Forwarded From: coastwatch-request@cs.purdue.edu
Workshop on Research with Security Vulnerability Databases
January 21-22, 1999
Call For Proposals
Sponsored by Purdue's Center for Education and Research in Information
Assurance and Security (CERIAS)
The Purdue CERIAS is issuing a Call for Proposals for its Workshop on
Research with Security Vulnerability Databases. The workshop will be held
at Purdue University on January 21st and 22nd, 1999. This is a follow-up to
our previous workshop (co-hosted with NIST) in June 1996, and to the recent
work done at COAST by Ivan Krsul on a taxonomy of vulnerabilities.
The research community needs reference databases for work in intrusion
detection, software engineering issues, penetration testing, trend analysis,
forensics, and other advanced security research. Current holders and
builders of such databases have shown little willingness to share their data
because they view it as dangerous, or because it has a perceived commercial
advantage. Thus, there have been almost no successful instances of data
sharing. This continues to hinder important research in a number of areas.
This workshop is intended to address the issues related to vulnerability
databases that need to be resolved so they can be used in advanced research,
including:
· how to organize entries in a common scheme
· how to collect "good" data
· how to exchange database info with trusted parties
· standards and conventions for presentation and naming
· using these databases in research
· how to build and maintain a community database
· whether such databases pose a threat, and how to limit it
· how to maintain currency of such databases
We are soliciting extended abstracts (1-3 pages) or full papers that address
these and related issues. The deadline for these submissions is November
24, 1998. Please send 5 copies of your submission. A simple proceedings is
planned. We may limit attendance to only those people submitting abstracts
for presentation.
Important dates:
November 24, 1998 Abstracts due
December 23, 1998 Decisions to authors
January 5, 1999 Final copy due at CERIAS
January 21-22, 1999 Workshop
Send your submissions to:
Professor Eugene H. Spafford
CERIAS
Computer Sciences Building
Purdue University
West Lafayette, IN 47907-1398
Questions may be directed to <vulwkshp@cs.purdue.edu>.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Thu Oct 22 08:31:35 1998