| |
Insider attack---using legitimate authority for
illegitimate purposes---continues to threaten many aspects of our
nation's cyber infrastructure. Many aspects of this infrastructure
contribute to this problem: its permeation into all aspects of
enterprise operations enables attacks in other domains; its
complexity makes it hard to design, configure, and manage effective
security countermeasures; broad connectivity and inter-relationships
make it impossible to rely on perimeter defenses anymore---everyone
is an insider. We are challenged with a very significant set of
problems with little well-developed science and metrics for
effectiveness of proposed solutions.
Bringing together participants from industry, government, and
academia, this workshop will illuminate the insider threat faced in
real-world application domains, explore how existing bodies of
research may address these problems, and identify what new research is
needed. We have sought out speakers who can represent the sobering
view of the true extent and scope of the problem and advise on various
metrics that may be used to measure success of any solutions. The
workshop will also highlight participation by researchers working on
technologies that can help solve the problem---not only via detection,
but also via prevention and mitigation.
Besides the exchange of ideas at the meeting itself, the
organizers hope that the workshop will make a more lasting
contribution. Consequently, post-proceedings which
lays out what we discover: the scope of the problem, the metrics, and
potential solution paths. To that end, we have strongly encouraged
presenters and attendees to submit position papers related to the
workshop goals prior to the workshop date. Presentations that are
deemed particularly relevant and topical will be invited as full
papers for the proceedings. Non-academic invitees can, if they wish,
be paired with an academic or student in preparing a paper for the
proceedings.
We ask that invitees who have not yet prepared an abstract or
short biography please do so at their earliest convenience.
Experts in industry, government, and academia who are
interested in attending the workshop but who have not received an
invitation should submit a biography and short abstract to the
organizers at insider-threats@cs.columbia.edu. We
unfortunately cannot guarantee an invitation to all interested
parties.
Sponsors:
| |
