[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-id: <519E2061.90304@pitt.edu>
Date: Thu, 23 May 2013 09:57:53 -0400
From: James Joshi <jjoshi@...t.edu>
To: undisclosed-recipients: ;
Subject: CFP: IEEE SafeConfig: 6th Symposium on Security Analytics and
Automation
CALL FOR PAPERS
IEEE SafeConfig 2013
--------------------
6th Symposium on Security Analytics and Automation (www.safeconfig.org)
(collocated with IEEE Conference on Communications and Network Security)
Washington, D.C., USA
October 14, 2013
Sponsors: IEEE (COMSOC).
Important Dates
Abstract Registration Deadline: June 25
Manuscript Submission: July 1, 2013
Review Notification: August 7, 2013
Camera Ready: August 15, 2012
Conference Dates: October 14, 2012
The new sophisticated cyber security threats demand new security
management approaches that offer a holistic security analytics based on
the system data including configurations, logs and network traffic.
Security analytics must be able to handle large volumes of data in order
to model, integrate, analyze and respond to threats at real time. The
system configuration/policy is a key component that determines the
security and resiliency of networked information systems and services.
However, a typical enterprise networked environment contains thousands
of network and security devices and millions of inter-dependent
configuration variables (e.g., rules) that orchestrate the end-to-end
system behavior globally. As the current technology moves toward "smart"
cyber infrastructure and open networking platforms (e.g. OpenFlow and
virtual computing), the need for security analytics and automation
significantly increases. The coupled integration of network sensor data
and configuration in a unified framework will enable intelligent
response, automated defense, and network resiliency/agility.
This symposium offers a unique opportunity by bringing together
researchers form academic, industry as well as government agencies to
discuss these challenges, exchange experiences, and propose joint plans
for promoting research and development in this area. SafeConfig
Symposium is a one day program that will include invited talks,
technical presentations of peer-reviewed papers, poster/demo sessions,
and joint panels on research collaboration. SafeConfig Symposium
solicits the submission of original unpublished ideas in 8-page long
papers, 4-page sort papers, or 2-pages posters. Security analytics and
automation for new emerging application domains such as clouds and data
centers, cyber-physical systems software defined networking and Internet
of things are of particular interest to SafeConfig community.
Topics (but are not limited to)
Science of Security Analytics and Automation:
• Security metrics.
• Abstract models and languages for configuration specification.
• Formal semantics of security policies.
• Model composition and integration.
• Autonomic defense and configuration.
• Integration of sensor information and policy configuration.
• Theory of defense-of-depth.
• Security games.
• Attack prediction and attribution.
Security Analytics Techniques:
• Techniques: formal methods, statistical, interactive visualization,
reasoning, etc.
• Methodology: multi-level, multi-abstraction, hierarchical etc.
• Analytics under uncertainty.
• Security analytics using heterogeneous sensors.
• Automated configuration verification.
• Integrated network and host configuration.
• Configuration testing, forensics, debugging and evaluation.
• Analytics of attacks motive and attribution.
• Tools and case studies.
• Security analytics for wireless sensors and MANET.
• Security policy management.
• Accountability and provenance.
• Attack forensics and automated incident analysis.
Security Automation Techniques:
• Automated security hardening and optimization
• Security synthesis and planning.
• Policy/Configuration refinement and enforcement.
• Health-inspired security.
• Risk-aware and context-aware security.
• Cyber agility and moving target defense.
• Security configuration economics.
• Continuous monitoring.
• Usability issues in security management.
• Automated patch management.
• Automated attack response and alarm management.
Submission Guidelines
EDAS Paper/Abstract submission link for SafeConfig 2013 can be found at
www.safeconfig.org. Papers must present original work and must be
written in English. We require that the authors use the IEEE format for
papers, using one of the IEEE Proceeding Templates. We solicit two types
of papers, regular papers and position papers. The length of the regular
papers in the proceedings format should not exceed 8 US letter pages
excluding well-marked appendices. Committee members are not required to
read the appendices, so papers must be intelligible without them. Short
papers and posters may not exceed 4, and 2 pages, respectively. Papers
are to be submitted electronically as a single PDF file at
www.edas.info. Authors of accepted papers must guarantee that their
papers will be presented at the conference.
TPC Co-Chairs
James Joshi, University of Pittsburgh , USA
Ehab Al-Shaer, UNC Charlotte, USA
TPC Committee: TBD
Powered by blists - more mailing lists