrent. ABI Research forecasts that "machine learning in cybersecurity will boost big data, intelligence, and analytics spending to $96 billion by 2021."
 +
 
 +
'''Background'''
 +
 
 +
The British Computer Society (BCS) Cybercrime Forensics Special Interest Group (SIG) promotes Cybercrime Forensics and the use of Cybercrime Forensics; of relevance to computing professionals, lawyers, law enforcement officers, academics and those interested in the use of Cybercrime Forensics and the need to address cybercrime for the benefit of those groups and of the wider public.
 +
 
 +
OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organization focused on improving the security of application software. Their mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.
 +
 
 +
The '''Cyber Security and Networking''' ('''CSN''') Research Group at Anglia Ruskin University has close working strategic relationships with industry, professional bodies, law enforcement, government agencies and academia in the delivery of operationally focused applied information and application security research.  We have strong international links with professional organisations such as OWASP, BCS, ISC2, IISP & the UK Cyber Security Forum amongst others.  The primary aims of CSNRG are to help the UK and partner nations to tackle cybercrime, be more resilient to cyber attacks and educate its users for a more secure cyberspace and operational business environment. These will be achieved through the investigation of threats posed to information systems and understanding the impact of attacks and creation of cyber-based warning systems which gathering threat intelligence, automate threat detection, alert users and neutralising attacks.  For network security we are researching securing the next generation of software defined infrastructures from the application API and control/data plane attacks. Other key work includes Computer forensic analysis, digital evidence crime scenes and evidence visualisation as well as Cyber educational approaches such as developing Capture the Flag (CTF) resources and application security programs.
 +
 
 +
The '''Cambridge Cyber Security Cluster''' is an affiliate '''UK Cyber Security Forum''', a government and industry led partnership which will look at how the region can develop the skills and infrastructure to combat cyber security threats.
 +
 
 +
'''Speaker Biographies'''
 +
 
 +
'''Dave Palmer & Andrew Tsonchev, Director of Technology, Darktrace “How unsupervised machine learning can be used successfully to provide cyber defence to small or large organisations”'''
 +
 
 +
'''Dr Ali Dehghantanha Marie-Curie International Incoming Research Fellow in Cyber-Forensics Cyber Threat Hunting and Intelligence in IoT Environments''' 
 +
 
 +
Dr. Ali has served for more than a decade in a variety of industrial and academic positions with leading players in Cyber-Security, Forensics and Threat Intelligence. He has long history of working in different areas of computer security as security researcher, malware analyzer, penetration tester, security consultant, professional trainer, and university lecturer. Ali is imminently qualified in the field of cyber security; he has an EU Marie Curie post-doctoral fellowship in cyber forensics, Ph.D in Security in Computing and a number of professional qualifications namely GXPN, GREM GCFA,  CISM, CCFP and CISSP. Ali is a fellow of the UK Higher Education Academy (HEA) and a senior IEEE-UK member.
 +
 
 +
'''Abstract:'''
 +
 
 +
Cyber Threat Hunting and Cyber Threat Intelligence are growing fields of practice in cyber security. This presentation first looks at meaning of these terms and where and how relevant technologies should be utilised. Afterwards, suitability of using artificial intelligence techniques for threat hunting and intelligence in IoT environments is discussed through analysing several case studies of using machine learning classification and deep learning techniques in attack detection. The presentation is concluded by suggesting some future works and opportunities for further collaboration.
 +
 
 +
'''Nikola Milosevic''' ''',''' Research Associate University of Manchester, '''Machine learning aided Android malware classification'''
 +
 
 +
'''Nikola Milosevic''' is a research associate at the University of Manchester, Manchester Institute of Innovation Research, where his research topics focus around machine learning and natural language processing. Previously he was doing a PhD at the School of Computer Science, the University of Manchester. He is involved with OWASP (Open Web Application Security Project) as a founder of OWASP Serbia local chapter, OWASP Manchester local chapter leader and a project leader of OWASP Seraphimdroid mobile security project, as well as contributing to several other projects.
 +
 
 +
'''Abstract:'''
 +
 
 +
The widespread adoption of Android devices and their capability to access significant private and confidential information have resulted in these devices being targeted by malware developers. Existing Android malware analysis techniques can be broadly categorized into static and dynamic analysis. In this paper, we present two machine learning aided approaches for static analysis of Android malware. The first approach is based on permissions and the other is based on source code analysis utilizing a bag-of-words representation model. Our permission-based model is computationally inexpensive, and is implemented as the feature of OWASP Seraphimdroid Android app that can be obtained from Google Play Store. Our evaluations of both approaches indicate an F-score of 95.1% and F-measure of 89% for the source code-based classification and permission-based classification models, respectively.
 +
 
 +
'''Richard Dennis, Security Researcher, Nettitude, “Machine Learning for the Bad Guys – Attack on Bitcoin”'''
 +
 
 +
Richard obtained a Masters in Computer information security, with a grade of distinction from the university of Portsmouth in 2013 and is currently at the writing stage of his PhD examining scalability solution to blockchain networks. Richard taught as a lecturer of Cryptography at the school of computing at Portsmouth University from 2017, being the youngest cryptographer lecturer in the United Kingdom. Currently Richard is undertaking research within Nettitude on vulnerabilities in public / private key generation in cryptocurrencies as well looking at use cases of blockchain technology.
 +
 
 +
'''Deepinder Singh – Principal Consultant at Verizon Consulting and Advisory Services, AI Challenges of Cyber Big Data'''
 +
 
