Abstract
The 2014 9th Annual Cyber and Information Security Research (CISR) Conference (CISRC, formerly CSIIR Workshop [CSIRW]) was held at Oak Ridge National Laboratory. The aim of this year's conference is to present, discuss and publish novel theoretical and empirical research focused on one or more of the Federal Cybersecurity themes. Cyberspace is fundamental to our national prosperity and security, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are able to properly balance the risks and rewards, understand and communicate threats to security and privacy, and rapidly adapt any resulting approach to a changing adversarial environment. The scope of interest covers a wide range of topics related to cyber and information security research. This year’s conference will include presentations and demonstrations of technologies from the DOE Cybersecurity for Energy Delivery Systems (CEDS), the DOE Cyber Sciences Labs (CSL), and the DHS Transition To Practice (TTP) Program.
CISRC-9 Theme: Federal Cyber Security R&D Program Thrusts
Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are able to properly balance the risks and rewards, understand and communicate threats to security and privacy, and rapidly adapt any resulting approach to a changing adversarial environment. Original paper were accepted in the following general areas derived from the Federal Cybersecurity R&D agenda.
• (1) Tailored Trustworthy Spaces - Provides flexible, adaptive, distributed trust environments that can support functional and policy requirements arising from a wide spectrum of activities in the face of an evolving range of threats--recognizing the user's context and evolves as the context evolves.
• (2) Moving Target - Enables us to create, analyze, evaluate, and deploy mechanisms and strategies that are diverse and that continually shift and change over time to increase complexity and cost for attackers, limit the exposure of vulnerabilities and opportunities for attack, and increase system resiliency.
• (3) Designed-In-Security - Builds the capability to design, develop, and evolve high-assurance, software-intensive systems predictably and reliably while effectively managing risk, cost, schedule, quality, and complexity.
• (4) Cyber Economic Incentives - Develops effective incentives to make cybersecurity ubiquitous, including incentives affecting individuals and organizations.
• (5) Science of Security - Provides a more fruitful way to ground research efforts, and to nurture and sustain progress.
Special Topics of CISRC Included:
• Security and trustworthiness of information in motion and at rest, especially in a shared (“cloud”) environment.
• Understanding the risks and tradeoffs in deploying solutions, in terms that are measurable and quantifiable.
• Fusion of cyber data such as net flows with other data from non-cyber sources, such as geographic and economic data to discover connections and highlight activity of interest.
• Discovery of trends, especially in malware design and use.
• Trust negotiation tools and data models to support negotiation of policy.
• Data protection tools, access control management, monitoring and compliance verification mechanisms to allow for informed trust.
• Hardware mechanisms that support secure boot-load and continuous monitoring of critical software.
• Application and operating system elements that can provide strong assurance that program semantics cannot be altered during execution.
• Control theory to abstract the complexity of moving target systems and enable sound, resilient system management.
• Models and techniques to support on-the-fly evidence creation during a systems engineering process.
• Mathematically sound techniques to support combination of models and composition of results.
• Analysis techniques (based on model checking, abstract interpretation, semantics-based testing, and/or verification) to enable traceable linking among diverse models and code.
Additional Topics of Interest Included:
• Team and supply chain practices to facilitate composition of assurance in the supply chain.
• Psychology and human factors for how to build software specification. Implementation, verification, analysis, and testing tools that are easy to use and provide positive feedback to users.
• Methods to model adversaries; especially co-modeling of attackers and defenders.
• Control theory for maintaining security in the presence of ongoing and even partially successful attacks.
• Formal and stochastic modeling techniques in security modeling.
• Comprehensive, open, and anonymized data repositories.