Laboratory of Computer Security Problems of SPIIRAS

| rus | eng |

Forthcoming Workshops and Conferences being organized by Researchers of Laboratory of Computer Security Problems

19th Euromicro International Conference on Parallel, Distributed and network-based Processing (PDP 2011). Special Session on "Security in Networked and Distributed Systems". http://www.comsec.spb.ru/SNDS11/
International Сonference "Mathematical Methods, Models and Architectures for Computer Network Security 2010" (MMM-ACNS-10). http://comsec.spb.ru/mmm-acns10/
First International Workshop "Scientific Analysis and Policy Support for Cyber Security" (SA&PS4CS). http://www.comsec.spb.ru/saps4cs10/

Former Conferences and Workshops organized by Researchers of Computer Security Research Group

18th Euromicro International Conference on Parallel, Distributed and network-based Processing (PDP 2010). Special Session on "Security in Networked and Distributed Systems". http://www.comsec.spb.ru/SNDS10/
Session on “Security in Distributed Computer Systems" in the International Conference “RusCrypto’2010” (Zvenigorod, Russia) (http://www.ruscrypto.ru/).
Round table "Information security" on International Scientific Forum "Science and Society": Information technologies (4-th St Petersburg Nobel Prize Laureates Meeting). St Petersburg, September 21-25, 2009. http://www.scientificforum.spb.ru/
Session on “Theory and Practice of Development of information Security Systems" in the International Conference “RusCrypto’2008” (Zvenigorod, Russia) (http://www.ruscrypto.ru/).
Session on “Security in Distributed Computer Systems" in the International Conference “RusCrypto’2009” (Zvenigorod, Russia) (http://www.ruscrypto.ru/).
17th Euromicro International Conference on Parallel, Distributed and network-based Processing (PDP 2009). Special Session on "Security in Networked and Distributed Systems". http://www.comsec.spb.ru/SNDS09/
RE-TRUST Workshop (St.Petersburg, June 2008) http://comsec.spb.ru/retrust/
16th Euromicro International Conference on Parallel, Distributed and network-based Processing (PDP 2008). Special Session on "Security in Networked and Distributed Systems"
International conference "Mathematical Methods, Models and Architectures for Computer Network Security 2007" (MMM-ACNS-07)
3-d International Workshop "Mathematical methods, models and architectures for computer network security" (MMM-ACNS-05)
2-nd International Workshop "Mathematical methods, models and architectures for computer network security" (MMM-ACNS-03)
First International Workshop "Mathematical methods, models and architectures for computer network security" (MMM-ACNS-01)

Mathematical Methods, Models and Architectures for Computer Network Security Workshop (MMM-ACNS)

About MMM-ACNS 2005

The First and Second International Workshops "Mathematical Methods, Models and Architectures for Computer Networks Security" (MMMM-ACNS-2001 and MMM-ACNS-2003) organized in 2001 and 2003 respectively by St. Petersburg Institute for Informatics and Automation, Binghamton University (SUNY) and US Air Force Research Laboratory/Information Directorate and supported by the European Office of Aerospace Research and Development USAF, Office of Naval Research Global, and Russian Foundation of Basic Research were very successful. These workshops demonstrated the high interest of the international scientific community to the theoretical aspects of the computer network and information security and the need for conducting of such workshops as on-going series. The proposed MMM-ACNS-2005 Workshop is intended as a third step in this series and will be focused on theoretical problems in the area under consideration. Its objectives are to bring together leading researchers from academia and governmental organizations as well as practitioners in the area of computer networks and information security, facilitating personal interactions and discussions on various aspects of information technologies in conjunction with computer network and information security problems arising in large-scale computer networks engaged in information storing, transmitting, and processing.