 +
Deepinder (Deep) works as a Principal Consultant at Verizon Consulting and Advisory Services. He challenges, educates and engages with his audiences on many keys issues of cybersecurity and digital transformation. He encourages innovative thinking to generate actionable strategies that help business thrive in a VUCA world. He believes that poor quality decision-making skills significantly contribute towards insecure systems resulting in security breaches and compromises. He has worked with many of the worlds’ largest organisations across numerous industries. In his twenty-year business career, he has held senior leadership positions in large and medium-sized organisations.
 +
 
 +
He has addressed several conferences and events on the wide-ranging topics of Cybersecurity, GRC, GDPR, Big Data Analytics and Artificial Intelligence.
 +
 
 +
Deep has attended Harvard Business School and holds a Post Graduate Diploma in Business Management along with various industry qualifications including ISO/IEC 27001 Lead Auditor, CISSP, CISM, CRISC and CGEIT. He is currently pursuing Professional Doctorate at the University of East London. 
 +
 
 +
Deep actively engages in voluntary work. He is the Vice-President of ISACA London Chapter and Secretary of Verizon Reading Toastmasters Club. In the past, he has served as Secretary for BCS-IRMA Specialist Group and a judge for SC Magazine (Europe) Awards.
 +
 
 +
'''Abstract: AI Challenges of Cyber Big Data'''
 +
 
 +
'''Nathan Benaich, LondonAI, “Using Machine Learning to reduce reduce cyber data analysis” - TBC'''
 +
 
 +
'''Chris Woods, Founder & CEO CyberSparta, Neil Passingham (CISO) & Kari Lawler'''
 +
 
 +
 '''“Machine Learning in the Security Operations Centre, SOCaaS” –'''
 +
 
 +
'''Biography: Chris Woods Founder & CEO CyberSparta'''
 +
 
 +
An experienced leader within the cyber security realm, Chris Woods is also the founder and director of CyberSparta – an award winning cyber security startup in the UK. Having previously managed elite security teams at the European Space Agency, HP and Fujitsu, Chris brings over 20 years of pure cyber Security experience developed within the EU and MENA regions.
 +
 
 +
Whilst at HP, Chris developed and led a cyber security practice, culminating in the acquisition of ArcSight for $1.5b. With the creation of CyberSparta, Chris is now leading a passionate team of cyber and business professionals, developing the next generation of security solutions within the Big Data and Machine Learning realms.
 +
 
 +
Chris is a committed Information Security Champion and frequent speaker at international conferences and events.
 +
 
 +
'''Biography:''' '''Neil''' '''Passingham
Chief''' '''Information''' '''Security''' '''Officer''' '''[CISO]'''
 +
 
 +
Neil is a highly-experienced technical and business consultant, solutions architect, client adviser and innovator with 32 years’ IT experience (17 focused on security). Neil is a former CLAS consultant and has worked on securing accreditation for major government clients whilst leading the government accreditation department at HP.
 +
 
 +
His experience is wide and deep including business development, pre-sales, solution architecture, application development, testing (including ethical hacking), implementation, security assessment/accreditations, metrics/KPIs and often acting as “trusted advisor” for clients.
 +
 
 +
'''Provisional Agenda'''
 +
 
 +
09:30 – 10:00 Registration & Refreshments (LAB006)
 +
 
 +
10:00 – 10:15 Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Director of Cyber Security & Networking Research Group, Anglia Ruskin University, (LAB002)
 +
 
 +
10:15 – 11:00 “How unsupervised machine learning can be used successfully to provide cyber defence to small or large organisations” - Dave Palmer & Andrew Tsonchev, Director of Technology, Darktrace
 +
 
 +
11:00 – 11:45 “Cyber Threat Hunting and Intelligence in IoT Environments” Dr Ali Dehghantanha Marie-Curie International Incoming Research Fellow in Cyber-Forensics
 +
 
 +
11:45 – 12:30 “Machine learning aided Android malware classification”, Nikola Milosevic , Research Associate University of Manchester,
 +
 
 +
12:30 – 13:15 Lunch & Networking (LAB006)
 +
 
 +
13:15 – 14:00  “AI Challenges of Cyber Big Data”, Deepinder Singh – Principal Consultant at Verizon Consulting and Advisory Services
 +
 
 +
14:00 – 14:45 “Machine Learning for the Bad Guys – Attack on Bitcoin”,  Richard Dennis, Security Researcher, Nettitude,
 +
 
 +
14:45 – 15:15  Refreshments (LAB006)
 +
 
 +
15:15 – 16:00  “Using Machine Learning to reduce reduce cyber data analysis”, Nathan Benaich, LondonAI,  - TBC
 +
 
 +
16:00 – 16:45  “Machine Learning in the Security Operations Centre”, Chris Wood, CEO Cyber Sparta,  Neil Passingham [CISO] & Kari Lawler
 +
 
 +
16:45 - 17:00 Session Wrap Up & Close
 +
 
 +
'''Registration'''
 +
 
 +
To register for this free event, please register online at
 +
 
 +
http://ow.ly/ca8Z30hoaPU
 +
 
 +
The meeting will be held in the Lord Ashcroft Building, Room LAB002 (Breakout Room LAB006 for networking & refreshments).
 +
 
 +
Please enter through the Helmore Building and ask at reception.
 +
 
 +
Anglia Ruskin University
 +
 
 +
Cambridge Campus
 +
 
 +
East Road
 +
 
 +
Cambridge
 +
 
 +
CB1 1PT
 +
 
 +
Please note that there is no parking on campus.
Get further information on travelling to the university.
 +
 
