Second IEEE International Workshop on Security Testing and Monitoring

co-located with IEEE ICDCS 2016, Nara, Japan



Distributed computer networked systems and services have become a crucial infrastructure element for the organization of modern society. These networks and services are required to be more and more open and new technology is designed to facilitate the inter-operation between these networks composed of heterogeneous, communicating devices. Guaranteeing that they inter-operate securely has become a major concern for individuals, enterprises and governments. Since the environment may be potentially hostile and contain malicious components, it is crucial to define frameworks adapted to distributed systems to enforce security and privacy. By distributed systems, we mean all systems that are composed of more than one communicating device such as telecommunication networks, cloud computer environment, smart communities, internet of things, distributed operating systems and middleware, big data etc.

The STAM workshop tries to answer how vulnerability, intrusions and attacks modeling can help users understand the occurrence of malicious behaviors in order to avoid them, and what are the advantages and drawbacks of the existing models. At the same time, the workshop tries to understand how to solve the challenging security testing and monitoring problem given that testing distributed systems is a complex task and security will add new challenges and difficulties to be solved.

The objective of this workshop is to share ideas, methods, techniques, and tools about security testing and monitoring in distributed systems to improve the state of the art. In addition to scientific paper presentations, we intend to have one or two keynotes describing ongoing activities in the related areas and demonstrations of some innovative security tools.

Topics of Interest

The goal of STAM workshop is to bring together security practitioners and researchers to exchange ideas, perspectives on problems, and solutions. Papers proposing novel models, methods, and algorithms are welcomed as well as papers reporting experiences on the application of existing methods on case studies and industrial examples.

  • Security testing in distributed systems
  • Security monitoring in distributed systems
  • Testing techniques in distributed systems: Fuzz, regression, mutation, safety and robustness etc.
  • Formals models for security in distributed systems
  • Security requirements definition and modeling
  • Runtime monitoring for distributed applications and services
  • Techniques to validate secure communications
  • Security testing and monitoring automation
  • Attacks tolerance in distributed environments
  • Remediation and reactions against attacks in distributed systems
  • Security testing and monitoring for cloud and multi-cloud systems
  • Security testing and monitoring for IoT
  • Security testing and monitoring for big data
  • Security testing and monitoring for critical infrastructure
  • Trust and privacy in distributed environments
  • Tools for security testing and monitoring
  • Industrial experience reports