Top

Topics

Papers offering novel research contributions in any aspect of the theoretical aspects of the computer network and information security are solicited for submission. Papers may present theory, technique, and applications on topics including but are not restricted to:

Adaptive security
Anonymity and privacy
Authentication and authorization
Access control
Computer and network forensics
Data and application security
Data mining, machine learning, immunological and cognitive approaches to security
Deception systems and honeypots
Denial-of-service attacks and countermeasures
Electronic commerce security
Formal analysis of security properties
Game theoretic approaches to security
Information flow analysis
Information survivability
Information warfare and critical infrastructure protection
Integrated information security systems based on information fusion
Intrusion and fraud avoidance, detection, response and tolerance
Insider attack countermeasures
Language-based security
Modeling malicious behavior or attacks
Monitoring and surveillance
Network perimeter controls: firewalls, packet filters, application gateways
New ideas and paradigms for security
Operating system security
Public key infrastructure, key management, certification, and revocation
Risk analysis and risk management
Security of emerging technologies: sensor networks, wireless/mobile (and ad hoc) networks, personal communication systems, peer-to-peer and overlay network systems
Security of autonomous agents and multi-agent systems: protecting agents and agent infrastructure from attacks, secure agent communication, secure mobile agents and mobile code, trusted agents
Security modeling and simulation
Security policies: specification, refining, verification, implementation, deployment and management
Security requirements engineering
Security specification and verification
Trust establishment, negotiation, and management, including trust and reputation in virtual organizations
Virtual private networks
Viruses, worms, and other malicious code
Vulnerability assessment
Wireless communication security
World wide web security

Top

Program Committee

Chairmen:
Vladimir Gorodetsky (SPIIRAS, Russia)
Igor Kotenko (SPIIRAS, Russia)
Victor Skormin (Binghamton University, USA)

Members:
Kurt Bauknecht (University of Zurich, Switzerland)
David Bonyuet (Delta Search Labs, USA)
Shiu-Kai Chin (Syracuse University, USA)
Marc Dacier (Eurecom, France)
Dipankar Dasgupta (University of Memphis, USA)
Dimitris Gritzalis (Athens University of Economics and Business, Greece)
Alexander Grusho (Russian State University for Humanity, Russia)
Ming-Yuh Huang (The Boeing Company, USA)
Sushil Jajodia (George Mason University, USA)
Victor Korneev (Research Institute "Kvant", Russia)
Klaus-Peter Kossakowski (Presecure Consulting GmbH, Germany)
Antonio Lioy (Politecnico di Torino, Italy)
Fabio Martinelli (CNR/IIT, Italy)
Fabio Massacci (University of Trento, Italy)
Catherine Meadows (Naval Research Laboratory, USA)
Nasir Memon (Polytechnic University Brooklyn, USA)
Bret Michael (Naval Postgraduate School, USA)
Ann Miller (University of Missouri - Rolla, USA
Nikolay Moldovyan (Specialized Center of Program Systems "SPECTR", Russia)
Andrei Sabelfeld (Chalmers University of Technology, Sweden)
Ravi Sandhu (George Mason University and NSD Security, USA)
Antonio Gomez Skarmeta (University of Murcia, Spain)
Anatol Slissenko (University Paris-12, France; SPIIRAS, Russia)
Michael Smirnov (Fraunhofer-Gesellschaft Institute FOKUS, Germany)
Douglas Summerville (Binghamton University, USA)
Shambhu Upadhyaya (University at Buffalo, USA)
Alfonso Valdes (SRI International, USA)
Vijay Varadharajaran (Macquarie University, Australia)
Valery Vasenin (Moscow State University, Russia)
Peter Zegzhda (St. Petersburg Polytechnical University, Russia)

Top

Keynote speakers

1. Sushil Jajodia
Professor of Information Technology and the director of Center for Secure Information Systems at the George Mason University, USA
RULE-BASED TOPOLOGICAL VULNERABILITY ANALYSIS
Abstract. Attack graphs represent known attack sequences that attackers can use to penetrate computer networks. Recently, many researchers have proposed techniques for automatically generating attack graphs for a given computer network. These techniques either use model checkers to generate attack graphs and suffer from scalability problems, or they are based on an assumption of monotonicity and are unable to represent real-world situations. In this paper, we present a vulnerability analysis technique that is more scalable than model-checker-based solutions and more expressive than monotonicity-based solutions. We represent individual attacks as the transition rules of a rule-based system. We define noninterfering rulesets and present efficient, scalable algorithms for those sets. We then consider arbitrary nonmonotonic rulesets and present a series of optimizations which permit us to perform vulnerability assessment efficiently in most practical cases. We motivate the issues and illustrate our techniques using a substantial example.

