Agenda del Congreso CIBSI 2017 UBA
Programa del Miercoles 1 de Noviembre
Próximo día


09:45-10:30 Sesión 2: Conferencia Magistral Hugo Scolnik
Factorización de enteros y optimización no lineal
SPEAKER: Hugo Scolnik

ABSTRACT. Como es sabido si se pudiesen factorizar enteros de gran tamaño sería posible quebrar RSA. Esta charla se enfocará en algunas formulaciones nuevas del problema de factorización en su relación con la optimización no lineal.

A partir del concepto de target único (ver por ejemplo) se han desarrollado diversos algoritmos, algunos de los cuales conectan al problema de factorizar enteros con la resolución de sistemas de ecuaciones no lineales mediante métodos diversos. Se mostrarán ejemplos y resultados.

10:45-12:15 Sesión 3: Ponencias CIBSI MM
Post-Quantum Cryptography: An Elementary and Compact Key Exchange Scheme Based on Octonions

ABSTRACT. To start encrypted communications, a symmetric cryptography is required in order to exchange keys for use in symmetric cyphers. Most protocols are based on modular operations over integer's rings. Many are vulnerable to sub-exponential attacks or by using a quantum computer. Cryptography based on non-commutative and non-associative structures, are a growing trend as a solid option to reinforce these protocols. In particular, Hecht (2009) has presented a key exchange model based on the Diffie-Hellman protocol using matrices of order four with elements in Z256, that provides 128-bits keys also to devices with low computing power. Kamlofsky et al (2015) presented a quickest model using quaternions. Quaternions are four-component's vectors that form non-commutative rings structures. Octonions can be formed from quaternions. It forms, non-commutative and non-associative structures (NCAS). This paper presents a simple key exchange scheme using octonions.

Ataques de correlación sobre un LFSR vistos como un problema de decodificación por síndrome

ABSTRACT. A natural way of analyzing the stream of bits produced by an LFSR is to understand it as an autonomous system. A perturbed sequence of bits generated by an LFSR can be interpreted as a codeword in the binary linear code generated by the corresponding observability matrix. Then, the problem of finding the original sequence can be then stated as a decoding problem. In this paper, we propose two decoding algorithms, one of them based on the representation technique of the syndromes by Becker et al. (volume 7237 of Lecture Notes in Computer Science, pages 520--536. Springer-Verlag, Berlin, 2012).

Algoritmo de Detección de Fuga de Información aplicando Búsqueda kNN en Comportamientos de Usuario

ABSTRACT. El presente trabajo propone un algoritmo de detección de fugas de información y de anomalías que se basan en el comportamiento de usuario en una serie temporal. Se ha aplicado la técnica de búsqueda kNN de patrones normales en la ejecución de operaciones dentro de un sistema por parte de los usuarios. El algoritmo se aplica en un espacio temporal definido (tres operaciones ejecutadas por el usuario) donde una función cálculo de distancia euclidiana entre los vecinos cercanos identifica la combinación para detectarla como normal, anormal o fuga de información. Se ha realizado una variedad de experimentos con información de usuarios reales de un sistema informático, donde para evaluar la efectividad y eficiencia del algoritmo, como de la métrica de la distancia euclidiana, se ha aplicado las series de tiempo para la clasificación de comportamientos fraudulentos.

Synced Hash-Based Signatures: Post-Quantum Authentication in a Blockchain
SPEAKER: Santi Vives

ABSTRACT. A new post-quantum, hash-based signature (HBS) scheme is introduced. In known HBS, the size and cost of each signature increase as the number of messages one wishes to sign increase. In real-world applications, requiring large volumes of signatures, they can become impractical. This paper studies HBS in a blockchain, like bitcoin: a public, decentralized database. The proposed HBS scheme shows that, when all signatures are known, quite the opposite is possible: the signatures can become more efficient as the number of signatures grows. Authenticating large volumes of messages results less costly on average than authenticating only a few.

13:30-14:00 Sesión 4: Conferencia Invitada Manuel Sánchez Rubio
Ciberseguridad: Obtención de información en redes sociales

ABSTRACT. Actualmente el uso de las redes sociales como modelo de comunicación es mas que una realidad. Grandes flujos de información circulan por un amplio abánico de redes sociales, y estos datos, proporcionados por el usuario de forma voluntaria, se convierten en un objeto de deseo para múltiples organizaciones.

14:00-15:45 Sesión 5: Ponencias CIBSI MT1
Analysis of the Structural Model of the Cyber security Observatory using System Dynamics

ABSTRACT. This paper presents an analysis of components defined in the Structural Model of the Cyber security Observatory (MEOCi) using System Dynamics. It is an approach for understanding the behavior of the complex components that exist in the model and their relationships. The proposed model adds significant value when considerable investments are pushed into the cyber security infrastructure of an organization.

