• ISC2015_report by Tetiana Yarygina

• ISC2015 report by Håkon Gunleifsen

• ISC2015 report by Martin Strand
• ISC2015 report by Yi-Ching Liao

Evaluation Committee:

• Associate Professor Johan Peder Hansen from Department of Mathematics at Aarhus University (1st opponent)
• Maître Assistant Relinda Jurrius from Institut de mathématiques at the University of Neuchatel, Switzerland (2nd opponent)
• Professor Boris Kruglikov, Department of Mathematics and Statistics at the University of Tromsø – Norway’s Arctic University (internal member and committee chairman)

Supervisor:

• Professor Trygve Johnsen, Department of Mathematics and Statistics, Faculty of Science and Technology

Head of disputation:

• Dean Morten Hald, Faculty of Science and Technology

Congratulations!

The title of her thesis is “Multivariate public key cryptosystems produced by quasigroups” and the given topic for her trial lecture was “What is a quantum computer and what are the relations to cryptology?”.

The following committee had been appointed to evaluate her thesis, trial lecture and defence:

• Prof. Carlos Frederico Cid, University of London
• Prof. Ales Dràpal, Charles University of Prague
• Prof. Stig Frode Mjølsnes, Department of Telematics, NTNU
• Prof. Stig Frode Mjølsnes, Department of Telematics, NTNU, had been appointed as the administrator of the assessment committee.

Simona Samardjiska carried out her PhD work at the Department of Telematics, NTNU. Her main supervisor was Prof. Danilo Gligoroski.

Congratulations!

The outer ear is an emerging biometric trait that has drawn the attention of the research community for more than a decade. The unique structure of the auricle is long known among forensic scientists and has been used for the identification of suspects in many cases. The next logical step towards a broader application of ear biometrics is to create automatic ear recognition systems.

This work focuses on the usage of texture (2D) and depth (3D) data for improving the performance of ear recognition. It compares ear recognition systems using either texture or depth data with respect to segmentation and recognition accuracy, but also in the context of robustness to pose variations, signal degradation and throughput.

The proposed ear recognition system is integrated into a demonstrator system as a part of a novel identification system for forensics. The system is benchmarked against a number of different datasets that comprise of 3D head models, mugshots and CCTV videos from four different perspectives. As a result of this work, limitations of current ear recognition systems are outlined and possible directions for future applied research are provided.

Congratulations!

The ACM Special Interest Group for Security Audit and Control (SIGSAC) had requested nominations for this year’s SIGSAC Doctoral Dissertation Award for Outstanding PhD Thesis in Computer and Information Security. This annual award by SIGSAC recognizes excellent research by doctoral candidates in the field of computer and information security. The SIGSAC Doctoral Dissertation Award winner and up to two runners-up will be recognized at the ACM CCS conference. The award winner will receive a plaque, a $1,500 honorarium and a complimentary registration to the current year’s ACM CCS Conference. The runners-up each will receive a plaque.

COINS wishes Nils Ulltveit-Moe luck in the further stages of the selection process.

In the past two decades, as a result of the advancement in quantum algorithms, the crypto community showed increasing interest in algorithms that would be potentially secure in the post quantum world. One of the possible alternatives are Multivariate Quadratic (MQ) public key cryptosystems based on the NP-hard problem of solving quadratic polynomial systems of equations over finite fields.Many different MQ schemes emerged over the years, most of which fall into two main categories – single field schemes, including UOV, Rainbow, STS, the MQQ family of cryptosystems, and mixed field schemes including C*, SFLASH, HFE. Unfortunately, most of them have been successfully cryptanalysed using three major types of attacks:
– MinRank attacks – based on the problem of finding a low rank linear combination of matrices;
– Equivalent Keys attacks – based on finding an equivalent key for the respective scheme.
– Differential attacks – based on specific invariants of the differential of a given public key.

