We are proud to announce the 2022 confirmed keynote speakers. Day, time and room of keynotes will be announced prior to conference.
University of Nottingham, United Kingdom
The strange world of the password
Despite years of evidence of poor practice, people continue to choose weak passwords and continue to be allowed to do so. Normally, if something is broken then the answer is to fix or replace it. However, with passwords the problem seems able to persist unchecked and we continue to use them extensively despite the flaws. Adding further evidence of the issue, this presentation reports on the fifth run of a study into the provision of password guidance and the enforcement of password rules by a series of leading websites. The investigation has been conducted every 3-4 years since 2007 and the latest findings continue to reveal areas of notable weakness. This includes many sites still offering little or no meaningful guidance, and still permitting users to choose passwords that ought to be blocked at source. It seems that while we remain ready to criticise users for making poor choices, we repeatedly fail to take steps that would help them to do better.
Steven Furnell is a professor of cyber security at the University of Nottingham in the United Kingdom. He is also an Adjunct Professor with Edith Cowan University in Western Australia and an Honorary Professor with Nelson Mandela University in South Africa. His research interests include usability of security and privacy, security management and culture, and technologies for user authentication and intrusion detection. He has authored over 350 papers in refereed international journals and conference proceedings, as well as various books, book chapters and industry reports. Prof. Furnell is the UK representative to Technical Committee 11 (security and privacy) within the International Federation for Information Processing, as well as the editor-in-chief of Information and Computer Security, and a Fellow and board member of the Chartered Institute of Information Security.
University of Göttingen, Germany
Usable Privacy: Retrospective and Challenges ahead
Since the introduction of the GDPR and the resulting cookie banners, providing or not our consent to data collection has become a recurrent activity that requests attention and time for each visited website. While consent is an important instrument to protect our privacy, its implementation is a source of annoyance for most website visitors due to its lack of usability. As a result, they may choose the easiest way and click on the most attractive button without a second thought, thus voiding the original intention beyond an informed consent. To avoid such effects for which the users are not to blame, different usable privacy solutions have been proposed in the past. In this keynote, we will consider the different steps beyond consent in which the users can be involved and detail selected examples. Based on them, we will identify future research directions and discuss challenges that we will need to solve in the next years as a community.
Prof. Dr.-Ing. Delphine Reinhardt is a full professor and head of the Computer Security and Privacy group at the University of Göttingen. She is a member of the Institute of Computer Science and the Campus Institute Data Science (CIDAS). In 2019, she was nominated as one of 10 worldwide “Rising Stars in Networking and Communications” by N2Women and was awarded the Johann-Philipp-Reis-Preis for outstanding innovative publications. Before moving to Göttingen in January 2018, she was an assistant professor at Rheinische Friedrich-Wilhelms-Universität Bonn in Germany from 2014 to 2017, leading the “Privacy and Security in Ubiquitous Computing” group at the Institute of Computer Science 4. She was also associated to the Fraunhofer Institute for Communication, Information Processing and Ergonomics (FKIE) during that time. She completed her doctoral degree in computer science (with distinction) on privacy in participatory sensing in 2013 at Technische Universität Darmstadt. Her dissertation was awarded by the Communication and Distributed Systems Group (KuVS) supported by the German Informatics Society (GI) and ITG-VDE, the Information Technology Society (ITG) of the German Association for Electrical, Electronic and Information Technologies (VDE), as well as the Association of the Friends of the Technische Universität Darmstadt for outstanding academic achievements. Since 2009, she hold a double-degree in electrical engineering from TU Darmstadt and Ecole Nationale Supérieure de l’Electronique et ses Applications (ENSEA), France.
Assistant Professor, Aalto University, Finland
Associate Editor, IEEE Signal Processing Letters
Explainable Empirical Risk Minimization
The successful application of machine learning (ML) methods becomes increasingly dependent on their interpretability or explainability. Designing explainable ML systems is instrumental to ensuring transparency of automated decision-making that targets humans. The explainability of ML methods is also an essential ingredient for trustworthy artificial intelligence. A key challenge in ensuring explainability is its dependence on the specific human user (“explainee”).
