International Workshop on Self-Protecting Systems (SPS)Follow @infosec_events
InfoSec Conference Summary
The description was submitted by the Conference Organizer. We sometimes edit it to enhance the listing.
Effectively protecting computer systems from cyber-attacks is a challenging task due to their large scale and the heterogeneity of the underlying hardware and software components. Furthermore, when trying to defend from an attack, the time factor is critical and any non-guided human resolution attempt could introduce a significant stress and delay to the execution of the proper response. This situation provides the attackers more time to accomplish their objectives.
Several organizations, including the National Institute of Standards and Technology (NIST), have released guidelines and best practices to manage cyber-security related risk (e.g., the NIST Cybersecurity Framework 1.1). However, despite a growing interest in the area in the last 4-5 years, automation of cyber-security operations is still at its early stages.
Automatically defending a computer system encompasses a large number of activities, that range from data capture, management and analysis, to automated decision making and automated system operations.
In this workshop, we solicit high quality contributions that fit with the overarching idea of creating a fully automated protection system based on the Monitor, Analyze, Plan, Execute (MAPE) loop for autonomic systems, control theory, bio-inspired solutions, Self-Regenerative Systems, and the like. The aim of the workshop is to share new findings, exchange ideas and discuss research challenges on the following topics (not an exhaustive list):
- Distributed and secure data collection and storage for sensing/monitoring
- Automated Feature Selection approaches to reduce data dimensionality on cyber-security relevant data
- Techniques for automatic correlation of data streams
- Self-Evolving Anomaly-Based and Signature-Based Network/Host Intrusion Detection Systems
- Attack and defense modeling for threats detection and risk management
- Self-Evolving Model-based and Model-free Intrusion response
- Attack and defense modeling for reactive and proactive intrusion response
- Foundational results for self-protecting systems: Algorithms, artificial intelligence, biological-inspired techniques, control theory, machine learning, operation research, probability and stochastic processes, queueing theory, rule-based systems, and socially-inspired techniques
- Software engineering for self-protecting systems: System architectures, services, components and platforms, Goal specification and policies, modeling of security-level agreements, behavior enforcement, IT governance, and security-driven IT management
- Implementation of prototypes that integrate cutting edge technologies, e.g., Software Defined Networks, Cloud/Fog/edge computing, Artificial Intelligence, micro-services
- Holistic perspective on self-protecting systems i.e., researches that consider the overall picture and propose novel software architectures, frameworks and technologies to ease the realization of self-protecting systems.