by Alex Desmond, co-host of the Forensic Focus podcast
This year was the 18th International Conference on Cyber Warfare and Security (ICCWS). The word ‘international’ doesn’t necessarily mean it is definitively all nations, as there is a sister conference called the European Conference on Cyber Warfare and Security (ECCWS) and one that used to run out of Perth, Western Australia.
“ICCWS uniquely addresses cybersecurity, cyberwarfare, and information warfare. Over the years, the conference has been attended by a variety of security and military organisations, including the Cyber Security Policy Research Institute, more than 10 national defense colleges, NATO, SHAPE, etc.” – ACI website
This year’s conference ran two in-person streams and two online streams that had different talks. There were 71 talks, including the two keynotes at the beginning of each day. The majority of talks were done by researchers in their respective fields, and topics ranged from military ethics and information warfare with a focus on the Jan 6 US Capitol attack to technical talks on digital forensics in different fields and remote hacking the CAN bus of cars.
For all the papers go here.
The keynote speakers both had thought provoking talks. Mr Justin Fanelli spoke to Zero Trust and how it was used and developed in the US Navy. Dr George R. Lucas gave some insights to recent discussions and development around military ethics and the use of AI algorithms in drone technology in the current conflicts around the world.
You can check out their bios from the conference, as well as information about the other chairs and organisers, here.
Like other workshop conferences, the ICCWS partners with the Journal of Information Warfare, which helps support publishing speakers, whether they are seasoned professionals or students.
Some of the talks that stuck with me and that I have mentioned on the podcast with Si are worth mentioning in here, mostly because I think they’re universal and not a singular cyber domains issue to be conscious of.
Martti Lehto gave a talk on budding research into Cyber security training in Finnish basic and general upper secondary education. My immediate question on this was how the structure of schooling compares to others around the world when using the terminology ‘secondary education’. The motivation behind the research was fantastic, and I think it’s a question we should be asking ourselves in each country – “What should we be teaching children about cyber security?”. The early implementation within this paper focused on asking teachers qualitative questions in their abilities both with regard to cyber security in general, and the confidence they would have teaching this on top of the other curriculum subjects.
It is important to keep in mind that every area involving cyber security has a skills shortage, and in three decades’ time the school children will be choosing where they want their careers to go.
Clara Maathuis delivered a presentation on Social Media Manipulation Deep Learning based Disinformation Detection, along with two other talks as part of a series for her research. It focused in on the information manipulation surrounding the covid-19 pandemic and how social media, particularly twitter, could sway the public view and opinion on the matter.
This issue was highlighted by the UN as disinformation and an “existential risk to humanity”. Clara and her teams’ research were based on how to build deep learning models using an existing dataset. I won’t go into the model of choices here in this article (BERT and CNN were used), since the paper does a good job explaining and I would probably butcher it.
What I personally conclude after reading the paper is that humans are still so vital in training these models and ensuring that false positives or true negatives are identified where possible. However, with the sheer amount of information that is release into the web everyday, these models built of deep learning and data science principles are needed more than ever to help combat the issue.
Like all conferences though, I think the best part was the watercooler chats. The in-between talks gave an opportunity to really dive into the presenters’ content more and offered a chance to make connections with other attendees. It also allowed me to find potential guests for the podcast and make contacts relevant to my own interests and job.
In terms of cyber security conferences, it is unique, and since it’s accessible wherever you are in the world, I would highly recommend it to anyone that has the chance to check it out.
A trend has started to form with the international version of this conference, where every five years it visits South Africa. Details will be added to the ACI website soon.
Follow the conference on any of these: