C&ESAR 2018, day 1

During this week, Rennes will be hosting the European Cyber Week. This is a great opportunity for communication service providers (CSP), manufacturers, industry players and end users to meet and present current research activities about Artificial Intelligence and cyber security.

Opening speeches stressed on the importance on AI for defense, since each day networks and services experience attacks, not only from external actors, but from inside our networks. The idea is not only to disrupt service, but to steal data, jeopardizing research and intellectual property. This constitutes the rise of adversarial AI, and to react to this menace, it is necessary to enhance our understanding and usage of generative adversarial networks.

Other interesting topic is about "opening the black box" in order to have an explanatory AI, which has the goal of explaining the reasoning of the decisions taken by AI. This is important to gain confidence of users and to speed up the adoption of these techniques in various use cases.

Some other topics that caught my attention:

• The diverse malicious AI techniques to break cyber-security, such as data poisoning. This in order to induce errors on the machine learning model.
• The bias problem, which most of the times has its source of the training data and leads to erroneous decisions at the end of the AI process.
• The usage of different frameworks to have behavioral analysis, very useful to detect deviation of usual usage patterns of an entity. This helps to detect compromised entities our users that deviate or abuse of privileges.

I hope day 2 brings new insights and interesting approaches to better understand AI and its challenges.

European Cyber Week à Rennes, day three

My key points for the last day of the C&ESAR conferences:

• The conference I enjoyed the most was "une autre vision de lq Cyber Threat Intelligence (CTI) by Airbus Cybersecurity. The motive is simply the reasoning behind the threat model and the cyberdefense strategy they showed and the during the presentation. 
• Regarding the threat model, covers all the steps from motivation to perform harm, compromising the target and exploiting the vulnerability.
• About the cyberdefense strategy, covered a complete approach with:
• Strategy: administrative decisions on the defense.
• Conception: use the imagination! Architects propose a solution to the security problems.
• Tactic: the defense. How are we going to defend? Made by the security engineers. How to correlate?
• Operation: BAU. SoC, CSIRT. Technical formation to personnel.  
• This gave me a lot to think about, because having a clear threat model allows to to have a vision of how to check an architecture for weak links and possible solutions to those potential problems. At some point, we would like to have granularity of the (virtual) network functions in order to have a flexible service composition and simple lightweight functions firing up when necessary. But the problem is the multiplication of the points of failure that are created. 
• An well, securing all those points of failures have costs in terms of money, processing time, memory, delay and latency... It is a trade off with the value of what I want to protect. What is the justification for such an investment?

The afternoon session was developed in Secure-IC. The topic was about the business of digital security. The subject was a little bit more administrative to my taste (or to my interest). Some isolated comments:

• Europe has no representative in the top 10 industries in the world: first 8 are USA, last 2 of the top 10 are Chinese.
• It is a shame that all is shaped by politics, being technology also affected by this.
• 90% of advertisement in the world is captured by Google and Facebook.
• Among the technical priorities in DGA plan, they want:
• Evaluation and orientation of COTS technologies.
• Improve architecture and the resilience of large systems (ships, aircraft…) taking into account the operational constraints. 
• LOL, this sounds like they are sharing some of the functional needs of 5G along with its enabling technologies. It is a fact that SDN and NFV would help to achieve these requirements. I am imagining right now network slices for ships, aircraft, hospitals, smart cities. In fact, as the speaker said, a ship, for example, is like a smart city! has its own energy source, water supply control, temperature control, CCTV, the crew.. a small scale city.

So far, I have more ideas, more questions, more reading to do and so much to learn; got to keep going.

Faire la pause: European Cyber Week à Rennes, day one

During this week, Rennes is hosting the European Cyber Week. This event, in its second edition, covers several programs that relate to the cyber security treats in scenarios such as connected vehicles, naval environments, e-health and IoT.

This event began with the Journées C&ESAR, which will make emphasis on Data protection facing cyber threats. Conferences today covered the following use cases:

• Naval environment
• Laboratory of research
• Autonomous connected vehicles
• e-health applications and the privacy of the patient data
• IoT
• Government / enterprise reputation management

Each vertical has its own point of view about the treats and the value of its data: different core businesses, different kinds of data generators - consumers, networking requirements regarding QoS - QoE, types of information, metadata and associated value of it. Compromising these businesses would create havoc at different scales: measurements not arriving on time, stealing of sensitive research results; crash of vehicles, liberation of confidential medical data, economic and trust issues among countries all over the world, just to say some examples.

These variety of use cases and exigencies would finally land on the tangible entity all people only notices (the one to blame) when it fails: the network. Oh, well, human factor has to be taken into account too, but it is out of the scope for this moment ;)

The great challenge is to have a complete view, end to end, of all the components that make the service possible; to provide ground rules that provide coexistence and a "pacific" ecosystem. A common architecture that holds them all and provides communication capabilities as the users demand. 

• How will the operation and management chain of command operate all the components and abstractions of the underlying control and infrastructure entities?
• How involved should the communication service provider be in the data management of the segment (better: slice)?
• Up to what extent the communication service provider must comply with certifications such as HIPAA (Health Insurance Portability and Accountability Act) in order to be able to provide services to a hospital? Or an aeronautical enterprise?

I love this conferences because provides food for the thought. A lot of questions, motivated by real world scenarios, that the telecoms (and the rest of players in the industry) must be able to answer. I hope to contribute in this process during the pursuit of my doctoral studies.