1. CAST iCAST 1 Activities of Information Security Research in Taiwan: TWISC and iCAST Distinguished Research Fellow Academian Der-Tsai Lee Academia Sinica

2. CAST iCAST 2 Agenda  Introduction to TWISC –Organization –Research Topics –Activities hosted by TWISC  Introduction to iCAST –Organization –Research Topics –Activities hosted by iCAST  Conclusions

3. CAST iCAST 3 Introduction to TWISC

4. CAST iCAST 4 Introduction to TWISC http://www.twisc.org/  Officially founded on April 1 st, 2005, funded by National Science Council (NSC) of Taiwan  Headquarters of TWISC –Center for Information Technology Innovation, Academia Sinica  Three physical centers established –Northern Taiwan: TWISC@NTUST National Taiwan University of Science & Technology, since Nov. 2005 –Central Taiwan: TWISC@NCTU National Chiao Tung University, since Oct. 2006 –Southern Taiwan: TWISC@NCKU National Cheng Kung University, since Oct. 2006

5. CAST iCAST 5 Objectives/Missions of TWISC  Advance the research and development of technologies in information security and related areas  Provide education and training, help build human resource capacity, and promote public awareness in information security  Collaborate with private sector to enhance local information security industry in security management and applications software development  Seek international collaborations to build a ubiquitous secure community

6. CAST iCAST 6 Strategies for TWISC  Integrate resources and expertise among government, industry and academia to make comprehensive plans on how to foster security-related research effort, and help promote public awareness and capacity-building in information security  Strive for excellence in research and development of technologies in information security & keep abreast with the top-notch leading research institutions worldwide  Serve as a bridge for partnership among government, industry and academia, and as a catalyst of technology transfer in information security sector, and promote university-industry cooperative research in security-related applications  Build a framework for national/international collaboration, including exchange of scholars, researchers and students, and hosting of workshops and conferences

7. CAST iCAST 7 Functional Organization of TWISC Technology R&D Division Data Security Network Security SW/HW Security Security Management Technology R&D Division Data Security Network Security SW/HW Security Security Management Education Division Conferences/Workshops Distinguished Lectures Educational Programs Public Awareness Education Division Conferences/Workshops Distinguished Lectures Educational Programs Public Awareness Collaboration & Exchange Division International Collaboration Exchange Scholars/Students Univ./Industry Coop. Program Short Courses Collaboration & Exchange Division International Collaboration Exchange Scholars/Students Univ./Industry Coop. Program Short Courses Consulting & Services Division Industry/Gov’t Security Consultation SW Evaluation Consulting & Services Division Industry/Gov’t Security Consultation SW Evaluation TWISC Project Director, Dr. D.T. Lee Center PIs North － Prof. T.C. Wu Central － Prof. S.P. Shieh South － Prof. C.S. Laih TWISC Project Director, Dr. D.T. Lee Center PIs North － Prof. T.C. Wu Central － Prof. S.P. Shieh South － Prof. C.S. Laih Advisory Committee － ＊ Industry ＊ Academia ＊ R&D Institutions Faculty from － TWISC TWISC@NTUST TWISC@NCTU TWISC@NCKU

8. CAST iCAST 8 Principle Investigators  Professor Hahn-Ming Lee 李漢銘 Head, Div. Exchange & Collaboration, TWISC@NTUST – Department of Computer Science & Information Engineering – National Taiwan University of Science & Technology – E-mail: hmlee@mail.ntust.edu.twhmlee@mail.ntust.edu.tw  Professor Chin-Laung Lei 雷欽隆 Head, Div. Technology Research & Development, TWISC@NTUST – Department of Electrical Engineering – National Taiwan University – E-mail: lei@cc.ntu.edu.twlei@cc.ntu.edu.tw  Professor Jung-Hui Chiu 邱榮輝 Head, Div. Consulting & Services, TWISC@NTUST – Department of Electrical Engineering – Chang Gung University – E-mail: jhchiu@mail.cgu.edu.twjhchiu@mail.cgu.edu.tw  Professor Chao-Chi Chan 詹朝基 Head, Div. Education & Training, TWISC@NTUST – Department of Mechanical Engineering – National Taiwan University of Science & Technology – E-mail: chancc@mail.ntust.edu.twchancc@mail.ntust.edu.tw

