Konkuk University, Seoul, South Korea Table of Contents
Total Page:16
File Type:pdf, Size:1020Kb
PROGRAM GUIDE MIST 2014 6th International Workshop on Managing Insider Security Threats November 21(Friday) - 22(Saturday), 2014 Konkuk University, Seoul, South Korea Table of Contents Welcome Message from the MIST 2014 General Chairs 2 MIST 2014 Organization 3 Welcome Message from CSD 2014 Chairs 4 CSD 2014 Organization 5 Invited Talk 6 Program Overview 7 MIST 2014 Program 8 Workshop Venue 12 Co-Organized By Innovative Information Science & Technology Research Group Chosun University BK21+ SIFCT Big Data Research Institute of Konkuk University In Cooperation With Green-IT Convergence Security Group of KIISC Korean Institute of Smart Media - 1 - Welcome Message from MIST 2014 General Chairs Welcome to the 6th International Workshop on Managing Insider Security Threats (MIST 2014), which is held on Novmeber 21(Friday) - 22(Saturday), 2014 at Konkuk University, Seoul, Republic of Korea. Recently, there has been a considerable increase of information leaks caused by malicious but authorized insiders. Compared to the attacks by outsiders, such information leaks can result in more critical damages, thus becoming one of the most important security threats to governments, companies, institutes and so forth. Motivated by this, the MIST workshop has annually taken place since 2009 with the aim of showcasing the most recent challenges and advances in defending against insider security threats and information leakages as follows: Ÿ 1st MIST (in conjunction with IFIPTM 2009) June 16, 2009, Purdue University, West Lafayette, USA Ÿ 2nd MIST (in conjunction with IFIPTM 2010) June 15, 2010, Morioka, Iwate, Japan Ÿ 3rd MIST (in conjunction with InCos 2011) December 1-2, 2011, Fukuoka Institute of Technology, Fukuoka, Japan Ÿ 4th MIST November 8-9, 2012, Nishijin Plaza, Kyushu University, Fukuoka, Japan Ÿ 5th MIST October 24-25, 2013, Pukyong National University, Busan, Rep. of Korea This year, MIST 2014 had received high quality submissions from all over the world. Among them, total 31 papers were accepted for presentation after a rigorous peer-review process where each submission is reviewed by at least two TPC members. Moreover, MIST 2014 is powered by the invited talk "Characterizing the Insider Problem" by Prof. Matt Bishop (UC Davis, USA) who is the leading researcher in this field as well as a special session on Cyber Security and Defense (CSD'14) organized by Green-IT Convergence Security Group of KIISC. We believe that MIST 2014 plays the meaningful role of a trigger for further related research and technology improvements in this important subject. Finally, we would like to extend our sincere thanks not only to all authors for their countless contributions, but also to the technical program committee members for their hard and excellent work. MIST 2014 General Chairs: Dr. Ilsun YOU and Dr. Young-guk HA - 2 - MIST 2014 Organization General Chairs Ilsun You (Korean Bible University, South Korea) Young-guk Ha (Konkuk University, South Korea) Advisory Committee Kouichi Sakurai (Chair, Kyushu University, Japan) Pankoo Kim (Chair, Chosun University, South Korea) Kyung Hyun Rhee (Pukyung National University, South Korea) Kangbin Yim (Soonchunhyang University, South Korea) Program Committee Members Benjamin Aziz (University of Portsmouth, UK) Pandu Rangan Chandrasekaran (IIT Madras, India) Xiaofeng Chen (Xidian University, China) Junho Choi (Chosun University, South Korea) William R. Claycomb (Carnegie Mellon University, USA) Ugo Fiore (Seconda Universita' di Napoli, Italy) Steven Furnell (Plymouth University, UK) Shuyuan Mary Ho (Florida State University, USA) Xinyi Huang (Fujian Normal University, China) Alex D. Kent (Los Alamos National Laboratory, USA) Igor Kotenko (SPIRAS, Russia) Philip Legg (Oxford University, UK) Fang-Yie Leu (Tunghai University, Taiwan) Kazuhiro Minami (Institute of Statistical Mathematics, Japan) Marek Ogiela (AGH University, Poland) Francesco Palmieri (Seconda Universita' di Napoli, Italy) Günther Pernul (University of Regensburg, Germany) Christian W. Probst (Technical University of Denmark, Denmark) Malek Ben Salem (Accenture Technology Labs, USA) Dongwan Shin (New Mexico Tech., USA) Juhyun Shin (Chosun University, South Korea) Sean W. Smith (Dartmouth College, USA) Shambhu Upadhyaya (SUNY Buffalo, USA) Danfeng (Daphne) Yao (Virginia Tech, USA) - 3 - Welcome Message from CSD 2014 Chairs On behalf of the Organizing Committee, we are honored and delighted to welcome you to the 1st Special Session on Cyber Security and Defense (CSD 2014), which is held in conjunction with the 6th International Workshop on Managing Insider Security Threats (MIST) at Konkuk University, Seoul, Korea, from November 21 to 22, 2014. This special session was organized by the