Tomas Sander
ABSTRACT
Sharing of security related information is believed to greatly enhance the ability of organizations to defend themselves against sophisticated attacks. If one organization detects a breach the automated sharing of observed security indicators (such as IP addresses, domain names etc.) provide valuable, actionable information to others. Through analyzing shared data it seems possible to get much better insights into emerging attacks. Sharing higher level intelligence about campaigns, threat actors and mitigations is also of great interest. Both in the US and the EU there are major efforts underway to strengthen information sharing. Yet there are a number of technical and policy challenges to realizing this vision. The First ACM Workshop on Information Sharing and Collaborative Security (WISCS 2014) aims to bring together experts and practitioners from academia, industry and government to present innovative research, case studies, and legal and policy issues. WISCS 2014 is held in Scottsdale, Arizona, USA on Nov. 3, 2014 in conjunction with 21st ACM Conference on Computer and Communications Security (CCS 2014).
- MITRE, STIX, https://stix.mitre.org/ Accessed 8/22/2014.Google Scholar
- Danyliw, R., Meijer, J., and Y. Demchenko, The Incident Object Description Exchange Format, RFC 5070, Dec 2007.Google Scholar
- IETF MILE Working group, https://datatracker.ietf.org/wg/mile/ Accessed 8/22/2014.Google Scholar
- S. Katti, B. Krishnamurthy, and D. Katabi. 2005. Collaborating against common enemies. In Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement (IMC '05). USENIX Association, Berkeley, CA, USA, 34--34. Google ScholarDigital Library
- C. Zhou, C. Leckie and S. Karunasekera. A Survey of Coordinated Attacks and Collaborative Intrusion Detection. In Computers and Security, vol. 29, no. 1, 124--140, 2010. Google ScholarDigital Library
- N. Boggs, S. Hiremagalore, A. Stavrou, and S. Stolfo. 2011. Cross-Domain collaborative anomaly detection: so far yet so close. In Proceedings of the 14th international conference on Recent Advances in Intrusion Detection (RAID'11), R. Sommer, D. Balzarotti, and G. Maier (Eds.). Springer-Verlag, Berlin, Heidelberg, 142--160. Google ScholarDigital Library
- R. Pang, M. Allman, V. Paxson, and J. Lee, The devil and packet trace anonymization, ACM SIGCOMM Computer Communication Review, vol. 36, no. 1, pp. 29--38, Jan. 2006. Google ScholarDigital Library
- J. Zhang, P. Porras, and J. Ullrich. 2008. Highly predictive blacklisting. In Proceedings of the 17th conference on Security symposium (SS'08). USENIX Association, Berkeley, CA, USA, 107--122. Google ScholarDigital Library
- M. Freedman, K. Nissim and B. Pinkas. Efficient Private Matching and Set Intersection. In Advances in Cryptology -- Eurocrypt '2004 Proceedings, LNCS 3027, Springer-Verlag, pp. 1--19, May 2004.Google Scholar
- Information Technology Industry Council (ITI), ITI Recommendation: Addressing Liability Concerns Impeding More Effective Cybersecurity Information Sharing, 2012. http://www.itic.org/dotAsset/fae2feab-7b0e-45f4--9e74--64e4c9ece132.pdf Accessed 8/22/2014.Google Scholar
- Executive Office of the President, Statement of Administration Policy, H.R. 624 -- Cyber Intelligence Sharing and Protection Act. http://www.whitehouse.gov/sites/default/files/omb/legislative/sap/113/saphr624r_20130416.pdf Accessed 8/22/2014.Google Scholar
- EFF, How The Expansive Immunity Clauses in CISPA Will Facilitate Abuse of User Privacy. https://www.eff.org/deeplinks/2012/04/how-expansive-immunity-clauses-cispa-will-facilitate-abuse-user-privacy-0 Accessed 8/22/2014.Google Scholar
Index Terms
- WISCS 2014: The First ACM Workshop on Information Sharing & Collaborative Security
Recommendations
Workshop Summary of AISec'14: 2014 Workshop on Artificial Intelligent and Security
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications SecurityIt is our great pleasure to welcome you to the 2014 ACM Workshop Artificial Intelligence and Security (AISec 2014) -- the seventh annual workshop addressing technologies that fuse intelligent systems into computer security applications and the ...
WISCS'15: The 2nd ACM Workshop on Information Sharing and Collaborative Security
CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications SecurityThe mission of the 2nd ACM Workshop on Information Sharing and Collaborative Security is to advance the scientific foundations for sharing threat and security-related data among organizations. The call for better information sharing continues to be an ...
CCS'14 Co-Located Workshop Summary for SPSM 2014
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications SecuritySecurity and privacy in smartphones and mobile devices is an emerging area which has received significant attention from the research community during the past few years. The SPSM workshop was created to bring together these researchers and ...
Comments