The 4th International Workshop on Information & Operational Technology (IT & OT) Security (IOSEC 2023) took place on April, 20th 2023 in Vilanova i la Geltrú, Barcelona, Spain. The workshop was held as part of the 19th International Conference on the Design of Reliable Communication Networks (DRCN), supported by the EU-funded projects JCOP, PHOENI2X, FISHY and IntellIoT.

The focal points of the IOSEC workshop were: (a) to bring together viewpoints from diverse areas that explore the cybersecurity problems emerging from the wide adoption of innovative services by private and public entities, that have rendered their current IT & OT infrastructures vulnerable to a multitude of attacks and (b) under this prism, to study solutions that will advance the collective science and practice of IT & OT security.

Figure 1: IOSEC was part of the DRCN 2023, held in Neapolis Building Vilanova i la Geltru, Spain

Five papers were presented in the workshop:

• A Moving Target Defence Security Solution for IoT Applications
• Runtime Security Monitoring by an Interplay between Rule Matching and Deep Learning-Based Anomaly Detection on Logs
• Towards the Forensic Investigation on the Hadoop Distributed File System using RAM Analysis
• A Machine-Learning Driven Threat Hunting Architecture for Protecting Critical Infrastructure
• A Holistic Framework for Safeguarding of SMEs: A Case Study

Figure 2: The authors presenting their works at IOSEC 2023

Each presentation was followed by a Q&A session, that was not limited to clarifications on the presented frameworks and solutions but also highlighted future work and research that should be performed, while the potential for new collaborations and knowledge exchange between projects and other organisations after the workshop was expressed.

The workshop was concluded with the keynote presentation provided by Joseliyo Sánchez Martinez, Senior Threat Researcher at BlackBerry, themed ‘RATs and InfoStealers: Mission Spain and Catalonia’ featuring a recent massive Spear-Phishing Campaign that affected Spanish domains.

PUZZLE at the IOSEC 2023

PUZZLE contributed to the discussion, with the paper titled ‘A Holistic Framework for Safeguarding of SMEs: A Case Study’, presented by Nefeli Bountouni (Suite5).

The paper, co-authored by Suite5 and UBITECH, constitutes a case study on the cybersecurity challenges relevant to the ATracker data collection and analytics engine developed by the SME Suite5, and showcases how it can be protected with the help of the PUZZLE Framework.

Figure 3: Slides from the presentation of the PUZZLE paper at IOSEC 2023

The motivation for this work lies on the significant role of SMEs for the EU economy but also on the cybersecurity challenges they need to address due to their rushed digital transition and insufficient safeguards that make them an easy prey for attackers. A brief background on the cybersecurity landscape and state-of-the-art attacks and defences relevant to the ATracker engine is provided, spanning across cloud, IoT and Machine Learning (ML) & Artificial Intelligence (AI) infrastructures.

Afterwards the paper elaborates on the design principles and layers of the policy-based PUZZLE Framework, while it dives in the actual protection of the ATracker through experimentation with the PUZZLE Framework in two use cases (vulnerabilities identification and cybersecurity analytics).

Finally, the conclusions of this work highlight the added value for the ATracker engine, as a protective barricade has been setup that can be further enhanced with additional policies against more attacks and threats, and showcases the potential of the PUZZLE Framework through this proof-of-concept exercise in a real-life application.

The paper will become available soon in the DRCN proceedings, while you can find the presentation here.