|
[CFP][Overview][Topics][Workshop Organization][Important Dates]
[Program][Invited Talk][Registration][Author Instruction][Proceedings][Previous MISTs][Contact]
______________________________________________________________________________
## News
- The workshop program is here.
- Submission Deadline is extended to June
22, 2015
- MIST 2015 is accepted to take place in conjunction with ACM CCS 2015.
During
the past decades, information security developments have been mainly
concerned with preventing illegal attacks by outsiders, such as hacking,
virus propagation, and spyware. However, according to a recent Gartner
Research Report1), information leakage caused by insiders
who are legally authorized to have access to some corporate information is
increasing dramatically. These leakages can cause significant damages such as
weakening the competitiveness of companies (and even countries). Information
leakage caused by insiders occurs less frequently than information leakage
caused by outsiders2), but the financial damage is much greater.
Countermeasures in terms of physical, managerial, and technical aspects are
necessary to construct an integral security management system to protect
companies' major information assets from unauthorized internal attackers. The
objective of this workshop is to showcase the most recent challenges and
advances in security technologies and management systems to prevent leakage
of organizations' information caused by insiders. It may also include
state-of-the-art surveys and case analyses of practical significance. We
expect that the workshop will be a trigger for further research and
technology improvements related to this important subject.
[Top]
## Topics (not limited to)
- Theoretical foundations and
algorithms for addressing insider threats
- Insider threat assessment and modeling
- Security and cryptography technologies to prevent, detect and predict
insider threats
- Cryptographic protocols against insider threats
- Validating the trustworthiness of staff
- Post-insider threat incident analysis
- Data breach modeling and mitigation techniques
- Registration, authentication and identification
- Certification and authorization
- Database security
- Device control system
- Digital forensic system
- Fraud detection
- Network access control system
- Intrusion detection
- Keyboard information security
- Information security governance
- Information security management systems
- Risk assessment and management
- Log collection and analysis
- Trust management
- IT compliance (audit)
- Continuous auditing
- Corporate ethics, accountability and integrity
[Top]
## Workshop Organization
General Co-Chairs
- Elisa Bertino
(Purdue University, USA)
- Ilsun You (Korean Bible University, South Korea)
Program Committee
- Benjamin Aziz
(University of Portsmouth, UK)
- Joonsang Baek (Khalifa University of Science, Technology & Research
(KUSTAR), UAE)
- Rana Barua (Indian Statistical Institute, India)
- Matt Bishop (UC Davis, USA)
- Aniello Castiglione (Università
degli Studi di Salerno,
Italy)
- William R. Claycomb (Carnegie Mellon University,
USA)
- Pandu Rangan Chandrasekaran
(IIT Madras, India)
- Steven Furnell (Plymouth University, UK)
- Shinsaku Kiyomoto (KDDI
R&D Laboratories Inc., Japan)
- Igor Kotenko (SPIRAS, Russia)
- Fang-Yie Leu (Tunghai University, Taiwan)
- Jason Nurse (Oxford University, UK)
- Marek R. Ogiela (AGH University, Poland)
- Francesco Palmieri (Università degli Studi di Salerno, Italy)
- Günther Pernul
(University of Regensburg, Germany)
- Christian W. Probst (Technical University of Denmark, Denmark)
- Malek Ben Salem (Accenture Technology Labs, USA)
- Dongwan Shin (New Mexico Tech., USA)
- Willy Susilo (University of Wollongong,
Australia)
- Hassan Takabi (University of North Texas, USA)
- Shambhu Upadhyaya (SUNY
Buffalo, USA)
- S. Felix Wu (UC Davis, USA)
- Danfeng (Daphne) Yao (Virginia Tech, USA)
[Additional members still being invited]
[Top]
## Important Dates
- Paper submission deadline: June 22, 2015, 23:59 (UTC–11)
- Review deadline: July 18, 2015
- Acceptance notification: July 22, 2015
- Camera-ready due: July 29, 2015 (hard deadline)
[Top]
## Author Instruction
Authors are invited to
submit original papers:
they must not substantially duplicate work that any of the authors have
published elsewhere
or have submitted in parallel to any other conferences that have proceedings.
