Share Your Research, Maximize Your Social Impacts
Main Menu
Searching By
PARTNERS
WIT 2010 - Workshop on Insider Threats(WIT 2010)
Topics/Call fo Papers
2010 ACM CCS Workshop on Insider Threats
October 8, 2010
Hyatt Regency, Chicago, USA
Held in conjunction with the 2010 ACM Conference on Computer and Communications Security
Call for Papers
(This call is also available in PDF and TXT format.)
When equipped with insider knowledge, an attacker is a particular risk to an organization: they may know the policies and security measures of an organization and devise ways to subvert them. Such attackers can have a variety of motives and triggers that cause them to act against the organization's interests. Further, the mechanisms these attackers can use can range from unsophisticated abuses of their own authority to elaborate techniques to acquire unauthorized access. The duration of the attacks may be short or longer-term. Finally, the goal from these attacks can be simple exfiltration of information or even direct sabotage.
The Insider Threat has been identified as a hard, but important, computer security problem. This workshop broadly calls for novel research in the defense against insider threats. Relevant research may leverage operating systems, communication networking, data mining, social networking, or theoretical techniques to inform or create systems capable of detecting malicious parties. Cross-disciplinary work is encouraged but such work should contain a significant technical computer security contribution. Research in non-traditional systems, such as smart spaces, is encouraged as well as enterprise systems. Finally, while we discourage exploits of limited scope, we solicit generalized techniques that help an inside attacker evade modern defensive techniques.
Topics of interest include but are not limited to:
Novel data collection of threat indicators,
Detection of triggers and behavior modeling associated with insider threat development,
Detection of malicious users acting within their own authority against organizational interests,
Detection of unauthorized escalation of rights,
Covert exfiltration of data and approaches to thwart such techniques,
Automatic detection of high-value digital assets,
Techniques to minimize false positives in insider threat detection,
Advances in access control, data compartmentalization or administration of compartments,
Detection techniques for resource constrained clients (limited processor, bandwidth, or battery capacity),
Data and digital asset tracking,
Techniques to provide near real-time forensics
Important Dates
Paper Submission Due: June 28, 2010 at 11:59pm PDT
Acceptance Notification: August 6, 2010
Camera-ready Due: August 16, 2010
Workshop: October 8, 2010
All deadlines are firm due to publisher time constraints
Program Committee
Program Chairs
Brent Lagesse, Oak Ridge National Laboratory
Craig Shue, Oak Ridge National Laboratory
Program Committee
Michel Barbeau, Carleton University
Elisa Bertino, Purdue University
Dawn Cappelli, CERT
Erik Ferragut, Oak Ridge National Laboratory
Deborah Frincke, Pacific Northwest National Laboratory
Minaxi Gupta, Indiana University
Markus Jakobsson, Palo Alto Research Center
Apu Kapadia, Indiana University
Marc Liberatore, University of Massachusetts
Donggang Liu, University of Texas Arlington
Gerome Miklau, University of Massachusetts
Sean Smith, Dartmouth College
Matthew Wright, University of Texas Arlington
Contact
For more information, please contact shueca AT ornl.gov.
October 8, 2010
Hyatt Regency, Chicago, USA
Held in conjunction with the 2010 ACM Conference on Computer and Communications Security
Call for Papers
(This call is also available in PDF and TXT format.)
When equipped with insider knowledge, an attacker is a particular risk to an organization: they may know the policies and security measures of an organization and devise ways to subvert them. Such attackers can have a variety of motives and triggers that cause them to act against the organization's interests. Further, the mechanisms these attackers can use can range from unsophisticated abuses of their own authority to elaborate techniques to acquire unauthorized access. The duration of the attacks may be short or longer-term. Finally, the goal from these attacks can be simple exfiltration of information or even direct sabotage.
The Insider Threat has been identified as a hard, but important, computer security problem. This workshop broadly calls for novel research in the defense against insider threats. Relevant research may leverage operating systems, communication networking, data mining, social networking, or theoretical techniques to inform or create systems capable of detecting malicious parties. Cross-disciplinary work is encouraged but such work should contain a significant technical computer security contribution. Research in non-traditional systems, such as smart spaces, is encouraged as well as enterprise systems. Finally, while we discourage exploits of limited scope, we solicit generalized techniques that help an inside attacker evade modern defensive techniques.
Topics of interest include but are not limited to:
Novel data collection of threat indicators,
Detection of triggers and behavior modeling associated with insider threat development,
Detection of malicious users acting within their own authority against organizational interests,
Detection of unauthorized escalation of rights,
Covert exfiltration of data and approaches to thwart such techniques,
Automatic detection of high-value digital assets,
Techniques to minimize false positives in insider threat detection,
Advances in access control, data compartmentalization or administration of compartments,
Detection techniques for resource constrained clients (limited processor, bandwidth, or battery capacity),
Data and digital asset tracking,
Techniques to provide near real-time forensics
Important Dates
Paper Submission Due: June 28, 2010 at 11:59pm PDT
Acceptance Notification: August 6, 2010
Camera-ready Due: August 16, 2010
Workshop: October 8, 2010
All deadlines are firm due to publisher time constraints
Program Committee
Program Chairs
Brent Lagesse, Oak Ridge National Laboratory
Craig Shue, Oak Ridge National Laboratory
Program Committee
Michel Barbeau, Carleton University
Elisa Bertino, Purdue University
Dawn Cappelli, CERT
Erik Ferragut, Oak Ridge National Laboratory
Deborah Frincke, Pacific Northwest National Laboratory
Minaxi Gupta, Indiana University
Markus Jakobsson, Palo Alto Research Center
Apu Kapadia, Indiana University
Marc Liberatore, University of Massachusetts
Donggang Liu, University of Texas Arlington
Gerome Miklau, University of Massachusetts
Sean Smith, Dartmouth College
Matthew Wright, University of Texas Arlington
Contact
For more information, please contact shueca AT ornl.gov.
Other CFPs
Last modified: 2010-06-12 10:28:57