EuroSec seeks contributions on all aspects of systems security. Topics of interest include (but are not limited to):

• new attacks, evasion techniques, and defenses
• operating systems security
• network/distributed systems security
• hardware architectures
• trusted computing and its applications
• identity management, anonymity
• small trusted computing bases
• mobile systems security
• measuring security
• malicious code analysis and detection
• Web security
• systems-based forensics
• systems work on fighting spam/phishing

In accordance with the spirit of the EuroSys conference we also seek:

• Quantified or insightful experience with existing systems
• Reproduction or refutation of  previous results
• Negative results
• Early ideas

You are hereby invited to submit papers of up to 8 single-spaced pages (including figures, tables and references). Submission information: http://www.ics.forth.gr/dcs/eurosec09/

For convenience, we allow authors to indicate potential conflicts of interest (e.g., to exclude PC members from within their research group).  EuroSec explicitly encourages members of the systems community to explore leading-edge topics and ideas before they are presented at a major conference. All submissions will be reviewed by the Program Committee. Only original, novel work will be considered for publication. Accepted papers will be published in the proceedings of EuroSec in the  ACM Digital Library. EuroSec will be held on the 31st  of March, 2009, in Nuremberg, Germany.

Important dates

• Paper Submission Deadline: January 19th, 2009
• Notification of Acceptance : February 16th, 2009
• Final Paper Due: March 2nd, 2009
• Workshop Date: March 31st, 2009

Organization

• Program Co-chairs:
  • Evangelos Markatos (FORTH and Univ. of Crete)
  • Manuel Costa (Microsoft Research Cambridge)
• Publicity Co-chairs:
  • Thorsten Holz (Universitat Mannheim)
  • Sotiris Ioannidis (FORTH)

• Program Committee:
  • Kostas Anagnostakis (Institute for Infocomm Research)
  • John Aycock (University of Calgary)
  • Herbert Bos (Vrije Universiteit Amsterdam)
  • Manuel Costa (Microsoft Research Cambridge)
  • Jedidiah Crandal (U of New Mexico)
  • Marc Dacier (Symantec)
  • Leendert van Doorn (AMD)
  • Kevin Elphinstone (U of New South Wales)
  • Jon Giffin (Georgia Tech)
  • Ashvin Goel (U. of Toronto)
  • Hermann Hartig (TU Dresden)
  • Gernot Heiser (UNSW / NICTA / Open Kernel Labs)
  • Thorsten Holz (Universitat Mannheim)
  • Sotiris Ioannidis (FORTH)
  • Angelos Keromytis (Columbia)
  • Engin Kirda (Eurecom Institute)
  • Christopher Krugel (UC Santa Barbara and TU Vienna)
  • Wenke Lee (Georgia Tech)
  • Zhenkai Liang (CMU)
  • Evangelos Markatos (FORTH and Univ. of Crete)
  • Niels Provos (Google)
  • R Sekar (Stony Brook)
  • Angelos Stavrou (George Mason University)
  • Wietse Venema (IBM TJ Watson)
  • Michael Waidner (IBM Tivoli Software, Somers, NY)
  • Stefano Zanero (Politecnico di Milano)

They keynote speech of the first day was given by Pradeep Khosla from CyLab, Carnegie-Mellon University and was titled “Cybersecurity: Opportunities and changes”. Apart from the keynote speech, nine other presentations were given as part of the core workshop agenda. The presentations were around threats on the Internet and particularly  emerging threats to the internet infrastructure, malicious hardware, the business of cyber-crime, security of control and supervision systems and privacy control. After the presentations, five working groups were formed: large-scale software systems, network and monitoring, critical infrastructure protection, malware and finally fraud. Each working group discussed future and emerging threats concerning the group’s topic as well as possible collaborations among attendees. The day closed with a presentation from Thomas Skordas about the ICT Security Work Programme.

The second day began with presentations on various topics such as trends on e-crime, the future of malware, scalable development of secure software and security and dependability perspectives in air traffic. On behalf of FORTH’s DCS laboratory, Dr. Evangelos Markatos gave a talk titled “The future of Malware: From fun and profit to Physical Harm”, addressing the evolution of malware and how it can affect the physical health of internet users. The discussions of first day’s working groups continued after the end of presentations. They keynote speech of the second day was titled “21st Century Cyber Security Challenges – A Perspective from  Large-Scale Global Enterprise” by Ming-Yuh Huang from Boeing.