9. CAST iCAST 9 Collaboration & Exchange Division Headed by Professor Hahn-Ming Lee 李漢銘 CSIE, NUST  To draft technology and scholar exchange plans  To establish information security-alliance program among local universities and with international organizations  To establish channels for exchange of researchers and students between collaboration partners  To host international workshops and conferences in information security and related areas  To organize Distinguished Lecture Series and Workshops on Advanced Information Security Technology

10. CAST iCAST 10 Technology R&D Division Headed by Professor Chin-Laung Lei 雷欽隆 EE, National Taiwan University  To do advanced research in information security  To develop information security technologies and applications software for research and education  To plan and conduct university-industry cooperative research  To help realize technology transfer to industry

11. CAST iCAST 11 Consulting & Services Division Headed by Professor Jung-Hui Chiu 邱榮輝 Electrical Engineering, Chang Gung University  To provide consulting services of information security to the government, the academia and the industry  To provide software security evaluation technology & service support  To provide hardware security testing technology & service support

12. CAST iCAST 12 Education & Training Division Headed by Professor Chao-Chi Chan 詹朝基 Mechanical Engineering, NTUST  To organize and prepare curricula or educational programs for information security  To offer training courses and promote information sharing and public awareness of information security  To provide incentives for researchers / faculty members giving awards, recognition, and promotion  To host training workshops in information security for academic and industrial professionals and Information Security Summer School

13. CAST iCAST 13 Research Topics Coordinated by TWISC@NTUST  Major topics –Cryptography Authentication/digital signature, cryptographic protocols Cryptographic techniques for low-resource/mobile devices Multivariate public key cryptography –Software/Hardware Security Secure code verification Web-based application security assessment Power analysis/hardware security assessment –Privacy protection Healthcare and ubiquitous applications  Related topics –Smart card & RFID security –Open Source Vulnerability Discovery & Remediation –Security Management

14. CAST iCAST 14 Research Topics Coordinated by TWISC@NCTU  Major topics –Wireless Network Security Operation Center Topology Explorer War Driving Dos Detection Software/Hardware System Vulnerability Analyzer Alert Database –Sensor network security Remote Security Scanner

15. CAST iCAST 15 Research Topics Coordinated by TWISC@NCKU  Major topics –Intrusion detection system IPv6-Enabled IDS IPS for SIP VoIP System DNS Server Protection –Testbed, Honeypot More than 290 tools, and more than 20 testing scenarios Integrate with EuroCom Honeypot network security statistics database

16. CAST iCAST 16 Hosted Workshops and Conferences - SADFE 2005  SADFE 2005 (First International Workshop on Systematic Approaches to Digital Forensic Engineering) Nov. 7-10, 2005, Taipei, Taiwan http://conf.ncku.edu.tw/sadfe/http://conf.ncku.edu.tw/sadfe/  Invited Speakers: –Prof. Bernard Jouga, Supelec –Prof. George Mohay, Queensland University of Technology –Prof. Steve Schroeder, Seattle University, a pioneer in Cyber crime law enforcement

17. CAST iCAST 17 Hosted Workshops and Conferences - AsiaCCS'06  ACM Symposium on Information, Computer and Communications Security (AsiaCCS'06) March 21-23, 2006, Taipei, Taiwan http://www.iis.sinica.edu.tw/asiaccs06/ http://www.iis.sinica.edu.tw/asiaccs06/

18. CAST iCAST 18 11 th Information Security Conference (ISC 2008)  Venue: The Grand Hotel, Taipei, Taiwan  Dates: September 15 th -18 th 2008  Hosted by CCISA (Chinese Cryptology and Information Security Association), TWISC, Academia Sinica, Industrial Technology Research Institute (ITRI), Institute for Information Industrial (III), etc.

19. CAST iCAST 19 Workshop on Advanced Information Security Technology Multivariate PKC  Date: 2006/01/20-21 at NTUST  Topic: Multivariate PKC Prof. Jintai Ding, University of Cincinnati, USA Prof. Christopher Wolf, Ecole Normal Superieure, France Prof. Bo-Yin Yang, Tamkang University Taiwan

20. CAST iCAST 20 Japan-Taiwan Joint Research on Cryptography and Information Security towards Next IT-society  Date: 2008/10/14-15 at Fukuoka, Japan  Topics including: Network Security, DRM, Policy Management, Cryptography, Cryptography, Application, and Wireless, Sensor, Ubiquitous.  Hosted by TWISC & ISIT Snapshot of professor Tzong- Chen Wu’s speech Snapshot of Prof. Der-Tsai Lee’s speech All attendees

21. CAST iCAST 21 Taiwan-Germany Information Technology Workshop 2008  Date: 2008/11/24-25 at NSYSU  Topic: Cryptography and Information Security  Sponsored by: TWISC (Taiwan Information Security Center); DFG (Deutsche Forschungs Gemeinschaft); IIS (Institute of Information Science, Academia Sinica); NSC (National Science Council, Taiwan)

22. CAST iCAST 22  Date: 2008/11/27 at TWISC@NTUST  Attendee: -Taiwan: Academian.Dr. D.T. Lee, Profs. Tzong-Chen Wu, Shi-Cho Cha, Tien-Ruey Hsiang, Shang-Jang Ruan, Bo-Yin Yang, and Jung-Hui Chiu. -Germany: Prof. Johannes Buchmann, Marc Fischlin,Sorin A. Huss, Ahmad-Reza Sadeghi, Barbara Sprick, Martin Steinebach,and Thorsten Kleinjung. Taiwan-Germany Information Security Technology Dialogue Round Table Dialogue System Demo @TWISC All attendees

23. CAST iCAST 23 Distinguished Lecture Series  Date: 2005/12/16  Topic: Trends and Challenges for Securer Cryptography  Prof. Hideki IMAI, Information and Systems Dept. of Institute of Industrial Science, University of Tokyo  Date: 2005/10/27  Topic: Y-00 protocol: Quantum Cryptography for Optical Fiber Networks  Prof. Kentaro Kato, CHUO University

24. CAST iCAST 24 Distinguished Lecture Series  Date: 2006/3/20  Topics: –Open problems and promising approaches in computer security (Prof. Tygar) –Software Security and Solutions : A Stony Brook Perspective ( Prof. Chiueh) Prof. Tzi-cker Chiueh Computer Science Department State University of New York at Stony Brook Prof. Doug Tygar Computer Science Department UC Berkeley

25. CAST iCAST 25 Distinguished Lecture Series  Date: 2006/5/1  Topic: General Method for Enhancing Security of Multivariate Public Key Cryptosystems  Prof. TSUJII Shigeo,President, Institute of Information Security Japan  Date: 2006/5/1  Topic: Recent Japanese Trend of Biometric Authentication Application System and Future IISEC Research Project  Prof. Yukio ITAKURA, Institute of Information Security, Japan

26. CAST iCAST 26 Distinguished Lecture Series  Date: 2006/6/1 (in NCKU and NTUST)  Topic: Security Challenges in Ubiquitous Society  Prof. Kwangjo Kim Director, International Research Center of Information Security Information and Communications University Korea  Date: 2006/7/6  Topic: Security in Sensor Network: Industry Trends, Present and Future Research Direction  Prof. Adrian Perrig, CMU, USA

27. CAST iCAST 27 Distinguished Lecture Series  Date: 2006/08/04  Topic: Security and Robustness based on Nothing: A New Paradigm for Future Internet Design  Prof. Felix Wu, UC Davis, USA  Date: 2006/11/24  Topic: Post-Quantum Cryptography  Prof. Rei Safavi-Naini, University of Wollongong, Australia

28. CAST iCAST 28 Distinguished Lecture Series  Date: 2006/12/27  Topic: Ubiquitous Public Key Infrastructure  Dr. Ken UMENO, Laboratory of Next Generation Mobile Communications, RIKEN (The Institute of Physical and Chemical Research), Japan  Date: 2007/1/3  Topic: Physical and Quantum Cryptography  Prof. Horace Yuen, Northwestern University USA

29. CAST iCAST 29 Distinguished Lecture Series  Date: 2007/4/2  Topic: 10 years of Rijndael and beyond  Prof. Vincent Rijmen, Technical University of Graz & IAIK Krypto Group, Austria  Date: 2007/11/23  Topic: Computer Crime  Dr. Henry C. Lee ( 李昌鈺博士 ), Chief Emeritus of the Connecticut State Police & Founder and Professor of the Forensic Science Program at the University of New Haven

30. CAST iCAST 30 Distinguished Lecture Series  Date: 2008/2/20  Topic: Authentication and Identity Management  Prof. Fred Piper, University of London, UK  Date: 2008/2/20  Topic: Post Quantum Signatures  Prof. Johannes Buchmann, Technische Universität Darmstadt, Germany

