Visible to the public HotSoS 2015 - Interest in Cybersecurity Science and Research Heats Up

SoS Newsletter- Advanced Book Block


SoS Logo

Interest in Cybersecurity Science & Research

heats up at HotSoS 2015

Urbana, IL
April 22, 2015

The 2015 Symposium and Bootcamp on the Science of Security (HotSoS) was held April 21-22 at the University of Illinois at Urbana-Champaign National Center for Supercomputing Applications. This third annual conference brought together researchers from numerous disciplines seeking a methodical, rigorous scientific approach to identifying and removing cyber threats. Part of the Science of Security project, the HotSoS goal is to understand how computing systems are designed, built, used, and maintained with an understanding of their security issues and challenges. It seeks not only to put scientific rigor into research, but also to identify the scientific value and underpinnings of cybersecurity.

Dave Nicol, UIUC lead was the affable host of Hot SOS 2015David Nicol, Director of the Illinois Trust Institute and co-PI for the Illinois Science of Security Lablet, was conference chair. Introducing the event, he called for participants to interact and share ideas, thoughts, and questions about the nature of security and the nascent science that is emerging. Kathy Bogner, Intelligence Community Coordinator for Cybersecurity Research, represented the NSA sponsor and welcomed the group, noting the government’s long-term interest and commitment to their work. She challenged them to continue to address cybersecurity using strong scientific principles and methods and to share the fruits of that work. She cited the number of universities and individual collaborators engaged in Science of Security research as an indication of activity and growth in the field. 

Mike Reiter smiles at an audience member’s remarkMike Reiter, Lawrence M. Slifkin Distinguished Professor of Computer Science, University of North Carolina at Chapel Hill, delivered the keynote “Is it Science or Engineering? A Sampling of Recent Research.” He said interest in a "Science of Security" is confusing to many researchers, in part due to a lack of clarity about what this "science" should be like and how it should differ from principled engineering. To help clarify the distinction, he described recent research projects about large-scale measurement, attack development, human-centric design, network defense, and provable cryptography to assess which ones, if any, constitute "science." A lively debate ensued. Pictured at the right, Mike Reiter smiles at an audience member’s remark.

Jonathan Spring, Researcher and Analyst for the CERT Division, Software Engineering Institute, Carnegie Mellon University, spoke on “Avoiding Pseudoscience in the Science of Security.” In his view, we seek the philosophical underpinnings to science of security in an effort to avoid pseudoscience. We look at the philosophy of science to describe how "observation and reasoning from results" differ between computing and other sciences due to the engineered elements under study. He demonstrated the challenges in avoiding pseudoscience and some solutions with a case study of malware analysis.

Prof. McDaniel asks “why don’t we wear amulets to protect against car accidents?” in addressing measurement.Patrick McDaniel, Professor of Computer Science and Director of the Systems and Internet Infrastructure Security Laboratory, Penn State University, addressed “The Importance of Measurement and Decision Making to a Science of Security.” A “science” is based on a reasoned modification to a system or environment in response to a functional, performance, or security need. His talk highlighted activities surrounding the Cyber-Security Collaborative Research Alliance, five universities working in collaboration with the Army Research Lab. Another lively debate ensued. The picture on the left captures Prof. McDaniel asking “Why don’t we wear amulets to protect against car accidents?” in addressing measurement.

Dusko Pavlovic, U. of Hawai’i, was both animated and stimulatingTutorials and a workshop were conducted with concurrent paper presentations. Five tutorials covered social network analysis; human behavior; policy-governed secure collaboration, security-metrics-driven evaluation, design, development and deployment; and resilient architectures. The workshop focused on analyzing papers from the security literature to determine how completely authors describe their research methods. Pictured here is Dusko Pavlovic, U. of Hawai’i, who was both animated and stimulating.



Allaire Welk, NC State, addresses methods of learning for Signals Intelligence analysts.Mike Reiter smiles at an audience member’s remarkThirteen researchers from the United Kingdom and the United States presented individual papers on studies about signals intelligence analyst tasks, detecting abnormal user behavior, tracing cyber-attack analysis processes, vulnerability prediction models, preemptive intrusion detection, enabling forensics, global malware encounters, workflow resiliency, sanctions, password policies, resource-bounded systems integrity assurance, active cyber defense, and science of trust. Allaire Welk (left picture), NC State, addresses methods of learning for Signals Intelligence analysts. Ignacio X. Dominguez (right), NC State, listens to a question about his work on input device analytics.

The 2013 Best Scientific Cybersecurity Paper was an invited paper. Chang Liu of the University of Maryland presented “Memory Trace: Oblivious Program Execution for Cloud Computing.”

For members of the Science of Security Virtual Organization the agenda and presentations are available on the CPS-VO web site at: For non-members, information is available at:

Next year’s HotSoS will be held in Pittsburgh and will be hosted by Carnegie Mellon University’s Science of Security Lablet. Prof. William Scherlis will chair the event.


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.