CFP - Recent Advances in Intrusion Detection (RAID'98)

Marc Dacier (dac@ZURICH.IBM.COM)
Tue, 10 Feb 1998 15:03:23 +0100

Call For Participation - RAID'98

First International Workshop on the
Recent Advances in Intrusion Detection

September 14-15, 1998
Louvain-la-Neuve, Belgium

We solicit your participation in the first International Workshop on
the Recent Advances in Intrusion Detection. This workshop, the first
in an anticipated annual series, will bring together leading figures
from academia, government, and industry to talk about the current
state of intrusion detection technologies and paradigms from the
research and commercial perspectives.

Research into and development of automated intrusion detection systems
(IDS) has been under way for nearly 10 years. In that time, only a
few systems have been widely deployed in the commercial or government
arena (e.g., DIDS, NADIR, NetRanger, Stalker). All are limited in
what they do. At the same time, the numerous research systems
developed have been more engineering than scientific efforts, with
scant quantitative performance figures. As we survey the field of
automated intrusion detection, we are faced with many questions:

1) What *research* questions have yet to be answered about IDS?
2) What are the open questions, limitations, and fundamental concerns
about existing intrusion detection methodologies?
3) What metrics shall we use to measure IDS performance and thus
compare different IDSes? These measurements should highlight the
successes and expose the limitations of current IDS approaches.
4) What factors are inhibiting transfer of research ideas into
functional deployed IDSes? How can those be addressed?
5) What is the role of a deployed IDS? How should or can it fit in
with other security systems?
6) What are the typical operating environments and policies in which
IDSes are used?
7) What are the challenges for IDSes in very large environments, such
as the Internet?
8) Is it time to be thinking about IDS standards? What are the
advantages and disadvantages of standardizing components of IDS? What
forums (e.g., IETF, ISO) would be appropriate for pursuing such
standards?
9) What are the problems of turning the results of intrusion detection
tools into legally reliable evidence? What are the problems of
admissibility and of court-room presentation?

We invite proposals and panels that explore these questions or any
other aspect of automated intrusion detection. We especially solicit
proposals and panels that address:

1) New results related to intrusion detection methodologies and
technologies.
2) Innovative ways of thinking about intrusion detection; for example,
the applicability of R&D in the fields of survivable and/or dependable
systems, data mining, etc.
3) User experiences and lessons learned from fielded intrusion
detection systems.
4) IDS for emerging computer environments (e.g., Java, CORBA, NT ).
5) Commercial intrusion detection systems.

We have scheduled RAID'98 immediately before ESORICS'98, at the same
time as CARDIS'98, and at the same location as both of these
conferences. This provides a unique opportunity for the members of
these distinct, yet related, communities to participate in all these
events and meet and share ideas during joined organized external
events.

INSTRUCTIONS:

Proposals for presentations must include a title followed by an
abstract that is a maximum of 600 words in length. The presenter may
include a full paper with the abstract, and will have either 15 or 30
minutes (including questions) for the talk.

Panel proposals should include a title, proposed chair, tentative
panelists, a description (under 300 words), format of the
presentation, and short rationale for the panel. Panel sessions must
fit into one hour time slots.

Each proposed participant must include his or her name, organization,
position, e-mail address, facsimile and telephone number, and a brief
biography.

All proposals must be in English. Plan to give all panels and talks
in English.

We must receive all proposals before June 15, 1998. We strongly
prefer they be submitted by e-mail to raid98@zurich.ibm.com. Various
formats (ASCII, postscript, Word, WordPro, Framemaker, and LaTex) are
acceptable. If necessary, hardcopy proposals may be sent to:

Marc Dacier
Global Security Analysis Lab
IBM Zurich Research Laboratory
Saeumerstrasse 4, CH-8803 Rueschlikon, Switzerland

IMPORTANT DATES:
----------------
Deadline for submission: June 15, 1998
Notification of acceptance or rejection: August 1, 1998

GENERAL CO-CHAIRS:
------------------
Marc Dacier (IBM Zurich Research Laboratory, Switzerland)
Kathleen A. Jackson (Los Alamos National Laboratory, USA)

PROGRAM COMMITTEE:
------------------
Matt Bishop (University of California at Davis, USA)
Dick Brackney (National Security Agency, USA)
Yves Deswarte (LAAS-CNRS & INRIA, France)
Baudouin Le Charlier (Universite de Namur, Belgium)
Stuart Staniford-Chen (University of California at Davis, USA)
Rowena Chester (University of Tennessee, USA)
Deborah Frincke (University of Idaho, USA)
Tim Grance (National Institute of Standards and Technology, USA)
Sokratis Katsikas (University of Athens, University of Aegeans, Greece)
Jean-Jacques Quisquater (Universite Catholique de Louvain, Belgium)
Mark Schneider (National Security Agency, USA)
Peter Sommer (London School of Economics & Political Science, England)
Steve Smaha (Trusted Information Systems, USA)
Gene Spafford (Purdue University, USA)
Chris Wee (University of California at Davis, USA)
Kevin Ziese (WheelGroup Corporation, USA)

For further information contact one of the General Co-chairs:

Marc Dacier Kathleen A. Jackson
IBM Zurich Research Laboratory Los Alamos National Laboratory
Switzerland USA
E-mail: dac@zurich.ibm.com E-mail: kaj@lanl.gov
Tel.: +41-1-724-85-62 Tel.: +1-505/667-5927
Fax.: +41-1-724-89-53 Fax: +1-505/665-5220

More information will be available at:
<URL:http://www.zurich.ibm.com/~dac/raid98/>.

Information about ESORICS'98 is available at:
ESORICS 98 home page: <http://www.dice.ucl.ac.be/esorics98>
ESORICS series home page: <http://www.laas.fr/~esorics>
Note: Papers and panel proposals for ESORICS'98 are due before February
28,
1998.

Information about CARDIS'98 will be available at:
<http://www.dice.ucl.ac.be/cardis98>

--
Marc Dacier
Mgr. Global Security Analysis Lab (GSAL)
IBM Zurich Research Laboratory
Saeumerstrasse 4 -    CH-8803 Rueschlikon  -   Switzerland
E-mail: dac@zurich.ibm.com   Tel.:+41-1-724-85-62     Fax.:+41-1-724-89-53