31. CAST iCAST 31 Distinguished Lecture Series  Date: 2008/11/5  Topic:Crypto System Related with Biology  Prof. Xuejia Lai, Shanghai Jiao Tong University  Date: 2008/9/15  Topic: The security of SHA-1 against recent attacks  Prof. Vicent Rijmen, Katholieke Universiteit Leuven, Belgium

32. CAST iCAST 32  Date: 2008/12/18  Topic: Coded Modulation and the Arrival of Signcryption  Prof. Yuliang ZHENG, University of North Carolina at Charlotte, USA Distinguished Lecture Series

33. CAST iCAST 33 Information Security Summer School (ISSS) Aug. 10~24, 2006  Lecturers: Prof. Tzong-Chen Wu (NTUST), Prof. Chi-Sung Laih (NCKU), Prof. Bo-Yin Yang (Academia Sinica), Prof. Dan Bernstein (U. Illinois Chicago), Prof. Tanja Lange (Tech. U. Denmark), Prof. Claus Diem (U. Leipzig Germany), Dr. Rui Zhang (RCIS Japan), Dr. Takayuki Miyadera (RCIS Japan), Dr. Yutaka Oiwa (RCIS Japan), Prof. Jason Crampton (ISG UK), Prof. Keith Martin (ISG UK), Prof. Chris Mitchell (ISG UK), Prof. Keith Mayes (ISG UK)  Venue: National Taiwan University of Science and Technology (NTUST)  For more information see http://www.twisc.orghttp://www.twisc.org  Over 600 participants

34. CAST iCAST 34 Information Security Summer School (ISSS) Aug. 6~16, 2007  Lecturers: Prof. Chris Mitchell (ISG), Dr. Keith Mayes (ISG), Dr. Marc Joye (Thomson), Prof. Robert Deng (SMU), Prof. Kwangjo Kim (ICU), Prof. John Choi (Sangmyung), Dr. Chan Yeob Yeun (LG), Dr. Jonathan Millen(Mitre), Prof. Naoshi Sato (IISec), Prof. Tzong-Chen Wu (NTUST)  Venue: National Taiwan University of Science and Technology (NTUST)  For more information see http://www.twisc.orghttp://www.twisc.org

35. CAST iCAST 35 Information Security Summer School (ISSS) July 21~Aug. 1, 2008  Lecturers: Prof. Kouichi Sakurai (ISIT), Prof. Justin Zhan (CMU), Prof. Shih Kun Huang (NCTU), Mr. Jerry Lin & Mr. Michael Shiah (RingLine Corporation), Prof. Yuliang Zheng (UNC Charlotte), Dr. Tieyan Li & Dr. Jianying Zhou (I2R), Mr. Shane Balfe (University of London), Prof. Chan Yeob Yeun (ICU), Prof. Tzong-Chen Wu (NTUST)  Venue: National Taiwan University of Science and Technology (NTUST)  For more information see http://www.twisc.orghttp://www.twisc.org

36. CAST iCAST 36 Weekly Seminar TWISC@NTUST continually holds weekly seminars through the years.

37. CAST iCAST 37  Visits to and cooperation with ICU(Korea), IRIS(Korea), RCIS(Japan), IISec(Japan), ISG(UK), SMU(Singapore), MITRI(USA), CMU(USA), Thomson(France), IAIK(Austria), etc. International Cooperation (1) Visit to KISA ( 韓國資訊安全局 ) Visit to SMU (Singapore)

38. CAST iCAST 38 International Cooperation (2)  PhD students’ oversea short term research to ISG(UK): 2007: Yuan-Hong Lian(CGU), Sung-Shiou Shen(NTUST) and Kuo-Yu Tsai(NTUST) 2008: Yuan-Hong Lian(CGU) and Horng-Ru Liao(NTUST)  Number of published paper (International): 88 (2005-2007)

39. CAST iCAST 39 Prof. Duijn (Principal of Eindhoven University of Technology,Netherlands) 2008 APEC TEL PKI/ e- Authentication Training Program Prof. Chung Laung Liu visiting TWISC Irregularly visitors to TWISC@NTUST Visited by RETICorp 兆聖科技 MOU Signing with ISIT (Japan) at TWISC@NTUST Visited by Prof. Koung-An Chao ( 行政院科技顧問趙光安教授 )