 +
<nowiki>http://www.anglia.ac.uk/ruskin/en/home/your_university/anglia_ruskin_campuses/ca</nowiki> mbridge_campus/find_cambridge.html
 +
 
 +
----
 +
'''Planned dates for upcoming events'''
 +
{| class="wikitable"
 +
|Cambridge_OWASP  Event 20170927 - Secure Coding Challenge
 +
|11/09/2017
 +
|-
 +
|Cambridge_OWASP/BCS Cybercrime Forensics & Social Media  Forensics Day Event
 +
|11/10/2017
 +
|-
 +
|Cambridge_OWASP & BCS East Anglia Event - GDPR Evening
 +
|07/11/2017
 +
|-
 +
|Cambridge_OWASP & UK Cyber Security Forum GDPR Event  20171115
 +
|15/11/2017
 +
|-
 +
|Cambridge_OWASP Event 20171205
 +
|05/12/2017
 +
|-
 +
|Cambridge_OWASP & BCS Cybercrime Forensics/IoT Forensics  Security Day
 +
|10/01/2018
 +
|-
 +
|Cambridge_OWASP & UK Cyber Security Forum Cyber Machine  Learning Day
 +
|18/01/2018,
 +
|-
 +
|Cambridge_OWASP Event
 +
|13/02/2018
 +
|-
 +
|Cambridge_OWASP Event
 +
|13/03/2018
 +
|-
 +
|Cambridge_OWASP Event
 +
|17/04/2018
 +
|-
 +
|Cambridge_OWASP Event
 +
|08/05/2018
 +
|}
  
[[Category:OWASP Chapter]]
+
= Past Events =
[[Category:United Kingdom]]
+
{| class="wikitable" style="text-align:center;" border="1" |
 +
! width="300" | Date
 +
! width="350" | Name / Title
 +
! width="300" | Link
 +
|-
 +
|18 January 2018
 +
|Chris Woods
 +
|[[Media:Deck_OWASP_event_17-01.pptx|presentation]]
 +
|
 +
|-
 +
|18 January 2018
 +
|Nikola Milosevic
 +
|[[Media:OWASPCambridge.pptx|presentation]] ‎
 +
|
 +
|-
 +
|18 January 2018
 +
|Dr Ali Dehghantanha
 +
|[[Media:OWASP_Cambridge_Myths_and_Truths_Cyber_Threat_Hunting_and_Intelligence_in_IoT_Environments.pptx|presentation]] ‎
 +
|
 +
|-
 +
|10 January 2018
 +
|Aleksander Gorkowienko
 +
|[[Media:A.Gorkowienko-Securing_Oil_and_Gas_Systems_From_Cyber-attack_v1.1.pdf|presentation]]
 +
|
 +
|-
 +
|5 December 2017
 +
|Deepinder Singh
 +
|
 +
|
 +
|-
 +
|5 December 2017
 +
|Leum Dunn
 +
|[[Media:100 things.pdf|presentation]]
 +
|
 +
|-
 +
|7 November 2017
 +
|Dr Reza Alavi
 +
|[[Media:GDPR.pptx|presentation]]
 +
|-
 +
|11 October 2017
 +
|Dr Char Sample
 +
|[[Media:FN-20171011_(compressed_image_version.pdf|presentation]]
 +
|-
 +
|11 October 2017
 +
|Dennis Ivory & Dr Diane Gan
 +
|[[Media:Anglia Ruskin F435.pptx|presentation]]
 +
|-
 +
|12 September 2017
 +
|John Fitzgerald - Secure Code Warrior
 +
|presentation
 +
|-
 +
| 4 April 2017
 +
| Leum Dunn - Redacted
 +
| [[Media:A day in the life of.pdf|presentation]]
 +
|--
 +
| 7 March 2017
 +
| Andrew Thompson - Checkmarx
 +
| [[Media:OWASP Cambridge - Checkmarx Software AppSec kit.pdf|presentation]]
 +
|--
 +
| 7 March 2017
 +
| John Haine IoT Security Foundation (Chair)
 +
| [[Media:Ambassador IoTSF Feb 2017 Intro jlh.pdf|presentation]]
 +
|-
 +
| 25 Jan 2017
 +
| Nick Alston CBE / PIER Chair
 +
| [[Media:Cyber session.pptx|presentation]]
 +
|-
 +
| 25 Jan 2017
 +
| Mark Pearce/ 7Safe/PA Consulting
 +
| [[Media:PA GDPR 25 JANUARY 2017.pdf|presentation]]
 +
|-
 +
| 25 Jan 2017
 +
| Martin Cassey / Nascenta
 +
| [[Media:2017-01-25,GDPR Readiness-Handout.pdf|presentation]]
 +
|-
 +
| 25 Jan 2017
 +
| Paul Rowley FBCS / Havebury Housing Association
 +
| [[Media:OWASP event 250117 Paul Rowley pres.pptx|presentation]]
 +
|-
 +
| 25 Jan 2017
 +
| Laurence Kaleman / Legal Director, Olswang
 +
| [[Media:Olswang slides - GDPR and NIS Directive - accountability security and trust - 25 Jan 2017.pdf|presentation]]
 +
|-
 +
| 25 Jan 2017
 +
| Tony Drewitt / Head of Consultancy - IT Governance
 +
| [[Media:ITGGDPRNIS20170125v0.1.pdf|presentation]]
 +
|-
 +
| 19 Jan 2017
 +
| Tony Drewitt / Head of Consultancy - IT Governance
 +
| [[Media:ITG IncidentResponse 20170119.pdf|presentation]]
 +
|-
 +
| 19 Jan 2017
 +
| Peter Yapp / NCSC Deputy Director - Incident Response
 +
| [[Media:NCSC slides.pdf|presentation]]
 +
|-
 +
| 19 Jan 2017
 +
| Martin Cassey / Nascenta
 +
| [[Media:Nascenta-IM-handout.pdf|presentation]]
 +
|-
 +
| 10 Nov 2016
 +
| Graham Rymer /  University of Cambridge
 +
|
 +
|-
 +
| 10 Nov 2016
 +
| Mark Wickenden
 +
|
 +
|-
 +
| 12 05 2016
 +
| Phil Cobley / Modern Policing & the Fight Against Cyber Crime
 +
| [[Media:Cyber Threat Presentation - ARU Cyber Resilience - May 2016.pdf|presentation]]
 +
|-
 +
| 12 05 2016
 +
| Jules Pagna Disso / Building a resilient ICS
 +
| [[MEdia:Building a resilient ICS.pdf|presentation]]
 +
|-
 +
| 08 03 2016
 +
|  Andrew Lee-Thorp / So you want to use a WebView? Android WebView: Attack and Defence
 +
|
 +
|-
 +
| 10 11 2015
 +
| Steve Lord / Trying (and failing) to secure the Internet of Things
 +
|
 +
|-
 +
|
 +
| John Mersh / Software and System Security: a life vest in the IoT ocean
 +
|
 +
|-
 +
| 10 Oct 2015
 +
| Sumit "sid" Siddharth / Some neat, new and ridiculous hacks from our vault
 +
|
 +
|-
 +
| 10 Feb 2015
 +
| Steven van der Baan / Web Application Security Testing with Burp Suite
 +
|
 +
|-
 +
|  2 December 2014
 +
| Colin Watson / OWASP Cornucopia
 +
|
 +
|-
 +
| 21 October 2014
 +
| Eireann Leverett
 +
| [[Media:20141021-Eireann Leverett-SwitchesGetStitches.pdf|presentation]]
 +
|-
 +
| 1st April 2014
 +
| Ian Glover (CREST) / Overview of the CREST activities to professionalise the industry.
 +
|
 +
|-
 +
|
 +
|  Yiannis Chrysanthou (KPMG) / Modern Password Cracking
 +
|
 +
|-
 +
|
 +
| Damien King (KPMG) / Filename Enumeration with TildeTool
 +
|
 +
|-
 +
| 12th November 2013
 +
| Paul Cain / Tracking Data using Forensics
 +
|
 +
|-
 +
| 12th November 2013
 +
| James Forshaw/ The Forger's Art: Exploiting XML Digital Signature Implementations
 +
| [[Media:20131112-James Forshaw-the forgers art-james forshaw-breakpoint2k13.pdf|presentation]]
 +
|-
 +
| 5th March 2013
 +
| Sarantis Makoudis / Android (in)Security
 +
| [[Media:20130305-sarantis.pdf|presentation]]
 +
|-
 +
| 5th March 2013
 +
| Nikhil Sreekumar / Power On, Powershell
 +
| [http://www.slideshare.net/Roo7break/power-on-powershell presentation]
 +
|}
 +
<!-- Don't remove this tag -->
 +
__NOTOC__
 +
<headertabs></headertabs>