Sushil Jajodia is BDM International Professor of Information Technology and the director of Center for Secure Information Systems at the George Mason University, Fairfax, Virginia. He served as the chair of the Department of Information and Software Engineering during 1998-2002. He joined GMU after serving as the director of the Database and Expert Systems Program within the Division of Information, Robotics, and Intelligent Systems at the National Science Foundation. Before that he was the head of the Database and Distributed Systems Section in the Computer Science and Systems Branch at the Naval Research Laboratory, Washington and Associate Professor of Computer Science and Director of Graduate Studies at the University of Missouri, Columbia. He has also been a visiting professor at the University of Milan and University of Rome "La Sapienza", Italy and at the Isaac Newton Institute for Mathematical Sciences, Cambridge University, England.

Dr. Jajodia received his PhD from the University of Oregon, Eugene. His research interests include information security, temporal databases, and replicated databases. He has authored five books, edited twenty two books, and published more than 250 technical papers in the refereed journals and conference proceedings. He received the 1996 Kristian Beckman award from IFIP TC 11 for his contributions to the discipline of Information Security, and the 2000 Outstanding Research Faculty Award from GMU"s School of Information Technology and Engineering.

Dr. Jajodia has served in different capacities for various journals and conferences. He is the founding editor-in-chief of the Journal of Computer Security and on the editorial boards of ACM Transactions on Information and Systems Security, International Journal of Cooperative Information Systems, and International Journal of Information and Computer Security. He is the consulting editor of the Kluwer International Series on Advances in Information Security. He also serves as the chair of the ACM Special Interest Group on Security, Audit, and Control (SIGSAC) and the IFIP WG 11.5 on Systems Integrity and Control. He has been named a Golden Core member for his service to the IEEE Computer Society, and received International Federation for Information Processing (IFIP) Silver Core Award "in recognition of outstanding services to IFIP" in 2001. He is a past chairman of the IEEE Computer Society Technical Committee on Data Engineering. He is a senior member of the IEEE and a member of IEEE Computer Society and Association for Computing Machinery. The URL for his web page is http://csis.gmu.edu/faculty/jajodia.html

Top

2. David Nicol
Ph.D., Prof. of Electrical and Computer Engineering, University of Illinois at Urbana-Champaign, Coordinated Science Laboratory, USA
MODELS AND ANALYSIS OF ACTIVE WORM DEFENSE
Abstract. The recent proliferation of Internet worms has raised questions about defensive measures. To date most techniques proposed are passive, in-so-far as they attempt to block or slow a worm, or detect and filter it. Active defenses take the battle to the worm---trying to eliminate or isolate infected hosts, and/or automatically and actively patch susceptible but as-yet-uninfected hosts, without the knowledge of the host"s owner. In this paper we model the behavior and effectiveness of different active worm defenses. Using a discrete stochastic model we prove that these approaches can be strongly ordered in terms of their worm-fighting capability. Using a continuous model we consider effectiveness in terms of the number of hosts that are protected from infection, the total network bandwidth consumed by the worms and the defenses, and the peak scanning rate the network endures while the worms and defenses battle. We develop optimality results, and quantitative bounds on defense performance. Our work lays a mathematical foundation for further work in analysis of active worm defense.

