The 2nd International Workshop on Recent Advances in Security Information and Event Management (RaSIEM 2013)
To be held in conjunction with the 8th International Conference on Availability, Reliability and Security (ARES 2013 – http://www.ares-conference.eu).
September 2nd – 6th, 2013
University of Regensburg
Regensburg, Germany
Management of events and incidents is one of the cornerstones for any service. Traditionally, event management frameworks are reactionary. The SIEM (Security Information and Event Management) approach enables near-real time event management as well as proactive management of security incidents and events for IT infrastructures. However, the SIEM solutions available commercially are not able to interpret high-level data from such as the service view or the business impact view. Another limitation of SIEMs is related to scalability. Indeed, current solutions are limited since they depend on centralized rule processing performed on a single node.
One of the most challenging domains for SIEMs, but not only, is the protection of critical infrastructures. Over the last few years, there has been growing understanding of security risks related to (targeted) cyber attacks against critical infrastructures in all sectors (dams, energy, transport, etc.). Critical infrastructure networks are very different in comparison to other IT infrastructures. Most of the endpoint actors are machines rather than people, their malfunction can have immediate physical consequences, and they are more likely to be targeted by malicious adversaries. The protection of these networks faces several challenges, such as:
-
Recognizing real threats in the multitude of daily alerts.
-
Ensuring data source reliability.
-
Managing data from heterogeneous devices and networks.
-
Correlation of highly heterogeneous data to identify threats.
-
Ensuring the resilience against all hazards;
The workshop will present technical and practical results of EU FP7 MASSIF project partners and those of invited presenters working in related fields.
The workshop aim is to discuss hot topics and demonstrate advances in the field of Security Information and Event Management (SIEM). We intend to bring together contributors of the EU FP7 MASSIF project as well as external researchers working in this area to present and discuss their recent results. We therefore expect this workshop to give an extensive insight into the state-of-the-art and novel perspectives of SIEM technologies.
The goal of the EU FP7 MASSIF project (
http://www.massif-project.eu/
) is to provide a new SIEM framework for service infrastructures supporting intelligent, scalable, and multi-level/multi-domain security event processing and predictive security monitoring as well as decision support.
Topics of interest comprise but are not limited to:
-
Case study of SIEM in operational scenarios (Olympic games, critical infrastructures such as dams, mobile money transfer service, enterprise service infrastructures)
-
SIEM for distributed computing
-
Fault tolerance for SIEM
-
Security analysis for SIEM
-
Workflow monitoring for SIEM
-
Decision systems in SIEM
-
Event translation for SIEM
-
Event processing for SIEM
|
|
Important dates
Submission Deadline
|
May
1st
, 2013
extended to May 19th, 2013
|
Author Notification
|
May 25th, 2013
|
Author Registration
|
May 30th, 2013
|
Proceedings Version
|
June 14th, 2013
|
Conference/Workshop
|
September 04th, 2013
|
Submission Guidelines
All accepted papers of ARES 2013 and associated workshops will be published as ISBN proceedings published by
IEEE Conferencing Publishing Service!
Papers must be written in English. Authors are invited to contribute Regular Papers describing original research as well as design, development and experimental results of operational systems, or Practical Experience Reports describing on-going industrial projects, prototype systems and exploratory or emerging applications. Papers should be no longer than 8 pages, strictly following the IEEE two-column format and adhere to the submission guidelines of the ARES conference. They can be found
>>here<<
.
Authors are requested to send their manuscripts in PDF format to
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
,
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
and
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
before the 19th of May.
All paper submissions of this workshop will be sent to MASSIF program committee and internally reviewed.
Tentative schedule
Please find the program of RaSIEM 2013
>>here<<
.
Chairs
-
Mohammed Achemlal, France Télécom-Orange - France
-
Romain Giot, France Télécom–Orange - France
-
Chrystel Gaber, France Télécom–Orange – France
-
Elsa Prieto Perez, Atos - Spain
-
Roland Rieke, Fraunhofer SIT-Germany
Program Committee
-
Luidgi Coppolino, Epsilon - Italy
-
Andrey Chechulin, SPIIRAS – Russia
-
Rodrigo Diaz Rodriguez, Atos – Spain
-
Gustavo Gonzales Granadillo, TELECOM SudParis - France
-
Igor Kotenko, SPIIRAS – Russia
-
Andrew Hutchison, T-systems – South Africa
-
Luigi Romano, University of Naples - Italy
-
Maria Zhdanova, Fraunhofer SIT - Germany
|