posted by organizer: j04n || 3140 views || tracked by 5 users: [display]

WATeR 2013 : The First Workshop on Anti-malware Testing Research

FacebookTwitterLinkedInGoogle

Link: http://secsi.polymtl.ca/water2013
 
When Oct 30, 2013 - Oct 30, 2013
Where Montréal, Canada
Submission Deadline Jul 26, 2013
Notification Due Sep 9, 2013
Final Version Due Oct 7, 2013
Categories    computer security   MALWARE   testing   antivirus
 

Call For Papers

-------------------------------------------------
Description:

Anti malware products have become a key element of information system protection against current threats. Testing how effective these products are at protecting the end-users and their computers is therefore crucial, whether it is to improve product quality (engineering testing) or to aid users in making better decisions about their acquisition and operation (certification and comparative testing). However designing and conducting relevant anti-malware tests producing significant and accurate results is a complex problem. First of all, anti malware products must be tested not only in varying operating conditions and environment, but also against a constantly evolving threat, driven by malware creators whose goal is to make them perform poorly. Second, the evolving complexity and variety of malware, both in terms of propagation methods and ultimate uses has rendered the problem of proper testing much more difficult with time. Long gone are the days when anti-malware performance could be accurately measured by the traditional method of exposing them to a list of malware file samples containing most if not all of the known malware variants. Today, the sheer number of known malware samples, their extensive use of the Internet and the Web, and in many cases the necessity for human intervention for propagation make this approach much less applicable. On the other hand, many traditional anti malware products have in fact migrated towards dynamic protection services, with anti malware vendors constantly updating threat databases and signatures, which are being consulted on-demand by locally installed products; the so-called anti-malware “in-the-cloud” solutions. Testing the efficacy of such new types of products and services under relevant and repeatable conditions constitutes a formidable technical, operational and even economical challenge.

The Anti-Malware Testing Standards Organization (AMTSO), regrouping key players from the anti-malware industry including product vendors, testers, security experts and technology publishers, fully recognizes the technical challenges posed by testing in the current context. It also acknowledges the need to re-evaluate traditional testing methods in the current context, to potentially develop new approaches to testing, while providing an open forum for discussion on these issues including the academic community, regulatory bodies and government, and groups representing the interests of end-users. To that effect, the SecSI Laboratory of École Polytechnique de Montréal, with the collaboration of AMTSO and technical co-sponsorship of IEEE Technical Society (pending approval), is organizing the First Worshop on Anti-malware Testing Research. The aim of this workshop is to bring together experts from the industry in contact with academic researchers in order to identify and define the important technical problems associated with anti-malware testing methodologies, and hopefully help establishing collaborations on potential research projects looking for solutions to these problems.

-------------------------------------------------
Scope:

The organizers of the workshop solicit papers discussing the technical and operational difficulties of anti-malware testing. This may include surveys and position papers, proposals for innovative approaches, quantitative analysis of testing, and field reports or research results on testing. The following is a non-exhaustive list of topics that may be covered:

• Static file sample testing (“On-demand testing”)
• Malware sample storage and labelling
• Sample selection for static testing
• Dynamic testing using malicious URL
• URL samples selection
• Internal testing for product improvement
• User-experience evaluation and testing
• Comparative testing
• Remediation testing
• Automated testing facilities
• Testing with human subjects
• Testing “in-the-cloud” anti-malware products
• Measuring anti-malware vendor responsiveness (“time to protect”)
• Test results interpretation and validation
• Economics of anti-malware testing

-------------------------------------------------
Paper Submissions:

Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with publically available proceedings. Papers must be written in English. Maximum paper length will be 4-6 printed pages in IEEE 2-column style. Authors of accepted papers must register for the workshop (minimum one registration per paper) and guarantee that their papers will be presented at the conference. All papers selected for presentation at the conference will be published in the hard-copy proceedings distributed to all conference participants and will be made available on-line by IEEE Xplore (http://ieeexplore.ieee.org). All paper submissions will be handled through the Easy Chair conference management system.

See instructions at (https://www.easychair.org/conferences/?conf=water2013) or at the conference Web site (http://secsi.polymtl.ca/water2013).

-------------------------------------------------
Program Committee:

GENERAL CHAIR
José M. Fernandez, École Polytechnique de Montréal, Canada

PC CHAIR
Carlton Davis, École Polytechnique de Montréal, Canada

PUBLICITY CHAIR
Joan Calvet, École Poltyechnique de Montréal

PROGRAM COMMITTEE
Anthony Arrott, Trend Micro, USA
Pierre-Marc Bureau, ESET Canada, Canada
Matthieu Couture, Public Safety Canada, Canada
Mourad Debbabi, Concordia University, Canada
José M. Fernandez, École Polytechnique de Montréal, Canada
Richard Ford, Florida Institute of Technology, USA
Jean-Yves Marion, Université de Lorraine, France
Andreas Marx, AV Test, Germany
Igor Muttik, McAfee, United Kingdom
Lisa Myers, Intego, USA
Stephen Neville, University of Victoria, Canada
Anil Somayaji, Carleton University, Canada
Syrine Tlili, École supérieure des technologies et d’informatique, Tunisia
Randy Vaughn, Baylor University, USA

Related Resources

CyberSA 2020   IEEE International Conference on Cyber Situational Awareness, Data Analytics and Assessment
FGCS-ETDNS 2020   Future Generation Computer Systems SI on Emerging Topics in Defending Networked Systems
ICST 2020   13th IEEE Conference on Software Testing, Validation and Verification
MAAIDL 2020   Springer Book 'Malware Analysis using Artificial Intelligence and Deep Learning'
STV 2020   13th IEEE Workshop on System Testing and Validation
ISPR 2020   6th International Conference on Image and Signal Processing
ISSTA 2020   International Symposium on Software Testing and Analysis
ICISPP--IEEE, Ei, Scopus 2020   IEEE--2020 International Conference on Information Security and Privacy Protection (ICISPP 2020)--Ei Compendex, Scopus
Malware Analyst Conference 2020   Malware Analyst Conference 2K20
A-MOST 2020   Advances in Model-Based Software Testing