July 20, 2011
/ Pittsburgh, PA, USA
In conjunction with SOUPS
The 8th International Symposium on Visualization for Cyber Security was held at Carnegie Mellon University in Pittsburgh, PA, USA on July 20, 2011. VizSec brought together researchers and practitioners from academia, government, and industry to share insights and present solutions to modern cyber security challenges using visualization techniques. Invited speakers were Lorrie Cranor and Simson Garfinkel.
VizSec was held in conjunction with Symposium on Usable Privacy and Security (SOUPS).
The proceedings are in the ACM Digital Library.
Lorrie Faith Cranor is an Associate Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University where she is director of the CyLab Usable Privacy and Security Laboratory (CUPS). She is also Chief Scientist of Wombat Security Technologies, Inc. She has authored over 100 research papers on online privacy, usable security, phishing, spam, electronic voting, anonymous publishing, and other topics.
She has played a key role in building the usable privacy and security research community, having co-edited the seminal book Security and Usability (O'Reilly 2005) and founded the Symposium On Usable Privacy and Security (SOUPS). She also chaired the Platform for Privacy Preferences Project (P3P) Specification Working Group at the W3C and authored the book Web Privacy with P3P (O'Reilly 2002). She has served on a number of boards, including the Electronic Frontier Foundation Board of Directors, and on the editorial boards of several journals. In 2003 she was named one of the top 100 innovators 35 or younger by Technology Review magazine. She was previously a researcher at AT&T-Labs Research and taught in the Stern School of Business at New York University.
Please visit her personal website for more information.
Simson L. Garfinkel is an Associate Professor at the Naval Postgraduate School in Monterey, California. His research interests include computer forensics, the emerging field of usability and security, personal information management, privacy, information policy and terrorism. He holds six US patents for his computer-related research and has published dozens of journal and conference papers in security and computer forensics.
Garfinkel is the author or co-author of fourteen books on computing. He is perhaps best known for his book Database Nation: The Death of Privacy in the 21st Century. Garfinkel's most successful book, Practical UNIX and Internet Security (co-authored with Gene Spafford), has sold more than 250,000 copies and been translated into more than a dozen languages since the first edition was published in 1991.
Garfinkel is also a journalist and has written more than a thousand articles about science, technology, and technology policy in the popular press since 1983. He started writing about identity theft in 1988. He has won numerous national journalism awards, including the Jesse H. Neal National Business Journalism Award two years in a row for his "Machine shop" series in CSO magazine. Today he mostly writes for Technology Review Magazine and the technologyreview.com website.
As an entrepreneur, Garfinkel founded five companies between 1989 and 2000. Two of the most successful were Vineyard.NET, which provided Internet service on Martha's Vineyard to more than a thousand customers from 1995 through 2005, and Sandstorm Enterprises, an early developer of commercial computer forensic tools.
Garfinkel received three Bachelor of Science degrees from MIT in 1987, a Master's of Science in Journalism from Columbia University in 1988, and a Ph.D. in Computer Science from MIT in 2005.
The International Symposium on Visualization for Cyber Security (VizSec) is a forum that brings together researchers and practitioners from academia, government, and industry to address the needs of the cyber security community through new and insightful visualization techniques. Co-located this year with the Symposium on Usable Privacy and Security (SOUPS), the 8th VizSec will provide new opportunities for the usability and visualization communities to collaborate and share insights on a broad range of security-related topics. Accepted papers will appear in the ACM Digital Library as part of the ACM International Conference Proceedings Series.
Important research problems often lie at the intersection of disparate domains. This year our focus is to explore effective, scalable visual interfaces for security domains, where visualization may provide a distinct benefit, including computer forensics, reverse engineering, insider threat detection, cryptography, privacy, preventing “user assisted†attacks, compliance management, wireless security, secure coding, and penetration testing in addition to traditional network security. Human time and attention are precious resources. We are particularly interested in visualization and interaction techniques that effectively capture human analyst insights so that further processing may be handled by machines, freeing the analyst for other tasks. For example, a malware analyst might use a visualization system to analyze a new piece of malicious software and then facilitate generating a signature for future machine processing. When appropriate, research that incorporates multiple data sources, such as network packet captures, firewall rulesets and logs, DNS logs, web server logs, and/or intrusion detection system logs, is particularly desirable.
Full paper and panel abstracts offering novel contributions in security visualization are solicited. Papers may present technique, applications, practical experience, theory, or experiments and evaluations. Papers are encouraged on technologies and methods that have been demonstrated to be useful for improving information systems security and that address lessons from actual application. We encourage papers that report results on visualization techniques and systems in solving all aspects of cyber security problems, including how visualization applies to:
Accepted papers will appear in the ACM Digital Library. The program committee will select an accepted paper to receive the VizSec 2011 Best Paper award. A key element of the best paper selection process will be whether the results are believed to be repeatable by other scientists based on the algorithms and data provided in the paper.