David M. Nicol is Professor of Electrical and Computer Engineering at the University of Illinois, Urbana-Champaign, and member of the Coordinated Sciences Laboratory. He is co-author of the textbook "Discrete-Event Systems Simulation", and served as Editor-in-Chief at ACM TOMACS from 1997-2003. He is the General Chair of the 2004 Conference on Principles of Advanced and Distributed Simulation, and the General Chair of the 2006 Winter Simulation Conference. From 1996-2003 he was Professor of Computer Science at Dartmouth College, where he served as department chair, and at the Institute for Security Technology Studies served as Associate Director for Research and Development, and finally as Acting Director. From 1987-1996 he was on the faculty of the Computer Science department at the College of William and Mary; 1985-1987 he was a staff scientist at the Institute for Computer Applications in Science and Engineering. He has a B.A. in mathematics from Carleton College (1979), an M.S. (1983) and Ph.D. (1985) in computer science from the University of Virginia. His research interests are in high performance computing, performance analysis, simulation and modeling, and network security. He is a Fellow of the IEEE.

Top

3. Ming-Yuh Huang
The Boeing Company, USA
CRITICAL INFORMATION ASSURANCE ISSUES AND DIRECTIONS FOR MODERN LARGE-SCALE INFRASTRUCTURES
Abstract. Today"s information assurance (IA) is no longer about keeping people out. It"s about letting people in - the right people, securely, to the right place. In modern military and commercial systems, partners, suppliers, and customers are all constantly accessing the infrastructure through the network. Once there, each needs to be taken directly to the appropriate data and resources. Secure and efficient access control in this context lays the foundation of next-generation business paradigm shift. Such new paradigms create new revenues and increase operation efficiency. Those who fail to make the transition are bound to face daunting challenges in competition. IA is an enabler. It is vital piece that allows the paradigm shift to take place. This is a new but realistic way to look at security.

Mr. Ming-Yuh Huang is a Boeing Associate Technical Fellow responsible for leading Boeing"s corporate Information Assurance R&D program that supports many large-scale commercial/military programs as well Boeing"s own, one of world"s largest, corporate infrastructures. Before joining Boeing in 1990, Mr. Huang worked at DEC Artificial Intelligence Technology R&D Center in Boston as a Principal Researcher leading DEC"s intrusion detection expert-system research effort ESSENSE (Expert System for Service Network Security). ESSENSE resulted in one of world"s first commercial intrusion detection product. Mr. Huang is recognized internationally as a pioneer of IDS (intrusion detection system) technology and a leader in the IT security. While with Boeing, Mr. Huang led DARPA intrusion detection research project, co-chaired premier international IDS conference RAID-1999 (International Symposium on Recent Advances in Intrusion Detection) at Purdue University, and was twice invited by EC (European Commission) to participate in defining EU/USA IT security R&D collaboration framework. Beside numerous conference/workshop publications and journal editorship, he also co-authored IETF (Internet Engineering Task Force) IDS communication protocol standard in collaboration with IBM R&D Lab and AFIWC (US Air Force Information Warfare Center). Mr. Huang has served as the keynote speaker for many European and Middle East IT security conferences. He was the Program Chair of 2004 NATO ARW (Advanced Research Workshop) "Cyberspace Security and Defense: Research Issues" in Gdansk, Poland - http://kio.eti.pg.gda.pl/arw2004/. He is also the General Chair of RAID-2005 in Seattle, Washington - http://www.conjungi.com/RAID/ and Program Chair of SADFE international digital forensic workshop in Taipei, Taiwan - http://conf.ncku.edu.tw/sadfe/index.htm. Mr. Huang has a B.S. in Physics, a M.S. in Computer Science, and (incomplete) study at University of Oregon Computer Science Ph.D. program.

Top

4. Douglas Summerville
Ph.D., Associate Professor, State University of New York at Binghamton, USA
PREVENTION OF INFORMATION ATTACKS BY RUN-TIME DETECTION OF SELF-REPLICATION IN COMPUTER CODES
Abstract. This paper describes a novel approach for preventative protection from both known and previously unknown malicious executable codes. It does not rely on screening the code for signatures of known viruses, but instead it detects attempts of the executable code in question to self-replicate during run time. Self-replication is the common feather of most malicious codes, allowing them to maximize their impact. This approach is an extension of the earlier developed method for detecting previously unknown viruses in script based computer codes. The paper presents a software tool implementing this technique for behavior-based run-time detection and suspension of self-replicating functionality in executable codes for Microsoft Windows operating systems.

