Annual Report 2014/2015

Size: px
Start display at page:

Download "Annual Report 2014/2015"

Transcription

1 Quality and Security Program Tirol Annual Report 2014/2015 QE LaB Annual Report 13/14 Page 1

2 Contents About QSP QSP Sponsoring Partners... 3 QSP Supporting Partners... 4 QSP Labs QSP Talks QSP Teaching... 9 inday students QSP Annual Report 14/15

3 About QSP QSP Sponsoring Partners The Quality and Security Program Tirol is an initiative of the Institute of Computer Science at the University of Innsbruck to foster application-oriented education in the area of software engineering, information security and IT management. QSP Tirol offers series of events such as Labs, Talks and Lectures given by renown experts and is dedicated to students enrolled in Tyrolean Universities. QSP was inaugurated in November 2014 within the InDay students, a day with talks, labs and presentations at the Institute of Computer Science. Vyacheslav Zakorzhevsky, Kaspersky Lab, and Prof. Dr. Ruth Breu, at the inday students QSP Annual Report 14/15 3

4 QSP Supporting Partners The Supporting Partners of Quality and Security Program Tirol support the initiative by leading the QSP Labs and giving the QSP Talks. QSP Labs The Quality and Security Program Tirol offers a broad sellection of one to three half day labs with renown experts and hands-on knowledge transfer addressed to the university students. Since November 2014 untill June 2015 the students have had the possibility to attend 13 QSP Labs and to benefit from the knowledge of experienced experts from Kaspersky Lab, sepp.med, sigma star, University of Regensburg, ARZ Allgemeines Rechenzentrum, Lean42, Barracuda Networks, Gründer Consulting, ARM, itestra and IBM Austria. QSP Labs: November June Vyacheslav Zakorzhevsky, Kaspersky Lab Financial Malware and Corresponding Distribution Methods Martin Beißer, sepp.med gmbh Modellbasiertes Testdesign - Testfälle automatisch generieren Richard Weinberger, David Gstir, sigma star gmbh Reverse Engineering Network Appliances Harry M. Sneed, University of Regensburg Analyzing and Testing Software Requirement Documents Dr. Helmut Gratl, ARZ Allgemeines Rechenzentrum GmbH Sicherheitsarchitektur(en) im Enterprise Umfeld Inge Hanschke, Lean42 GmbH EA Best Practices 4 QSP Annual Report 14/15

5 Christian Kovatsch, ARZ Allgemeines Rechenzentrum GmbH Schwachstellen in Browser und Mobile Devices Helmut Gratl, ARZ Allgemeines Rechenzentrum GmbH Sicherheitsüberprüfungen (Theorie und Best Practice) im professionellem Umfeld Martin Ortner and Gregor Koenig, Barracuda Networks Secure Internet Communication Torsten Gründer, Gründer Consulting IT-Outsourcing Management Hannes Tschofenig, ARM Limited Internet of Things (IoT) Tobias Simon, itestra GmbH Software-Qualität im Wandel der Zeit Vyacheslav Zakorzhevsky, Kaspersky Lab Financial Malware and Corresponding Distribution Methods This lab explains all aspects of modern financial malware. Starting from history and evolution, modern stealing techniques and main distribution ways are discussed. The most popular methods - Web-Injection - are demonstrated as well as, an example of real drive-by attack of virtual machine. Vyacheslav Zakorzhevsky has been working in Kaspersky Lab since Initially, as a Virus Analyst, he was subsequently promoted to Head of Vulnerability Research Group. His main areas of interest are polymorphic viruses, exploits and financial malware. In 2014 Vyacheslav Zakorzhevsky was appointed as Head of Anti-Malware Team. Martin Beißer, sepp.med gmbh Modellbasiertes Testdesign - Testfälle automatisch generieren The lab is dedicated to the method of model-based testing - designed to provide objective test design on a solid, systematic basis and therefore of increasing importance and attention. Test models are special graphical models created for example in the known UML tools from which automatically concrete, executable test cases can be derived. The aim of the lab is to introduce the methodology of the graphical test designs. Martin Beißer has conducted his PhD in Seismology. His industrial experience concern the quality assurance and software development. Since 2000, Martin Beißer has been working for sepp.med gmbh, in the area of.mzt Methodology and Test Design. QSP Annual Report 14/15 5

