DeepSec 2023 Press Release: DeepSec 2023 publishes Programme – This year’s conference focuses on language models and infrastructure
Everyone is discussing Artificial Intelligence language models that have vast amounts of learning data. Language models are supposed to revolutionise information technology overnight, but their first applications are actually digital attacks. TThe current state of deep fake detection, social engineering attacks, and security incident response benefits will be highlighted at the DeepSec security conference this year. Of course, there are many more presentations that are indispensable for digital defence.
Language models do not think, they forge
Attacks through phishing emails and social engineering bypass technical measures through communication. By imitating victims’ language, attackers try to get them to support the attack with their own actions. Artificial persuasion is the speciality of AI language models, as they are designed to simulate conversation. Alexander Hurbean discusses which tools are available for these attacks and how they work. From this, strategies for a defence can then be designed.
The topic of deep fakes is addressed by Dr Nicolas Müller. Certain AI algorithms can be applied not only to text, but also to audio and video data. This makes it possible to create fakes, quite analogous to the special effects in film and television. Especially in the era of video conferencing, this is a serious threat. If appearance and voice are plausible, there is often little questioning to check. The focus of Dr. Müller’s lecture is on audio forgeries. He will present how these can be created and what countermeasures are possible.
Vulnerabilities in the automotive industry
Thomas Sermpinis reports on weak points in products of the automotive industry. His experience is based on over 50 security tests. He sheds light on critical results as well as strategies to deal with them. Especially the tensions between development, security experts and the management level are a challenge for information security. The lecture will give an insight into the sector. The aim is to present effective approaches to improve security for the industry and all those on the road.
A well-developed security concept needs well-considered content. Security product vendors often distort the threats by focusing on the capabilities of the products they offer. In his presentation, Catalin Curelaru provides important input for the sensible development of a company’s own security programme. An effective defence must prioritise properly and use the available resources correctly.
Disinformation and intrusions into political parties
Disinformation and forgery have become an important tool of geopolitics. It can be used to intervene directly in political processes and to exert influence. This can then be used to manipulate election campaigns in opposing countries. Espionage is an essential part of the preparation for such operations. In his presentation, Scott Shapiro explains the break-in into the systems of the US Democratic National Committee (DNC) in September 2015. Russian attackers were able to intercept internal communications for months. In the presentation, the attack is analysed as a case study. The results are not only interesting for IT departments.
Protection of digital systems is a top priority for political parties. The Russian war of aggression in Ukraine has consequences for other states. Legal neutrality cannot protect digital infrastructure; this requires technical approaches that are organisationally covered. Imran Saleem examines the significance of politically motivated attacks on digital infrastructure as a threat to a country’s democracy. To this end, he analyses intelligence data in the context of changes in a region’s political orientation and conflicts. The research focuses on mobile networks, which are a ubiquitous part of conflicts.
Information exchange at the highest level
The DeepSec conference offers two-day training sessions and over 40 presentations at the highest level to provide representatives from IT infrastructure, management, administration and research with exactly the information they need for a successful defence. The content is prepared in a vendor-neutral and advertising-free manner, as DeepSec has wanted to make a real contribution to information security since its inception. The full conference programme is available on the website.
Programme and booking
The DeepSec 2023 conference days are on 16 and 17 November. DeepSec trainings will take place on the two preceding days, 14 and 15 November. All trainings (with announced exceptions) and presentations are scheduled as face-to-face events. For registered participants, there will be a stream of the lectures on our internet platform.
The DeepINTEL Security Intelligence Conference will take place on 15 November. As this is a closed event, we ask for direct enquiries about the programme to our contact addresses. We provide strong end-to-end encryption for communication with us: https://deepsec.net/contact.html.
Tickets for the DeepSec conference and trainings can be ordered online at any time via the link https://deepsec.net/register.html. Discount codes from sponsors are available. If you are interested, please contact us at deepsec@deepsec.net. Please note that we depend on timely ticket orders due to planning security.