Registration has opened for the SPW14 workshops! Participants can register for both the Symposium on Security and Privacy (SP) and the Security and Privacy Workshops (SPW) at the same site. SPW registration is for a workshop "day pass," to allow attendance at any of the workshops on a specific day (Saturday or Sunday). Of course, you may purchase passes for both days. During registration, you will identify the workshop you are most likely to attend; this allows the organizers to make arrangements based on number of expected attendees for each workshop. Register online >
The Security & Privacy Workshops will be held at the Fairmont Hotel in San Jose, which has now provided a registration code for attendees to use to get discounted rates. To take advantage of the discounted rate, make your hotel reservation by April 23, 2014. Information about the hotel will be available on the SPW website shortly. Book your rooms online >
NSF and the IEEE Computer Society's Technical Committee on Security and Privacy, our sponsoring organization, are funding travel grants for students that will allow us to cover both domestic travel and international travel. Learn more about travel grants >
The threat of damage caused by authorized users, or insiders, is one of the most challenging security issues facing most organizations today. Insiders often attack using authorized access and with actions very similar to non-malicious behavior. Modern insiders are further enabled by immense data storage capabilities, advanced searching algorithms, and the difficulty of building, deploying, and managing comprehensive insider threat monitoring systems. Furthermore, insider attacks can also include those unintentionally enabled by users who fall victim to external attacks such as phishing or drive-by downloads.
Cybersecurity professionals face significant challenges in preventing, detecting, and responding to insider attacks, and often turn to insider threat researchers for answers. Unfortunately, insider threat researchers also face serious barriers to conducting scientifically and operationally valid work, such as access to real-world data and ground-truth about malicious insider activity. Therefore, it is imperative that cybersecurity researchers and professionals work together to find solutions that protect organizations from insider threats. Technical approaches to this problem are emerging, but studies show little significant progress has been made in reducing the actual numbers or impacts of insider attacks. There are two main reasons for the relative lack of success in identifying insider threats:
WRIT will highlight the challenges and trends specific to the insider threat problem from multiple viewpoints, such as information technology, behavioral sciences, or criminology. Furthermore, the workshop will review emerging approaches and explore experimental possibilities for measuring the efficacy of proposed solutions. The workshop will be accessible to non-experts interested in learning about the insider threat problem as well as experts interested in learning about new research and approaches. WRIT 2014 will feature a keynote address, a panel session, and sessions that describe the problem and detection. See the full program for details.
Topics of interest include but are not limited to
All submissions must be original work; the submitter must clearly document any overlap with previously published or simultaneously submitted papers from any of the authors. Failure to point out and explain overlap will be grounds for rejection. Simultaneous submission of the same paper to another venue with proceedings or a journal is not allowed and will be grounds for automatic rejection. Contact the program committee chairs if there are questions about this policy.
Papers must be submitted in a form suitable for anonymous review: no author names or affiliations may appear on the title page, and papers should avoid revealing their identity in the text. When referring to your previous work, do so in the third person, as though it were written by someone else. Only blind the reference itself in the (unusual) case that a third-person reference is infeasible. Contact the program chairs if you have any questions. Papers that are not properly anonymized may be rejected without review.
Papers must not exceed 15 pages total (including the references and appendices). Papers must be formatted for U.S. letter (not A4) size paper. The text must be formatted in a two-column layout, with columns no more than 9.25" high and 3.5" wide. The text must be in Times font, 10-point or larger, with 11-point or larger line spacing. Authors are encouraged to use the IEEE conference proceedings templates. Failure to adhere to the page limit and formatting requirements will be grounds for rejection.
Papers accepted by the workshop will be published in the Conference Proceedings, published by IEEE Computer Society Press. The Workshop uses EasyChair for all submissions: https://www.easychair.org/conferences/?conf=writ2014.
program for details.
Last day to book discounted hotel rooms:
April 23, 2014
Last day to cancel event registration:
April 24, 2014 (cancellation fees may apply)
Paper submission due:
February 10, 2014
February 3, 2014
Acceptance notification: March 14, 2014
Camera ready version due: March 28, 2014
Workshop: May 18, 2014
Selected papers will be invited to submit extended versions to a special issue of the IEEE Systems Journal titled "Insider Threats to Information Security, Digital Espionage and Counter-Intelligence." Dr. Ilsun You is coordinating this effort as the 2014 WRIT Special Issue Chair. Please see the Call for Papers for more information.
Ilsun You, Korean Bible University, firstname.lastname@example.org