2015 Honeynet Project Workshop
18-20 May 2015 | Stavanger Norway
Guillaume Arcas has worked as a threat analyst since 1997 primarily in the Internet/Telco and Banking industries. He specializes in network analysis and forensics. Guillaume is the CERT team leader for French company Sekoia.
Francesca Bosco earned a law degree in International Law and joined UNICRI in 2006 as a member of the Emerging Crimes Unit. She is responsible for cybercrime prevention projects, and in conjunction with key strategic partners, has developed new methodologies and strategies for researching and countering computer related crimes. She has collaborated on different cybercrime and cybersecurity related projects, both at European and at international level. She is member of the Advisory Groups on Gender and on Secure Societies in the framework of Horizon2020 and of the Internet Security Expert Group of the EC3. She is co-founder of the Tech and Law Center, visiting researcher at CENTRIC, member of the Centre Internet & Human Rights of European University Viadrina and advisory board member of the Cybercrime Institute.
Anton Chuvakin is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. He is an author of the books “Security Warrior ”, "Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management", and ""PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance." In addition, he is a contributor to "Know Your Enemy II", "Information Security Management Handbook" and others. Anton has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS, and security management. His blog "Security Warrior" is one of the most popular in the industry. In addition, Anton teaches classes and presents at many security conferences across the world; he recently addressed audiences in United States, UK, Singapore, Spain, Russia and other countries. He works on emerging security standards and serves on advisory boards of several security start-ups.
Hugo Gonzalez is a full member of the Honeynet Project, and now is pursuing his PhD at University of New Brunswick, working at the Information Security Centre of Excellence. His research interest include Malware Authorship Attribution, Android Malware and Application Layer DoS attacks.
Brian Hay is a researcher with Security Works and specializes in virtualization and virtual machine introspection. He is the author of the VIX virtual machine introspection toolkit and a frequent speaker and trainer at security conferences.
Felix Leder, Ph.D is a board member of the Honeynet Project and leads the mobile threat research at Blue Coat. Taking things apart has been a life time passion. His hobbies, like collecting bugs in malware and botnet takeovers, have resulted in successful take-downs of large malicious networks. As a member of the Honeynet Project he is heavily involved in open source security and has been instrumental in developing a number of malware analysis solutions, including Cuckoo box, Norman’s Malware Analyzer G2, and Blue Coat’s MAA.
Raffael Marty is a SaaS business expert, data visualization practitioner, and security data analyst. He is a widely sought speaker on visualization and is the author of the book "Advanced Security Visualization."
Mahmud Ab Rahman currently works as Information Security Researcher for
NetbyteSEC. Prior to that, he worked as an Information Security Specialist Manager at MyCERT
department. Currently he is taking in-charge of tracking botnet, android reverse engineering and malicious documents tracking on APT to analyze and dissect information security threats. His education background comprises of Master Degree in Computer Science from National University of Malaysia in 2006. Prior to that, he obtained a
Degree in Computer Science from the same university. Moreover, he is recognized for conducting numbers of training for organizations to talk on advanced security courses. He is a occasional speaker at conferences such as DEFCON (USA), Hack In The Box (MY), HITCON (TW), FIRST Conference (USA), Honeynet Annual Workshop, FIRST-TC (JP,MY) and many more.
Lukas Rist is a software engineer with Blue Coat Norway where he develops behavioral malware analysis systems. In his spare time, he works on web application and ICS/SCADA honeypots and botnet monitoring tools under the umbrella of the Honeynet Project where he is also a Director. He recently developed an interest in deployment automation, ephemeral file systems and exotic industrial communication protocols.
Kai Roer is focusing on user awareness, security culture and the study of how our human mind makes us vulnerable and exploitable. He consults with people and organizations on the interpersonal skills that are vital to a successful and trusted secure environment. He is the creator of the Security Culture Framework, a columnist at Help-Net Security and the author of a number of books about cybersecurity and leadership. His latest book is "Build a Security Culture".
Ryan Smith has been making and breaking software security systems for over a decade. His past work has included a wide range of reverse engineering, automated malware analysis, penetration testing, and data analytics. Ryan has been an active member of the security community as a chapter leader of The Honeynet Project and OWASP, as well as both an author and speaker at security conferences such as IEEE HICSS, AppSec USA, and DefCon. He currently works for Blue Coat building advanced malware analysis systems with a specific interest in mobile malware and leveraging big data systems for threat intelligence.
Lance Spitzner is an internationally recognized leader in the field of cyber threat research, security training and awareness. He invented and developed the concept of honeynets, is the author of several books and over thirty security whitepapers. He is founder of the Honeynet Project and is a certified instructor for the SANS Institute.
Natalia Stakhanova, Ph.D is the New Brunswick Innovation Research Chair in Cyber Security at the University of New Brunswick, Canada. She completed her Ph.D. work in Network Security in 2007. Her work revolves around building secure systems and includes intrusion detection, malicious software, and security evaluation and assessment and she has three patents in the field of computer security.
