Open Problems in Network Security

In the past decade, computer networks have fundamentally influenced the ways in which information is exchanged and handled. Pervasive electronic devices make our everyday life easier, e.g., by helping us to connect with other people while being mobile, to use services available online, or to pay and use tolls and tickets. Many of the components employed routinely manage and distribute large amounts of data for different purposes. As these processes involve sensitive information, protecting information and the network with suitable security measures is more important than ever. The objective of this workshop is to bring together researchers in the field of network security to discuss the open problems and future research directions.

[1]  Charles P. Pfleeger Reflections on the Insider Threat , 2008, Insider Attack and Cyber Security.

[2]  Erland Jonsson,et al.  Anomaly-based intrusion detection: privacy concerns and other problems , 2000, Comput. Networks.

[3]  Yinglian Xie,et al.  How dynamic are IP addresses , 2007, SIGCOMM 2007.

[4]  C.N. Manikopoulos,et al.  Windows NT one-class masquerade detection , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[5]  Björn Scheuermann,et al.  How (not) to build a transport layer for anonymity overlays , 2013, PERV.

[6]  Marcus A. Maloof,et al.  elicit: A System for Detecting Insiders Who Violate Need-to-Know , 2007, RAID.

[7]  Jens Lindemann,et al.  Towards Abuse Detection and Prevention in IaaS Cloud Computing , 2015, 2015 10th International Conference on Availability, Reliability and Security.

[8]  Torsten Hoefler,et al.  DARE: High-Performance State Machine Replication on RDMA Networks , 2015, HPDC.

[9]  Rodrigo Rodrigues,et al.  Automatic Reconfiguration for Large-Scale Reliable Storage Systems , 2012, IEEE Transactions on Dependable and Secure Computing.

[10]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[11]  Malek Ben Salem,et al.  A Survey of Insider Attack Detection Research , 2008, Insider Attack and Cyber Security.

[12]  Peter G. Neumann,et al.  Combatting Insider Threats , 2010, Insider Threats in Cyber Security.

[13]  HariGovind V. Ramasamy,et al.  Parsimonious Asynchronous Byzantine-Fault-Tolerant Atomic Broadcast , 2005, OPODIS.

[14]  Sam Toueg,et al.  Randomized Byzantine Agreements , 1984, PODC '84.

[15]  A. Karr,et al.  Computer Intrusion: Detecting Masquerades , 2001 .

[16]  Andreas Dewald,et al.  Privacy-preserving email forensics , 2015, Digit. Investig..

[17]  Ulrich Flegel Privacy Compliant Internal Fraud Screening , 2010, ISSE.

[18]  Dieter Gollmann Veracity, Plausibility, and Reputation , 2012, WISTP.

[19]  Patrick Crowley,et al.  Named data networking , 2014, CCRV.

[20]  John K. Ousterhout,et al.  In Search of an Understandable Consensus Algorithm , 2014, USENIX ATC.

[21]  Lori Flynn,et al.  Best practices against insider threats for all nations , 2012, 2012 Third Worldwide Cybersecurity Summit (WCS).

[22]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[23]  Marko Vukolic,et al.  Quorum Systems: With Applications to Storage and Consensus , 2012, Synthesis Lectures on Distributed Computing Theory.

[24]  Aviv Zohar,et al.  Secure High-Rate Transaction Processing in Bitcoin , 2015, Financial Cryptography.

[25]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[26]  Kiran Lakkaraju,et al.  Evaluating the utility of anonymized network traces for intrusion detection , 2007, SecureComm.

[27]  Kris Ven,et al.  Aligning the Constructs of Enterprise Ontology and Normalized Systems , 2010, CIAO!@DESRIST.

[28]  Christian W. Probst,et al.  Insiders and Insider Threats - An Overview of Definitions and Mitigation Techniques , 2011, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[29]  Matthew Collins,et al.  An Ontology for Insider Threat Indicators: Development and Application , 2014, STIDS.

[30]  James M. Kaplan,et al.  Beyond Cybersecurity: Protecting Your Digital Business , 2015 .

[31]  Marianthi Theoharidou,et al.  Insider Threat and Information Security Management , 2010, Insider Threats in Cyber Security.

[32]  Stefan Axelsson,et al.  The base-rate fallacy and the difficulty of intrusion detection , 2000, TSEC.

[33]  U. Milkau,et al.  Digitalisation in payments: From interoperability to centralised models? , 2015 .

[34]  Karl J. O'Dwyer,et al.  Bitcoin mining and its energy footprint , 2014 .

[35]  Matthew K. Wright,et al.  Dovetail: Stronger Anonymity in Next-Generation Internet Routing , 2014, Privacy Enhancing Technologies.

[36]  Hannes Federrath,et al.  Revocable Anonymity , 2006, Emerging Trends in Information and Communication Security.

[37]  Sjouke Mauw,et al.  FP-Block: Usable Web Privacy by Controlling Browser Fingerprinting , 2015, ESORICS.

[38]  Dawn M. Cappelli,et al.  Common Sense Guide to Mitigating Insider Threats 4th Edition , 2012 .

[39]  Sara Matzner,et al.  Analysis and Detection of Malicious Insiders , 2005 .

[40]  Lance Spitzner,et al.  Honeypots: catching the insider threat , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[41]  Aviv Zohar Bitcoin , 2015, Commun. ACM.

[42]  Tom Goldring User Pro ling for Intrusion Detection in Windows NT , 2003 .

[43]  Deborah A. Frincke,et al.  Combining Traditional Cyber Security Audit Data with Psychosocial Data: Towards Predictive Modeling for Insider Threat Mitigation , 2010, Insider Threats in Cyber Security.

[44]  Roy A. Maxion,et al.  Masquerade detection augmented with error analysis , 2004, IEEE Transactions on Reliability.