The seminar concentrated on the MinRank attacks and Equivalent Keys attacks on single-field MQ schemes. After an introduction in the topic, the focus was focus on:
– The new attack on the MQQ family of cryptosystems, that will be presented at PKC 2015. The MQQ family of cryptosystems (the name coming from Multivariate Quadratic Quasigroups being used in the design) show especially good performance properties. In particular, the MQQ-SIG signature scheme is the fastest scheme in the ECRYPT benchmarking of cryptographic systems (eBACS). We show that both the signature scheme MQQ-SIG and the encryption scheme MQQ-ENC, although using different types of MQQs, share a common algebraic structure that introduces a weakness in both schemes. We use this weakness to mount a successful polynomial time key-recovery attack that finds an equivalent key. Our theoretical results work in characteristic 2 which is known to be the most difficult case to address in theory for MinRank attacks. Futher, the attack can be applied to any MQ scheme, that exibits linear subspaces. From a practical point of view, we are able to break an MQQ-SIG instance of 80 bits security in less than 2 days, and MQQ-ENC instances of 128 bits security in little bit over 9 days.
– The generalization of the attack on other schemes in MQ cryptography. We will show how this attack extends to a new general framework for the security of MQ schemes with respect to attacks that exploit the existence of linear subspaces. For the purpose, we have adopted the linearity measures that have been used traditionally to estimate the security of symmetric cryptographic primitives, namely, the nonlinearity measure for vectorial functions introduced by Nyberg, and the (s, t)-linearity measure introduced recently by Boura and Canteaut. We redefine some properties of MQ cryptosystems in terms of these known symmetric cryptography notions, and show that our new framework is a compact generalization of several known attacks in MQ cryptography against single field schemes. We use the framework to explain various pitfalls regarding the successfulness of these attacks. Finally, we argue that linearity can be used as a solid measure for the susceptibility of MQ schemes to these attacks, and also as a necessary tool for prudent design practice in MQ cryptography.

Why it is necessary to have a women’s conference is to recruit women to the security industry – both in terms of education and to seek exciting jobs in an industry that will be of great importance in the future (digitization of our society). The conference is to ensure diversity and balance in this industry. To create an arena where women can gather – such as with Security Divas – should also motivate, engage and inspire more women to participate in this industry.

COINS supported Ambika Chitrakar and Yi-Ching Liao to participate in Security Divas.

There are many services nowadays that require secure transmission of large amounts of data. For that purpose special algorithms for symmetric cryptography are used. Such types of cryptographic primitives were scrutinized in the thesis. The focus of the research was on block ciphers, stream ciphers, hash functions and the components they are built of. The thesis proposes several methods to assess the reliability of cryptographic algorithms against a variety of modern attacks. It also proposes several criteria to improve resistance ratio. A piece of software was developed as a proof of concept of the theoretically achieved results. The block cipher and the hash function developed in the research will be implemented in the Ukrainian natioal standards from 2015.

Oleksandr Kazymyrov was born in Ukraine in 1987. He studied information security at Kharkiv National University of Radio Electronics in 2005-2009, and received master’s degree in information security in computer systems and networks in 2010. The doctoral work, begun in 2011, has been performed at the Department of Informatics at the University of Bergen.

Many of the competitors had experience from earlier competitions. At the COINS Ph.D. student seminar last week, the COINS team decided to take part without any special preparation. They finished among the top 50% of all teams. Owing to extensive research project obligations, most team members could only dedicate time in the beginning of the two-day competition. The COINS team reflected the distributed nature of COINS with students being based in four locations (Gjøvik, Grimstad, Oslo, and Trondheim) and communicating by text messaging and video conference.

Congratulations, Ambika, Andrii, Chris, Huihui, Ijlal, Vivek, and Yi-Ching!

Slides from the presentation.

In digital communication data is represented with ones and zeros (binary form). Binary sequences that have good properties are essential to increase robustness and reduce likelihood of errors in modern communication systems. Whole family of binary sequences with good mutual “correlation properties” is used in modern CDMA systems. Such sequences can also be used to construct error correcting codes. They correct errors that occur during transmission (or storage) of data that is susceptible to noise. The binary sequences also have many important applications in cryptography and are therefore of great importance for achieving secure and reliable communications.

A fundamental problem is to construct families of good sequences. A method for constructing both sequence families, error correcting codes and cryptographic systems, with desired properties is by using non-linear functions. The thesis studies special classes of “perfect” (PN) or “almost perfect” (APN) non-linear functions and shows how these features can be used to create new sequence families and classes of codes with optimal error correcting properties. A mathematical analysis of the new sequence families and codes which were constructed in the study shows promising results.

