SecSoft2019 Programme


Monday, June 24th, 2019

9:00 a.m. – 9:10 a.m.
Room: TBD
Welcome Session
Session Chair: Matteo Repetto, CNIT, Italy

9:10 a.m. – 10:30 a.m.
Room: TBD
TS1 – Cyber-security in NFV/SDN
Session Chair: Panagiotis Sarigiannidis, University of Western Macedonia, Greece

A proposal for trust monitoring in a Network Functions Virtualisation Infrastructure

  • Marco De Benedictis, Politecnico di Torino, Italy
  • Antonio Lioy, Politecnico di Torino, Italy
  • A Novel Impact Analysis Approach for SDN-based Networks
  • Beny Nugraha, Technische Universität Chemnitz, Germany
  • Mehrdad Hajizadeh, Technische Universität Chemnitz, Germany
  • Trung V. Phan, Technische Universität Chemnitz, Germany
    Thomas Bauschert, Technische Universität Chemnitz, Germany
  • Towards protected VNFs for multi-operator service delivery
  • Enio Marku, Norwegian Univ. of Science and Technology, Norway
  • Colin Boyd, Norwegian Univ. of Science and Technology, Norway
  • Gergely Biczók, Budapest Univ. of Technology and Economics, Hungary

10:30 a.m. – 11:00 a.m.
Coffee break

11:00 a.m. – 11:30 a.m.
Room: TBD
Keynote speech #1
On the security of Cyber Physical Systems for Smart, Circular cities

Vasilis Katos, Bournemouth University, UK
Abstract – Many cities and their citizens are witnessing an unprecedented transformation attributed to the high penetration rate of digital technologies and services. The industry leaders racing for the establishment of the 5G standards and the high prioritisation of a sustainable growth agenda seem to be driving the evolution of the smart city paradigm. At the same time, Circular Economy is gaining the attention of major stakeholders (such as the European Commission) and policymakers. Circular Economy is defined as an economy that is restorative and regenerative by design, and which aims to keep products, components and materials at their highest utility and value at all times. In the modern, ICT-driven world, Circular Economy is expected to leverage the data generated and consumed by the assets in order to achieve high utilisation. The term Data-Driven Circular Economy refers to the development of intelligent assets through the use of digital technologies such as IoT, networking as well as big data and AI to allow real-time decision making and optimisation in order to solve sustainability challenges. Inevitably, such systems are expected to expose a substantially large attack surface. In this talk, we will explore through a number of use cases some representative security challenges in data-driven Circular Economy ecosystems in the context of smart cities.
Short Bio – Vasilis Katos is Professor at Bournemouth University, Department of Computing and Informatics, . Vasilis obtained an MEng in Electrical Engineering from Democritus University of Thrace in Greece, an MBA from Keele University in the UK and a Ph.D. in Computer Science (network security and cryptography) from Aston University. He is a certified Computer Hacking Forensic Investigator (CHFI) and ENISA’s NIS expert. In a past life, he worked in the Industry as Information Security Consultant (for Novell). Vasilis’ research falls in the area of digital forensics and incident response where he has also served as Expert Witness. He is actively involved in a number of funded research projects and in several national and international cyber defence exercises. He has over 100 publications in journals, book chapters and conference proceedings and serves as a reviewer on several reputable conferences and journals (for example, IEEE Communications Letters, Computers & Security, IEEE Transactions in IoT, ACM Computing Surveys), has coordinated and delivered a number of workshops, both in an academic and a security professionals context. Vasilis is a member of the editorial board of Computers & Security. He is currently leading the development of Bournemouth University’s Computer Emergency and Response Team (BU-CERT).

11:30 a.m. – 12:30 p.m.
Room: TBD

PS – Situational awareness: EU funded projects
ASTRID – AddreSsing ThReats for virtualIseD services

Matteo Repetto, CNIT, Italy
Abstract – The growing adoption of cloud technologies and the trend to virtualise applications are inexorably re-shaping the traditional security paradigms, due to the increasing usage of infrastructures outside of the enterprise perimeter and shared with other users. The ASTRID project aims at shifting the detection and analysis logic outside of the service graph of virtualised services, by leveraging descriptive context models and their usage in ever smarter orchestration logic, hence shifting the responsibility for security, privacy, and trustworthiness from developers or end users to service providers.
Web site:

CYBER-TRUST – Advanced Cyber-Threat Intelligence, Detection, and Mitigation Platform for a Trusted Internet of Things
Dimitris Kavallieros, Center for Security Studies, Greece
Abstract – The CYBER-TRUST project aims to develop an innovative cyber-threat intelligence gathering, detection, and mitigation platform to tackle the grand challenges towards securing the ecosystem of IoT devices. The proposed interdisciplinary approach will capture different phases of such emerging attacks, before and after known (even years old) or unknown (zero-day) vulnerabilities have been widely exploited by cyber-criminals to launch the attack. This intelligence information will be used to maintain accurate vulnerability profiles of IoT devices, in accordance with data protection, privacy, or other regulations, and optimally alter their attack surface to minimise the damage from cyber-attacks.
Web site:

SPEAR – Secure and PrivatE smArt gRid
Panagiotis Sarigiannidis, University of Western Macedonia, Greece
Abstract – As our society is becoming increasingly dependent on Critical INfrastructures (CIN), new technologies are needed to increase our detection and response capabilities. One of the most vulnerable and high-impact CIN is the Smart Grid. The SPEAR proposal aims at a) detecting and responding to cyber-attacks using new technologies and capabilities, b) detecting threat and anomalies timely, c) developing all-in-one security detection solutions, d) leveraging advanced forensics subject to privacy-preserving, e) confronting Advanced Persistent Threat (APT) and targeted attacks in smart grids, f) increasing the resilience of the smart grid innovation, g) alleviating the lack of trust in smart grid operators.
Web site:

REACT – Reactively Defending against Advanced Cybersecurity Threats
Elias Athanasopoulos, University of Cyprus, Cyprus
Abstract – Despite the evolution of computer systems, current security defences – although they have been substantially improved in the last decade – seem not really enough to stop advanced cyber-attacks. We believe that the core of this problem is that cyber attackers are almost always one step ahead of the cyber security researchers and practitioners. Instead of following the cyber attackers, researchers should try to forecast where attackers will strike next and to use this information (i) to fortify potential targets to withstand the attack and (ii) to wire targets up with forensic hooks and make them “forensics ready”. To make all this possible at a reasonable performance cost, we propose selective fortification, a mechanism that combines traditional passive and active defence approaches into a new reactive mode of operation.

SHIELD – Securing against intruders and other threats through a NFV-enabled environment
Marco De Benedictis, Politecnico di Torino, Italy
Abstract – The SHIELD project proposes a universal solution for dynamically establishing and deploying virtual security infrastructures into ISP and corporate networks. SHIELD builds on the huge momentum of Network Functions Virtualisation (NFV), as currently standardised by ETSI, in order to virtualise security appliances into virtual Network Security Functions (vNSFs), to be instantiated within the network infrastructure using NFV technologies and concepts, effectively monitoring and filtering network traffic in a distributed manner. Logs and metrics from vNSFs are aggregated into an information-driven Data Analysis and Remediation Engine (DARE), which leverages state-of-the-art big data storage and analytics in order to predict specific vulnerabilities and attacks by analysing the network and understanding the adversary possibilities, behaviour and intent.

12:30 p.m. – 1:30 p.m.
Lunch break

1:30 p.m. – 2:00 p.m.
Room: TBD
PS2 (cnt’d) – Poster session and open discussion

2:00 p.m. – 3:00 p.m.
Room: TBD
TS2 – Detection and investigation
Session Chair: Nicholas Kolokotronis, University of Peloponnese, Greece

Secure Edge Computing with Lightweight Control-Flow Property-based Attestation

  • Nikos Koutroumpouchos, University of Piraeus, Greece
  • Christoforos Ntantogian, University of Piraeus, Greece
  • Sofia-Anna Menesidou, Ubitech Ltd, Greece
  • Kaitai Liang, University of Surrey, UK
  • Panagiotis Gouvas, Ubitech Ltd, Greece
  • Christos Xenakis, University of Piraeus, Greece
  • Thanassis Giannetsos, Technical University of Denmark, Denmark
  • A Survey On Honeypots, Honeynets And Their Applications On Smart Grid
  • Christos Dalamagkas, University of Western Macedonia, Greece
  • Panagiotis Sarigiannidis, University of Western Macedonia, Greece
  • Dimosthenis Ioannidis, Center for Research and Technology Hellas, Greece
  • Eider Iturbe, Fundacion Tecnalia Research & Innovation, Spain
  • Odysseas Nikolis, Center for Research and Technology Hellas, Greece
  • Francisco Ramos, Schneider Electric, Spain
  • Erkuden Rios, Fundacion Tecnalia Research & Innovation, Spain
  • Antonios Sarigiannidis, Sidroco Holdings, Cyprus
  • Dimitrios Tzovaras, Center for Research and Technology Hellas, Greece

3:00 p.m. – 3:30 p.m.
Coffee break

3:30 p.m. – 4:00 p.m.
Room: TBD
Keynote speech #2
Title: 10 immutable security facts in 2019