The users of machine learning methods might have vastly different background knowledge about machine learning principles. One user might have a university degree in machine learning or related fields, while another user might have never received formal training in high-school mathematics. We measure explainability via the conditional entropy of predictions, given some user signal. This user signal might be obtained from user surveys or biophysical measurements.
We propose explainable empirical risk minimization (EERM) principle of learning a hypothesis that optimally balances between the subjective explainability and risk.
The EERM principle is flexible and can be combined with arbitrary machine learning models. We present several practical implementations of EERM for linear models and decision trees. Numerical experiments demonstrate the application of EERM to detecting the use of inappropriate language on social media.
Alexander Jung received the Ph.D. degree (with sub auspiciis) in 2012 from Technical University Vienna (TU Vienna). After Post-Doctoral periods at TU Vienna and ETH Zurich, he joined Aalto University as an Assistant Professor for Machine Learning in 2015. He leads the group “Machine Learning for Big Data” that studies explainable machine learning in network-structured data. Prof. Jung first-authored a paper that won a Best Student Paper Award at IEEE ICASSP 2011. He received an AWS Machine Learning Research Award and was the “Computer Science Teacher of the Year” at Aalto University in 2018. Currently, he serves as an associate editor for the IEEE Signal Processing Letters and as the chair of the IEEE Finland Jt. Chapter on Signal Processing and Circuits and Systems. He authored the textbook, Machine Learning: The Basics (Springer, 2022).
University of Alberta, Canada
XAI-Lab in Edmonton, Alberta, Canada
Explanation as an essential component of machine-mediated acquisition of knowledge for predictive models
Explanation is not a recent invention precipitated by black-box predictive models, but rather a revival of the role of scientific explanation as a remedy to create trust and transparency for applications of machine learning. We note two strong trends in the grand challenge of the knowledge acquisition bottleneck, and propose that explanatory knowledge must be acquired concurrently in the process of supervised learning. The resource costs to do so must be balanced in a tradeoff of explainability and knowledge acquisition resources, e.g., as in federated learning systems.
R.G. (Randy) Goebel is Professor of Computing Science at the University of Alberta, and head of the XAI-Lab in Edmonton, Alberta, Canada, and concurrently holds the positions of Associate Vice President Research, and Associate Vice President Academic. He is also co-founder and principle investigator in the Alberta Innovates Centre for Machine Learning. He holds B.Sc., M.Sc. and Ph.D. degrees in computer science from the University of Regina, Alberta, and British Columbia, and has held faculty appointments at the University of Waterloo, University of Tokyo, Multimedia University (Malaysia), Hokkaido University, and has worked at a variety of research institutes around the world, including DFKI (Germany), NICTA (Australia), and NII (Tokyo), was most recently Chief Scientist at Alberta Innovates Technology Futures. His research interests include applications of machine learning to systems biology, visualization, and web mining, as well as work on natural language processing, web semantics, and belief revision. He has experience working on industrial research projects in scheduling, optimization, and natural language technology applications.
Matthew E. Taylor
Director, Intelligent Robot Learning Lab, Associate Professor & Graduate Admissions Chair, Computing Science
Fellow and Fellow-in-Residence, Alberta Machine Intelligence Institute
Canada CIFAR AI Chair, Amii
Reinforcement Learning in the Real World: Challenges and Opportunities for Human-Agent Interaction
While reinforcement learning (RL) has had many successes in video games and toy domains, recent success in high-impact problems shows that this mature technology can be useful in the real world. This talk will highlight some of these successes, with an emphasis on how RL is making an impact in commercial settings, as well as what problems remain before it can become plug-and-play like many supervised learning technologies. Further, we will argue that RL, like all current AI technology, is fundamentally a human-in-the-loop paradigm. This framing will help motivate why additional fundamental research at the interaction of humans and RL agents is critical to helping RL move out of the lab and into the hands of non-academic practitioners.