Congratulations!

The third day was devoted to investigation the advantages/disadvantages of multi-core systems. In particular, it was shown that many cores on a lower speed will execute tasks with less power consumption than a single one. Some limitations on the efficiency and cache size were given. Then, Rich Caruana from Microsoft presented an extensive study of different ML models including ensemble classifiers with boosting and bagging. The accuracy of huge number of different combinations of classifiers and datasets were given. Also Deep Learning was investigated in terms of efficiency and model complexity. It was concluded that there is no need to build complex models in order to achieve better and faster results. In fact the model compression is a trade-off. The day was finished by the streams framework explanations together with useful examples of usage. The fourth day consisted of application of ML for astroparticle detectors using Android phones first and then simulating it on the Streams framework.

The main outcome from attending the summer school for me is in the broad understanding the data streams mining and corresponding mechanisms for parallel optimization in Machine Learning. Also a view on model compression in Neural Networks for Big Data was uniquely useful. The attendance was beneficial since I have got multiple ideas for my current work on access control as a data streams mining problem. Moreover, networking was important as well as bringing new international connections. Finally, people wonder a lot about the COINS research school because of t-short, yet nobody knew that it exists.

We will increase international awareness of COINS as a research school and as a portal to Ph.D. training in information security in Norway. The Ph.D. movie sequel is expected to be watched by candidates for Ph.D. positions as well as by current Ph.D. students and faculty alike.

Data surveillance techniques can be problematic from a privacy perspective, even if the intentions behind the surveillance might be commendable.

Surveillance of computer systems is often used to identify cyber attacks, identify violation to internal IT policies or to perform data retention according to legal requirements.

One of the main problems is that surveillance frequently lacks transparency concerning what indeed is being monitored, who have access to this information, and if side information from the surveillance can be used for other purposes than planned. In addition, information about what is being monitored by computer security companies is usually kept secret for business reasons. Another reason is that information about what is being monitored also may hurt the security of the company if attackers learn which strategies that are being used against cyber attacks.

For some businesses, especially critical infrastructures like health institutions, power grids and transport systems, it is still important to know what kind of information that is being monitored, and make sure that person sensitive or confidential information to as small as possible degree leaks to organisations performing monitoring of computer networks, especially when such operation is being outsourced. This often causes a dilemma between the need for protecting sensitive information and efficient methods for detecting computer attacks.

The dissertation amongst others describes a method for reversible anonymisation of sensitive information from computer monitoring systems, a privacy leakage metric based on Shannon entropy, and how these techniques can be used together in an improvement process which reduces leakage of sensitive information over time.

The research is being continued in the EU-projects PRECYSE and SEMIAH.

PRECYSE is a security project which is researching methods for protecting critical infrastructures against cyber attacks.

SEMIAH, which started 1. march 2014, is developing a secure and privacy friendly infrastructure for virtual power plants, which make profit from matching power consumption with production of renewable energy by moving power consumption in time.

Biography

Nils Ulltveit-Moe is from Moe in Gjerstad municipality in Aust-Agder, Norway. He got a bachelor degree in Telematics from Agder Ingeniør- and Distriktshøgskole (now University of Agder) in 1988 and master in Information Technology from Høgskolesenteret i Rogaland (now University of Stavanger) in 1990. He has worked as software developer for Ericsson and has later worked with computer security for Proseq AS which now is acquired by Telenor Security Operations Center.

He has been assistant professor at UiA since 1998, and has previously participated in the EU project EIAO which did research on large-scale automatic measuring of accessibility to web pages for disabled people. He has since 2009 worked with a PhD related to privacy-enhanced network monitoring, and does now work as assistant professor and work package leader for the EU projects PRECYSE and SEMIAH.

The PhD work is supported by Telenor, the PRECYSE project with contract number FP7-SEC-2012-1-285181 (www.precyse.eu) and UiA.

Security Divas is an information security conference with and for women that work with information security and ICT. The conference took place 16th and 17th of January at Strand Hotell in Gjøvik, and had remarkable female presenters in information security. One of them was Yi-Ching Liao, COINS student member, with a talk on security incident investigation.

Main topics of the conference were a description of the threat situation, handling of and examples of incidents and challenges related to reporting of events.