Pascal Geenens, Radware, Israel
Abstract – The presentation deals on security topics around public cloud, cloud-native, cloud-based, automated threats, and IoT botnets. It will explain the latest threat landscape from the experience of one worldwide vendor of security solutions. Cloud native security is for those that develop/build microservice architectures or service meshes. Cloud based security is for anyone that is running infrastructure or applications in the cloud – many service providers have a cloud-first strategy and start to move and refactor their applications for the cloud, there is also some chatter to run NFV as containers in the cloud. The analysis will also extend to 5G security which is mainly NFV/MEC based infrastructure. The outcome of the presentation are the next 10 facts:1. The Attack Surface of the Public Cloud is defined by Permissions – 2. The Insider thread of the Public Cloud is the Outsider – 3. HIDs, NIDs, and Flow Collectors are pointless for Securing Cloud-based Applications – 4. WAF does not keep up with Cloud Native Applications – 5. East-West Traffic is getting Encrypted – 6. Attackers are getting Automated – 7. Attacks are getting more Sophisticated – 8. APIs are the new Front-end – 9. Machine and Deep Learning.
Short Bio – As the EMEA Cyber Security Evangelist for Radware, Pascal helps execute the company’s thought leadership on today’s security threat landscape. Pascal brings over two decades of experience in many aspects of Information Technology and holds a degree in Civil Engineering from the Free University of Brussels. As part of the Radware Security Research team Pascal develops and maintains the IoT honeypots and actively researches IoT malware. Pascal discovered and reported on BrickerBot, did extensive research on Hajime and follows closely new developments of threats in the IoT space and the applications of AI in cyber security and hacking. Prior to Radware, Pascal was a consulting engineer for Juniper working with the largest EMEA cloud and service providers on their SDN/NFV and data center automation strategies. As an independent consultant, Pascal got skilled in several programming languages and designed industrial sensor networks, automated and developed PLC systems, and lead security infrastructure and software auditing projects. At the start of his career, he was a support engineer for IBM’s Parallel System Support Program on AIX and a regular teacher and presenter at global IBM conferences on the topics of AIX kernel development and Perl scripting.

4:00 p.m. – 4:50 p.m.
Room: TBD
TS3 – Privacy and forensics
Session Chair: Christoforos Ntantogian, University of Piraeus, Greece

Data Protection by Design for cybersecurity systems in a Smart Home environment

  • Olga Gkotsopoulou, Vrije Universiteit Brussel, Belgium
  • Elisavet Charalambous, ADITESS Ltd., Cyprus
  • Konstantinos Limniotis, University of Peloponnese, Greece
  • Paul Quinn, Vrije Universiteit Brussel, Belgium
  • Dimitris Kavallieros, Center for Security Studies, Greece
  • Gohar Sargsyan, CGI, The Netherlands
  • Stavros Shiaeles, University of Plymouth, UK
  • Nicholas Kolokotronis, University of Peloponnese, Greece

Blockchain Solutions for Forensic Evidence Preservation in IoT Environments

  • Sotirios Brotsis, University of Peloponnese, Greece
  • Nicholas Kolokotronis, University of Peloponnese, Greece
  • Konstantinos Limniotis, University of Peloponnese, Greece
  • Stavros Shiaeles, Plymouth University, UK
  • Dimitris Kavallieros, Center for Security Studies, Greece
  • Emanuele Bellini, Mathema s.r.l., Italy
  • Clément Pavué, Scorechain S.A., Luxembourg

4:50 p.m. – 6:00 p.m.
Room: TBC
Panel – Smart infrastructures and cyber-security

Abstract – As more intelligent control and management paradigms are emerging for computing and networking, so new threats arise due to massive softwarization and young technologies, but new opportunities also stand out for new forms of smart protection, detection, and investigation, leveraging autonomicity and adaptability. The main purpose for the panel will be a constructive debate about the challenges and opportunities to apply recent software-defined networking and computing paradigms to fight cyber-threats, with the ambition to cover multiple domains: 5G and NFV, cloud computing, cyber-physical systems.

Panel Chair

  • Antonio Lioy, Politecnico di Torino, Italy


  • Pascal Geenens, security evangelist, Radware, Israel
  • Pascal Geenens, security evangelist, Radware, Israel
  • Ludovic Jacquin, senior researcher, Hewlett Packard Labs, UK
  • Olivier Festor, director of TELECOM Nancy, France

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 786698. The content of this website does not represent the opinion of the European Union, and the European Union is not responsible for any use that might be made of such content. Therefore, any communication activity related to the action reflects only the author’s view and the European Commission is not responsible for any use that may be made of the information it contains.

Data Protection Policy

Legal Notice