The submission of
contributions to MIST 2015 must occur through
the workshop submission system: https://easychair.org/conferences/?conf=mist2015
Submissions must be at most 12 pages in double-column ACM format
(https://www.acm.org/sigs/publications/proceedings-templates)
including the bibliography and well-marked appendices. Submissions must be
anonymized and avoid obvious self-references. Only PDF files will be
accepted. Submissions not meeting these guidelines risk rejection without
consideration of their merits.
Each accepted paper must be presented by an author, who will have to be
registered
by the early-bird registration deadline.
[Top]
## Registration
The workshop is being
held in conjunction with the 22nd ACM Conference on Computer and
Communications Security (ACM CCS 2015).
Please visit the ACM CCS 2015
Registration website for more information.
[Top]
## Proceedings
Proceedings of MIST
2015 will be available (on a USB jump drive) to the workshop attendees.
MIST 2015 will also have on-line proceedings through ACM Digital Library,
with a separate ISBN.
[Top]
## Previous MISTs
- MIST 2014
- November 21-22, 2014, Konkuk University, Seoul,
Rep. of Korea
- MIST 2013 - October 24-25,
2013, Pukyong National University, Busan, Rep. of
Korea
- MIST 2012 - November 8-9,
2012, Nishijin Plaza, Kyushu University, Fukuoka,
Japan
- MIST 2011 - December 1-2,
2011, Fukuoka Institute of Technology, Fukuoka, Japan (with InCos 2011)
- MIST 2010 - June 15,
2010, Morioka, Iwate, Japan (with IFIPTM
2010)
- MIST 2009 - June 16,
2009, Purdue University, West Lafayette, USA (with IFIPTM 2009)
[Top]
## Invited Talk
Title:
Detecting Insider Threats: Who Is Winning the Game?
"Preventing, detecting, and responding to
malicious insider activity poses a significant challenge to enterprise and organizational
security. Studies continue to show the
insider threat problem has not abated, and may be increasing. We could speculate on cause, perhaps
looking at workforce demographics, new information sharing technologies, or
evolving policies regarding personal devices in the workplace. But regardless of the factors driving this
trend, the problem of trusted individuals causing harm to the organization by
exploiting authorized access is ancient, and will remain a serious problem ad
infinitum. The cycle is familiar to
security professionals: attackers determine methods of attack, defenders
develop countermeasures, attackers determine new
methods of attack, and so on. So where
do we stand today? What new
capabilities are malicious insiders exploiting, and how are cybersecurity
professionals countering those attacks?
Is one side significantly “ahead” of the other?
In this talk, we’ll address those questions, looking
at trends in insider attacks and emerging workplace issues that may influence
an employee’s decision to act maliciously.
We’ll look at new techniques being published for detecting suspicious
activity, including solutions that look for anomalous cyber indicators as
well as those that try to identify behavioral concerns among the workforce. We’ll highlight barriers to effective
insider threat research, such as limited access to real data sets that
include ground-truth on insider activity, and share methods for overcoming
those challenges. The talk will
conclude with a discussion of key areas for future work.”
Invited Speaker: Dr. William (Bill) Claycomb (Software Engineering Institute, Carnegie Mellon
University)
Dr. William (Bill) Claycomb is a Senior Member of
Technical Staff at Carnegie Mellon University’s (CMU) Software Engineering
Institute (SEI), where he leads multidisciplinary research projects related
to cyber security and human behavior.
His portfolio of previous work represents a broad range of topics such
as malware detection, cloud security, wireless and mobile security, enterprise
architecture, and identity management.
[Top]
## Contact
For further information
regarding the workshop and paper submission, please contact MIST 2015
organizer at ilsunu@gmail.com
[Top]
------------------------------------------------------
1) Jay Heiser.
"Understanding Data Leakage", Gartner Research Report, August 2007
2) George Fyffe. "Addressing
the insider Threat", Network Security, March 2008
|