Green-IT Convergence Security Group of the KIISC (Korea Institute of Information Security and Cryptology). As the cyberspace has been an essential part of our daily lives, cyber security is no longer a term to ignore for all levels of society. The number of cyber attacks, however, has increased dramatically over the last years and even terrorist groups, stateless organizations, and rogue individuals can launch a cyber attack from anywhere, at any time even with a few strokes on a keyboard or touchscreen. We cannot hide the fact that every day we are being attacked by unknown adversaries, quite constantly. Therefore, an enormous effort into cyber security research is needed to protect our cyberspace from those threats. The aim of CSD 2014 is to provide the most recent challenges and advances of technologies in cyber security and defense. In addition, this session intends to bring together the academic and industry working on different aspects, exchange ideas, and explore new research directions for addressing the challenges in cyber security and defense. Finally, we hope that you will find MIST CSD 2014 to be a stimulating and scientifically enriching experience in Korea. Hyobeom Ahn and Taekyoung Kwon Special Session Chairs of MIST CSD 2014 - 4 - CSD 2014 Organization Special Session Chairs Hyobeom Ahn (Kongju National University, South Korea) Taekyoung Kwon (Yeonsei University, South Korea) Program Committee Members Jin Kwak (Soonchunhyang University, South Korea) Jongsung Kim (Kookmin University, South Korea) Changhoon Lee (SeoulTech, South Korea) Kyungho Lee (Korea University, South Korea) Taeshik Shon (Ajou University, South Korea) Kyungho Son (Korea Internet and Security Agency, South Korea) Jeong Hyun Yi (Soongsil University, South Korea) Eul Gyu Im (Hanyang University, South Korea) Mun-Kyu Lee (Inha University, South Korea) Huy-kang kim(Korea University, South Korea) Ji-Won Yoon (Korea University, South Korea) Nam-Jae Park (Jeju National University, South Korea) - 5 - Invited Talk Characterizing the Insider Problem - Abstract: The insider problem is considered one of the most serious in computer security. But the precise definition of "insider" varies, sometimes wildly, among researchers. The result is that the problem, in its most broadest sense, is ill-defined. This talk attempts to bring rigor to the definition by examining several different aspects of the different definitions and situations broadly classified as "insiders". We examine various prevention, detection, and recovery mechanisms, placing them in the context of our analysis. We conclude by discussing the use of process modeling to identify potential insider threats. - Speaker: Dr. Matt Bishop (Professor, UC Davis, USA) Matt Bishop received his Ph.D. in computer science from Purdue University, where he specialized in computer security, in 1984. He was a research scientist at the Research Institute of Advanced Computer Science and was on the faculty at Dartmouth College before joining the Department of Computer Science at the University of California at Davis. His main research area is the analysis of vulnerabilities in computer systems, including modeling them, building tools to detect vulnerabilities, and ameliorating or eliminating them. This includes detecting and handling all types of malicious logic. He is active in the areas of network security, the study of denial of service attacks and defenses, policy modeling, software assurance testing, and formal modeling of access controls. Currently, he is studying the nature of insider threats as technical problems and how to harden processes to inhibit such attacks. He also works in electronic and Internet voting, and was one of the two principle investigators of the California Top-to-Bottom Review, which performed a technical review of all electronic voting systems certified in the State of California. He is active in information assurance education. His textbook, Computer Security: Art and Science, was published in December 2002 by Addison-Wesley Professional. He also teaches software engineering, machine architecture, operating systems, programming, and (of course) computer security. - 6 - Program Overview November 21 (Friday) November 22 (Saturday) Time Time Room 425 (4F) Room 425 (4F) Sanghuh Hall Sanghuh Hall 08:40 ~ 18:30 Registration 08:40 ~ 18:00 Registration 09:00 ~ 10:30 MIST1: 4 presentations 09:00 ~ 10:30 MIST4: 4 presentations 10:30 ~ 11:00 Coffee Break 10:30 ~ 11:00 Coffee Break 11:00 ~ 12:30 MIST2: 4 presentations 11:00 ~ 12:30 MIST5: 4 presentations Lunch Lunch 12:30 ~ 14:00 - VIP Restaurant (B2), 12:30 ~ 14:00 - VIP Restaurant (B2), New Millennium Hall New Millennium Hall 14:00 ~ 15:00 MIST3: Invited Talk 14:00 ~ 15:30 MIST6: 4 presentations 15:00 ~ 15:30 Coffee Break 15:30 ~ 16:00 Coffee Break 15:30 ~ 16:45 CSD1: 3 presentations