WORKSHOP PROGRAM

All sessions will take place in Coolidge unless otherwise noted.

Session papers are available to workshop registrants immediately and to everyone beginning August 9, 2010.

Opening Remarks
Jelena Mirkovic and Angelos Stavrou, CSET '10 Program Co-Chairs

Keynote Address

The Role of Testbeds in Cyber Security Research
Doug Maughan, Department of Homeland Security

View the presentation slides

Testbeds

UPBOT: A Testbed for Cyber-Physical Systems
Tanya L. Crenshaw and Steven Beyer, University of Portland

Read the Abstract | Full paper | Slides

Trusted Disk Loading in the Emulab Network Testbed
Cody Cutler, Mike Hibler, Eric Eide, and Robert Ricci, University of Utah

Read the Abstract | Full paper | Slides

Isolated Virtualised Clusters: Testbeds for High-Risk Security Experimentation and Training
Joan Calvet, École Polytechnique de Montréal and LORIA; Carlton R. Davis and José M. Fernandez, École Polytechnique de Montréal; Wadie Guizani, Mathieu Kaczmarek, and Jean-Yves Marion, LORIA; Pier-Luc St-Onge, École Polytechnique de Montréal

Read the Abstract | Full paper | Slides

Education

Experiences with Practice-Focused Undergraduate Security Education
Robert L. Fanelli and Terrence J. O'Connor, United States Military Academy

Read the Abstract | Full paper | Slides

The Blunderdome: An Offensive Exercise for Building Network, Systems, and Web Security Awareness
George Louthan, Warren Roberts, Matthew Butler, and John Hale, Institute for Information Security, The University of Tulsa

Read the Abstract | Full paper | Slides

Education

Security Exercises for the Online Classroom with DETER
Peter A.H. Peterson and Peter L. Reiher, University of California, Los Angeles

Read the Abstract | Full paper | Slides

Webseclab Security Education Workbench
Elie Bursztein, Baptiste Gourdin, Celine Fabry, Jason Bau, Gustav Rydstedt, Hristo Bojinov, Dan Boneh, and John C. Mitchell, Stanford University

Read the Abstract | Full paper | Slides

Open Floor: WiP/Brainstorming

The workshop will have a Work-in-Progress section that will contain short (5 min.) presentations of ongoing work in cyber security experimentation. The complete list of accepted WiPs appears here; the session is now full.

Panel

Security Experimentation with Cyber-Physical Devices
Moderator: Clifford Neuman, USC/ISI

Participants: Deborah Frincke, Chief Scientist, Pacific Northwest National Laboratory; Kevin Fu, Assistant Professor, University of Massachusetts Amherst; Tadayoshi Kohno, Assistant Professor, University of Washington; Marcelo Masera, Scientific Officer, EU Joint Research Center, Ispara, Italy

The term "cyber-physical systems" refers to the tight coupling of computational and physical resources, where the synergy of these two environments enables novel uses of the system and improves its robustness. For example, critical infrastructures such as power, water, and sewage are increasingly being heavily networked, as is air, rail, and ship traffic control. An emerging trend in vehicular technologies calls for vehicles that can talk to each other and to base stations along the roads and that can also tap into the public Internet. Medical devices are being equipped with connectivity so that they can be programmed or read remotely by physicians.

This intersection of networking and the physical world poses unique security challenges, as cyber attacks could wreak enormous damage and endanger human lives. Realistic and efficient experimentation platforms are needed to assess this threat and evaluate possible defenses. This panel will discuss challenges and propose solutions to security experimentation with cyber-physical systems, including:

• the choice of appropriate evaluation platforms and evaluation approaches
• how/where to gather appropriate and realistic data about cyber-physical system behavior and relevant security threats
• how to reproduce data in an experimental setting with a high degree of precision and fidelity
• how to transition ideas and prototypes into real-world systems

Reception

Join Deutsche Post for a dinner reception on Monday evening. They will be announcing the launch of a new security initiative around the E-Postbrief, a secure communication solution, and invite the security community to participate. Food, wine, beer and soft drinks will be provided.