Visible to the public HotSoS 2015 Program Agenda

2015 Symposium and Bootcamp on the Science of Security (HotSoS) Program Agenda
Agenda | Call for Papers | Organizers

The 2015 Symposium and Bootcamp on the Science of Security (HotSoS) was held April 21-22, 2015 in Urbana-Champaign, Illinois.

Artifacts from Hot SoS 2014 include presentations and posters that are linked to the agenda below. HotSoS 2015 proceedings are in the ACM Digital Library. The call for papers can be found below the agenda.

Program Agenda

MONDAY, APRIL 20, 2015
5:00 p.m. - 9:00 p.m.

National Center for Supercomputing Applications Lobby
1205 W. Clark, Urbana

6:00 p.m. - 9:00 p.m. Welcome Reception
NCSA Lobby
7:30 a.m. - 5:00 p.m. Registration
National Center for Supercomputing Applications (NCSA) Lobby
8:30 a.m. - 9:00 a.m. Breakfast
NCSA Lobby
9:00 a.m. - 10:30 a.m. Welcome, Announcements
David Nicol, University of Illinois at Urbana-Champaign
Kathleen Bogner, Co-Chair of SCORE committee, NSA
Location: NCSA Auditorium

Keynote: Is it Science or Engineering? A Sampling of Recent Research
Mike Reiter, Lawrence M. Slifkin Distinguished Professor of Computer Science, University of North Carolina
Location: NCSA Auditorium
10:30 a.m. - 11:00 a.m. Break
NCSA Lobby
11:00 a.m. - 12:30 p.m. Paper Session 1
Session Chair: Masooda Bashir
Location NCSA Auditorium

Modelling User Availability in Workflow Resiliency Analysis
John Mace, Charles Morisset and Aad van Moorsel

Understanding Sanction Under Variable Observability in a Secure, Collaborative Environment
Honying Du, Bennett Narron, Nirav Ajmeri, Emily Berglund, Jon Doyle, and Munindar Singh

Measuring the Security Impacts of Password Policies Using Cognitive Behavioral Agent-Based Modeling
Vijay Kothari, Jim Blythe, Ross Koppel, and Sean W. Smith
Tutorial 1: Social Network Analysis for Science of Security
Kathleen Carley, Carnegie Mellon University
Location: Room 1040 NCSA
12:30 p.m. - 2:00 p.m. Poster Session and Lunch
Electrical & Computer Engineering Building (ECEB), Room 3002
306 N. Wright Street, Urbana
2:00 p.m. - 3:00 p.m. Keynote: Avoiding Pseudoscience in the Science of Security
Jonathan Spring, CERT Division, Software Engineering Institute, Carnegie Mellon University
Location: NCSA Auditorium
3:00 p.m. - 4:30 p.m.

Paper Session 2
Session Chair: Kevin Jin
Location: NCSA Auditorium

Integrity Assurance in Resource-Bounded Systems through Stochastic Message Authentication
Aron Laszka, Yevgeniy Vorobeychik, and Xenofon Koutsoukos

Active Cyber Defense Dynamics Exhibiting Rich Phenomena
Ren Zheng, Wenlian Lu, and Shouhuai Xu

Towards a Science of Trust
Dusko Pavlovic

Tutorial 2: Understanding and Accounting for Human Behavior
Sean W. Smith, Dartmouth College
Jim Blythe, University Southern California
Location: Room 1040 NCSA

4:30 p.m. - 5:00 p.m.


Light snack provided in NCSA Lobby

5:00 p.m. - 6:00 p.m. Invited Paper: Memory Trace Oblivious Program Execution for Cloud Computing
Winner 2013 NSA Competition for Best Scientific Cybersecurity Paper
Chang Liu, PhD Student, University of Maryland
NCSA Auditorium
6:30 p.m. - 9:00 p.m. Symposium Dinner
6:30 - Refreshment service begins
7:00 - Dinner service begins
Grainger Engineering Library, 2nd Floor
1301 W. Springfield Avenue, Urbana
8:00 a.m. - 10:30 a.m. Registration
National Center for Supercomputing Applications (NCSA) Lobby
8:00 a.m. - 8:30 a.m. Breakfast
NCSA Lobby
8:30 a.m. - 10:00 a.m. Paper Session 3
Session Chair: Geir Dullerud
Location: NCSA Auditorium

All Signals Go: Investigating How Individual Differences Affect Performance on a Medical Diagnosis Task Designed to Parallel a Signal Intelligence Analyst Task
Allaire Welk and Christopher Mayhorn

Detecting Abnormal User Behavior Through Pattern-mining Input Device-Analytics
Ignacio X. Dominguez, Alok Goel, David L. Roberts, and Robert St. Amant

An Integrated Computer-Aided Cognitive Task Analysis Method for Tracing Cyber-Attack Analysis Processes
Chen Zhong, John Yen, Peng Liu, Robert Erbacher, Renee Etoty and Christopher Garneau
Tutorial 3: Policy-Governed Secure Collaboration
Munindar Singh, North Carolina State University
Location: Room 1040 NCSA
International Research Network for the Science of Security (IRN-SoS) Workshop: What Should be Included in a Methodologically Science of Security Paper?
Laurie Williams, North Carolina State University
Jeff Carver, University of Alabama
Location: Room 1030 NCSA
10:00 a.m. - 10:30 a.m. Break
NCSA Lobby
10:30 a.m. - 11:30 a.m. Keynote: The Importance of Measurement and Decision Making to a Science of Security
Patrick McDaniel, Profess of Computer Science and Director of the Systems and Internet Infrastructure Security Laboratory, Penn State University
Location: NCSA Auditorium
11:30 a.m. - 12:30 p.m. Boxed Lunches
Location: NCSA Lobby
12:30 p.m. - 2:30 p.m. Paper Session 4
Session Chair: Nikita Borisov
Location: NCSA Auditorium