6 Richard Weinberger, David Gstir, sigma star gmbh Reverse Engineering Network Appliances Modern appliances use complex firmware which can harm corporate security as they may carry backdoors or are exploitable due to vulnerabilities. In this lab various reverse engineering methods are presented and examined. Students learn what basic components most network appliances share and how these can be attacked in order to find vulnerabilities or to understand how specific products work. Richard Weinberger is co-founder of sigma star gmbh which offers Linux kernel consulting services. Besides the kernel, he has a strong focus on various low level components of Linux including virtualization techniques. David Gstir graduated at the Graz University of Technology where he specialized in IT Security. He is a senior software engineer and security expert at the sigma star consulting team. Harry M. Sneed, University of Regensburg Analyzing and Testing Software Requirement Documents In this lab Harry M. Sneed summarizes the history of software requirements engineering and explains how requirement documents have been checked in the past. He then presents a new automated approach to analyzing the text documents and generating logical test cases from them. He demonstrates the approach on several requirement documents taken from industry before giving the students the opportunity to practice the method themselves on sample documents. Harry M. Sneed has been working in testing since 1977 when he took over the position of test manager for the Siemens ITS project. At this time he set up the first com-mercial test laboratory in Budapest. Since then he has written 22 books and over 400 articles. He has developed more than 50 different tools. Dr. Helmut Gratl, ARZ Allgemeines Rechenzentrum GmbH Sicherheitsarchitektur(en) im Enterprise Umfeld The lab concerns the issues like: general security architecture principles and guidelines, procedures, requirements and restrictions, framework, standards, zone models, operational IT security management, organization and responsibilities, processes, compliance, auditability, and risk assessment. Dr. Helmut Gratl has been working in the area of IT Security and Architecture for more than 20 years. He has many years of experience in developing complex IT security architectures, creating enterprise security policies and implementing IT security audits. He has received CISSP and CEH certificates. Inge Hanschke, Lean42 GmbH EA Best Practices EA embraces all the processes required to document, analyze and plan an enterprise`s IT landscape. Based on the experience of many projects and long discussions with both customers and academic researchers Inge Hanschke consolidates a comprehensive and practical toolkit for the strategic management of IT landscapes. In the lab which reflects the existing frameworks in EA, e.g. TOGAF, she demonstrates some of these best practices. Inge Hanschke is Managing Director of Lean42 GmbH. Her assignments include the Lean42 EAM methods. Since she has gained her degree in information technology, she has worked as IT manager for user-side enterprises, an ERP product company, and IT service providers. She has successfully aligned both IT and service portfolios with a view to the business requirements. Christian Kovatsch, ARZ Allgemeines Rechenzentrum GmbH Schwachstellen in Browser und Mobile Devices This Lab is dedicated to the identification of security vulnerabilities through Javascript, profile building through Browser and mobile devices, and identifying the failover errors in HTTPS stack of IOS. 6 QSP Annual Report 14/15

7 Helmut Gratl, ARZ Allgemeines Rechenzentrum GmbH Sicherheitsüberprüfungen (Theorie und Best Practice) im professionellem Umfeld The lab concerns the issue of security verification and covers the following points: classification, standards (OWASP, OSSTMM, BSI, NIST), definition of framework, process of implementation, measures and report, and procurement. Martin Ortner, Gregor Koenig, Barracuda Networks Secure Internet Communication The main purpose of Transport Layer Security (TLS) is to transmit data in a secure and confidential way over an unsecured network. It is de-facto standard for secured communication in the internet. This lab provides a profound knowledge and understanding of the algorithms used in TLS in order to circumvent the known pitfalls and weaknesses. It explains the technical background of the cryptographic algorithms used in TLS as well as the existing attacks in an understandable and practical way and presents strategies to prevent them. Dr. Gregor Koenig has been working for Barracuda Networks AG since 2013 where he develops products for secure internet communication. Before joining Barracuda Networks Dr. Koenig was a scientist at the Austrian Institute of Technology in the field of bio-signal processing for medical devices. He wrote his PhD thesis at the Medical University of Vienna and was a lecturer at the Technical University of Vienna. Previously he worked for Frequentis AG in the research and development of safety-critical communication systems for air-traffic security. Martin Ortner graduated with a master s degree from the department of Secure Information Systems at the University of Applied Sciences Upper Austria. He joined Barracuda Networks AG in 2011 where as a Software Developer Quality Assurance he creates network security products. Torsten Gründer, Gründer Consulting IT-Outsourcing Management The lab provides a concrete and practical knowledge about strategic outsourcing projects, their design and implementation. Based on typical scenarios, participants will learn to avoid common mistakes, to control risks and specifically to take advantage of the opportunities resulted from outsourcing. Key aspects of this lab are: project organization and management, specifications, contracts, pricing models, transition, project control, termination management, as well as case studies and experience of more than 120 outsourcing projects. Torsten Gründer is an expert in the area of Outsourcing, an author and lecturer. For over 15 years, as a Managing Director of Gründer Consulting GmbH, he has been providing consultancy services in IT Services/IT Oursourcing. He has developed the OMIT Reference Model - the project management method for successful outsourcing implementation. Hannes Tschofenig, ARM Limited Internet of Things (IoT) An increasing number of every-day devices not only contain a microcontroller inside but they are also connected with the Internet. In this course the students learn about ARM-based microprocessors (in particular the Cortex M0 from Nordic Semiconductor), how to program these processors, work with sensors and actuators, how to communicate with other devices (particularly smart phones and tablets) using Bluetooth Smart (which is a fairly new low-power radio technology), and Internet technologies used in IoT deployments. Hannes Tschofenig is employed by ARM Limited, a company known for their widely used low-power microprocessors found in tablets, mobile phones, and embedded devices. He is focused on developing global standards to make the Internet work better. For the past 14+ years he has been active in one of the leading Internet standards developing organizations, the Internet Engineering Task Force (IETF) contributing to more than 60 technical specifications on security, privacy, and emergency services. Prior employers include EDPS, Nokia, and Siemens. QSP Annual Report 14/15 7