Latest revision as of 11:59, 21 January 2018

OWASP Cambridge

Welcome to the Cambridge chapter homepage. The chapter leaders are Adrian Winckles and Steven van der Baan.
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.


Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Local News

ARU CSNRG, OWASP Cambridge, BCS Cybercrime “IoT & ICS/SCADA Forensics Workshop” 2018

Wednesday 10th January 2018 09:30– 14:00, Lord Ashcroft Building (LAB002), Anglia Ruskin University, Cambridge.

Hosted by the Cyber Security & Networking Research Group, Anglia Ruskin University, British Computer Society (BCS) Cybercrime Forensics Special Internet Group’s and OWASP (Open Web Application Security Project) Cambridge Chapter.

Industry pundits have predicted that we are about to experience the fourth industrial revolution (Industry 4.0), which is the future of industrial production based on the “Internet of Things” (IoT). As with all previous industrial major transitions, this leads to exciting opportunities but also great challenges. The “perfect world” is that IoT, is expected to offer advanced connectivity of devices, systems, and services that goes beyond machine-to-machine (M2M) communications. The interconnection of these embedded devices will potentially usher in automation in nearly all fields, resulting in improved efficiency, accuracy and economic benefit in addition to reduced human intervention.  However, integrating IoT technologies within an organization means loosening access to the IT infrastructure, thus making it more susceptible to errors and vulnerable to attack. This is a scary proposition as intruders will not stop trying to find new ways of infiltrating business networks.

To better understand these infiltrations a cyber forensics program is necessary but this can be a challenging task when being applied to nontraditional environments, such as IoT and industrial control systems. Modern IT networks, through data exchange mechanisms, data storage devices and general computing components provide a good foundation for creating a landscape used to support effective cyber forensics. However, modern control systems environments are not easily configurable to accommodate forensics programs. Nonstandard protocols, legacy architectures that can be several decades old, and irregular or extinct proprietary technologies can all combine to make the creation and operation of a cyber forensics program anything but a smooth and easy process.