Matt Taylor is an Associate Professor of Computing Science at the University of Alberta, where he directs the Intelligent Robot Learning Lab. He is also a Fellow and Fellow-in-Residence at Amii (the Alberta Machine Intelligence Institute). His current research interests include fundamental improvements to reinforcement learning, applying reinforcement learning to real-world problems, and human-AI interaction. His book “Reinforcement Learning Applications for Real-World Data” by Osborne, Singh, and Taylor is aimed at practitioners without degrees in machine learning and has an expected release date of Summer 2022.
Dr. Joachim Klerx
Innovation Systems Center, Austrian Institute of Technology, Austria
Horizon scanning and strategic knowledge management for future military operations
Actionable information and strategic knowledge have always created competitive advantages in war situations. However, the digital revolution of the last decades has been proven to be a game changer in the strategic knowledge management for future military operations. Digital innovations did change processes, technologies and capabilities in conflict scenarios and is continuing to do so. This is obvious for operative intelligence, surveillance and reconnaissance (ISR) but is not so obvious for the strategic knowledge management for future military operations.
In this talk, results from long-term monitoring of military cyber research and AI horizon scanning with intelligent agents are presented. After presenting a short introduction into the methodical approach, this talk will summarize the horizon scanning results for future military AI solutions, including some corresponding future threat scenarios, innovations and trends. Finally, the impacts on cyber situational awareness and future security policy perspectives are discussed.
Dr. Joachim Klerx is researcher at AIT Innovation Systems Center and visiting researcher at the National Defence Academy. His main research focus is currently the development of new foresight and horizon scanning methods including developing national horizon scanning centres. Some of his achievements in recent years were the development of ISA (Intelligent screening agent) software agents, who are looking for weak signals of emerging issues on the Internet, financed by SESTI an EU project about identification of weak signals developed for emerging issues. In the EU project ETTIS Joachim Klerx worked on a system for threat-identification and political agenda setting. In EFP, he did the engineering for a global knowledge exchange platform for the world foresight community. As visiting researcher at the National Defence Academy, he developed the concept for CDRC (the national horizon scanning centre for cyber security in Austria), which is working since 2014, and ongoing. More recently, he did coordinate the development dark-net crawling suite to identify hidden networks of organized crime (ANITA) and terrorism (DANTE). In ASGARD he did coordinate the development of next generation foresight and horizon scanning technologies for different European Law Enforcement Agencies. In TRACE, he is coordinating the development of a horizon scanning system, to identify hidden networks of global money laundering and corruption.
Scientific Director Center of Technology & Transfer and Professor, Hochschule Worms, Germany
Lecturer, FernUniversität Hagen
Describing Steganography Hiding Methods with a Unified Taxonomy
Steganography embraces several hiding techniques which spawn across multiple domains, such as digital media steganography, text steganography, cyber-physical systems steganography, network steganography (network covert channels), and filesystem steganography. However, the related terminology is not unified among the different domains. To cope with this, an attempt has been made in 2015 with the introduction of the so-called “hiding patterns”. Hiding patterns allow to describe hiding techniques in a more abstract manner. Despite significant enhancements, the main limitation of the original taxonomy is that it only considers the case of network steganography. The 2015-taxonomy was optimized over the years (see https://ih-patterns.blogspot.com ) but a major revision (presented at ARES’ CUING’21) has paved the path towards a taxonomy that covers all steganography domains.
This keynote introduces the concept of hiding patterns and reviews the development of the methodology. It will also present a major revision of the patterns-taxonomy, which was developed by a consortium with members from several countries (HS Worms (Germany), CNR (Italy), WUT (Poland), Univ. Goce Delcev (North Macedonia), University of Magdeburg (Germany), and TH Brandenburg (Germany)). The new version of the taxonomy will be made publicly available in mid-August ( https://patterns.ztt.hs-worms.de ).