8 Tobias Simon, itestra GmbH Software-Qualität im Wandel der Zeit Quality requirements change over time due to the technical progress and requirements of the environment. In this lab, the lab expert and the students discuss how to define the software quality and its relevance in the economy. With concrete, practical examples, the lab attendants gain a detailed insight into the understanding of quality by the computer scientists and entrepreneurs. Tobias Simon received his Degree in Computer Science at the Technical University of Munich. He has been working for itestra GmbH since His main focus concerns: Quality Analysis of Central Software Systems and Re-Engineering and Optimation of Legal Systems. QSP Talks Beside the QSP Labs, university students have also an opportunity to attend evening events with presentations given by experts from industry and academia. QSP Talks: November June Stefan Ortloff, Kaspersky Lab A Retrospective View On Banking Malware Banking-trojans are seen from the criminal perspective the most direct way to steal other people s money. There is a big four that never seems to go away: Carberp, Citadel, SpyEye, and especially Zeus. In this talk, Stefan Ortloff gives a retrospective view on banking malware, mostly on the notorious ZeuS-Trojan aka ZBot Rainer Böhme, Wilhelms-Universität Münster Kryptographische Währungen als Zahlungsmittel: Prinzipien, Potenziale und Probleme am Beispiel Bitcoin The financial sector was one of the first commercial users of digital technology and later cryptography. In this talk Rainer Böhme presents the possible operations on cryptographic currencies using the example of Bitcoin. Rainer Böhme is an assistant professor at the Institute of Business Information Technology, the University of Münster and specialises in IT security. His research focuses on economic aspects of IT security and data protection, digital forensics and cyber crime as well as privacy-enhancing technology Hannes Tschofenig, ARM Limited Securing the Internet of Things Every day innovative companies and crowd funding projects launch new products in the area of smart cities, home automation, and wearables. Companies as well as researchers are exploring ways to make software and hardware development easier for the masses. Standardized Internet protocols and the availability of software libraries play an important role in lowering the barrier of entry. What is the place of security and privacy in this exciting development? Based on the work at ARM, the industry s leading supplier of microprocessor technology, Hannes Tschofenig describes in his talk how a security solution for Internet of Things could look and what threats can be mitigated. Stefan Ortloff has more than 15 years of experience in the IT industry, in different business areas and as a freelancer. He joined Kaspersky Lab in In 2010 he was appointed to the position of Virus Analyst in the Global Research & Analysis Team. Stefan Ortloff specializes in reverse-engineering, analysis of botnets and forensics. Also non-windows, specifically Linux-based malware is included in his area of interest. 8 QSP Annual Report 14/15

9 QSP Teaching Václav Pech, JetBrains JetBrains MPS - Speaking your language Václav Pech talk is dedicated to the Domain Specific Languages and the possibility to design own DSL - business rules, workflow definitions, structured configurations or handy language extensions that simplify the life. Václav Pech is a software developer in server-side Java technologies, distributed and concurrent systems, modern programming languages and DLSs. He joined JetBrains to create top-notch development tools. He is involved in the MPS project, developing a projectional DSL workbench and building customized DSLs Michael Brunner, Christian Sillaber, Universität Innsbruck Herausforderungen für Next Generation IT Compliance Management Systeme The topic of IT Compliance includes all those measures which serve the compliance with legal requirements, policies and security objectives of the company s internal IT. In addition to legal compliance, the associated risk reduction is targeted by process standardization and centralized control of security measures on a company-wide efficiency and effectiveness. This talk presents the background and the requirements of IT Compliance and the associated frameworks. With a background of current standards and best practices, the specific challenges will be discussed and demonstrated, with an emphasis on future compliance management dealing with increasing complexity of systems and networking applications. QSP Teaching comprises elective lectures and labs in the area of Software Engineering and Information Security offered within the Bachelor and Master Program in Computer Science at the University of Innsbruck. Felix Erlacher, Matthias Gander, Clemens Sauerwein: Angewandte Informationssicherheit (Lecture, WS 2014/15) Dr. Matthias Farwick: Domain-specific Language Engineering (Lecture, SS 2015) Additionally, QSP Tirol offers Bachelor and Master Theses in collaboration with the QSP Partners. Master Theses Automated Malware Tests on Smartphones Christoph Leitner Bachelor Theses Evaluierung einer Plattform für Wissensmanagement in einer IT Abteilung Martin Haslinger Designing Secure Architectures for Cloud-Deployed Data Peter Kirk Workflow Management System for Automated Malware Removal Tests Juri Seelmann Ing. Michael Brunner, MSc worked as an IT consultant and as a senior software developer before completing his studies in Computer Science. Since 2013 he has been working as a research assistant in the research group Quality Engineering at the University of Innsbruck. Mag. Christian Sillaber, MSc is a research associate in the research group Quality Engineering at the University of Innsbruck. His research interests concern operational safety management and the qualitative evaluation of safety documentation. QSP Annual Report 14/15 9

10 inday students 2014 The first issue of inday students took place on November 27th, Its mission was to bring together students of Computer Science and inform them about the research groups, collaborating industry partners and spin-offs. The audience at inday students 2014 presentations The winner of the Students Projects Slam: Sebastian Stabinger with Dr. Andreas Doblander (ARZ) and Michael Danzl (Egger Holz) 10 QSP Annual Report 14/15

11 Contact: Prof. Dr. Ruth Breu Institute of Computer Science University of Innsbruck Technikerstrasse 21a 6020 Innsbruck Tel: +43 (0) Fax: +43 (0)

EIT ICT Labs MASTER SCHOOL. Specialisations

EIT ICT Labs MASTER SCHOOL. Specialisations EIT ICT Labs MASTER SCHOOL Specialisations S&P EIT ICT Labs Master Programme Security & Privacy The Learning outcomes of this major are: Understanding the concepts and technologies for achieving confidentiality,

