Proceedings of the 2014 Workshop on Cyber Security Analytics, Intelligence and Automation

SafeConfig '14: Proceedings of the 2014 Workshop on Cyber Security Analytics, Intelligence and Automation

November 2014

2014 Proceeding

Program Chairs:
Ehab Al-Shaer
UNC Charlotte, USA
,
Krishna Kant
Temple University, USA

Publisher:

Association for Computing Machinery
New York
NY
United States

Conference:

CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security Scottsdale Arizona USA 3 November 2014

ISBN:

978-1-4503-3147-0

Published:

03 November 2014

Sponsors:

SIGSAC

Recommend ACM DL

ALREADY A SUBSCRIBER?SIGN IN

Next Conference

October 14 - 18, 2024

Salt Lake City , UT , USA

Bibliometrics

Abstract

It is our great pleasure to welcome you to the 2014 Workshop on Cyber Security Analytics, Intelligence and Automation -- SafeConfig'14. SafeConfig 2014 offers a unique opportunity by bringing together researchers from academic, industry as well as government agencies to discuss challenges, exchange experiences, and propose plans for promoting research and development in this important area. SafeConfig Workshop solicits the submission of original unpublished ideas in 8-page long papers and 4-page short papers on cyber security analytics, intelligence and automation area, which includes provable synthesis, refinement, validation, and tuning of configurations parameters, such as polices and rules in order to support assurable, secure, andsustainable networked services.

The call for papers attracted submissions from Asia, Europe, and the United States. SafeConfig 2014 received 11 submissions, from which 3 were accepted as full papers (acceptance ratio 50%), and 3 were accepted as short papers.

We also encourage attendees to attend the keynote talk, Detecting Roles and Anomalies in Hospital Access Audit Logs. This valuable and insightful talk can and will guide us to a better understanding of the future. Dr. Carl Gunter, who is currently a professor in the Computer Science Department and a professor in the College of Medicine at UIUC, will talk about research on balancing access controls with audit in medical record systems and discuss broader implications for other areas.

Proceeding Downloads

PDF(title page, copyright, preface, contents, organization)

PDF(author index)

Select All

Export Citations Save to Binder

SESSION: Keynote on Future Research Direction on Security Analytics

keynote

Detecting Roles and Anomalies in Hospital Access Audit Logs

Carl Gunter

pp 1https://doi.org/10.1145/2665936.2668879

There is significant risk in denying access to a healthcare provider who seeks to examine a patient's medical record. For this reason, hospital access control systems are generally based on optimistic security in which providers are given broad ...

SESSION: Security Analytics for Sense Making (Long Papers)

research-article

Security Analysis of the Chinese Web: How well is it protected?

pp 3–9https://doi.org/10.1145/2665936.2665938

As the web rapidly expands and gets integrated into the daily lives of more and more people, so does the number of cyber attacks against it. To defend against attackers, website operators can utilize a wide range of defense mechanisms, both at the ...

research-article

Improving Efficiency of Spam Detection using Economic Model

pp 11–18https://doi.org/10.1145/2665936.2665942

Economic lifting has made email spam a scathing threat to the society due to its related exploits. Many spam detection schemes have been proposed employing the tendency of spam to alter the normal statistical behavior of mail traffic. Threshold tuning ...

research-article

Secure and Tamper Proof Code Management

pp 19–24https://doi.org/10.1145/2665936.2665940

In this paper, we present an additional layer of security to source code repositories by combining Keyless Signature Infrastructure (KSI) with Git to protect against insider threats as well as provide security even in the event of a private key ...

SESSION: Analytics for Automated Mitigation (Short Papers)

research-article

Enterprise Risk Assessment Based on Compliance Reports and Vulnerability Scoring Systems

pp 25–28https://doi.org/10.1145/2665936.2665941

The risk of cyberattacks have become increasingly daunting as most of our socioeconomic activities have gone cyber-based. Comprehensive automated risk management is becoming necessity in today's dynamic networks. In this paper, we present an objective ...

research-article

Protecting Enterprise Networks through Attack Surface Expansion

pp 29–32https://doi.org/10.1145/2665936.2665939

Attack surface is a valuable metric that help administrators of enterprise networks to evaluate the risk and security of the entire network. In this paper, we first distinguish the internal attack surface observed by the network administrators from the ...

research-article

n-ROPdetector: Proposal of a Method to Detect the ROP Attack Code on the Network

pp 33–36https://doi.org/10.1145/2665936.2665937

Targeted attacks exploiting a zero-day vulnerability are serious threats for many organizations. One reason is that generally available attack tools are very powerful and easy-to-use for attackers. In this paper, we propose n-ROPdetector that detects ...

PANEL SESSION: Panel

panel

Human Factors, Defaults, and Automation: Challenges and Opporunities

Lujo Bauer

pp 37https://doi.org/10.1145/2665936.2668880

Contributors

Ehab Salem Al-Shaer
Carnegie Mellon University
- Publication Years1995 - 2023
- Publication counts131
- Citation count1,552
- Available for Download54
- Downloads (cumulative)31,138
- Downloads (12 months)2,646
- Downloads (6 weeks)349
- Average Downloads per Article577
- Average Citation per Article12
View Full Profile
Krishna Kant
Temple University
- Publication Years1980 - 2024
- Publication counts85
- Citation count313
- Available for Download28
- Downloads (cumulative)11,975
- Downloads (12 months)2,905
- Downloads (6 weeks)389
- Average Downloads per Article428
- Average Citation per Article4
View Full Profile

Index Terms

Proceedings of the 2014 Workshop on Cyber Security Analytics, Intelligence and Automation
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Index terms have been assigned to the content through auto-classification.

Recommendations

Acceptance Rates

SafeConfig '14 Paper Acceptance Rate3of11submissions,27%Overall Acceptance Rate22of61submissions,36%

Year	Submitted	Accepted	Rate
SafeConfig '17	10	5	50%
SafeConfig '16	13	6	46%
SafeConfig '15	27	8	30%
SafeConfig '14	11	3	27%
Overall	61	22	36%

Comments

CCS

Sections

Proceeding Downloads

Detecting Roles and Anomalies in Hospital Access Audit Logs

Security Analysis of the Chinese Web: How well is it protected?

Improving Efficiency of Spam Detection using Economic Model

Secure and Tamper Proof Code Management

Enterprise Risk Assessment Based on Compliance Reports and Vulnerability Scoring Systems

Protecting Enterprise Networks through Attack Surface Expansion

n-ROPdetector: Proposal of a Method to Detect the ROP Attack Code on the Network

Human Factors, Defaults, and Automation: Challenges and Opporunities

Index Terms

WiSE '02: Proceedings of the 1st ACM workshop on Wireless security

WPA '14: Proceedings of the 2014 workshop on physical analytics

AISec '14: Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop

Acceptance Rates