Background

The British Computer Society (BCS) Cybercrime Forensics Special Interest Group (SIG) promotes Cybercrime Forensics and the use of Cybercrime Forensics; of relevance to computing professionals, lawyers, law enforcement officers, academics and those interested in the use of Cybercrime Forensics and the need to address cybercrime for the benefit of those groups and of the wider public.

OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organization focused on improving the security of application software. Their mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.

The Cyber Security and Networking (CSN) Research Group at Anglia Ruskin University has close working strategic relationships with industry, professional bodies, law enforcement, government agencies and academia in the delivery of operationally focused applied information and application security research.  We have strong international links with professional organisations such as OWASP, BCS, ISC2, IISP & the UK Cyber Security Forum amongst others.  The primary aims of CSNRG are to help the UK and partner nations to tackle cybercrime, be more resilient to cyber attacks and educate its users for a more secure cyberspace and operational business environment. These will be achieved through the investigation of threats posed to information systems and understanding the impact of attacks and creation of cyber-based warning systems which gathering threat intelligence, automate threat detection, alert users and neutralising attacks.  For network security we are researching securing the next generation of software defined infrastructures from the application API and control/data plane attacks. Other key work includes Computer forensic analysis, digital evidence crime scenes and evidence visualisation as well as Cyber educational approaches such as developing Capture the Flag (CTF) resources and application security programs. 

Speaker Biographies

Ken Munro, Pen Test Partners  

Ken is a regular speaker at events such as the ISSA Dragon’s Den, (ISC)2 Chapter events and CREST (Council of Registered Ethical Security Testers), where he sits on the board. He’s also an Executive Member of the“Internet of Things Security Forum”, a body that aims to promote best security practice and the application of controls in smart device manufacturing, and spoke out on IoT security design flaws at the forum’s inaugural event. He’s also not averse to getting deeply techie, regularly participating in hacking challenges and demos at Black Hat, 44CON, DefCon and Bsides.

Ken has a wealth of experience in penetration testing but its the systems and objects we come into contact with on an everyday basis that really pique his interest. This has seen him hack everything from keyless cars and a range of Internet of Things (IoT) devices, from wearable tech to children’s toys and smart home control systems. This has gained him notoriety among the national press, leading to regular appearances on BBC TV and BBC News online as well as the broadsheet press. He’s also a familiar contributor to industry magazines, penning articles for the legal, security, insurance, oil and gas, and manufacturing press.

Aleksander Gorkowienko, Principal Cyber Security Consultant and Penetration Tester at PA Consulting/7Safe Ltd. (UK): “Securing sub-sea control systems from cyber-attack: vulnerabilities found by an experienced penetration tester”

In the IT industry since 1997, always being happy to play with various high-tech toys. With wide area of interests and rich business experience (development, design and maintenance of software, dealing with various IT systems) now deeply involved into IT Security area. For everyday helping to strengthen the security of business applications and corporate infrastructure for enterprises across the UK: banks, e-commerce, production, public sector, etc. Specially interested in databases and applications security (web applications and windows apps). Also responsible for preparing and delivering training courses (i.e. Certified Application Security Tester -CAST or Secure Coding for Web Developers) and creating a variety of hacking challenges.

Abstract: “Securing sub-sea control systems from cyber-attack: vulnerabilities found by an experienced penetration tester”

7Safe has recently helped to remediate serious security vulnerabilities in a sub-sea control system for a global provider of industrial solutions of oil and gas that will be deployed on a Floating, Production, Storage and Offloading vessel (FPSO).

Aleksander ‘Aleks’ Gorkowienko conducted simulated attacks - demonstrating that an attacker could connect to the network and carry out Man-In-The-Middle attacks, change time data coming from the ship GPS system and to intercept and modify network traffic whilst remaining virtually unnoticed. As a result, the client was satisfied that we had enabled them to significantly harden their system and in so doing protect their prestigious reputation in the Oil & Gas industry.

Aleks will outline how he approached this task in collaboration with the development engineers and what lessons have been learned from penetration testing.

Karl Williams, Principal Consultant  - PA Consulting, “ICS Demonstrator”

Karl Williams is a Principal Consultant with PA Consulting’s Energy & Utilities Cyber team and has extensive experience in conducting and delivering complex assignments on Industrial Control Systems (ICS) across energy and transport Critical National Infrastructure (CNI) clients.

Abstract: ICS Demonstrator

The PA Consulting Energy & Utilities Cyber team developed the ICS Demonstrator to support industry operating with ICS in place. The tool uses real life ICS equipment and networks to provide demonstrations of potential cyber-attacks, security testing of ICS/OT devices and the integration and testing of security solutions. Currently the OT on the rig has been configured to simulate the cooling process found within a nuclear reactor but its flexible architecture means that it can be changed to simulate other industrial processes much like those found in gas and power generation plants. Combined with our test rig and our CREST approved cyber security arm 7safe we have the capability to carry out comprehensive testing on a range of products, devices and systems, highlight where vulnerabilities lie and recommend risk reducing controls. The demonstrator rig has already been In front of various multi-sector clients, government bodies and regulators and has been well received at many industry conferences and workshops this year.

Maxim Silin, Technical Architect , GSK - TBC

Maxim Silin is a CTO and Committee Member with International Operational Technology Security Association (IOTSA).  Maxim has extensive experience in ICS Cyber Security consultancy and solutions in Automation Industry (Power, Nuclear, Utilities, Chemical, Oil& Gas and Pharma) across worldwide.