Steffen Wendzel is a professor of information security and computer networks at Hochschule Worms, Germany, where he is also the scientific director of the Center for Technology and Transfer (ZTT). In addition, he is a lecturer at the Faculty of Mathematics & Computer Science at the FernUniversität in Hagen, Germany, from which he also received his Ph.D. (2013) and Habilitation (2020). Before joining Hochschule Worms, he led a smart building security research team at Fraunhofer FKIE in Bonn, Germany. Steffen (co-)authored more than 170 publications and (co-)organized several conferences and workshops (incl. ARES IWSMR’19-’22) and special issues for major journals, such as IEEE Security & Privacy (S&P), Elsevier Future Generation Computer Systems (FGCS), and IEEE Transactions Industrial Informatics (TII). He is editorial board member of J.UCS and JCSM. His major research focus is on covert channels, network steganography, scientific taxonomy, and IoT security. Website: https://www.wendzel.de .
University of Piraeus
Distributed Key Management in Microgrids
Security for smart industrial systems is prominent due to the proliferation of cyber threats threatening national critical infrastructures. Smart grid comes with intelligent applications that can utilize the bidirectional communication network among its entities. Microgrids are small-scale smart grids that enable Machine-to-Machine (M2M) communications as they can operate with some degree of independence from the main grid. In addition to protecting critical microgrid applications, an underlying key management scheme is needed to enable secure M2M message transmission and authentication. Existing key management schemes are not adequate due to microgrid special features and requirements. We propose the Micro sElf-orgaNiSed mAnagement (MENSA), which is the first hybrid key management and authentication scheme that combines Public Key Infrastructure (PKI) and Web-of-Trust concepts in micro-grids. Our experimental results demonstrate the efficiency of MENSA in terms of scalability and swiftness.
Prof. Christos Xenakis received his B.Sc degree in computer science in 1993 and his M.Sc degree in telecommunication and computer networks in 1996, both from the Department of Informatics and Telecommunications, University of Athens, Greece. In 2004 he received his Ph.D. from the University of Athens ( Department of Informatics and Telecommunications ). From 1998 – 2001 he was with a Greek telecoms system development firm, where he was involved in the design and development of advanced telecommunications subsystems. From 1996 – 2007 he was a member of the Communication Networks Laboratory of the University of Athens. Since 2007 he is a faculty member of the Department of Digital Systems of the University of Piraeus, Greece, where currently is a Professor, a member of the Systems Security Laboratory and the director of the Postgraduate Degree Programme, on “Digital Systems Security” . He has participated in numerous projects realized in the context of EU Programs (ACTS, ESPRIT, IST, AAL, DGHOME, Marie Curie, Horizon2020) as well as National Programs (Greek). He is the project manager the CUREX , SECONDO , INCOGNITO and SealedGRID projects, funded by Horizon2020, while he was the project manager of the ReCRED project funded by Horizon 2020 and the technical manager of the UINFC2 project funded by DGHOME/ISEC. He is also a steering committee member of the European Cyber Security Challenge (ECSC) and the leader of the Hellenic Cyber Security Team . He is a member of the editorial board of four Thomson Reuters indexed journals: a) Computers & Security Journal of the Elsevier publishing, b) Computer Communications Journal of the Elsevier publishing, c) IET Information Security of the Institute of Engineering and Technology and d) The Computer Journal of the Oxford University Pres. His research interests are in the field of systems, networks and applications security. He has authored more than 100 papers in peer-reviewed journals and international conferences.
Cybersecurity Skills Gap: ENISA Analysis and Actions
Fabio will provide a holistic view on the nature and characteristics of the skills gap in Europe and the results of the joint effort done with other EU players (eg. the pilots of the EU Competence Network). He will report on the European Cybersecurity Skills Framework (ECSF) which aims to close the cybersecurity skills’ gap on the European labour market, building comprehensive bridges between European workplace context and learning environment through an EU skills framework. He will also provide insights on the cybersecurity higher education database (CyberHEAD), an initiative to allow young talents to make informed decisions on the variety of possibilities offered by higher education in cybersecurity through an easy-to-use web portal.