Overall, the 1st FORWARD workshop was a successful event with lots of interesting presentations and constructive discussions. Future and emerging threats is a challenging aspect of internet security domain and through the FORWARD workshop we had the chance to take a glimpse at the future of e-crime.

The first day of the workshop started with an introduction by Brian Witten from Symantec. After the introduction, four presentations followed. The first one was given by Corrado Leita who presented the Leurre.com project. Maarten Van Horenbeeck followed with the presentation of SANS Internet Storm Center and then David Watson gave an overview of the Honeynet Project and the data collection mechanisms used.  The final presentation of the day was about cooperation of intelligent honeypots to detect unknown malicious codes and was given by Hiroki Takakura from Academic Center for Computing and Media Studies, Kyoto University. The first day of the workshop was concluded with a roundtable discussion around what type of data do we need and want to share.

The agenda of the second day included six presentations. First speaker was Joel Hatton  from AusCERT who presented the data collected by AusCERT relating to Internet attacks. Second was Spiros Antonatos from FORTH/ICS, who presented the Honey@home tool for monitoring unused address space at home computers. Dr. Inoue from  Japan’s National Institute of Information and Communication Technology presented NICTER, a very interesting incident analysis system towards binding network monitoring with malware analysis. A description of the Honeyclient project by Piotr Kijewski of NASK/CERT Polska followed and gave to the attendees the opportunity to discuss the  kind of  mutual agreements required in order to share computer-security related data. Two more technical presentations followed, the one by Alain Esterle presenting ENISA‘s work against European IT security threats and the other by Thomas Holt of UNCC Honeynet Project titled “Techcrafters and Makecrafters: A Comparison of Two Populations of Hacker”. The workshop was finalized with a roundtable discussion about what are the technical requirements and infrastructure we need to share data.

Overall, it was a very interesting event where we the attendees had the opportunity to interact with the members of the WOMBAT consortium as well as with members of other related project from around the globe. More importantly, issues concerning sharing of computer security related data were discussed from many different points of view. Given the  existing consortium overlap between  FORWARD and WOMBAT, we expect further exchange of opinions and expertise.

During the two-day technical workshop sessions, representatives of European research projects funded by the 7th Framework Programme discussed emerging concepts and ideas in groups themed around the topics of Networks, Services, Content, Security, and Experimental Facilities. Some of the challenges outlined in the Security session included identity management, trust, vulnerabilities and threats in emerging platforms, experimental facilities, as well as legislation and economics and their links with security. In the Security, Privacy and Trust session, Sotiris Ioannidis from FORTH-ICS participated in the panel that discussed “Cross-issues in Network Infrastructures and Experimental Facilities” .

The FORWARD project also signed the Bled Declaration titled “Towards a European approach to the Future Internet” which calls on European Internet scientific and economic actors, researchers, industrialists, SMEs, users, service and content providers, to “redesign the Internet, taking a broad multidisciplinary approach, to meet Europe’s societal and commercial ambitions.”

The workshop was scheduled for the 17th and 18th of April at Gothenburg, Sweden. The consortium will be inviting leaders in the field of security, from ongoing European projects, as well as experts from the industry and project managers from the Commission to participate in the workshop.

The consortium also highlighted topics of interest to each partner. The list includes: Distributed Defense, Critical Infrastructure Protection, Fraud and Economics, Harassment and Misinformation, Smart Devices, Network Infrastructure, and Metrics. These topics will be included for discussion during the first FORWARD workshop. However we expect other topics to also come out of the discussion. These topics will form the basis of the consortium working groups (and also the focus of more blogs that will appear on this site!).

The FORWARD blogs site is only part of the online collaboration platform of the project. The exact synthesis of the platform was discussed during the project kickoff meeting. FORTH presented the web pages created for the project as well as the proposed collaboration tools. The tools included a wiki, online forums, an online file repository and this blog. All these will enable close collaboration between the partners as well as a basis for distribution of the work performed in the FORWARD project.