Agenda del Congreso CIBSI 2017 UBA
Programa del Jueves 2 de Noviembre
Days:
Día previo
Próximo día
Todos

View:

09:00-09:45 Sesión 8: Conferencia Magistral Hugo Krawczyk
09:00
Inseguridad de contraseñas: Realidad inexorable o prevenible?
SPEAKER: Hugo Krawczyk

ABSTRACT. Pese a los repetidos y catastróficos robos de millones de contraseñas de sitios Web (incluyendo el robo de mil millones de contraseñas de Yahoo), y el papel crítico que las vulnerabilidades de contraseñas juegan en la mayoría de los ataques de ciberseguridad, éstas siguen siendo el medio predominante de autenticación en la Web y en muchos otros entornos.  Aun cuando credenciales digitales más seguras se utilizan para identificación, éstas están protegidas por simples contraseñas expuestas a múltiples ataques como ser phishing y robo deservidores comprometidos.  Por más que uno quiera descartar el uso de contraseñas como una mala práctica, éstas perdurarán como las vencedoras indiscutibles de la batalla entre comodidad de uso y seguridad. Pero es la inseguridad de contraseñas inevitable?  Afortunadamente la respuesta criptográfica a esta pregunta es un contundente "No". En esta charla describiremos esquemas criptográficos eficientes que mejoran de forma crucial la seguridad de las contraseñas y que están disponibles para su implementación y uso en el mundo real.

09:45-11:00 Sesión 9: Ponencias CIBSI JM1
09:45
Best security practices in software engineering with Essence

ABSTRACT. At present, it is recurrent to see news about failures of security of computer systems. As a result, frameworks and standards have been developed that help to incorporate security into development processes, but most of them are complex to implement. The main contribution of this work is "Essence Sec", a proposal that allows the inclusion of security in the development making use of Essence processes and the main security frameworks and standards for system development. It provides a vision with the principles of security to consider when carrying out a software project without radically altering its way of working.

10:10
Security analysis of the device-stored data generated by Instant Messaging applications in Android devices

ABSTRACT. This research analyses the device-stored data of four popular Instant Messaging applications for Android: WhatsApp Messenger, Telegram, Signal Private Messenger, and Wickr Me. After identifying the data files generated by each application, we have focused in the databases that contain chat logs and media files exchanged between users, checking whether these data are accessible to regular users or if a user with root privileges is required, determining in both cases if the stored information is encrypted. In addition to that, this study analyses the security characteristics of the backup capabilities that these applications implement.

10:35
Generación de valores intermedios de forma paralela en ataques DPA

ABSTRACT. En este trabajo se describe el módulo de generación de valores intermedios para una Toolbox en desarrollo para realizar ataques por análisis diferencial de potencia (DPA), un de los más extendidos de entre los ataques por canal lateral. Los ataques diferenciales son una herramienta muy potente para atacar las implementaciones físicas de criptosistemas en dispositivos físicos que, hoy día ya de modo generalizado, incluyen diferentes contramedidas. Para que el ataque tenga éxito a pesar de dichas contramedidas y de la existencia en la mayoría de las ocasiones de una gran cantidad de ruido en las medidas de consumo de potencia, es preciso que el número de trazas utilizadas para realizar el ataque diferencial sea muy elevado. Por este motivo, resulta muy interesante incluir en la Toolbox módulos de procesamiento paralelo que permitan manejar un gran número de trazas en una cantidad de tiempo razonable.

11:15-13:00 Sesión 10: Ponencias CIBSI JM2
11:15
Proceso para generación de patrones de gestión de la seguridad reutilizables utilizando MARISMA

ABSTRACT. The information society is increasingly dependent Information Systems Security Management (ISMS) and knowledge of the security risks associated with its assets value. However, very few risk analysis methodologies have been raised as to create systems to analyze risks in a quick and economical, and which in turn can leave this system dynamically update. This paper presents the process of "pattern generation" of the MARISMA methodology. This process allows the obtainment of risk analysis, reusable and low cost. MARISMA, aimed at carrying out a risk analysis simplified and dynamic, which is valid for all companies, including SMEs, and to provide solutions to the problems identified during the application of the scientific method "Action Research". This methodology is being applied directly to real cases, thus achieving a constant improvement of its processes.

11:40
Proceso para generación de análisis de riesgo de bajo coste utilizando los patrones reutilizables de MARISMA

ABSTRACT. The information society is increasingly dependent Information Systems Security Management (ISMS) and knowledge of the security risks associated with its assets value. However, very few risk analysis methodologies have been raised as to create systems to analyze risks in a quick and economical, and which in turn can leave this system dynamically update. This paper presents the process of "generation of analysis and risk treatment plan" of the MARISMA methodology. This process allows the obtainment of risk analysis, reusable and low cost. MARISMA, aimed at carrying out a risk analysis simplified and dynamic, which is valid for all companies, including SMEs, and to provide solutions to the problems identified during the application of the scientific method "Action Research". This methodology is being applied directly to real cases, thus achieving a constant improvement of its processes.

12:05
RISMATT: Sistema de gestión de riesgos tecnológicos, orientado a pequeñas y medianas empresas.

ABSTRACT. Según lo establecido por la Organización Internacional de Estándares (ISO) en su estándar 27001, la seguridad de la información se enfoca en “…proteger los activos de información y minimizar su riesgo ante amenazas…”. Es por ello que en la industria se disponen de estándares específicos que definen metodologías y buenas prácticas para la gestión del riesgo, como son ISO 27005, ISO 31000, Magerit, Octave, entre otros. Esto contrasta con el contexto actual, donde las organizaciones pequeñas y medianas no cuentan con el suficiente recurso humano, económico o tecnológico para asumir de manera formal una metodología de gestión de riesgos organizacionales que les permita mitigar riesgos sobre procesos y amenazas tecnológicas en su infraestructura de Tecnologías de la información (TI).

12:20
Riesgo y seguridad. Un continuo de confianza imperfecta
SPEAKER: Jeimy Cano

ABSTRACT. Protecting information on the context of a volatile, uncertain, complex and ambiguous world, where there is less opportunity to keep secrets or confidential information, involves exploring not only current and industry best practices, but people perceptions of risks about information, as a way of revealing the essence of the decisions they make to protect it. In this sense, this article, considering social and systems sciences, establishes a conceptual framework between risk and security as a continuum of imperfect trust, based on the unstable behaviors of individuals that enables them to develop three dynamic capacities: proactive detection, informed action and permanent unlearning, in order to establishes the risk threshold agreed by the parties to act accordingly.

14:00-15:30 Sesión 11: Ponencias CIBSI JT1
14:00
SMiLeModel: A Model for the Secure Migration of Legacy Systems to Cloud Computing

ABSTRACT. Cloud Computing is gaining importance and receiving growing attention in scientific and industrial communities. The cloud model has motivated industry and academia to adopt cloud computing to host a wide spectrum of applications, ranging from high computationally intensive applications to lightweight services. Notwithstanding, the migration of applications to cloud computing must be per-formed in a strategic and methodological manner, considering elements such as application performance and availability, security and privacy requirements, regulatory requirements, among others. Our research is focused on offering a frame-work (called SMiLe2Cloud) to help migrating legacy systems to cloud compu-ting, taking into account the security features. In this paper, we have defined a model with all concepts and elements that are used in our framework, and that allows us to define inputs and outputs in each of the stages of our migration process. A case study has been conducted applicating the model in our framework, which allows us to analyze the results and proposing improvements for our framework.

14:25
Performance Evaluation of a AΩ’ Consensus Algorithm in an Anonymous Asynchronous System in different GNU/LINUX distribution
SPEAKER: David Guevara

ABSTRACT. Algorithm of Consensus is an asynchronous anonymous system with AΩ', which provides anonymy and homonymy in communication between nodes that make a consensus in distributed systems. In order to determine the performance of the algorithm in different distributions GNU/LINUX, two solutions are programmed using the programming language C# with a Mono programming environment to establish later an experimentation protocol, which lets to measure performance in a computer system in the cloud. Results shows how the optimization of the code for the algorithm presented improves the performance of the Algorithm in Memory, CPU, DISCO and net for the evaluated GNU/Linux distributions.

14:50
Herramientas digitales de fuentes abiertas para la investigación criminal

ABSTRACT. Hoy en día la tarea de investigación criminal muchas veces se encuentra reducida a técnicas antiguas de búsqueda de información; en contrapartida existe en internet y sus recursos (Redes Sociales, Internet de las Cosas, Blogs, Intranets, etc.) información del tipo “open source” o de “fuentes abiertas” que puede ser de utilidad para una investigación criminal. Existen herramientas de búsqueda de esa información de fuentes abiertas que sumadas a técnicas de investigación formales se podrían optimizar las tareas de investigación criminal con el objetivo final de aportar datos, inclusive con valor probatorio par llegar al fin común en toda investigación criminal: la verdad histórica de los hechos. Esta ponencia tiene como presente objetivo plantear las soluciones de herramientas disponibles –que son gratuitas y comprensibles- y mostrar algunos casos reales de investigación. Asimismo analizar la técnica de OSINT, del idioma inglés “Open Source Intelligence”; inteligencia de fuentes abiertas para finalmente que el dato más la herramienta puedan colaborar con esa investigación criminal

