The 8th International Workshop on ‘Internet Security: Enhancing Information Exchange Safeguards’ was held from 23rd to 27th December 2018, in Doha, Qatar. The event was jointly organized by Commission on Science and Technology for Sustainable Development in the South (COMSATS); Islamic Educational, Scientific and Cultural Organization (ISESCO); and the Inter Islamic Network on Information Technology (INIT), and was hosted by the Qatari National Commission for Education, Culture and Science.
The workshop was inaugurated by H.E. Dr. Hamda Hassan Al-Sulaiti, Secretary General, Qatari National Commission for Education, Culture and Science, Qatar, on 23rd December 2018. The inaugural session was attended by representatives of various diplomatic missions based in Doha, including Syria, Ghana, Palestine, Gambia, Sri Lanka, Nigeria and Turkey, apart from the local and foreign participants of the workshop.
During her inaugural address, Dr. Al-Sulaiti conveyed the greetings of H.E. Dr. Mohammed bin Abdul Wahid Al-Hammadi, Minister of Education and Higher Education, Government of State of Qatar. She welcomed the subject experts as well as local and foreign participants. She expressed pleasure on hosting the workshop and thanked COMSATS, ISESCO and INIT for fruitful cooperation. She stated that the great technological advances, the development of various means of communication, and the openness across the world, and the world’s dependence on transmitting various types of data and information through networks and websites, have presented various risks. Therefore, she considered information/internet security one of the most urgent needs of the hour. She recalled that during the 73rd session of the United Nations General Assembly, His Highness Sheikh Tamim bin Hamad Al Thani, the Emir of the State of Qatar, called for an international conference on Global Cyber-Security, stressing the importance of information security and the need for international laws to prevent information security risks.
Dr. Al-Sulaiti stated that the workshop would facilitate the participants in learning the best and most effective ways to secure online information from risks and would promote user awareness and ability to safely store and share information via Internet. She considered this activity highly useful for Qatar and other participating countries keeping in view the significance of information and cyber security.
The Executive Director COMSATS, Dr. S. M. Junaid Zaidi, in his message, stated that the modern computing has taken the world by storm. He informed that according to estimates, there will be over 12 billion machine-to-machine devices connected to the Internet by 2020, and at the same time, the annual cost to the global economy from cybercrime is expected to increase to $2.1 trillion globally. He stated that the developing countries are rapidly deploying ICTs to increase the pace of economic growth, however, due to weak surveillance capacities, these nations are facing greater challenges in alleviation of the cyber threats. He stressed that apart from devising strategies and implementing policies, nations need to build and strengthen their inherent capacities such as developing potent firewalls to shield the local network systems. He thanked the participants and experts for their presence, as well as the partner organizations for collaborating with COMSATS in order to hold this event.
In his message, Dr. Abdulaziz Othman Altwaijri, Director General of ISESCO, stated that due to the widespread use of electronic devices connected to the Internet, the field of information security has become significantly important. It includes securing network and allied infrastructure, security applications and databases, testing, information systems auditing, digital forensics, etc. He highlighted that protecting confidential information is a business requirement and in many cases also an ethical and legal requirement. He informed that ISESCO has always placed a high emphasis within its consecutive Action Plans to implement programmes and mobilize international and national efforts to promote the use of new scientific knowledge for sustainable economic progress. In this regard, ISESCO mobilize forces in order to create a suitable environment for performance of using information and communication technology as per technological requirements of the Member States. He thanked COMSATS, INIT and Qatari National Commission for cooperating to organize this workshop.
Mr. Tahir Naeem, Executive Director INIT, in his message, stated that the magnitude of the internet is enormous and changing very rapidly with each passing second. It has proved to be a source of real social and economic benefit. However, due to the magnanimous reliance on Internet as an engine of interconnectivity, it is imperative to understand its power, as untamed it can lead to more harm than benefit. He informed that INIT works on learning and deploying information and communication technologies for gainful purposes in the Islamic world. He thanked the collaborators for jointly conducting this workshop.
The technical sessions of the five-day workshop were attended by about 30 researchers, system administrators and cyber security professionals, belonging to Qatar, Pakistan, Malaysia, Kazakhstan, Jordan, Morocco, Bangladesh, Oman and Maldives. The local participants belonged to various Ministries and Government Departments of Qatar, including Ministry of Higher Education, Ministry of Transport and Technology, Cyber Police Department, etc.
The event provided a forum to the participants to learn about the latest advancements in the field of Internet security; use the state-of-the-art technologies for protection of network and network accessible resources from different types of software attacks; and working out effective Internet/information security solutions for general public, governmental organizations, and commercial enterprises through rigorous risk analysis and security management approaches.
The workshop was conducted by six subject experts belonging to Pakistan. Dr. Haider Abbas, Associate Professor, National University of Sciences & Technology, Islamabad, covered topics related to Organizational Security, practical approaches to organizational information security management, cloud computing security, ISO 27001, Information Security Management System, and Risk Assessment (Identification, Risk Calculation Methods and Treatment strategies, Gap Analysis). He also conducted practical exercises on Information Security Policy/Procedures Writing, Information Assets Identifications & Valuation, Gap Analysis, Statement of Applicability, Risk Assessment & Treatment, Auditing and Certification Process and Auditing and Evaluation.
Dr. Muhammad Masoom Alam, Associate Professor, COMSATS University Islamabad (CUI), Islamabad, introduced the techniques used in Cyber Threat Intelligence and conducted related practical demonstrations and exercises.
Dr. Akber Abid Gardezi, Assistant Professor, COMSATS University Islamabad (CUI), Islamabad, shed light on new and emerging threats in Smart Cities, including vulnerabilities in autonomous vehicles and artificial intelligence. He also discussed the dark side of Internet in detail.
Mr. Mian Muhammad Waseem Iqbal, Assistant Professor, Department of Information Security, National University of Sciences & Technology, Islamabad, conducted hands on training on the Master Boot Record (MBR) and Partition Tables. He also conducted practical exercises on Exploring Windows Registry, SQL Injection and Mobile Hacking, Master File Tables (MFT) and various other Scenarios/Experimentation.
Prof. Dr. Kashif Kifayat, Head of Computer Science Department, Air University, Islamabad & Director of National Centre of Cyber Security Pakistan, covered topics related to dissecting a Cyber Attack, including Reconnaissance, Scanning, Gaining access, Maintaining Access and Covering Tracks and Hiding. He also discussed Distributed DoS Attacks including Anatomy of a Sample DDoS Attack, Evolution of Botnet Configurations and DDoS Attacks and Mitigation Techniques. He also covered more advanced attack techniques including Kill Chain, Layered Security Approach, etc.
Mr. Shah Fahd, Assistant Manager, National Engineering and Scientific Commission (NESCOM), Islamabad, conducted hands-on training on Wireless Hacking and Countermeasures including Security Issues in Wireless Networks, WEP Cracking, WPA Cracking, WPA2 Cracking and Counter measures. He also conducted practical exercises related to Reconnaissance & Scanning (Scanning using NMAP, Enumerating open ports and services, Nessus Vulnerability Scanner, etc.). He also covered Gaining Access & Privilege Escalation/Password Attacks & Social Engineering including Introduction to Metasploit Framework, Exploiting Windows 7 , 8 and 10, Antivirus bypass, Privilege Escalation, Intercepting http and https passwords, Dictionary Attacks vs Rainbow tables and Social Engineering toolkit.
The workshop concluded with the distribution of certificates among the resource persons, local and foreign participants, and organizing committee members, by the representatives of COMSATS, INIT and Qatari National Commission.