More information

EIT ICT Labs MASTER SCHOOL S&P Programme Specialisations

EIT ICT Labs MASTER SCHOOL S&P Programme Specialisations EIT ICT Labs MASTER SCHOOL S&P Programme Specialisations S&P EIT ICT Labs Master Programme Security & Privacy The programme in Security and Privacy focuses on the study of the design, development and evaluation

More information

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global

More information

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis, K.Markantonakis@rhul.ac.uk

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis, K.Markantonakis@rhul.ac.uk Proposed PhD Research Areas I am looking for strong PhD candidates to work on the projects listed below. The ideal candidate would have a mix of theoretical and practical skills, achieved a distinction

More information

Certifications and Standards in Academia. Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute

Certifications and Standards in Academia. Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute Certifications and Standards in Academia Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute Accreditation What is it? Why is it important? How is it attained? The National Centers

More information

Annual Report 2014/15. Quality Engineering Laura Bassi Lab

Annual Report 2014/15. Quality Engineering Laura Bassi Lab Annual Report 2014/15 Quality Engineering Laura Bassi Lab Prof. Dr. Ruth Breu Head of Quality Engineering Laura Bassi Lab, University of Innsbruck QE LaB operates with the ambition to create novel methods

More information

Course Bachelor of Information Technology majoring in Network Security or Data Infrastructure Engineering

Course Bachelor of Information Technology majoring in Network Security or Data Infrastructure Engineering Course Bachelor of Information Technology majoring in Network Security or Data Infrastructure Engineering Course Number HE20524 Location Meadowbank OVERVIEW OF SUBJECT REQUIREMENTS Note: This document

More information

Cyber Security and Critical Information Infrastructure

Cyber Security and Critical Information Infrastructure Cyber Security and Critical Information Infrastructure Dr. Gulshan Rai Director General Indian Computer Emergency Response Team (CERT- In) grai [at] cert-in.org.in The Complexity of Today s Network Changes

More information

Embedded Java & Secure Element for high security in IoT systems

Embedded Java & Secure Element for high security in IoT systems Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product

More information

Mobile Application Security Sharing Session May 2013

Mobile Application Security Sharing Session May 2013 Mobile Application Security Sharing Session Agenda Introduction of speakers Mobile Application Security Trends and Challenges 5 Key Focus Areas for an mobile application assessment 2 Introduction of speakers

More information

Information Systems and Tech (IST)

Information Systems and Tech (IST) California State University, San Bernardino 1 Information Systems and Tech (IST) Courses IST 101. Introduction to Information Technology. 4 Introduction to information technology concepts and skills. Survey

More information

Contents The College of Information Science and Technology 2011-2012 Undergraduate Course Descriptions

Contents The College of Information Science and Technology 2011-2012 Undergraduate Course Descriptions Contents The College of Information Science and Technology 2011-2012 Undergraduate Course Descriptions Information Science & Systems Courses INFO 101 - Introduction to Information Technology Introduces

More information

Computer Scientist. Conduct research in latest computer and network security technologies for high assurance system security solutions

Computer Scientist. Conduct research in latest computer and network security technologies for high assurance system security solutions Computer Scientist Conduct research in latest computer and network security technologies for high assurance system security solutions Develop algorithms, tools and techniques to enhance information assurance

More information

Beyond the Hype: Advanced Persistent Threats

Beyond the Hype: Advanced Persistent Threats Advanced Persistent Threats and Real-Time Threat Management The Essentials Series Beyond the Hype: Advanced Persistent Threats sponsored by Dan Sullivan Introduction to Realtime Publishers by Don Jones,

More information

What is Really Needed to Secure the Internet of Things?

What is Really Needed to Secure the Internet of Things? What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices

More information

Master of Science Service Oriented Architecture for Enterprise. Courses description

Master of Science Service Oriented Architecture for Enterprise. Courses description Master of Science Service Oriented Architecture for Enterprise Courses description SCADA and PLC networks The course aims to consolidate and transfer of extensive knowledge regarding the architecture,

More information

White Paper. Enhancing Website Security with Algorithm Agility

White Paper. Enhancing Website Security with Algorithm Agility ENHANCING WEBSITE SECURITY WITH ALGORITHM AGILITY White Paper Enhancing Website Security with Algorithm Agility Enhancing Website Security with Algorithm Agility Contents Introduction 3 Encryption Today

More information

Masters in Human Computer Interaction

Masters in Human Computer Interaction Masters in Human Computer Interaction Programme Requirements Taught Element, and PG Diploma in Human Computer Interaction: 120 credits: IS5101 CS5001 CS5040 CS5041 CS5042 or CS5044 up to 30 credits from

More information

MEng, BSc Applied Computer Science

MEng, BSc Applied Computer Science School of Computing FACULTY OF ENGINEERING MEng, BSc Applied Computer Science Year 1 COMP1212 Computer Processor Effective programming depends on understanding not only how to give a machine instructions

More information

Masters in Advanced Computer Science

Masters in Advanced Computer Science Masters in Advanced Computer Science Programme Requirements Taught Element, and PG Diploma in Advanced Computer Science: 120 credits: IS5101 CS5001 up to 30 credits from CS4100 - CS4450, subject to appropriate