15:05
Windows Malware: Traces in the Host
SPEAKER: unknown

ABSTRACT. In the present world of information and interconnection, malware is a latent threat. Just speaking of “ill-intended software” gives a too broad definition: malware has evolved and taken different forms through the years. It is necessary to know and understand the traces that remain in a computer system after an infection. For years the information security community has focused on live analysis and response against these threats, so there is a huge opportunity to adapt and make post-mortem, host-based signatures. In this work, some features that may work as malware signatures for digital forensics experts are proposed.

15:45-16:15 Sesión 12: Conferencia Invitada Mara Misto Macías
15:45
Quiero ser grande! Niveles de madurez de la seguridad de la información

ABSTRACT. Mejorar la madurez del programa de seguridad de la información es fundamental para mejorar la gestión del área, la alineación con el negocio y la posición general de riesgo de una organización. El avance en la curva de madurez requiere diferentes acciones, dependiendo de la fase en la que se encuentre su organización. En esta charla, conoceremos los diferentes niveles de madurez de la seguridad informática, como identificarlos, las mejores prácticas para avanzar y como mantener lo logrado.

16:15-18:00 Sesión 13: Ponencias CIBSI JT2
16:15
Using the PCAP library for anonymous communication using frame diffusion in GNU Linux environments

ABSTRACT. This research shows the implementation of anonymous communication using the PCAP library on GNU/Linux operating systems. In network communication when protocols such as TCP or UDP are used, this communication does not have a level of anonymity in the sense these protocols need to determine the source and destination addresses (in the case of TCP in the header of a segment, and in the case of UDP in the header of a user datagram). One way to solve this problem is to create an anonymous communication over the TCP/IP stack so that makes the origin/destination identification of the interconnected equipment unnecessary.  For this, it will be used the technique of broadcasting Ethernet frames, these data transmission units will have the same identification between sending and receiving equipment in this way it prevents the knowledge of the origin and destination of the information, and will have the encryption of messages for avoid the observability of content of transmitted data, in order to maintain anonymity.

16:40
Mitigación de DDoS en redes académicas e IXPs

ABSTRACT. A volumetric DDoS attack is an attack whose objective is to make a service or network unavailable through the generation of large volumes of traffic. Scrubbing centers are one of the most effective solutions to mitigate this kind of problems. Scrubbing centers analyze and catalog an organization's network traffic. The one considered malicious (DDoS, exploits, vulnerabilities, etc.) is eliminated before being sent to the client's network. In this paper Scrub UNLP is presented, a scrubbing center solution implemented with open source software. This article highlights the benefit of using Scrub UNLP within the network of an IXP or NREN.

16:55
Proposal of a non-invasive universal data audit methodology

ABSTRACT. Database audits became a necessary control, whose difficulty is compounded by the increasing complexity and variety of new database technologies and unmanageable volumes of data. Security threats increase exponentially, with new risks appearing and existing ones increasing. This paper psroposes a Non-Invasive Data Universal Audit Methodology to audit relational databases in a general, simplified, reliable and centralized manner without affecting their operations, in order to obtain information on the execution of critical operations on sensitive data stored in heterogeneous and cross-platform relational database engines, providing the ability to perform both operations follow-up that shows the existence of potential risks to prevent and alert intrusions such as detection of improper access and malicious alterations, in order to protect the confidentiality, integrity and availability of protected information and to help comply with national and international laws on privacy and protection of personal data in force, allowing you to know who is doing, what is doing, which data, when and where.

20:30-23:30 Cena de Gala

Cena de Gala: Jueves 2 de Noviembre de 2917 a las 20:00 hs con espectaculo a las 22hs

La Cena de Gala del CIBSI será en El Querandi. Está situado en el casco histórico de la ciudad, en el barrio de San Telmo, cuenta con una propuesta de cena show de tango en Buenos Aires. Es una vieja casona de 1920, restaurada en 1992 se caracteriza por haber respetado la atmósfera que poseía a principios del siglo pasado; agregando, un servicio de excelencia, carta gastronómica con platos regionales típicos argentinos y un espectáculo de tango que brilla por su calidad y autenticidad..

Link https://querandi.com.ar/