Berglind Smaradottir, COINS student member, said: “It was a nice event that gathered over 100 ladies working with information security. The topics at the conference covered aspects of information security in society. The conference gave many possibilities for networking and as a Ph.D. research fellow I established contact with other researchers that provided me with information on relevant research conferences in security. Thanks for the funding from COINS for the conference Security Divas.”

The paper written by Waqas Aman (picture on the right) who was supervised by Einar Snekkenes on “An Empirical Research on InfoSec Risk Management in IoT-based eHealth” won the best paper award.

The picture on the left shows professor Einar Snekkenes, Waqas Aman’s co-author of the paper.

The paper can be found here.

COINS congratulates on the achievement.

Proposed agenda:

1. Welcome to new SC members
   Pankaj Pandey and Ctirad Sousedik were elected as Ph.D. student representatives for the period 11/2013 to 10/2014.
2. Agenda
3. Meeting minutes of the SC meeting in Stavanger 2013-11-18
4. Status, goals and milestones
   1. Tasks from previous meetings
   2. Admission of students
   3. coinsrs.no
5. Review of Ph.D. student seminar
6. Suggestions from FRISC Industrial Advisory Board
7. SC members, students, supervisors – how to integrate supervisors better in COINS?
8. Tromsø Ph.D. seminar/winter school 2014 prior to NordSec, Metochi summer school 2015
9. Plans for 2014
   1. Student Researcher Grant
   2. COINS at Finse winter school
   3. Common course description for COINS activities, ECTS for COINS
   4. Overview and discussion of existing Ph.D. courses
   5. Sharing of teaching material
   6. Discussion of teaching methods in information security
   7. Ph.D. student seminar
   8. Academic Advisory Board 2014 in Finse (Monday) or in Tromsø with NordSec (Wednesday)
10. Budget
11. Report to RCN 1/10-2014
12. Miscellaneous

She is the second student affiliated with COINS Research School of Computer and Information Security that graduates with a Ph.D. degree.

The term risk usually means the outcome of events that may be hazardous or that may cause loss. In our daily life, we make decisions taking account of the “risk” we might face, e.g. when crossing the road, baking a cake, driving, etc. These decisions are guided by our intuitive sense and we feel we understand the underlying risks associated with these events. With an evolving nature of information systems environment e.g. social media, cloud, etc, there is also an increase in the number of threats. Thus, it is important that we can identify and determine risks logically, and this is where risk analysis comes into play. Risk Analysis is a systematic process or guidelines that usually consists of three steps: risk identification, risk estimation and risk evaluation.

This thesis contributes by developing a new approach for risk analysis: Conflicting Incentives Risk Analysis (CIRA). In CIRA, the stakeholders, their actions, and their perceived expected consequences are identified and used to characterize the risk situation. Risk is modeled in terms of conflicting incentives between the stakeholders in regards to the execution of actions. Thus, CIRA does not rely on the concept of incident likelihood, unlike most of the classical methods. Moreover, CIRA focuses on human related risks.

This dissertation also contributes by presenting the theoretical concepts of risk acceptance and rejection, addressing both threat and opportunity risks in the context of CIRA. Furthermore, an initial insight into how CIRA can be extended to risk management is given by explaining the risk treatment (response) measures for threat (opportunity) risks.

The picture above shows Lisa with the evaluation committe and the conductor of the public defense. Picture from left: Dean Terje Stafseng (conductor of public defense), Prof. Dr. Steven Furnell, Faculty of Science and Technology, School of Computing and Mathematics, Plymouth University (First external opponent), Lisa Rajbhandari, Prof. Dr. Stephen Wolthusen, Faculty of Computer Science and Media Technology, Gjøvik University College (Head of committee), Adj. Ass. Prof. Karin Sallhammar Bernsmed, NTNU, Research Scientist SINTEF (Second external opponent) and Prof. Dr. Stewart Kowalski, Faculty of Computer Science and Media Technology, Gjøvik University College (Internal opponent)

Congratulations!

The picture to the right shows Lisa Rajbhandari and Einar Snekkenes both wearing their COINS t-shirts.

Ebenezer Paintsil defended his doctoral thesis about information security on Thursday 12th of September.

Ebenezer Paintsil is associated to NISlab (Norwegian Information Security laboratory) at Gjøvik University College.  Title of the dissertation: Privacy and Security Risks Analysis of Identity Management Systems.