More information

Masters in Artificial Intelligence

Masters in Artificial Intelligence Masters in Artificial Intelligence Programme Requirements Taught Element, and PG Diploma in Artificial Intelligence: 120 credits: IS5101 CS5001 CS5010 CS5011 CS4402 or CS5012 in total, up to 30 credits

More information

ICT SECURITY SECURE ICT SYSTEMS OF THE FUTURE

ICT SECURITY SECURE ICT SYSTEMS OF THE FUTURE OVERVIEW Critial infrastructures are increasingly dependent on information and communication technology. ICT-systems are getting more and more complex, and to enable the implementation of secure applications

More information

Dept. of Financial Information Security

Dept. of Financial Information Security Dept. of Financial Information Security Department of Financial Information Security offers an excellent education and interdisciplinary cutting-edge research programs to train future leaders and innovators

More information

The Hidden Dangers of Public WiFi

The Hidden Dangers of Public WiFi WHITEPAPER: OCTOBER 2014 The Hidden Dangers of Public WiFi 2 EXECUTIVE SUMMARY 4 MARKET DYNAMICS 4 The Promise of Public WiFi 5 The Problem with Public WiFi 6 MARKET BEHAVIOR 6 Most People Do Not Protect

More information

Masters in Networks and Distributed Systems

Masters in Networks and Distributed Systems Masters in Networks and Distributed Systems Programme Requirements Taught Element, and PG Diploma in Networks and Distributed Systems: 120 credits: IS5101 CS5001 CS5021 CS4103 or CS5023 in total, up to

More information

Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved

Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved Siemens AG - Corporate Technology - IT Security Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved Not a single

More information

Master of Science in Information Systems & Security Management. Courses Descriptions

Master of Science in Information Systems & Security Management. Courses Descriptions Master of Science in Information Systems & Security Management Security Related Courses Courses Descriptions ISSM 530. Information Security. 1 st Semester. Lect. 3, 3 credits. This is an introductory course

More information

Center of Academic Excellence Cyber Operations Program 2013 Application

Center of Academic Excellence Cyber Operations Program 2013 Application Center of Academic Excellence Cyber Operations Program 2013 Application Name of Institution: Mailing Address of Institution: Date: Institution s President s Name and Official Email Address: Department

More information

Information for Applicants for a Professorship in the field of Networks and Security

Information for Applicants for a Professorship in the field of Networks and Security Information for Applicants for a Professorship in the field of Networks and Security Johannes Kepler University Linz, Altenberger Straße 69, 4040 Linz, Austria, www.jku.at, DVR 0093696 I. DIE JOHANNES

More information

Paradigmenw echsel in der IT-Sicherheit Sicherheit vor Malw are-angriffen und Datenspionage

Paradigmenw echsel in der IT-Sicherheit Sicherheit vor Malw are-angriffen und Datenspionage Paradigmenw echsel in der IT-Sicherheit Sicherheit vor Malw are-angriffen und Datenspionage Ammar Alkassar, CEO 8. Oktober 2013 It-sa Forum Rot Sirrix AG Founded in 2001 as a technology spin-off from the

More information

Bachelor of Information Technology (Network Security)

Bachelor of Information Technology (Network Security) Bachelor of Information Technology (Network Security) Course Structure Year 1: Level 100 Foundation knowledge subjects SEMESTER 1 SEMESTER 2 ITICT101A Fundamentals of Computer Organisation ITICT104A Internetworking

More information

VIRTUALIZATION SECURITY OPTIONS: CHOOSE WISELY

VIRTUALIZATION SECURITY OPTIONS: CHOOSE WISELY VIRTUALIZATION SECURITY OPTIONS: CHOOSE WISELY With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next One Size Does Not Fit All 1 For virtualization security, there s no one size

More information

Information Systems Security Certificate Program

Information Systems Security Certificate Program Information Technologies Programs Information Systems Security Certificate Program Accelerate Your Career extension.uci.edu/infosec University of California, Irvine Extension s professional certificate

More information

Research Report: Addressing Security Concerns for Connected Devices in the Internet of Things Era

Research Report: Addressing Security Concerns for Connected Devices in the Internet of Things Era Sponsored by Oracle Research Report: Addressing Security Concerns for Connected Devices in the Internet of Things Era Introduction About Survey Respondents The Internet of Things (IoT) and the rise of

More information

Bellevue University Cybersecurity Programs & Courses

Bellevue University Cybersecurity Programs & Courses Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320

More information

Network Test Labs (NTL) Software Testing Services for igaming

Network Test Labs (NTL) Software Testing Services for igaming Network Test Labs (NTL) Software Testing Services for igaming Led by committed, young and dynamic professionals with extensive expertise and experience of independent testing services, Network Test Labs

More information

INFORMATION TECHNOLOGY (INFO)

INFORMATION TECHNOLOGY (INFO) INFORMATION TECHNOLOGY (INFO) This is a list of the Information Technology (INFO) available at KPU. Please note: Access to 1000-level is limited to Bachelor of Technology in Information Technology, Computer

More information

Masters in Computing and Information Technology

Masters in Computing and Information Technology Masters in Computing and Information Technology Programme Requirements Taught Element, and PG Diploma in Computing and Information Technology: 120 credits: IS5101 CS5001 or CS5002 CS5003 up to 30 credits

More information

Reality Check: Practical Limitations of Technical Privacy Protection

Reality Check: Practical Limitations of Technical Privacy Protection Munich IT Security Research Group Reality Check: Practical Limitations of Technical Privacy Protection Hans-Joachim Hof MuSe - Munich IT Security Research Group Munich University of Applied Sciences hof@hm.edu

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

MEng, BSc Computer Science with Artificial Intelligence

MEng, BSc Computer Science with Artificial Intelligence School of Computing FACULTY OF ENGINEERING MEng, BSc Computer Science with Artificial Intelligence Year 1 COMP1212 Computer Processor Effective programming depends on understanding not only how to give

More information

What is a life cycle model?

