ACM CCS 2016 Workshops
23rd ACM Conference on Computer and Communication Security
October 24 & 28, 2016, Hofburg Palace, Vienna, Austria
Overview of all workshops
Pre-Conference Workshops on Monday, October 24, 2016:
The static nature of current computing systems has made them easy to attack and harder to defend. Adversaries have an asymmetric advantage in that they have the time to study a system, identify its vulnerabilities, and choose the time and place of attack to gain the maximum benefit. The idea of moving-target defense (MTD) is to impose the same asymmetric disadvantage on attackers by making systems dynamic and therefore harder to explore and predict. With a constantly changing system and its ever adapting attack surface, attackers will have to deal with a great deal of uncertainty just like defenders do today. The ultimate goal of MTD is to increase the attackers’ workload so as to level the cybersecurity playing field for both defenders and attackers – hopefully even tilting it in favor of the defender.
PLAS aims to provide a forum for exploring and evaluating ideas on the use of programming language and program analysis techniques to improve the security of software systems. Strongly encouraged are proposals of new, speculative ideas, evaluations of new or known techniques in practical settings, and discussions of emerging threats and important problems. We are especially interested in position papers that are radical, forward-looking, and likely to lead to lively and insightful discussions that will influence future research that lies at the intersection of programming languages and security.
The premise of this year’s SafeConfig Workshop is that existing tools and methods for security assessments are necessary but insufficient for scientifically rigorous testing and evaluation of resilient and active cyber systems. For example, we contend that existing penetration testing tools, red team processes, and security testing are not able to cope with inherent nature of continuous and resilient systems. Existing tactics, techniques and procedures (TTP) by the adversary, and even existing penetration teams are often adequate to accomplish the job needed for their own specific purposes. However to increase the scientific validity, the validation of resilient systems is not a static nor one of breach of perimeter or exfiltration of data. Rather the objectives for this workshop are the exploration and discussion of scientifically sound testing regimen(s) that will continuously and dynamically probe, attack, and “test” the various resilient and active technologies. This adaptation, and change in focus necessitates at the very least modification, and at the most, wholesale new developments to ensure that resilient and agile aware security testing is available to the research community. These impediments will also include natural faults such as flooding, fire, or hardware failure, or even staff member negligence. They must also be repeatable, reproducible, subject to scientific scrutiny, measurable and meaningful to both researcher’s and practitioners.
obile devices such as smartphones and Internet tablets have achieved computing and networking capabilities comparable to traditional personal computers. Their successful consumerization has also become a source of pain for adopting users and organizations. For example, the widespread presence of information-stealing applications raises substantial security and privacy concerns. The operating systems supporting these new devices have both advantages and disadvantages with respect to security. On one hand, they use application sandboxing to contain exploits and limit privileges given to malware. On the other hand, they routinely collect and organize many forms of security- and privacy-sensitive information and make that information easily accessible to third-party applications.
The Internet of Things (IoT) involves communication networks of different types: people-to-people, people-to-things and things-to-things. Securing these communication networks against various types of attacks forms today a significant part of the security and privacy research. By definition, IoT systems and devices are easily accessible for attackers. This increases the importance of their security against physical attacks. This workshop is dedicated to research on the design of cryptographic algorithms and implementations secure against physical attacks.
Sharing of cyber-security related information is believed to greatly enhance the ability of organizations to defend themselves against sophisticated attacks. If one organization detects a breach sharing associated security indicators (such as attacker IP addresses, domain names, file hashes etc.) provides valuable, actionable information to other organizations. The analysis of shared security data promises novel insights into emerging attacks. Sharing higher level intelligence about threat actors, the tools they use and mitigations provides defenders with much needed context for better preparing and responding to attacks. In the US and the EU major efforts are underway to strengthen information sharing. Yet, there are a number of technical and policy challenges to realizing this vision. Which information exactly should be shared? How can privacy and confidentiality be protected? How can we create high-fidelity intelligence from shared data without getting overwhelmed by false positives?
The need for privacy-aware policies, regulations, and techniques has been widely recognized. This workshop discusses the problems of privacy in the global interconnected societies and possible solutions. The 2016 Workshop, held in conjunction with the ACM CCS conference, is the fifteenth in a yearly forum for papers on all the different aspects of privacy in today’s electronic society.
Post-Conference Workshops on Friday, October 28, 2016:
Artificial Intelligence (AI), and Machine Learning (ML) in particular, provide a set of useful analytic and decision-making techniques that are being leveraged by an ever-growing community of practitioners, including applications with security-sensitive elements. However, while security researchers often utilize such techniques to address problems and AI/ML researchers develop techniques for big-data analytics applications, neither community devotes much attention to the other. Within security research, AI/ML components are often regarded as black-box solvers. Conversely, the learning community seldom considers the security/privacy implications entailed in the application of their algorithms when designing them. While these two communities generally focus on different issues, where these two fields do meet, interesting problems appear. Researchers working in the intersection have already raised many novel questions for both communities and created a new branch of research known as secure learning. AISec serves as the primary meeting place for diverse researchers in security, privacy, AI, and machine learning, and as a venue to develop the fundamental theory and practical applications supporting the use of machine learning for security and privacy. The workshop addresses on this burgeoning community who are especially focused on (among other topics) learning in game-theoretic adversarial environments, privacy-preserving learning, or use of sophisticated new learning algorithms in security.
