Innovative CyberSecurity and Privacy for Internet of Things: Strategies, Technologies, and Implementations - WICSPIT 2017

24 April, 2017 - Porto, Portugal

In conjunction with the International Conference on Internet of Things, Big Data and Security - IoTBDS 2017

WICSPIT is a shared event between IoTBDS (http://iotbds.org/) and SMARTGREENS (http://www.smartgreens.org/).

SCOPE

Cyber-attackers are steadily getting more creative and ambitious in their exploits and causing real-world damage (e.g., the German steel mill hack in 2014, the Ukrainian Power Grid hack in 2015). Proprietary and personally identifiable information are vulnerable to leakage as well (e.g., the Sony hack in 2014, the US Office of Personnel Management in 2014). The Internet of Things (IoT), a platform which allows everything to process information, communicate data, and analyze context opens up new vulnerabilities for both security and privacy. Smart buildings and smart cities, for example, will collect and process data for millions of individuals. Industrial systems, which were never intended to be linked via common protocols, are recognized as suddenly being open to security threats that can limit service availability and possibly cause considerable damage. Autonomous systems allowed to operate with minimal oversight are ripe targets for cyber-attacks. Data stored and processed in confidence in the cloud may be subject to exfiltration, leading to public embarrassment or the exposure of proprietary information.

As cyber-events increase in number and severity, security engineers must incorporate innovative cybersecurity strategies and technologies to safeguard their systems and confidential information. A strategy to address a cybersecurity vulnerability, once identified, must understand the nature of the vulnerability and how to mitigate it. The “security tax” or “privacy tax” (system and service degradation) caused by the implementation of the mitigating security technologies may be so great that the end user bypasses the technologies and processes meant to ensure the system’s security and privacy. A practical reality of the adoption of IoT is that it will require integration of new technologies with existing systems and infrastructure, which will continue to expose new security and privacy vulnerabilities; re-engineering may be required. The human element of IoT, the user, must be considered, and how the user and the IoT system interact to optimize system security and user privacy must be defined. Cyber-attackers and cyber victims are often in different countries, the transnational nature of many cyber-events necessitate the consideration of public policy and legal concerns as well.

This workshop aims to showcase new and emerging strategies and technologies for forecasting, mitigating, countering, and attributing cyber-events that threaten security and privacy within the realm of IoT. The institutional benefits of IoT adoption are clear, however security and privacy concerns are constantly coming to light. As organizations—both public and private, large and small—adopt new IoT technologies, we hope that this workshop can serve as an opening conversation between government, industry, and academia for the purpose of addressing those concerns.

Topics of Interest

Topics of interest include (but are not limited to):

1. Cyber–security approaches
*Honeypots, Honeynets and Honeypatches
*Deception-based approaches
*Encrypted Computing and Secure Computation
*Active and Passive Cybersecurity
*Firmware vetting
*Privacy-Enhancing Technologies
*Intelligence and Counter-Intelligence
*Security and Privacy Engineering

2. Cyber-security Settings
*Cyber-Security and Privacy in Cyber-Physical Systems
*Industrial Internet of Things (IIoT)
*Smart Cities
*Cyber-Physical Power Systems

3. Data analytics for cyber-security
*Predictive Cyber-Security
*Event Analysis
*Event Attribution and Cyber-Forensics

4. Cyber-security metrics
*Security and Privacy Metrics and Analysis
*Metrics of defense effectiveness
*Quantifying the ‘security/privacy tax’

5. Human/Societal issues
*Legal and Policy Topics related to Cyber-Security and Privacy
*Human Factors in Cyber-Security and Privacy
*Inter-Organizational Cyber-Threat Information Sharing

6. Other topics
*Integration of New Technology into Existing Systems
*Situational Awareness
*System Situational Awareness
*Emerging Threats
*Event Recovery
*Security as a Service (SaaS)
*Private Data as a Service (PDaaS)

IMPORTANT DATES

Paper Submission: February 20, 2017
Authors Notification: March 1, 2017
Camera Ready and Registration: March 13, 2017

CO-CHAIRS

Mr. Roger Hallman -- SPAWAR Systems Center Pacific
Dr. Hala Mostafa -- United Technologies Research Center
Prof. Kurt Rohloff -- New Jersey Institute of Technology
Dr. Victor Chang (honorary) -- Xi'an Jiaotong Liverpool University

WORKSHOP PROGRAM COMMITTEE (PARTIAL)

Marina Blanton -- University at Buffalo, The State University of New York, United States
An Braeken -- Vrije Universiteit Brussel, Belgium
Daniel Conte de Leon -- University of Idaho, United States
Tiago Cruz -- University of Coimbra, Portugal
Ishbel Duncan -- University of St. Andrews, United Kingdom
Sunny Fugate -- SPAWAR Systems Center Pacific, United States
Kevin Hamlen -- University of Texas at Dallas, United States
Hongxin Hu -- Clemson University, United States
Andreas Jacobsson -- Malmö University, Sweden
Jaclyn Kerr -- Lawrence Livermore National Laboratory; Stanford University, United States
Xenofon Koutsoukos -- Vanderbilt University, United States
Devu MANIKANTAN -- United Technologies Research Center, United States
Jason R. C. Nurse -- University of Oxford, United Kingdom
Kasper Rasmussen -- Oxford University, United Kingdom
Mohammad Abdur Razzaque -- Trinity College Dublin, Ireland
Jose Romero-Mariona -- SPAWAR Systems Center Pacific, United States
Siamak F Shahandashti -- Newcastle University, United Kingdom
Paulo Simoes -- University of Coimbra, Portugal
Dhananjay Singh -- Hankuk Univ. of Foreign Studies, Seoul, Korea, Republic of
Jia Song -- University of Idaho, United States
Pawel Szalachowski -- ETH Zurich, Switzerland
April Tanner -- Jackson State University, United States
Clark Thomborson -- University of Auckland, New Zealand

PAPER SUBMISSION

Prospective authors are invited to submit papers in any of the topics listed above.
Instructions for preparing the manuscript (in Word and Latex formats) are available at: Paper Templates
Please also check the Guidelines.
Papers should be submitted electronically via the web-based submission system at: http://www.insticc.org/Primoris

PUBLICATIONS

After thorough reviewing by the workshop program committee complemented by members of the main conference program committee, all accepted papers will be published in a special section of the conference proceedings book - under an ISBN reference and on CD-ROM support.
All papers presented at the conference venue will be available at the SCITEPRESS Digital Library (http://www.scitepress.org/DigitalLibrary/).
SCITEPRESS is a member of CrossRef (http://www.crossref.org/) and every paper is given a DOI (Digital Object Identifier).