Second IEEE International Workshop on Security Testing and Monitoring

co-located with ICDCS 2016, Nara, Japan


Time Activity
Session I Network Security Monitoring
9.00 - 9.15 Welcome
9.15 - 10.00 Invited speaker – Sylvain Hallé – University of Quebec in Chicoutimi, Canada
A Few Applications of Event Stream Processing
Runtime verification is the process of observing a sequence of events generated by a running system and comparing it to some formal specification for potential violations. We show how the use of the BeepBeep event stream processor can greatly speed up the testing phase of a video game under development, by automating the detection of bugs when the game is being played. This process generalizes to a wide number of other use cases, including web application debugging and network intrusion detection.
10.00 - 10.30 A misbehavior node detection algorithm for 6LoWPAN Wireless Sensor Networks
Vinh Hoa La and Ana Cavalli
10.30 - 11.00 Coffee Break
Session II Cloud Security Monitoring
11.00 - 11.30 SLA-driven Monitoring of Multi-Cloud Application Components using the MUSA framework
Erkuden Rios, Wissam Mallouli, Massimiliano Rak, Valentina Casola and Antonio M. Ortiz
11.30 - 12.00 Intrusion detection and attack tolerance for cloud environments: the CLARUS approach
Georges Ouffoué, Antonio M. Ortiz, Ana Cavalli, Wissam Mallouli, Josep Domingo-Ferrer, David Sánchez and Fatiha Zaidi
12.00 - 12.30 Data Mobility as a service
Thanh Dat Dang and Doan Hoang
12.30 - 14.00 Lunch
Session III Network Security Monitoring
14.00 - 14.30 Invited speaker – Edgardo Montes de Oca – Montimage, France
Events based Security Monitoring
Event processing is a method of tracking and analyzing streams of information about things that happen (events) and deriving a conclusion from them. Complex Event Processing (CEP) is event processing that combines data from multiple sources to infer events or patterns that suggest more complicated circumstances. The goal of complex event processing is to identify meaningful events (such as opportunities or threats) and respond to them as quickly as possible. In this talk, we will present the MMT tool that allows CEP and show how it can be used for passive security testing. A demonstration of the tool's capabilities is also planned based on of experiments performed in the CIP-PSP SWEPT pilot dedicated to improve the prevention of attacks and detection of vulnerabilities in websites.
14.30 - 15.00 Improving SNI-based HTTPS Security Monitoring
Wazen Shbair, Thibault Cholez, Jérôme François and Isabelle Chrisment
15.00 - 15.30 An analysis of secure M2M communication in the WSN using DTLS
Raul Armando Fuentes Samaniego, Ana Cavalli and Juan Arturo Nolazco Flores
15.30 - 16.00 Coffee Break