Maxim is ENISA ICS CERT member focusing on red team scenarios and advising organizations how to protect their OT environment from attacks. He is visiting lecture within different r training organizations, including universities in Scotland and other countries focusing on network and security programmes for OT Environment and researcher with numbers of cyber security programmes like ENISA FP7 framework (Cockpit CI, Atena and more).  He likes to cook and active outdoors activities: hiking and mountain climbing.

The International Operational Technology Security Association (IOTSA) and like-minded partners from the public and private sectors are working together and collaborating to reduce the risk of a significant compromise of our Operational Technology, ICS, SCADA, IT and IoT environments.

Provisional Agenda

09:30 – 10:00 Registration & Refreshments (LAB006)

10:00 – 10:05 Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Director of Cyber Security & Networking Research Group, Anglia Ruskin University (LAB002)

10:05 – 11:00 Ken Munro, Pen Test Partners.

11:00 – 11:30 Aleksander Gorkowienko, PA Consulting & 7Safe: “Securing sub-sea control systems from cyber-attack: vulnerabilities found by an experienced penetration tester”

11:30 – 12:00 Karl Williams, PA Consulting “Live hacking Industrial Control Systems with the ICS Demonstrator”

12:00 – 13:00 Maxim Silin, Technical Architect, GSK - TBC

13:00 – 14:00 Lunch & Networking (LAB006)

Registration

To register for this free event, please register online at

https://www.eventbrite.com/e/aru-csnrg-owasp-cambridge-bcs-cybercrime-forensics-iot-icsscada-forensics-workshop-10th-january-2018-tickets-41515777809

The meeting will be held in the Lord Ashcroft Building, Room LAB002 (Breakout Room LAB006 for networking & refreshments).

Please enter through the Helmore Building and ask at reception.

Anglia Ruskin University

Cambridge Campus

East Road

Cambridge

CB1 1PT

Please note that there is no parking on campus.
Get further information on travelling to the university.

http://www.anglia.ac.uk/ruskin/en/home/your_university/anglia_ruskin_campuses/ca mbridge_campus/find_cambridge.html

Joint OWASP Cambridge, BCS Cybercrime Forensics SIG UK Cyber Security Forum – Cambridge Cluster “Cyber Security & AI Day” 2018

Thursday 18th January 2018 9:30– 17:00, Lord Ashcroft Building (LAB002), Anglia Ruskin University, Cambridge.

Hosted by the Cyber Security & Networking Research Group, Anglia Ruskin University, British Computer Society (BCS) Cybercrime Forensics Special Internet Group’s, UK Cyber Security Forum Cambridge Cluster and OWASP (Open Web Application Security Project) Cambridge Chapter

Over the past couple of year’s 2016-17 significant advancements in artificial intelligence in self-driving cars, language translation, and big data have been observed. However, during the same time period, we have also witnessed the rise of ransomware, botnets, and attack vectors as popular forms of malware attack, with according to Malware Byte's State of Malware report, cybercriminals continually expanding their methods of attack (e.g., attached scripts to phishing emails and randomization), To complement the skills and capacities of human analysts, organizations are turning to machine learning (ML) in hopes of providing a more forceful deterrent. ABI Research forecasts that "machine learning in cybersecurity will boost big data, intelligence, and analytics spending to $96 billion by 2021."

Background

The British Computer Society (BCS) Cybercrime Forensics Special Interest Group (SIG) promotes Cybercrime Forensics and the use of Cybercrime Forensics; of relevance to computing professionals, lawyers, law enforcement officers, academics and those interested in the use of Cybercrime Forensics and the need to address cybercrime for the benefit of those groups and of the wider public.

OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organization focused on improving the security of application software. Their mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.

The Cyber Security and Networking (CSN) Research Group at Anglia Ruskin University has close working strategic relationships with industry, professional bodies, law enforcement, government agencies and academia in the delivery of operationally focused applied information and application security research.  We have strong international links with professional organisations such as OWASP, BCS, ISC2, IISP & the UK Cyber Security Forum amongst others.  The primary aims of CSNRG are to help the UK and partner nations to tackle cybercrime, be more resilient to cyber attacks and educate its users for a more secure cyberspace and operational business environment. These will be achieved through the investigation of threats posed to information systems and understanding the impact of attacks and creation of cyber-based warning systems which gathering threat intelligence, automate threat detection, alert users and neutralising attacks.  For network security we are researching securing the next generation of software defined infrastructures from the application API and control/data plane attacks. Other key work includes Computer forensic analysis, digital evidence crime scenes and evidence visualisation as well as Cyber educational approaches such as developing Capture the Flag (CTF) resources and application security programs.

The Cambridge Cyber Security Cluster is an affiliate UK Cyber Security Forum, a government and industry led partnership which will look at how the region can develop the skills and infrastructure to combat cyber security threats.

Speaker Biographies

Dave Palmer & Andrew Tsonchev, Director of Technology, Darktrace “How unsupervised machine learning can be used successfully to provide cyber defence to small or large organisations”

Dr Ali Dehghantanha Marie-Curie International Incoming Research Fellow in Cyber-Forensics Cyber Threat Hunting and Intelligence in IoT Environments 

Dr. Ali has served for more than a decade in a variety of industrial and academic positions with leading players in Cyber-Security, Forensics and Threat Intelligence. He has long history of working in different areas of computer security as security researcher, malware analyzer, penetration tester, security consultant, professional trainer, and university lecturer. Ali is imminently qualified in the field of cyber security; he has an EU Marie Curie post-doctoral fellowship in cyber forensics, Ph.D in Security in Computing and a number of professional qualifications namely GXPN, GREM GCFA,  CISM, CCFP and CISSP. Ali is a fellow of the UK Higher Education Academy (HEA) and a senior IEEE-UK member.