What is a life cycle model? What is a life cycle model? Framework under which a software product is going to be developed. Defines the phases that the product under development will go through. Identifies activities involved in each

More information

National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity

National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity National Cybersecurity Challenges and NIST Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity Though no-one knows for sure, corporate America is believed to lose anything

More information

Principles of Information Assurance Syllabus

Principles of Information Assurance Syllabus Course Number: Pre-requisite: Career Cluster/Pathway: Career Major: Locations: Length: 8130 (OHLAP Approved) Fundamentals of Technology or equivalent industry certifications and/or work experience. Information

More information

Facilitated Self-Evaluation v1.0

Facilitated Self-Evaluation v1.0 Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) Patricia Hoffman Facilitated Self-Evaluation v1.0 Assistant Secretary Office of Electricity Delivery and Energy Reliability U.S.

More information

Wireless Infusion Pumps: Securing Hospitals Most Ubiquitous Medical Device

Wireless Infusion Pumps: Securing Hospitals Most Ubiquitous Medical Device Wireless Infusion Pumps: Securing Hospitals Most Ubiquitous Medical Device The Healthcare Sector at the NCCoE MARCH, 3 2016 THE NATIONAL CYBERSECURITY LAB HELPS SECURE HIT 1. About Us: The National Cybersecurity

More information

Rethinking Cyber Security for Industrial Control Systems (ICS)

Rethinking Cyber Security for Industrial Control Systems (ICS) Rethinking Cyber Security for Industrial Control Systems (ICS) Bob Mick VP Emerging Technologies ARC Advisory Group bmick@arcweb.com 1 Rethinking Cyber Security We Now Have Years of Experience - Security

More information

Implementing Cisco IOS Network Security v2.0 (IINS)

Implementing Cisco IOS Network Security v2.0 (IINS) Implementing Cisco IOS Network Security v2.0 (IINS) Course Overview: Implementing Cisco IOS Network Security (IINS) v2.0 is a five-day instructor-led course that is presented by Cisco Learning Partners

More information

PKI: THE SECURITY SOLUTION FOR THE INTERNET OF THINGS

PKI: THE SECURITY SOLUTION FOR THE INTERNET OF THINGS PKI: THE SECURITY SOLUTION FOR THE INTERNET OF THINGS TABLE OF CONTENTS 2 EXECUTIVE SUMMARY 3 THE EMERGENCE OF THE INTERNET OF THINGS 4 SECURITY RISKS IN NETWORKED DEVICES 6 PKI S FOUNDATION OF STRONG

More information

Applied and Integrated Security. C. Eckert

Applied and Integrated Security. C. Eckert Applied and Integrated Security 1 Joseph von Fraunhofer (1787-1826) Researcher discovery of Fraunhofer Lines in the sun spectrum Inventor new methods of lens processing Entrepreneur head of royal glass

More information

InfoSec Academy Application & Secure Code Track

InfoSec Academy Application & Secure Code Track Fundamental Courses Foundational Courses InfoSec Academy Specialized Courses Advanced Courses Certification Preparation Courses Certified Information Systems Security Professional (CISSP) Texas Security

More information

Telecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT

Telecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT Telecom Testing and Security Certification A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT 1 Need for Security Testing and Certification Telecom is a vital infrastructure

More information

CYBER SECURITY TRAINING SAFE AND SECURE

CYBER SECURITY TRAINING SAFE AND SECURE CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need

More information

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,

More information

IT Security Quo Vadis?

IT Security Quo Vadis? Munich IT Security Research Group IT Security Quo Vadis? Hans-Joachim Hof MuSe - Munich IT Security Research Group Munich University of Applied Sciences hof@hm.edu http://muse.bayern Prof. Dr.-Ing. Hans-Joachim

More information

Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.

Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted. Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted. Administrative Awareness Case Study: Government Offices Certification and Accreditation:

More information

Cyber Security and Privacy - Program 183

Cyber Security and Privacy - Program 183 Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology

More information

Industrie 4.0. Towards a Holistic Approach for Cyber Safety and Security

Industrie 4.0. Towards a Holistic Approach for Cyber Safety and Security Industrie 4.0 Towards a Holistic Approach for Cyber Safety and Security Prof. Dr.-Ing. Reiner Anderl Marco Grimm, M.Sc. Datenverarbeitung in der Konstruktion (DiK) Fachbereich Maschinenbau Technische Universität

More information

CRYPTOGRAPHY AS A SERVICE

CRYPTOGRAPHY AS A SERVICE CRYPTOGRAPHY AS A SERVICE Peter Robinson RSA, The Security Division of EMC Session ID: ADS R01 Session Classification: Advanced Introduction Deploying cryptographic keys to end points such as smart phones,