40. CAST iCAST 40 Industry Resource Cooperation Trade-Van( 關貿網路 ) Acer ( 宏碁 ) Infortrend ( 普安科技 ) ISSDU ( 數聯資安 )

41. CAST iCAST 41 Introduction to iCAST

42. CAST iCAST 42 Introduction to iCAST http://www.icast.org.tw/  Project Officially founded on May 1st, 2006, funded by National Science Council (NSC) of Taiwan  iCAST is a team consisting of members from TWISC, Institute for Information Industry (III), Industrial Technology Research Institute (ITRI) and Chung Cheng Institute of Technology, National Defense University of Taiwan  Collaborated with members of Carnegie Mellon University (CMU) and University of California, Berkeley (UCB) on 11 projects  The research fields of such scholars include cryptology, network security, multimedia security, software security, and information security management

43. CAST iCAST 43 Missions for iCAST  To do academic collaborative works and researches with CMU and UCB  To gain core technologies and develop prototypes jointly work with CMU and UCB  Cultivate the seeds of information security  Spread the knowledge of information security education  In the future, to do technology transfer to the industries in Taiwan to promote their self-capability  To dispatch professors and PhD students to CMU and UCB for the short-term and long-term study to enlarge global vision in further researching

44. CAST iCAST 44 Strategies for iCAST  Two subgroups are formed in each researching group, one is focused on doing internal works in Taiwan’s site, and the other is focused on doing joint works in the campus of CMU/UCB  All works or core technologies are deliverable to journal/conference papers and prototype implementation –Papers will be submitted to SCI journals (with high impact factors) or top international conferences –Developed prototype should be portable to real system in practice

45. CAST iCAST 45 Functional Organization of iCAST

46. CAST iCAST 46 Research Topics in iCAST 300  Software Security Verification & Analysis  Investigation on Advanced Remote Authentication Technology  Privacy-preserving Information Protection Management System  Security Technologies & Applications in Wireless Sensors Networks  Secure Environment-aware Configurable Ubiquitous oveRlay  Intrusion Detection & Prevention Technology Development & System Integration  Network Security & Forensics

47. CAST iCAST 47 iCAST/CMU/TRUST Joint Conference  January 8-9, 2008, Taipei, Taiwan  http://www.icast.org.tw/events/conferences- and-workshops

48. CAST iCAST 48 iCAST/CMU/TRUST Joint Conference  June 5-6, 2008, Taipei, Taiwan  http://www.icast.org.tw/events/conferences- and-workshops

49. CAST iCAST 49 iCAST/CMU/TRUST Joint Conference  January 7-8, 2009, Taipei, Taiwan  http://www.icast.org.tw/events/conferences- and-workshops

50. CAST iCAST 50 iCAST/CMU/TRUST 1st Year Kickoffs  September 11-12, 2006, Pittsburgh, USA  September 14-15, 2006, Berkeley, USA  http://www.icast.org.tw/events/conferences- and-workshops

51. CAST iCAST 51 iCAST/CMU/TRUST 2nd Year Kickoffs  August 16-17, 2007, Pittsburgh, USA  August 19-20, 2007, Berkeley, USA  http://www.icast.org.tw/events/conferences- and-workshops

52. CAST iCAST 52 iCAST/CMU/TRUST 3rd Year Kickoffs  August 20 2008, Pittsburgh, USA  August 25 2008, Berkeley, USA  http://www.icast.org.tw/events/conferences- and-workshops

53. CAST iCAST 53 Developed Prototypes  (RISE) RFID + ITS + Sensor Network+ Embedded Systems –A blood storage bag management system for healthcare, providing off- site tracking and on-site management  Asset Monitoring and Protection –Record the flowing objects and prevent from stealing assets in dormitory  PiSA (Pervasive iCAST Security Angel) –Use PDA or cellular phone to authenticate the trustworthy website via visual random art  IDEAS (Intrusion Detection and Event Analysis System) –Based on machine learning and AI methods to analyze real-time network data  Security Monitor –Implemented on a Linux platform with a loadable kernel module to compute and update the probabilistic belief (inference engine) of the attack  Personal Privacy Guard (OceanStore) –Provide personalized privacy preference rules generation, reasoning, and refinement for personal information protection

54. CAST iCAST 54 International Collaboration in TWISC

55. CAST iCAST 55 Conclusions  TWISC is to serve as an R&D resource center to enhance technical competence, including Ubicomp security  TWISC is to enlarge human resource capacity and promote public awareness in information security  TWISC is to be a window for university-industry partnership and international collaboration in information security  iCAST is the project within TWISC that focuses on international collaboration in information security  TWISC represents integrated research capabilities in Taiwan, aiming to establish itself as a power house in information security, working closely with other renowned centers or laboratories worldwide.