Challenges with Applying Vulnerability Prediction Models
Patrick Morrison, Kim Herzig, Brendan Murphy, and Laurie Williams

Preemptive Intrusion Detection: Theoretical Framework and Real-World Measurements
Phuong Cao, Eric Badger, Zbigniew Kalbarczyk, Ravishankar Iyer and Adam Slagell

Enabling Forensics by Proposing Heuristics to Identify Mandatory Log Events
Jason King, Rahul Pandita and Laurie Williams

An Empirical Study of Global Malware Encounters
Ghita Mezzour, Kathleen M. Carley and L. Richard Carley

12:30 p.m. -1:30 p.m.

Tutorial 4: Security-Metrics-Driven Evaluation, Design, Development and Deployment
William H. Sanders, University of Illinois at Urbana-Champaign
Location: Room 1040 NCSA

1:30 p.m. - 2:30 p.m.

1:30 p.m. - 2:30 p.m.

Tutorial 5: Resilient Architectures
Zbigniew Kalbarczyk and Ravishankar Iyer, University of Illinois at Urbana-Champaign
Room 1040 NCSA

2:30 p.m. - 3:00 p.m.

Wrap up
NCSA Auditorium

Call for Papers

The practice of "science" is an approach to knowledge discovery in which predictions can be validated though logic or repeatable empirical experiments. Viewed this way, "Science of Security" encompasses research in cyber-security that emphasizes the means of gaining confidence in its results.

Science of Security emphasizes the methodology of research in cyber-security as much as the results of that research. Science of Security is broad in its application, including development of mathematical models about which properties can be proven and/or predictions made, as well as empirical research that poses hypotheses that are tested by measurement and analysis.

The 2nd Annual Symposium and Bootcamp on the Science of Security (HotSoS) follows in the footsteps of HotSoS 2014 by soliciting contributions that either develop scientific methodologies for conducting cyber-security research, or show by example how such methodologies are used on specific research problems.

We anticipate some support for student travel, particularly student authors.

HotSoS 2015 welcomes papers that clearly highlight contributions to Science of Security, on any topical area of cyber-security. Papers that address issues within the NSA SoS Lablets' "Five Hard Problems" are of particular interest
* Scalability and Composability
* Policy
* Security Metrics
* Resiliency
* Human Behavior

Please forward any questions about topics or submission instructions to the HotSoS 2015 Chair, David Nicol, at

Submissions: January 22, 2015
Decisions: February 20, 2015
Poster Abstracts: March 1, 2015 (submit to
Final Versions: March 9, 2015
Conference: April 21-22, 2015

Submissions must be made by the deadline of Friday, January 16, 2015 (midnight Central Standard Time) through Easy Chair: The papers will be evaluted using a double-blind review.

The suggested paper length is between 6-12 pages total in double-column ACM format: Only PDF files will be accepted. Papers will be published in the ACM Digital Library.

Access the 2015 Call for Papers in a downloadable format here.


HotSoS 2015 Organizing Committee

General Chair: David Nicol, University of Illinois at Urbana-Champaign
Web Chair: Andrea Whitesell, University of Illinois at Urbana-Champaign
Publicity Chair: Kim Gudeman, University of Illinois at Urbana-Champaign
Finance Chair: Wyatt Martin, University of Illinois at Urbana-Champaign
Proceedings Chair: Zbigniew Kalbarczyk, University of Illinois at Urbana-Champaign
Local Arrangements: Andrea Whitesell, University of Illinois at Urbana-Champaign
NSA Liaisons: Heather Lucas and Stephanie Askins-Yannacci

HotSoS 2015 Program Committee

Ehab Al-Shaer, University of North Carolina Charlotte
Adam Aviv, United States Naval Academy
Travis Breaux, Carnegie Mellon University
Kevin Butler, University of Florida
Marshini Chetty, University of Maryland
Michael Clifford, National Security Agency
Michel Cukier, University of Maryland
Tudor Dumitras, University of Maryland
Serge Egelman, University of California Berkeley
William Enck, North Carolina State University
Robert Ford, Florida Institute of Technology
David Garlan, Carnegie Mellon University
Brighten Godfrey, University of Illinois at Urbana-Champaign
Donald Goff, Cyber Pack Ventures
Zbigniew Kalbarczyk, University of Illinois at Urbana-Champaign
Jonathan Katz, University of Maryland
Stuart Krohn, National Security Agency
Lucas Layman, University of Maryland
Carl Landwehr, Consultant
Sam Malek, George Mason University
Chris Mayhorn, North Carolina State University
Andy Meneely, Rochester Institute of Technology
Sayan Mitra, University of Illinois at Urbana-Champaign
Sean Peisert, University of California Davis
Jurgen Pfeffer, Carnegie Mellon University
Sean Smith, Dartmouth College
Robert St. Amant, North Carolina State University
Kevin Sullivan, University of Virginia
Kymie Tan, National Aeronautics and Space Administration
Adam Tagert, National Security Agency
Aad Van Moorsel, University of Newcastle upon Tyne
Rebecca Wright, Rutgers University
Tao Xie, University of Illinois at Urbana-Champaign