Top

5. Naranker Dulay
Ph.D., Department of Computing, Imperial College London, UK
SELF-MANAGED CELLS FOR UBIQUITOUS SYSTEMS
Abstract. Amongst the challenges of ubiquitous computing is the need to provide management support for personal wireless devices and sensors. We introduce a policy-based architecture that supports management at varying levels based on the concept of a self-managed cell. Cells include policy-driven agents that support context-based and trust-based access control and system adaptation. Cells can also organize themselves through federation and nesting.

Naranker Dulay is a senior lecturer in the Department of Computing, Imperial College London where he researches languages and architectures for policy, security, trust, privacy, and context-awareness in distributed, mobile and ubiquitous systems. Dr. Dulay is a co-investigator of research projects on Autonomic management of ubiquitous systems for e-Health (Amuse), Policy analysis for quality of service management (Paqman), Trust and contract management framework (Trustcom), Distributed adaptive security by programmable firewalls (Diadem), Urban design and pervasive systems (Cityware), Autonomous trust domains for healthcare applications (Caregrid), and Self-managed cells for autonomous vehicles. Dr Dulay has over 40 publications in international conferences and journals and has served on the program committees for many conferences.

Top

Workshop Venue

House of Scientists
Address: 26, Dvortsovaya emb., St.Petersburg, 191186, Russia

The Palace of Grand Prince Vladimir Romanov.

The House of Scientists building, the former Grand Duke Vladimir"s palace, has a special place among the palaces in St. Petersburg. The Palace is one of architectural gems of the city. It was built by the Russian architect Alexander Rezanov.

Located in the very heart of the city, in the neighborhood of the Winter Palace (Hermitage), the residence of Russian emperor, and the PeterТs and PaulТs Fortress, their burial place, the Palace represents a perfect example of the "historical" style. Originally, the Palace was built for the third son of the Russian emperor Alexander II.

Grand Prince Vladimir as all grand princes in Russia received the military education. He was the Commander of the Guards and the Chief of St. Petersburg Military District as well as the President of Russian Academy of Fine Arts during 33 years. Well- known people of those days were often guests and visitors of the VladimirТs family in the Palace. F. Shalyapin, S. Rachmaninov, S. Vitte, I. Repin and others were coming to the "small Imperial Court" in the Palace.

After the Bolshevik revolution in 1917 the palace was not robbed and destroyed as, by the Gorky"s request and the followed government decision, it was turned over to the scientists. It became the first club for Russian scientific intelligencia in Soviet Russia. Many worldwide known scientists like I. Pavlov, V. Vernadsky, I. Kurchatov and others were engaged in the work of the House of Scientists. At present more than 34 scientific clubs and seminars work place in the Palace.

The House of Scientists has good facilities for running conferences and conference related events like informal meetings of professionals, receptions, dinners, etc.

The House of Scientists has several banquet rooms.

The Lower Banquet Room of the Palace (it is called "Trapeznaya") was decorated by the famous architect Messmacher, German by birth, in the beautiful Venice style.

The decoration works started in 1888 and lasted till 1893.

The walls of the room are covered with the oak wainscots. In the main part of the ceiling one can see three magnificent bronze chandeliers.

Richly decorated with carved wood and tiles, the Fireplace, the most beautiful part of the room, leaves no one indifferent. Here in the unique atmosphere of Grand Prince Vladimir"s dinning room, an original one, inside the exquisite interiors, which yet preserved their magnificence and splendor, here you can breath History of Russia.

Top

RUSSIA, 199178, Saint-Petersburg, 14-th line, 39, SPIIRAS (metro station Vasileostrovskaya).
+7-(812)-328-2642, ivkote[AT]comsec[DOT]spb[DOT]ru

Comments? Questions? stepashkin[AT]comsec[DOT]spb[DOT]ru