Abstract:

Cyber Threat Hunting and Cyber Threat Intelligence are growing fields of practice in cyber security. This presentation first looks at meaning of these terms and where and how relevant technologies should be utilised. Afterwards, suitability of using artificial intelligence techniques for threat hunting and intelligence in IoT environments is discussed through analysing several case studies of using machine learning classification and deep learning techniques in attack detection. The presentation is concluded by suggesting some future works and opportunities for further collaboration.

Nikola Milosevic , Research Associate University of Manchester, Machine learning aided Android malware classification

Nikola Milosevic is a research associate at the University of Manchester, Manchester Institute of Innovation Research, where his research topics focus around machine learning and natural language processing. Previously he was doing a PhD at the School of Computer Science, the University of Manchester. He is involved with OWASP (Open Web Application Security Project) as a founder of OWASP Serbia local chapter, OWASP Manchester local chapter leader and a project leader of OWASP Seraphimdroid mobile security project, as well as contributing to several other projects.

Abstract:

The widespread adoption of Android devices and their capability to access significant private and confidential information have resulted in these devices being targeted by malware developers. Existing Android malware analysis techniques can be broadly categorized into static and dynamic analysis. In this paper, we present two machine learning aided approaches for static analysis of Android malware. The first approach is based on permissions and the other is based on source code analysis utilizing a bag-of-words representation model. Our permission-based model is computationally inexpensive, and is implemented as the feature of OWASP Seraphimdroid Android app that can be obtained from Google Play Store. Our evaluations of both approaches indicate an F-score of 95.1% and F-measure of 89% for the source code-based classification and permission-based classification models, respectively.

Richard Dennis, Security Researcher, Nettitude, “Machine Learning for the Bad Guys – Attack on Bitcoin”

Richard obtained a Masters in Computer information security, with a grade of distinction from the university of Portsmouth in 2013 and is currently at the writing stage of his PhD examining scalability solution to blockchain networks. Richard taught as a lecturer of Cryptography at the school of computing at Portsmouth University from 2017, being the youngest cryptographer lecturer in the United Kingdom. Currently Richard is undertaking research within Nettitude on vulnerabilities in public / private key generation in cryptocurrencies as well looking at use cases of blockchain technology.

Deepinder Singh – Principal Consultant at Verizon Consulting and Advisory Services, AI Challenges of Cyber Big Data

Deepinder (Deep) works as a Principal Consultant at Verizon Consulting and Advisory Services. He challenges, educates and engages with his audiences on many keys issues of cybersecurity and digital transformation. He encourages innovative thinking to generate actionable strategies that help business thrive in a VUCA world. He believes that poor quality decision-making skills significantly contribute towards insecure systems resulting in security breaches and compromises. He has worked with many of the worlds’ largest organisations across numerous industries. In his twenty-year business career, he has held senior leadership positions in large and medium-sized organisations.

He has addressed several conferences and events on the wide-ranging topics of Cybersecurity, GRC, GDPR, Big Data Analytics and Artificial Intelligence.

Deep has attended Harvard Business School and holds a Post Graduate Diploma in Business Management along with various industry qualifications including ISO/IEC 27001 Lead Auditor, CISSP, CISM, CRISC and CGEIT. He is currently pursuing Professional Doctorate at the University of East London. 

Deep actively engages in voluntary work. He is the Vice-President of ISACA London Chapter and Secretary of Verizon Reading Toastmasters Club. In the past, he has served as Secretary for BCS-IRMA Specialist Group and a judge for SC Magazine (Europe) Awards.

Abstract: AI Challenges of Cyber Big Data

Nathan Benaich, LondonAI, “Using Machine Learning to reduce reduce cyber data analysis” - TBC

Chris Woods, Founder & CEO CyberSparta, Neil Passingham (CISO) & Kari Lawler

 “Machine Learning in the Security Operations Centre, SOCaaS” –

Biography: Chris Woods Founder & CEO CyberSparta

An experienced leader within the cyber security realm, Chris Woods is also the founder and director of CyberSparta – an award winning cyber security startup in the UK. Having previously managed elite security teams at the European Space Agency, HP and Fujitsu, Chris brings over 20 years of pure cyber Security experience developed within the EU and MENA regions.

Whilst at HP, Chris developed and led a cyber security practice, culminating in the acquisition of ArcSight for $1.5b. With the creation of CyberSparta, Chris is now leading a passionate team of cyber and business professionals, developing the next generation of security solutions within the Big Data and Machine Learning realms.

Chris is a committed Information Security Champion and frequent speaker at international conferences and events.

Biography: Neil Passingham
Chief Information Security Officer [CISO]

Neil is a highly-experienced technical and business consultant, solutions architect, client adviser and innovator with 32 years’ IT experience (17 focused on security). Neil is a former CLAS consultant and has worked on securing accreditation for major government clients whilst leading the government accreditation department at HP.

His experience is wide and deep including business development, pre-sales, solution architecture, application development, testing (including ethical hacking), implementation, security assessment/accreditations, metrics/KPIs and often acting as “trusted advisor” for clients.

