Workshop on Information Security

Workshop on Information Security in a connected World – Why should we care?

We are witnessing an explosive growth of information and data due to proliferation of internet connectivity, higher data speeds, increasing smart phone usage, social media usage by individuals, growth in use of sensors and machine to machine communication. This huge boom in internet population, data speed, and connected devices has brought its share of challenges. The most important among them is the boom in cybercrimes. The most common cyberattacks occur due to credential reuse, MITM or eavesdropping, malware, ransomware, phishing and denial of service.

More and more attacks are using an economic model akin to cybercrime-as-a-service, infecting company networks with ransomware that covertly encrypts the files. This prevents access to the files and the companies are forced to release payment for recovery. Hacking or shutting down a business by Distributed Denial-of-Service (DDoS) attack are also increasing.

This workshop aims to provide an introduction to Information security and will expose the beginner to various facets of Information security – Network security, Secure programming, IoT security, Mobile Security, SCADA/Industry 4.0 etc. Thereafter, Participants will have the opportunity to work “hands on” to understand a couple of topical security challenges/problems and possible solutions.

Talk: There will talks on Security by CISCO personnel for about 1 hour.
 
Topics:            
Hands on Demo / Hands on Workshop for participants (time 2hour 30 min)
IoT Security (approx. 45 min)
Secure Programming – SQL Injection (approx. 75 min)
 
IoT Security: The purpose is to demonstrate the importance of security in IoT networks and platforms.
 
What will be done:
  • A Rasberry Pi will be connected to a device such as lamp and will be controlled remotely from our Android Mobile smart phone.
  • A DDOS attack will be launched after which the user will be unable to control the device.
  • A simple defence mechanism to thwart the attack will also be shown.  
Secure Programming – Injection Attacks: Injection attacks continue to be the #1 vulnerability as per the latest OWASP top 10 2017 report. The purpose is to demonstrate the attack and defence methods to help in secure software design/development.
 
What will be done:
  • Website will be created for use of participants.
  • One group will be given challenges to perform a variety of inject attacks.
  • The other group will then be given the challenge to defend against such attacks (aka Red/blue teams).  
  • This will elevate the understanding and need for secure programming.
 
Speakers:
Prof. Prasad Honnavalli, PES University, Bangalore
Prof. Malashree, PES University, Bangalore 
 

Prasad Honnavalli is a Professor in Computer Science and Engineering at PES University and his current focus is in Information Security.   He is also the Director for the centre for Information Security, Forensics and Cyber Resilience (C- ISFCR) at PES University. He teaches Information security and guides many M.Tech projects as well.  He also advises start-up and growth companies in this space. He speaks on Corporate Fraud and Cyber security at Institute of Directors (IOD) Master class.  He is an invited speaker at PMI and industry forums where he speaks on Information security issues. Earlier, he held various global leadership positions in the IT Industry and last 10 years with Infosys where he delivered Business outcomes driven Cloud transformation programs for large Global fortune 200 corporations across the world; He was a trusted advisor to Global CIO’s including validation of Business case, Technology due-diligence, Roadmap for Tech-stack Modernization & Transformation and end to end large System Integration programs. He has curated innovative Strategys to underpin Digital First, Mobile first enablement solutions for FinTech, Manufacturing, Transport, Resources & Government sectors. He has also founded 2 start-ups – one in Bangalore and one in Singapore. He can be reached at prasad.honnavalli@gmail.com

MalaShree S received the B.E. degree in Computer Science and engineering from B.N.M Institute of Technology, Bangalore and the Masters in Bioinformatics  from University of Vishveshwaraiah College of Engineering and received first rank from the University .She is currently working as  Asst Professor in the Department of Computer Science and Engineering at PES University, Bangalore. She also delivered talk in National Workshop “Train the Teachers” Conducted by IEEE,2013 and Training  given on Ipv4  and Ipv6 Networks for Industry. Her main research interests are in the areas of Software Defined Networking (SDN) ,Green Networking , Data Centre Technologies , Web Technologies and its application.She is also Life time Member of ISTE.