Fabio Di Franco is currently leading the activities in ENISA on cyber skills development for highly skilled people. He is also responsible for developing and delivering trainings to EU member states and EU institutions on information security management and IT security. Fabio has a PhD in telecommunication engineering and is a Certified Information Systems Security Professional (CISSP).
Dr. Yulia Cherdantseva
Senior Lecturer at the School of Computer Science & Informatics at Cardiff University, United Kingdom
CyBOK – The Cyber Security Body Of Knowledge
Cyber Security Body of Knowledge (CyBOK) is a major project sponsored by the UK National Cyber Security Centre with the aim of developing a substantial resource offering a guide to the Cyber Security as a discipline and as a field of professional practice. CyBOK codifies the foundational knowledge in cyber security for education and professional training. It is an open and freely accessible resource (www.cybok.org) developed by the Community for the Community with contributions from over 115 experts across the world since 2017. CyBOK v1.1 is constituted by 21 knowledge areas. There are also free supplementary resources for students, educators and trainers, e.g. podcasts, resources for developing programmes based on CyBOK, lab materials, case studies for use in classroom, etc. This presentation will describe the process of developing CyBOK and maintaining it up to date, discuss the role of the international community in this process, outline the use cases of CyBOK and the future directions of the CyBOK project evolution.
Dr. Yulia Cherdantseva is a Senior Lecturer at the School of Computer Science & Informatics at Cardiff University. Yulia worked as a lead researcher on the project “Supervisory Control and Data Acquisition Systems Cyber Security Lifecycle (SCADA-CSL)” funded by the Airbus Group Endeavr Wales and the Welsh Assembly Government, where she developed a novel SCADA Cyber Security, Safety and Risk (SCADA CSSR) graphical extension for BPMN 2.0 and a configurable dependency model of a SCADA system. In 2020-2021, she led an NCSC and RISCS funded project about cyber-security decision-making by SMEs which resulted in the development of the Best Practice Guide for SME in Cyber Security Investment Decision-Making. In 2021, she was awarded an EPSRC grant for developing a framework for risk-informed and metrics-enriched cybersecurity playbooks for enhancing CNI resilience. Yulia is a cyber skills lead at the School and is interested in cybersecurity education from the primary school up to professional development level. From May 2021, Yulia is a member of the CyBOK Executive Board. Yulia is passionate about equality and diversity in cybersecurity – she is a member of the CIISec’s Steering Committee “Women in Cyber” and of the CREST’s working group on Inclusion and Diversity.
Prof. George Spanoudakis
City University London, United Kingdom
Security for Healthcare Services: Needs, Solutions and Challenges
This talk reviews the current state of practice and state of the art in the security of healthcare services. More specifically, it reviews the key security challenges faced by healthcare service providers, the types of security assessments needed, the methods for security risk management, and the landscape of the security solutions available. The latter are reviewed in terms of maturity and the expectations for emerging solutions in the short (1-2 years) and medium-term (3-5 years).
Prof. George Spanoudakis (BSc, MSc, and Ph.D. in Computer Science) is the chairman of the management board of SPHYNX TECHNOLOGY SOLUTIONS AG and a Professor of Software Engineering at City University London and Director of the Centre of Adaptive Computing Systems (CeNACS). His research interests are in software systems security, software engineering and biomedical computing. In these areas, he has published extensively (more than 175 peer-reviewed publications with more than 4100 citations, and an H-index of 33).
Professor Spanoudakis has more than 20 years of expertise in managing R&D projects and has received more than €120m of R&D funding from national funding bodies, the EU, and directly from the industry. In total, he has been the principal investigator of more than thirty FP6, FP7, and H2020 projects at Sphynx and prior to it at City, University of London. In several of these projects, he has been the scientific and technical coordinator (e.g., CUMULUS, EVOTION, CYBERSURE, BIO-PHOENIX, SMART BEAR). Professor Spanoudakis has been in the program committees of more than 190 international conferences and has chaired several of them including, for example, ENASE 2019, SCC 2018, ENASE 2018, SEKE 2007, and SEKE 2006. He has also been a member of the editorial boards of several international journals.
