- Sponsor:
- sigsac
It is our great pleasure to welcome you to the SafeConfig'16 Workshop. This workshop is in its 9th year, each one focusing on different aspect of cyber systems. The 2016 workshop focuses on the testing and validation of cyber systems, specifically those involving active security and resilient systems. The premise is existing tools and methods for security assessments are necessary but insufficient for scientifically rigorous testing and evaluation of resilient and active cyber systems. This workshop will explore and discuss scientifically sound testing regimen(s) that will continuously and dynamically probe, attack, and "test" the various resilient and active technologies. This concept necessitates potentially wholesale new developments to ensure that resilientand agile-aware security testing is available to the research community. All testing, validation and experimentation must also be repeatable, reproducible, subject to scientific scrutiny, measurable and meaningful to both researchers and practitioners.
The call for papers attracted submissions from Asia, Europe, and the United States. Of the 13 papers submitted, the program committee recommended acceptance of 6 for an overall acceptance rate of 46%. In addition to the six accepted papers, we are also excited to have one keynote and a panel to examine this topic from an academic, business, and government point of view.
The first keynote, Configuring Software and Systems for Defense-in-Depth will be given by Dr. Trent Jaeger from Penn State University. He will discuss how achieving defense in depth has a significant component in configuration. In particular, he advocates configuring security requirements for various layers of software defenses (e.g., privilege separation, authorization, and auditing) and generating software and systems defenses that implement such configurations (mostly) automatically. Dr. Jaeger will focus mainly on the challenge of retrofitting software with authorization code automatically to demonstrate the configuration problems faced by the community, and discuss how we may leverage these lessons to configuring software and systems for defense in depth.
The second keynote, From Cyber Security to Collaborative Cyber Resilience, will be given by Dr. George Sharkov, the Cybersecurity Coordinator for the Bulgarian Government. Dr. Sharkov will discuss his view of a holistic approach to cyber resilience as a means of preparing for the "unknown unknowns". He will also discuss the multi-stakeholder engagement needed and the complementarity of governance, law, and business/industry initiatives. He will end with an example of the collaborative model in the Bulgarian national strategy and its multi-national engagements.
Finally, we will have a panel of experts from diverse backgrounds to discuss their perspective of the subject of this workshop. The specific participants include:
Ehab Al-Shaer, University of North Carolina Charlotte
Bob Cowles, BrightLite Information Security
Jorge Cuellar, Siemens Corporation
Christopher Oehmen, Pacific Northwest National Lab
Gregory Shannon, White House Office of Science and Technology Policy
Proceeding Downloads
Configuring Software and Systems for Defense-in-Depth
The computer security community has long advocated defense in depth, building multiple layers of defense to protect a system. Realizing this vision is not yet practical, as software often ships with inadequate defenses, typically developed in an ad hoc ...
From Cybersecurity to Collaborative Resiliency
This paper presents the holistic approach to cyber resilience as a means of preparing for the "unknown unknowns". Principles of augmented cyber risks management and resilience management model at national level are presented, with elaboration on multi-...
AHEAD: A New Architecture for Active Defense
Active defense is a popular defense technique based on systems that hinder an attacker's progress by design, rather than reactively responding to an attack only after its detection. Well-known active defense systems are honeypots. Honeypots are fake ...
A One-Year Perspective on Exposed In-memory Key-Value Stores
Today's highly-scalable low-latency Web services rely on in-memory key-value stores. While they are essential to improve Web service performance they should not be exposed to the Internet. Security problems range from data leakage to remote code ...
Towards Automated Verification of Active Cyber Defense Strategies on Software Defined Networks
Active Cyber Defense (ACD) reconfigures cyber systems (networks and hosts) in timely manner in order to automatically respond to cyber incidents and mitigate potential risks or attacks. However, to launch a successful cyber defense, ACD strategies need ...
Firewalling Scenic Routes: Preventing Data Exfiltration via Political and Geographic Routing Policies
In this paper we describe a system that allows the real time creation of firewall rules in response to geographic and political changes in the control-plane. This allows an organization to mitigate data exfiltration threats by analyzing Border Gateway ...
An Iterative and Toolchain-Based Approach to Automate Scanning and Mapping Computer Networks
As today's organizational computer networks are ever evolving and becoming more and more complex, finding potential vulnerabilities and conducting security audits has become a crucial element in securing these networks. The first step in auditing a ...
A Graph-Based Impact Metric for Mitigating Lateral Movement Cyber Attacks
Most cyber network attacks begin with an adversary gaining a foothold within the network and proceed with lateral movement until a desired goal is achieved. The mechanism by which lateral movement occurs varies but the basic signature of hopping between ...
SafeConfig'16: Testing and Evaluation for Active & Resilient Cyber Systems Panel Verification of Active and Resilient Systems: Practical or Utopian?
- Nicholas J. Multari,
- Anoop Singhal,
- David O. Manz,
- Robert Cowles,
- Jorge Cuellar,
- Christopher Oehmen,
- Gregory Shannon
The premise of the SafeConfig'16 Workshop is existing tools and methods for security assessments are necessary but insufficient for scientifically rigorous testing and evaluation of resilient and active cyber systems. The objective for this workshop is ...
Index Terms
- Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense
Recommendations
Acceptance Rates
Year | Submitted | Accepted | Rate |
---|---|---|---|
SafeConfig '17 | 10 | 5 | 50% |
SafeConfig '16 | 13 | 6 | 46% |
SafeConfig '15 | 27 | 8 | 30% |
SafeConfig '14 | 11 | 3 | 27% |
Overall | 61 | 22 | 36% |