Provisional Agenda

09:30 – 10:00 Registration & Refreshments (LAB006)

10:00 – 10:15 Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Director of Cyber Security & Networking Research Group, Anglia Ruskin University, (LAB002)

10:15 – 11:00 “How unsupervised machine learning can be used successfully to provide cyber defence to small or large organisations” - Dave Palmer & Andrew Tsonchev, Director of Technology, Darktrace

11:00 – 11:45 “Cyber Threat Hunting and Intelligence in IoT Environments” Dr Ali Dehghantanha Marie-Curie International Incoming Research Fellow in Cyber-Forensics

11:45 – 12:30 “Machine learning aided Android malware classification”, Nikola Milosevic , Research Associate University of Manchester,

12:30 – 13:15 Lunch & Networking (LAB006)

13:15 – 14:00  “AI Challenges of Cyber Big Data”, Deepinder Singh – Principal Consultant at Verizon Consulting and Advisory Services

14:00 – 14:45 “Machine Learning for the Bad Guys – Attack on Bitcoin”,  Richard Dennis, Security Researcher, Nettitude,

14:45 – 15:15  Refreshments (LAB006)

15:15 – 16:00 “Using Machine Learning to reduce reduce cyber data analysis”, Nathan Benaich, LondonAI,  - TBC

16:00 – 16:45  “Machine Learning in the Security Operations Centre”, Chris Wood, CEO Cyber Sparta,  Neil Passingham [CISO] & Kari Lawler

16:45 - 17:00 Session Wrap Up & Close

Registration

To register for this free event, please register online at

http://ow.ly/ca8Z30hoaPU

The meeting will be held in the Lord Ashcroft Building, Room LAB002 (Breakout Room LAB006 for networking & refreshments).

Please enter through the Helmore Building and ask at reception.

Anglia Ruskin University

Cambridge Campus

East Road

Cambridge

CB1 1PT

Please note that there is no parking on campus.
Get further information on travelling to the university.

http://www.anglia.ac.uk/ruskin/en/home/your_university/anglia_ruskin_campuses/ca mbridge_campus/find_cambridge.html


Planned dates for upcoming events

Cambridge_OWASP Event 20170927 - Secure Coding Challenge 11/09/2017
Cambridge_OWASP/BCS Cybercrime Forensics & Social Media Forensics Day Event 11/10/2017
Cambridge_OWASP & BCS East Anglia Event - GDPR Evening 07/11/2017
Cambridge_OWASP & UK Cyber Security Forum GDPR Event 20171115 15/11/2017
Cambridge_OWASP Event 20171205 05/12/2017
Cambridge_OWASP & BCS Cybercrime Forensics/IoT Forensics Security Day 10/01/2018
Cambridge_OWASP & UK Cyber Security Forum Cyber Machine Learning Day 18/01/2018,
Cambridge_OWASP Event 13/02/2018
Cambridge_OWASP Event 13/03/2018
Cambridge_OWASP Event 17/04/2018
Cambridge_OWASP Event 08/05/2018
Date Name / Title Link
18 January 2018 Chris Woods presentation
18 January 2018 Nikola Milosevic presentation
18 January 2018 Dr Ali Dehghantanha presentation
10 January 2018 Aleksander Gorkowienko presentation
5 December 2017 Deepinder Singh
5 December 2017 Leum Dunn presentation
7 November 2017 Dr Reza Alavi presentation
11 October 2017 Dr Char Sample presentation
11 October 2017 Dennis Ivory & Dr Diane Gan presentation
12 September 2017 John Fitzgerald - Secure Code Warrior presentation
4 April 2017 Leum Dunn - Redacted presentation
7 March 2017 Andrew Thompson - Checkmarx presentation
7 March 2017 John Haine IoT Security Foundation (Chair) presentation
25 Jan 2017 Nick Alston CBE / PIER Chair presentation
25 Jan 2017 Mark Pearce/ 7Safe/PA Consulting presentation
25 Jan 2017 Martin Cassey / Nascenta presentation
25 Jan 2017 Paul Rowley FBCS / Havebury Housing Association presentation
25 Jan 2017 Laurence Kaleman / Legal Director, Olswang presentation
25 Jan 2017 Tony Drewitt / Head of Consultancy - IT Governance presentation
19 Jan 2017 Tony Drewitt / Head of Consultancy - IT Governance presentation
19 Jan 2017 Peter Yapp / NCSC Deputy Director - Incident Response presentation
19 Jan 2017 Martin Cassey / Nascenta presentation
10 Nov 2016 Graham Rymer / University of Cambridge
10 Nov 2016 Mark Wickenden
12 05 2016 Phil Cobley / Modern Policing & the Fight Against Cyber Crime presentation
12 05 2016 Jules Pagna Disso / Building a resilient ICS presentation
08 03 2016 Andrew Lee-Thorp / So you want to use a WebView? Android WebView: Attack and Defence
10 11 2015 Steve Lord / Trying (and failing) to secure the Internet of Things
John Mersh / Software and System Security: a life vest in the IoT ocean
10 Oct 2015 Sumit "sid" Siddharth / Some neat, new and ridiculous hacks from our vault
10 Feb 2015 Steven van der Baan / Web Application Security Testing with Burp Suite
2 December 2014 Colin Watson / OWASP Cornucopia
21 October 2014 Eireann Leverett presentation
1st April 2014 Ian Glover (CREST) / Overview of the CREST activities to professionalise the industry.
Yiannis Chrysanthou (KPMG) / Modern Password Cracking
Damien King (KPMG) / Filename Enumeration with TildeTool
12th November 2013 Paul Cain / Tracking Data using Forensics
12th November 2013 James Forshaw/ The Forger's Art: Exploiting XML Digital Signature Implementations presentation
5th March 2013 Sarantis Makoudis / Android (in)Security presentation
5th March 2013 Nikhil Sreekumar / Power On, Powershell presentation