More information

INSIGHTS CUPP COMPUTING MOBILE SECURITY MULTINATIONAL DECISIONMAKERS STUDY 2015

INSIGHTS CUPP COMPUTING MOBILE SECURITY MULTINATIONAL DECISIONMAKERS STUDY 2015 INSIGHTS CUPP COMPUTING MOBILE SECURITY MULTINATIONAL DECISIONMAKERS STUDY 2015 CHERYL HARRIS, PH.D. DECISIVE ANALYTICS LLC 575 MADISON AVENUE, 10 TH FL NEW YORK, NY 10022 917.628.6167 14. January 2015

More information

Global IT Security Risks

Global IT Security Risks Global IT Security Risks June 17, 2011 Kaspersky Lab leverages the leading expertise in IT security risks, malware and vulnerabilities to protect its customers in the best possible way. To ensure the most

More information

Elevation of Mobile Security Risks in the Enterprise Threat Landscape

Elevation of Mobile Security Risks in the Enterprise Threat Landscape March 2014, HAPPIEST MINDS TECHNOLOGIES Elevation of Mobile Security Risks in the Enterprise Threat Landscape Author Khaleel Syed 1 Copyright Information This document is an exclusive property of Happiest

More information

EIT Education & the EIT ICTLabs Master School. Prof. Fabrizio Granelli Local Master School Coordinator, UNITN

EIT Education & the EIT ICTLabs Master School. Prof. Fabrizio Granelli Local Master School Coordinator, UNITN EIT Education & the EIT ICTLabs Master School Prof. Fabrizio Granelli Local Master School Coordinator, UNITN Education, EIT & UNITN Maurizio Marchese Fabrizio Granelli Director of Education Local MS coordinator

More information

Summer projects for Dept. of IT students in the summer 2015

Summer projects for Dept. of IT students in the summer 2015 Summer projects for Dept. of IT students in the summer 2015 Here are 7 possible summer project topics for students. If you are interested in any of them, contact the person associated with the project

More information

Ensuring the security of your mobile business intelligence

Ensuring the security of your mobile business intelligence IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive

More information

Capabilities for Cybersecurity Resilience

Capabilities for Cybersecurity Resilience Capabilities for Cybersecurity Resilience In the Homeland Security Enterprise May 2012 DHS Cybersecurity Strategy A cyberspace that: Is Secure and Resilient Enables Innovation Protects Public Advances

More information

Visualizing Threats: Improved Cyber Security Through Network Visualization

Visualizing Threats: Improved Cyber Security Through Network Visualization Visualizing Threats: Improved Cyber Security Through Network Visualization Intended audience This white paper has been written for anyone interested in enhancing an organizational cyber security regime

More information

IoT Security Platform

IoT Security Platform IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there

More information

2015 Security Training Schedule

2015 Security Training Schedule 2015 Security Training Schedule Risk Management Framework Course (RMF) / $1,950.00 Per Student Dates June 1-4 Location 4775 Centennial Blvd., Suite 103 / Colorado Springs, CO 80919 July 20 23 444 W. Third

More information

Masters in Information Technology

Masters in Information Technology Computer - Information Technology MSc & MPhil - 2015/6 - July 2015 Masters in Information Technology Programme Requirements Taught Element, and PG Diploma in Information Technology: 120 credits: IS5101

More information

DOBUS And SBL Cloud Services Brochure

DOBUS And SBL Cloud Services Brochure 01347 812100 www.softbox.co.uk DOBUS And SBL Cloud Services Brochure enquiries@softbox.co.uk DOBUS Overview The traditional DOBUS service is a non-internet reliant, resilient, high availability trusted

More information

WHITE PAPER. Understanding How File Size Affects Malware Detection

WHITE PAPER. Understanding How File Size Affects Malware Detection WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through

More information

Strategic Plan On-Demand Services April 2, 2015

Strategic Plan On-Demand Services April 2, 2015 Strategic Plan On-Demand Services April 2, 2015 1 GDCS eliminates the fears and delays that accompany trying to run an organization in an unsecured environment, and ensures that our customers focus on

More information

Seedling Internet of Things (IoT) and Wearables Platform

Seedling Internet of Things (IoT) and Wearables Platform Seedling Internet of Things (IoT) and Wearables Platform WHITE PAPER Hitseed Oy Version 4.9.2014 HitSeed Introduction HitSeed Oy (www.hitseed.com) was founded and incorporated in 2012 in Finland to focus

More information

I m visualizing large datasets to generate

I m visualizing large datasets to generate GRADUATE SCHOOL 2015-2016 I m visualizing large datasets to generate new insights Graduate program Computer Science * This major is formally part of the Computer Science & Engineering Bachelor program

More information

NanopowerCommunications: Enabling the Internet of Things OBJECTS TALK

NanopowerCommunications: Enabling the Internet of Things OBJECTS TALK NanopowerCommunications: Enabling the Internet of Things OBJECTS TALK When objects can both sense the environment and communicate, they become tools for understanding complexity and responding to it swiftly.

