Internet-security is a large and complex problem space with profound implications for our society. On one side are defenders who are responsible for creating systems, protocols, policies and other mechanisms to protect an IT infrastructure from unwanted access. On the other side are attackers who conduct malicious activity in the Internet for recognition, profit or other more sinister reasons. The purpose of this workshop is to bring together a group of leading researchers and cyber-security professionals to discuss several key challenges for defenders, and how a multi-scale approach might shine new light on these thorny issues. In particular, the two primary themes for workshop will be on problems related to distinguishing and filtering malicious traffic, and problems related to protocols and methods for IT security.
Accurate Identification and Filtering of Malicious Traffic
A starting point for the cyber-security domain is that systems and networks will transmit and receive both malicious and benign traffic. The ability to distinguish malicious and benign traffic quickly and accurately enables defenders to understand the attack profile on their infrastructure and adjust their defenses appropriately. This theme is meant to be broad in the sense that it will encompass issues in malicious traffic measurement, classification, characterization, anomaly detection, intrusion detection (both host and network-based), signature generation, and traffic filtering methods. Methods, tools, datasets and results on these topics will be presented by both researchers and practitioners.
Protocols and Methods for IT Security
The constantly changing nature of cyber-security threats calls for ongoing innovation from those responsible for building and maintaining defenses. One of the most important components for cyber-defense are the communications protocols that are used for a variety of purposes including data privacy, authentication, anonymity, etc. While these protocols are based on cryptographic algorithms, there are often complicated problems associated with their implementation and use. Another important aspect of cyber-defense are the combinations of systems and policies that are used to create security infrastructures. This theme is meant to foster discussion on the mechanisms for IT security and will bring together researchers and practitioners to discuss current approaches and how an MRA can broaden perspective in meaningful (i.e., improving cyber-security) ways.
(University of British Columbia)
Paul Barford (University of Wisconsin-Madison)
Farnam Jahanian (University of Michigan)
Tal Malkin (Columbia University)
Niels Provos (University of Michigan)
Mike Reiter (University of North Carolina)
Matthew Roughan (University of Adelaide)