Cloud computing is a dominant trend in computing for the foreseeable future; e.g., major cloud operators are now estimated to house over a million machines each and to host substantial (and growing) fractions of our IT and web infrastructure. CCSW is a forum for bringing together researchers and practitioners to discuss the implications of this trend to the security of cloud operators, tenants, and the larger Internet community. We invite submissions on new threats, countermeasures, and opportunities brought about by the move to cloud computing, with a preference for unconventional approaches, as well as measurement studies and case studies that shed light on the security implications of clouds.
Cyber-Physical Systems (CPS) integrate computing and communication capabilities with monitoring and control of entities in the physical world. These systems are usually composed of a set of networked agents, including sensors, actuators, control processing units, and communication devices. While some forms of CPS are already in use, the widespread growth of wireless embedded sensors and actuators is creating several new applications in areas such as medical devices, autonomous vehicles, and smart infrastructure, and is increasing the role that the information infrastructure plays in existing control systems such as in the process control industry or the power grid. Many CPS applications are safety-critical: their failure can cause irreparable harm to the physical system under control, and to the people who depend, use or operate it. In particular, critical cyber-physical infrastructures such as the electric power generation, transmission and distribution grids, oil and natural gas systems, water and waste-water treatment plants, and transportation networks play a fundamental and large-scale role in our society and their disruption can have a significant impact to individuals, and nations at large. Securing these CPS infrastructures is therefore vitally important. Similarly because many CPS systems collect sensor data non-intrusively, users of these systems are often unaware of their exposure. Therefore in addition to security, CPS systems must be designed with privacy considerations.
During the past decades, information security developments have been mainly concerned with preventing illegal attacks by outsiders, such as hacking, virus propagation, and spyware. However, according to a recent Gartner Research Report, information leakage caused by insiders who are legally authorized to have access to some corporate information is increasing dramatically. These leakages can cause significant damages such as weakening the competitiveness of companies (and even countries). Information leakage caused by insiders occurs less frequently than information leakage caused by outsiders, but the financial damage is much greater. Countermeasures in terms of physical, managerial, and technical aspects are necessary to construct an integral security management system to protect companies’ major information assets from unauthorized internal attackers. The objective of this workshop is to showcase the most recent challenges and advances in security technologies and management systems to prevent leakage of organizations’ information caused by insiders. It may also include state-of-the-art surveys and case analyses of practical significance. We expect that the workshop will be a trigger for further research and technology improvements related to this important subject.
Software Protection techniques aim to defend the confidentiality and integrity of software applications that are exposed to an adversary that shares the execution host and access privileges of the application. This is often denoted as protection against MATE (Man-At-The-End) attacks. This is an area of growing importance. For industry, in many cases the deployment of such techniques is crucial for the survival of their business. The aim of SPRO workshop is to bring together researchers and industrial practitioners both from software protection and the wider software engineering community to discuss software protection techniques, evaluation methodologies, and practical aspects such as tooling. The objective is to stimulate the community working in this growing area of security, and to increase the synergies between the research areas of software protection engineering and their practical deployment.
TrustED considers selected security and privacy aspects of cyber physical systems and their environments, which influence trust and trust establishment in such environments. A major theme of TrustED 2016 will be security and privacy aspects of the Internet of Things Paradigm. The IoTs promises to make reality Mark Weisser’s vision of ubiquitous computation set out in his 1991 influential paper. Yet to make such vision successful, it is widely acknowledged that security of super large distributed systems has to be guaranteed and the privacy of the collected data protected. Submissions exploring new paradigms to assure security and privacy in the IoTs are thus strongly encouraged.
Software size and complexity has been steadily increasing over time. Much of this increase results from the negative side effects of modern software development methods and practices, which involve excessive use of indirection and abstraction. Over-generalization of included functionality (i.e., one size fits all) and feature creep further exacerbate the situation. These excesses impact performance and security by introducing inefficiency as well as extraneous attack surface. Recent efforts focusing on “efficient and timely software” have been able to reclaim software execution efficiency by reducing indirection, by performing automatic program de-layering, and by program specialization (de-bloating). Despite some early progress within the research community, however, software executable transformation is not a solved science. A critical step in the process, reverse engineering and binary understanding, is generally undecidable. This workshop will address various automated tools (an ecosystem of tools) that need to be investigated and developed by the community to guarantee the effectiveness and correctness of transformation efforts, better understand its limitations, and to enhance and ensure the security of transformed software.