Proposal for creating the Colombian National Cyber security Observatory

ABSTRACT. This paper proposes the creation of the Colombian National Cyber Security Observatory, an entity to add value to the existing Cyber Security ecosystem, which impacts citizens, State, industry, critical infrastructure among others. This proposal led to an analysis of the technical, legal and financial viability of its implementation based on the key success factors, which would pave the way for it to become a critical agent of the national strategy.

A Graph Approach to Improve Crimeware Analysis and Classification

ABSTRACT. Crimeware is software that performs illegal action against user running it over the Internet. Cyber-crime organizations distributes crimeware and spread it worldwide. Because crimeware is used over Internet, most of them are programmed in PHP. This programs has a root in the file ‘index.php’ and its files and folders forms a tree’s structure from this. Therefore, analysis of crimewares with a graph approach is natural and suitable. In this paper, a model based of Graph Theory is used to find footprint of programmers in crimewares: a sample of more than 100 crimewares was analyzed. The experimental results surprise.

Towards a Conceptual Model for Establishing a National Cybersecurity Strategy

ABSTRACT. In addition to changing the everyday life of modern societies, information and communication technology (ICT) has changed the way countries store their intellectual property, how they deliver their digital services, and how they control their critical infrastructures. Nations have become dependent on ICTs and interruptions caused by vulnerabilities or sabotage in these infrastructures can jeopardize national sovereignty. In this scenario, many countries maintain cyber strategies for their protection. This work presents the concepts for the establishment of a national cybersecurity strategy through the Research method of Grounded Theory. At the end of the analysis, a conceptual model was conceived, relating all the concepts found. The research shows that the concepts found are not definitive, but dynamic, and that the proposed model can be an alternative for the creation of national cyber strategies or to review existing initiatives.

16:00-16:30 Sesión 6: Conferencia Invitada Fernando Gont
State of the Art in IPv6 Security"
SPEAKER: Fernando Gont

ABSTRACT. The IPv6 protocol suite was designed to accommodate the present and future growth of the Internet, and is the successor of the original IPv4protocol suite. It has already been deployed by most major content providers, and has also been deployed in number of other production environments. The rather limited operational experience with the protocol, coupled with its increased complexity when compared to its IPv4 counterpart, has represented a challenge when it comes to understanding and mitigating the security impact of IPv6.This presentation will explore the state of the art in IPv6 security on both the offensive and defensive sides, highlighting some of the insights gained during the recent years, and the associated changes toIPv6 as a result of those insights.

16:30-18:00 Sesión 7: Ponencias CIBSI MT2
Practical Guide To Implement An Academic Computing Security Incident Response Team (Academic CSIRT).
SPEAKER: unknown

ABSTRACT. Computer security incidents require actions to prevent, identify, stop and/or minimize a cyber attack and restore IT services. One component of a Secure Computer System is the Computer Security Incident Response Team (CSIRT) that monitors the activities in cyberspace. The work of the National CSIRTs has not produced the expected results, this has led the University to create academic CSIRTs. In this context, and in order to promote this work, a Practical Guide is developed, which facilitates the creation of Academic CSIRT in the Universities of the region, hoping to encourage the implementation of such useful solutions in computer security.

Methodology to evaluate security in the Moodle platform

ABSTRACT. This article describes the phases to evaluate the security level of a Web application, in this case the Moodle platform, through the design of a methodology based on security standards, as well as the Open Web Application Security Project - OWASP, from which establishes criteria and metrics created in a spreadsheet to evaluate the security of this platform, subsequently, investigates and selects tools for the analysis of vulnerabilities, finally proposes a methodological guide of security evaluation, Which allows determining the level of security in a quantitative and qualitative way according to the aspects of confidentiality, integrity and availability of the information.

The NSA Surveillance Capabilities According to the Snowden Documents

ABSTRACT. On the year 2013, Edward Snowden leaked thousands of documents to the journalists Glenn Greenwald and Laura Poitras. Those documents have been published in media outlets from around the world. In this paper, the media reports and the documents that support those reports are analyzed to improve the understanding of how the NSA works. It consists on organizing the information from what is known of the NSA explaining how it collects information and how it processes it. Finally, spying operations performed by the NSA are presented.

AUGURIO: Sistema Integral de Inteligencia de Amenazas Aplicado al Cyber Dominio
SPEAKER: unknown

ABSTRACT. En este artículo se presenta el diseño e implementación de AUGURIO, un Sistema Integral de Inteligencia de Amenazas aplicado al Cyber Dominio. Este sistema se propone como una solución, basada en un sistema de inteligencia de amenazas, que integre las cinco fases del ciclo de inteligencia: agregar información, contexto, clasificación de adversarios, analítica avanzada, tendencias y amenazas que sufren las organizaciones, con la finalidad de proporcionar Cyber Conciencia Situacional (CCS) para mejorar la toma de decisiones.