He is the first student affiliated with the Norwegian COINS Research School of Computer and Information Security  that graduates with a Ph.D. degree.

The thesis develops a risk model and model-based risk analysis method for privacy and security risks analysis of identity management systems (IDMSs) in order to reduce cost and provide scientific support for the choice of identity management approaches. Model-based risk analysis methods can assist system stakeholders in understanding a risk analysis process because of their effective use of graphical models to facilitate participation, risk communication and documentation. These graphical risk models communicate what can go wrong in a system and assist in the security risk analysis.

This thesis develops a balanced approach to risk analysis where systems’ characteristics and tools that hide complex mathematics are relied upon to analyze privacy and security risks in IDMSs. It provides new knowledge on how to develop risk models for IDMSs from the characteristics of information that flow in them.

Congratulations!

If you are unsure whether to register, talk to your thesis advisor to get encouragement.

NISK brings together people in all areas of information security. Ph.D. students can submit a paper to be presented and published in the conference proceedings after successful peer review. NISK publications give publication points at level 1. There will be a Ph.D. student seminar co-located with NISK probably on 20/11 and 21/11. Exact date, time and programme TBA.

Conference homepage: http://www.frisc.no/arrangementer/nisk-2013/

COINS student members can apply for travel support to participate in NISK. To foster cooperation between Norwegian and Swedish Ph.D. students, COINS invites up to four students from the Swedish SWITS network to participate in NISK.

NordSec addresses a broad range of topics within IT security with the aims of bringing together computer security researchers from around the world and of encouraging interaction between academia and industry. In 2013 the conference has special focus on the security challenges of cyber-physical systems as found within areas as for example avionics, automotive, energy, healthcare and consumer appliances.

Traditionally the conference is arranged in the Nordic countries and in 2013 it will be in Ilulissat (Jakobshavn) situated 200 km north of the Arctic Circle and neighbouring the UNESCO’s World Heritage Centre of Ilulissat Icefjord. Travel to Ilulissat will be limited so early registration and booking is encouraged; please consult the web-page http://nordsec2013.imm.dtu.dk for the latest information.

Student members of COINS can apply for travel support to attend this Nordic information security event.

Each year, SWITS organises a two-day seminar. The seminar is held at a different location every time, this year in Malmö (supported by Lund University), next year probably in Uppsala.

On the first day, research groups presented themselves with each group using only a couple of minutes. This was followed by three consecutive sessions of three Ph.D. student presentations per session, separated by a lunch break and a short break. The presentations were grouped by topics, i.e. “Smart Phone Security and Trusted Platforms”, “Privacy and PETs”, and “Software Security and Information Flow”. Ph.D. students were at different stages in their projects, with some having just started and trying to scope their topic, others in the midst of data gathering and evaluation, and others close to finishing, using the presentation as an exercise for their thesis defence.

After the Ph.D. student presentations we gave a presentation on COINS and discussed possible opportunities for Norwegian/Swedish cooperation in Ph.D. training in information security. The discussion yielded several good ideas, and as one concrete result we will invite students from Sweden to NISK, the annual Norwegian information security conference to be held in Stavanger later this year. More ideas were:

• Promote NordSec better on the COINS website, together with other similar Nordic events
• Joint courses, block-mode with SWITS member institutions
• Joint Capture the Flag events, joint teams, organise a Nordic event
• Joint SWITS/COINS event with students presentations/workshops
• Various competitions, e.g. along the lines of Harvard Business School competitions where there is a joint Norwegian/Swedish jury
• Share information about upcoming Ph.D. defences – and send out invitations

Parallel group discussions followed on “Software Security”, “Security Management”, “Network Security”, and “PETs”. After group discussions, participants went on a boat trip and joined for dinner.

The second day also had three sessions of three Ph.D. student presentations each, interrupted by an invited talk (Jonas Hallberg from FOI on the SECURIT research programme) and a lunch break as well as several short breaks. The seminar was concluded by an invited talk presenting new IT security projects at MSB, the department for security and preparedness in Sweden. MSB also supports SWITS financially.

The concept seemed to work well with participants and organisers, so we are considering to have the first COINS Ph.D. student seminar in a similar fashion.