Sokratis K. Katsikas
Director of the Norwegian Centre for Cybersecurity in Critical Sectors
Professor with the Department of Information Security and Communication Technology, Norwegian University of Science and Technology, Norway
Cyber Security when IT meets OT
The current trend of automation and data exchange in industry, through the development, use and integration of cyber-physical systems, the Internet of things, cloud computing, artificial intelligence and other enabling technologies is expected to bring tremendous benefits in the economy, including improved productivity and efficiency, better flexibility and agility, and increased profitability. However, it also comes with increased cybersecurity risks, primarily deriving from the integration of information technology and operational technology. Thus, as in all cases of a major shift in computing paradigms, a number of cybersecurity challenges arise, that cannot be addressed by simply porting solutions from other domains. In this talk a brief overview of such challenges, and current best practices for addressing them, as well as open issues will be provided.
Sokratis K. Katsikas was born in Athens, Greece, in 1960. He is the Director of the Norwegian Centre for Cybersecurity in Critical Sectors and Professor with the Department of Information Security and Communication Technology, Norwegian University of Science and Technology, Norway. He is also Professor Emeritus of the Department of Digital Systems, University of Piraeus, Greece. In 2019 we was awarded a Doctorate Honoris Causa from the Department of Production and Management Engineering, Democritus University of Thrace, Greece. In 2021 he was ranked 7th in the security professionals category of the IFSEC Global influencers in security and fire list. He has authored or co-authored more than 300 journal papers, book chapters and conference proceedings papers. He is serving on the editorial board of several scientific journals, he has co-authored/edited 46 books and has served on/chaired the technical programme committee of more than 800 international scientific conferences. He chairs the Steering Committee of the ESORICS Conference and he is the Editor-in-Chief of the International Journal of Information Security.
Reijo M. Savola
University of Jyväskylä, Finland
IoT security for smart health and smart assisted living
IoT solutions are in the core of effective and efficient smart health and smart assisted living solutions. Considerable increase in well-being and cost savings can be achieved by them. During the last years, IoT cybersecurity threat landscape has become wider, due to the rapidly increasing use of IoT in smart services, and the scarce computational resources available in IoT devices. This increases the risk of compromising reliable and secure use of them. Systematic proactive assistance of IoT-based smart services with cybersecurity services is essential. Cybersecurity should be designed in the services and the technologies used in a seamless way, and automation is needed. In this talk, a brief overview of challenges in IoT security for smart health and smart assisted living is will be provided, with current practices to overcome them, as well as directions for further research.
Reijo Savola is currently working as a Project Manager, cybersecurity and software production at University of Jyväskylä, Faculty of Information Technology, Finland. He has experience in cyber security systems engineering, risk analysis and risk-driven methods, software engineering, telecommunications, and digital signal processing. Earlier, he has worked as Principal Scientist, cybersecurity at VTT Technical Research Centre of Finland. He received the degree of M.Sc. in Electrical Engineering from the University of Oulu, Finland, 1992, and the degree of Licentiate of Technology in Computer Science from the Tampere University of Technology, Finland, 1995. In addition to research experience, he has seven years of industrial experience in telecommunications sector, having worked as a software engineering and digital signal processing projects for Elektrobit Group Plc. in Oulu, Finland and in Redmond, WA, United States. Mr. Savola acts as the Chairman of the Finnish Mirror Group for ISO/IEC JTC1/SC27 standardization (Information security, cybersecurity and privacy protection) and CEO of the Northern European Cybersecurity Cluster (NECC).