More information

CFIR - Finance IT 2015 Cyber security September 2015

CFIR - Finance IT 2015 Cyber security September 2015 www.pwc.dk Cyber security Audit. Tax. Consulting. Our global team and credentials Our team helps organisations understand dynamic cyber challenges, adapt and respond to risks inherent to their business

More information

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk Industrial Cyber Security Risk Manager Proactively Monitor, Measure and Manage Cyber Security Risk With Today s Cyber Threats, How Secure is Your Control System? Today, industrial organizations are faced

More information

ITL BULLETIN FOR MARCH 2012 GUIDELINES FOR IMPROVING SECURITY AND PRIVACY IN PUBLIC CLOUD COMPUTING

ITL BULLETIN FOR MARCH 2012 GUIDELINES FOR IMPROVING SECURITY AND PRIVACY IN PUBLIC CLOUD COMPUTING ITL BULLETIN FOR MARCH 2012 GUIDELINES FOR IMPROVING SECURITY AND PRIVACY IN PUBLIC CLOUD COMPUTING Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute

More information

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial

More information

SPECjEnterprise2010 & Java Enterprise Edition (EE) PCM Model Generation DevOps Performance WG Meeting 2014-07-11

SPECjEnterprise2010 & Java Enterprise Edition (EE) PCM Model Generation DevOps Performance WG Meeting 2014-07-11 SPECjEnterprise2010 & Java Enterprise Edition (EE) PCM Model Generation DevOps Performance WG Meeting 2014-07-11 Andreas Brunnert Performance & Virtualization Group, Information Systems Division fortiss

More information

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses

More information

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS Prof. Dr.-Ing. Georg Sigl Institute for Security in Information Technology Technical University Munich sigl@tum.de Fraunhofer Research Institution

More information

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA IT TRENDS AND FUTURE CONSIDERATIONS Paul Rainbow CPA, CISA, CIA, CISSP, CTGA AGENDA BYOD Cloud Computing PCI Fraud Internet Banking Questions The Mobile Explosion Mobile traffic data in 2011 was nearly

More information

Network Security in Building Networks

Network Security in Building Networks Network Security in Building Networks Prof. Dr. (TU NN) Norbert Pohlmann Institute for Internet Security - if(is) Westphalian University of Applied Sciences Gelsenkirchen, Germany www.if-is.net Content

More information

K 066/921. Master Curriculum. Computer Science. (in English)

K 066/921. Master Curriculum. Computer Science. (in English) K 066/921 Master Curriculum Computer Science (in English) 1_MS_ComputerScience_Curr Seite 1 von 11 Inkrafttreten: 1. 10. 2013 Table of Contents 1 Qualification Profile...3 2 Admissions...5 3 Structure

More information

The State of Mobile Application Insecurity

The State of Mobile Application Insecurity The State of Mobile Application Insecurity Sponsored by IBM Independently conducted by Ponemon Institute LLC Publication Date: February 2015 Ponemon Institute Research Report Part 1. Introduction The State

More information

Introduction to Penetration Testing Graham Weston

Introduction to Penetration Testing Graham Weston Introduction to Penetration Testing Graham Weston March 2014 Agenda Introduction and background Why do penetration testing? Aims and objectives Approaches Types of penetration test What can be penetration

More information

VON BRAUN LABS. Issue #1 WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS VON BRAUN LABS. State Machine Technology

VON BRAUN LABS. Issue #1 WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS VON BRAUN LABS. State Machine Technology VON BRAUN LABS WE PROVIDE COMPLETE SOLUTIONS WWW.VONBRAUNLABS.COM Issue #1 VON BRAUN LABS WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS State Machine Technology IoT Solutions Learn

More information

Cyber-Security. FAS Annual Conference September 12, 2014

Cyber-Security. FAS Annual Conference September 12, 2014 Cyber-Security FAS Annual Conference September 12, 2014 Maysar Al-Samadi Vice President, Professional Standards IIROC Cyber-Security IIROC Rule 17.16 BCP The regulatory landscape Canadian Government policy

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

Protecting Your Organisation from Targeted Cyber Intrusion

Protecting Your Organisation from Targeted Cyber Intrusion Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology

More information

Developing the Corporate Security Architecture. www.avient.ca Alex Woda July 22, 2009

Developing the Corporate Security Architecture. www.avient.ca Alex Woda July 22, 2009 Developing the Corporate Security Architecture www.avient.ca Alex Woda July 22, 2009 Avient Solutions Group Avient Solutions Group is based in Markham and is a professional services firm specializing in

More information

WIND RIVER SECURE ANDROID CAPABILITY

WIND RIVER SECURE ANDROID CAPABILITY WIND RIVER SECURE ANDROID CAPABILITY Cyber warfare has swiftly migrated from hacking into enterprise networks and the Internet to targeting, and being triggered from, mobile devices. With the recent explosion

More information

UPnP: The Discovery & Service Layer For The Internet of Things April 2015

UPnP: The Discovery & Service Layer For The Internet of Things April 2015 UPnP: The Discovery & Service Layer For The Internet of Things April 2015 The First Chapter: The Connected Home In late 1999, the founding members of what would become the UPnP Forum started to put together

More information

Fighting Advanced Threats

Fighting Advanced Threats Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.

More information

Executive Brief The Global Market for Embedded Software Security Solutions, 2012-2016

Executive Brief The Global Market for Embedded Software Security Solutions, 2012-2016 2013 M2M Embedded Software & Tools Executive Brief The Global Market for Embedded Software Security Solutions, 2012-2016 Part of the Strategic Insights 2013, M2M Embedded Software Technologies Research

More information

Kaspersky Security for Mobile

Kaspersky Security for Mobile Kaspersky Security for Mobile See. Control. Protect. MOVING TARGETS Mobile devices play a key role in connectivity and productivity. But they also introduce new risks to the business: in the past 12 months

More information

Where every interaction matters.

Where every interaction matters. Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper

More information