The static nature of current computing systems has made them easy to attack and hard to defend. Adversaries have an asymmetric advantage in that they have the time to study a system, identify its vulnerabilities, and choose the time and place of attack to gain the maximum benefit. The idea of moving-target defense (MTD) is to impose the same asymmetric disadvantage on attackers by making systems dynamic and therefore harder to explore and predict. With a constantly changing system and its ever adapting attack surface, attackers will have to deal with a great deal of uncertainty just like defenders do today. The ultimate goal of MTD is to increase the attackers’ workload so as to level the cybersecurity playing field for both defenders and attackers - hopefully even tilting it in favor of the defender.
This workshop seeks to bring together researchers from academia, government, and industry to report on the latest research efforts on moving-target defense, and to have productive discussion and constructive debate on this topic. We solicit submissions on original research in the broad area of MTD, with possible topics such as those listed below. Since MTD research is still in its nascent stage, the list should only be used as a reference. We welcome all works that fall under the broad scope of moving target defense, including research that shows negative results.
- System randomization
- Artificial diversity
- Cyber maneuver and agility
- Software diversity
- Dynamic network configuration
- Moving target in the cloud
- System diversification techniques
- Dynamic compilation techniques
- Adaptive defenses
- MTD quantification methods and models
- MTD evaluation and assessment frameworks
- Large-scale MTD (using multiple techniques)
- Moving target in software coding, application API virtualization
- Autonomous technologies for MTD
- Theoretic study on modeling trade-offs of using MTD approaches
- Human, social, and usability aspects of MTD
- Other related areas
Paper submissions: Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Submissions should be at most 10 pages in the ACM double-column format, excluding well-marked appendices, and at most 12 pages in total. Submissions are not required to be anonymized.
System demo submissions: Each accepted system demo must be demonstrated on site by a registered workshop attendee; then a 2-page description can be included in the proceedings. System demo submissions should be at most 2 pages in the ACM double-column format, excluding well-marked appendices, and at most 4 pages in total. Submitted system demos must not substantially overlap system demos that have been published or that are simultaneously submitted to another conference with proceedings. Submissions are not required to be anonymized.
Submission website: Submissions are to be made to the submission web site at https://easychair.org/conferences/?conf=mtd20170. Only PDF files will be accepted. Submissions not meeting these guidelines risk rejection without consideration of their merits. Papers must be received by the deadline of August, 4, 2017 to be considered. Notification of acceptance or rejection will be sent to authors by September 4, 2017. Authors of accepted papers must guarantee that one of the authors will register and present the paper at the workshop. Proceedings of the workshop will be available on a CD to the workshop attendees and will become part of the ACM Digital Library.
Contact: Hamed Okhravi and Xinming Ou, MTD 2017 Program Chairs, firstname.lastname@example.org
- Paper submission due:
August 4, 2017August 18, 2017 Anywhere on Earth (Extended)
- Notification to authors: September 4, 2017
- Camera ready due: September 17, 2017
Prof. Paul C. Van Oorschot, Canada Research Chair in Authentication and Computer Security, Carleton University
Title: "Science, Security and Academic Literature: Can We Learn from History?"