Dr. Xiaolu Hou
Faculty of Informatics and Information Technologies, Slovak University of Technology, Slovakia
Artificial Intelligence-Assisted Side Channel Attacks
Deep neural networks (DNN) have gained popularity in the last decade due to advances in available computational resources. In particular, side-channel attacks (SCA) have received the most attention as being a classification problem, DNN comes as a natural candidate. In this talk, we will first provide the basics of SCA and explain how it can recover the secret key of a cryptographic implementation. Then, we will present the recent literature on applications of DNN to SCA. As a demonstration, we will detail a work that aims to propose a general framework that helps users with the overall trace analysis aided by DNN, minimizing the necessity for architecture adjustments by the user.
Dr. Xiaolu Hou is currently an Assistant Professor at Slovak University of Technology. She received her Ph.D. degree in Mathematics from Nanyang Technological University, Singapore, in 2017. Her current research focus is on fault injection and side-channel attacks on both cryptographic implementations and neural networks. She also has research experience in AI-assisted cryptanalysis, location privacy, and multiparty computation.
Assoc. prof. Gabriele Costa
IMT School for Advanced Studies Lucca, Italy
Security-by-Design in Intelligent Infrastructures: the HAII-T orchestrator
In the last years Security-by-Design has emerged as the main methodology for securing the life cycle of software and systems. Its effectiveness is the result of a strong integration with all the development phases, from the earliest conceptualization and design to the final disposal. Large scale, critical infrastructures can benefit the most from this approach. Nevertheless, they also carry an extreme degree of complexity that must be dealt with. In this talk we will consider the SPARTA perspective on the definition and implementation of a secure orchestrator for making intelligent infrastructures Secure-by-Design.
Gabriele Costa is associate professor at the SySMA Group of the IMT School for Advanced Studies. He received his M.Sc. in Computer Science in 2007 and his Ph.D. in Computer Science in 2011, both at the University of Pisa. He was a member of the cybersecurity group of the Istituto di Informatica e Telematica (IIT) of the CNR. His appointments include a period as visiting researcher at ETH Zurich in 2016-2017. He was co-founder of the Computer Security Laboratory (CSec) at DIBRIS (Computer Science and Computer Engineering Department of the University of Genoa). He is co-founder and CRO of Talos, a spin-off of DIBRIS focused on Cybersecurity. His main focus is on studying and applying formal methods for the automatic verification and security testing of mobile and modular systems .
Dr. Andrew Marrington
Advisor to the Provost for Programs & Curricula at Zayed University, United Arab Emirates
Coming Back to the Backlog: Can Digital Investigations Catch Up?
Digital evidence is crucial in a wide variety of criminal investigations and prosecutions. The digital footprint of everyday life and the proximity of smartphones and other digital devices to physical crime scenes means that the relevance of digital evidence is by no means confined to cybercrime cases. As a result, law enforcement agencies around the world have huge backlogs of digital evidence awaiting extraction and examination. In the UK alone, the collective backlog is at least 21,000 digital devices (smartphones, computers, tablets, etc), contributing to significant delays in investigations and prosecutions.
For two decades, digital forensics research has been grappling with this backlog in a variety of ways. Researchers have proposed faster methodologies and tools, more automation of the process of examination and analysis, triage techniques to make better use of examinter time, and more. Nevertheless, the problem of large backlogs persists. This keynote considers the causes of the backlog problem, and discusses how the digital forensics community can try to address it in the years ahead.
Dr. Andrew Marrington is the Advisor to the Provost for Programs & Curricula at Zayed University. Dr. Marrington received his PhD in digital forensics from Queensland University of Technology (QUT), where he studied at the Information Security Institute. Dr. Marrington’s primary field of research is digital forensics, although he is also interested in other aspects of information security, and in the security and investigative implications of emerging technologies. He serves on the program committees of various conferences and workshops in digital forensics and information security, and on the editorial boards of several journals in the same field. With his colleagues Dr Don Kerr and Dr John Gammack he has co-edited a book of refereed chapters on the security of wearable technologies. In the past, he has served as Associate and Acting Dean of the College of Technological Innovation at Zayed University, and in his current capacity he oversees curriculum development and academic quality assurance across the institution.