CyberSec Seminar November 2022

8 November 2022, 10:30 am, AIFB (Geb. 05.20, Kaiserstraße 89), Room 1A-11

For this month's seminar, our speakers are:

  • Philipp Danylak (Critical Information Infrastructures): Making Sense of Certification Internalization: A Process Model for Implementing Information Security and Data Protection Certifications

Abstract: Information systems certifications are becoming increasingly important for information security and data protection by providing organizations with best practices and independent feedback. However, symbolic certification internalization is a significant problem: organizations often implement certifications superficially without truly integrating them into their organizational practices. To mitigate this problem, it is crucial to uncover how different stakeholders involved in the certification make sense of its purpose and criteria. We strive to explore and theorize how organizations internalize information security and data protection certifications through the lens of sensemaking. We draw on a literature review and qualitative interviews and apply visual mapping and temporal bracketing techniques to develop a process model of certification internalization spanning three sensemaking cycles: pre-audit assessment, audit, and post-audit maintenance. Taking a more nuanced view of time and process unfolding, we revealed that the ongoing maintenance of certifications plays a critical role in ensuring certification internalization.

  • Hauke Heseding (Telematics): Reinforcement Learning-Controlled Adaptive DDoS Mitigation

Abstract: Volumetric Distributed Denial of Service (DDoS) attacks overwhelm a network infrastructure with unsolicited high-volume traffic and pose a serious threat to online service availability. This talk presents a novel mitigation approach that protects networks by enabling early traffic filtering. The key challenge resides in finding effective traffic filter rules and adapting them to evolving attack patterns while operating within the constraints of current hardware limitations. To effectively address this challenge the approach combines hierarchical heavy hitter monitoring algorithms with deep reinforcement learning.