Marie Moe is a research scientist at SINTEF ICT, and has a Ph. D. in information security. Marie is passionate about incident handling and information sharing. She has experience as a team leader at NSM NorCERT, the Norwegian national CERT. Marie also teaches a class on incident management and contingency planning at Gjøvik University College.
Katrin Franke, Ph.D is a professor of computer science and director of the Testimon Forensics group at the Center for Cyber- and Information Security in Norway. In 2005 she obtained her Ph.D. degree at the Artificial Intelligence Institute, University of Groningen, The Netherlands. Dr. Franke started her research career in 1994 at Fraunhofer IPK, Berlin, German. The institute belongs to the Fraunhofer Society, a non-profit organization, conducting applied research on behalf of industrial and governmental entities. From 1996-2006 she has worked as a scientific project manager; leading research teams as well as internationally distributed project consortia. Dr. Franke was in charge of founded research and industrial projects that have brought forth software modules and software systems, now operating in banks in Germany, the United Kingdom, South Africa and Jamaica as well as in forensic laboratories in Germany. Dr. Franke joined the Norwegian Information Security laboratory as an associate professor in January 2007 and was promoted to full professor based on competence evaluation in 2010. Dr. Franke supervises Ph.D. research projects and teaches courses in machine learning and pattern recognition at the PhD and MSc. level. She has published more than 120 scientific papers including one patent, and is involved in the organization of international conferences; the most prominent among them is the International Workshop on Computational Forensics (IWCF). Dr. Franke is a founding member of the IAPR*-TC6 on Computational Forensics and served as its first chair from 2008-2012. (*International Association of Pattern Recognition.) Dr. Franke is the recipient of the *IAPR Young Investigator award in 2009 for her outstanding contribution in computational forensics.
Arthur Blair has been fighting cyberarmies, cyberbullies, trolls and other forms of State and underground business sponsored cyberattacks for more than two decades. While working in indentifying the infrastructure and tools that are used to perform the attacks, Arthur developed a growing interested in understanding the ultimate motivations of large cyberattacks and why it is so difficult to fight them. Blair currently works as a security senior advisor for organizations that are not in the Fortune 1000 and lack the human and technical resources to fight multi gigabit denial of service attacks.
Hanne Moen has extensive experience within the different areas of information security, after working for mnemonic as since 2002. She is currently Head of Log Analysis at mnemonic’s mss department. She has several years of hands-on technical experience from building mnemonic’s managed services SOC. In these years, she gained experience in security monitoring and analysis, incident handling, security architecture and device management. Hanne has also worked several years with the areas of governance, risk and compliance. This includes risk management, Management-for-Hire and audits of outsourcing services from some of the worlds largest IT vendors and financial institutions.
Lasse Andresen his combined business, technical, and people skills as the Chief Technology Officer of ForgeRock, the fastest growing Identity Security Software Company in the world. His twenty-plus years of experience in the software industry include leadership roles at both Sun Microsystems and Texas Instruments, most recently as CTO for Sun Central and Northern Europe.
As ForgeRock’s co-founder and first Chief Executive Officer, Lasse built the company around a vision where “Identity is the center of everything”. Started ForgeRock with four co-workers and grew the business to over 200 employees in offices around the world in just three years, achieving over 100% growth every year and securing over $50 Million in venture funding from top VC firms including Accel Partners, Foundation Capital, and Meritech. ForgeRock has built a customer base of over 500 Global Fortune 1000 companies, including Thomson Reuters, McKesson, Geico, Salesforce and Toyota.
Today Lasse focuses on defining ForgeRock’s long-term technology strategy, with a special focus placed upon the Internet of Things, User Managed Access, and Chip to Cloud technology.
Active advisor to start-ups and involved in a number of organizations centered on supporting start-ups. Over the past few years, Lasse has served as an advisor for Nordic Innovation House and plays an important role as a mentor and coach for the start-ups that are part of the Nordic Innovation House portfolio of companies. More recently, Lasse became a advisor at StartupLab, the leading Norwegian technology incubator, hosting more than 60 startups.
Specialties: CxO-level leadership, serial startup entrepreneurship, international/distributed organizations expertise, emerging technologies, Internet of Things, cloud computing, PaaS software, identity and access management, and open source. He is also the Chairman of Identity, Privacy and Security Advisory Board in San Francisco IoT for Cities initiative.
Per Thorsheim is the founder & main organizer of Passwordscon, the worlds first and only conference about passwords and digital authentication. After pwning a Fortune 500 in a day because of a lazy sysadmin using "Password" as his password 16 years ago, Per has been researching the security and usability of the one security technology that pretty much everyone uses every single day.
William Salusky is a Security Researcher for Salesforce, a Honeynet project alum, and a current Shadowserver foundation team member. William's current research focus is in the area of network forensics and L4 protocol anomalies and is very active in driving the development of the Moloch full packet capture project.
Tone Skartveit is Head of Communication in Cegal, and is member of the board of Girl Geek Dinners Stavanger. She is passionate about culture, values and communication, and focused on how these fields can work as important drivers for motivation and value creation. Tone holds a degree in Education and Teaching, and has communication and management experience from different positions in the oil and gas industry.
Kristine Beitland is a lawyer working as Government Affairs manager at Microsoft Norway. A member of the Government's Digital Vulnerability Committee. Board member of the Norwegian Center for information assurance (NorSIS) and SmartCity Bærum. Trained lawyer. Former Director of the Business and Industrial Security Council (NSR). 16 years in the police force. Head of the organized crime section, The National Police Directorate, and a manager at in the National Police Immigration Service, and a former prosecution and head of the Oslo Police District's largest prosecution team.
Tone Hoddø Bakås works in Norwegian Centre for Information Security (NorSIS). She has more than 20 years experience in IT, and since 1999 has focused on information security. She has extensive experience in systems development and project management. Tone has a master in information from Gjøvik University College. Tone is Lead Auditor ISO / IEC 27001 from BSI and certified CISA and CRISC from ISACA.
Renate Thoreid is Continuity manager at SpareBank1 and has more than 20 years experience in information and communications technology, ICT, information security and thorough knowledge on the legal aspects of data protection and privacy. She has experience from public and private sector and from the The Norwegian Data Protection Authority.
She is member of the board of the Norwegian Computer Society, Østlandet where she furthermore has been the manager of the Information Security group for several years. As a jury sharemann she as lead the work towards and the nomination of candidates for Rosing IT security price. And she is a member of the committee work, IT security at Standard Norge. In 2012 she received the Norwegian Computer Society award as the years driving force.
She is educated from Stavanger University College, Norwegian University of Science and Technology, Norwegian Defense and National Security and Norwegian Business School. Renate is Certified Information Security Manager, CISM from ISACA and have several certifications in ISO and project and risk management.
Sonja Indrebø is Senior Vice President IT and Chief Information Officer for Statoil and has held this position since beginning of 2011. Statoil is an international energy company with operations in 34 countries. Sonja is responsible for the global information technology strategy and all the company’s IT that supports Statoil employees and help drive strategic company priorities. This includes Information Technology, Information Management and Information Security and touches all areas of the company from exploration and drilling to marketing and sales.
Sonja’s career spans more than two decades within the Oil and Gas Industry. She worked for six years as an instrument and telecommunication's engineer in Aker Engineering (now Aker Solutions). She joined Statoil in 1998 as a senior engineer in offshore telecommunications. Since then she has held multiple technical and leadership positions mainly within the company’s IT business. She has been responsible for large scale projects and also operations of the global IT services, both applications and infrastructure.
She graduated from University of Surrey, UK, in 1992 with a BEng’s degree in Electronic and Electrical Engineering (siviliingeniør).
Andre Vorbach is working as a Senior Security Expert for Deutsche Telekom’s Group Security with the focus on web portal security. When he joined DT in 2010, he immediately got involved in the setup of DT's honeypot sensor network. Prior to working for DT, he was working at the German Governmental CERT, located at the Federal Office for Information Security (BSI).
Marco Ochse is working as a Senior Security Expert for Deutsche Telekom’s Group Security with the focus on enterprise mobility and office communication security. Marco started working on the DT honeypot initiative shortly after joining DT Group Security back in 2011. Before signing on for Deutsche Telekom Marco was working as security consultant specializing in internal and perimeter security mainly within the finance and insurance sector.
Aunshul Rege earned her PhD in Criminal Justice in 2012 and is an Assistant Professor with the Department of Criminal Justice at Temple University. She has over ten years of experience in researching cybercrimes from a criminological perspective. She has extensively examined cybercrimes against critical infrastructures focusing on digital information warfare, the organizational dynamics of cybercriminals and their modus operandi, offender decision-making and decision trees, and the 'hybridity' (cyber-physical relationships) of crime. Dr. Rege has published on critical infrastructure cybercrimes in academic journals such as the Security Journal and Criminal Justice Studies. She is currently working on a National Science Foundation grant with computer scientists and Electrical and computer engineers to examine adversarial-defender dynamics in infrastructure cyberattacks. She is interested in multidisciplinary research that encourages moving beyond silo-based thinking.
Martha Eike is a Senior Engineer in the Norwegian Data Protection Authority (Datatilsynet) and is involved in areas like Cloud Computing, Education, Digitalisation of the public sector, Privacy by Design, Big Data and Information Security in general. She is a Computer Engineer with much experience within QA and Software Development, and has been working with Information Security in the Norwegian Data Protection Authority since 2012.