image

 

KES 2024 Session: Detection of Complex Attacks through Advanced Learning Models

 

 

Scope of Session

 

This session intends to address the next challenges in the coupling of cybersecurity and AI by focusing on a blind spot of detection of complex cybersecurity attacks: the analysis of weak signals and stealthy interactions inside the systems to be protected.

 

Attacks and their countermeasures have grown dramatically more complex with the combination of extensive digital transformation in service and industries, the maturation of both defense and attack software, and the growing pressure of increasing cybersecurity threats. In this context, efficient detection requires a radical refinement of these systems which can no longer be considered as monolithic (or monolithic abstractions). The specificities of the user, machine, operating system, and service levels must be considered, while maintaining a technical control, and a cognitive one for the operator in charge, over the ever-growing heterogeneity. In particular: weak signals, traffic betraying an ongoing APT (advanced Persistent Threat), or attacks against the detection systems easily evade state of the art detectors. Being able to hunt these novel threats necessitates to support the identification of emerging behaviors, tracking the evolution of connections as well as connection patterns, or even making correlations through remote systems. And to do so in an antagonist environment where the adversary does not passively wait to be detected but takes actives steps to evade, lure or exploit the detection systems.

 

The session on "Interactions for security detection" deals with following key challenges:

  • How to model interactions between users, machines, systems, and services?
  • How to detect low signals and their drift, as well as learn and handle novel threats in antagonist environments?
  • How to exploit these low signals to abuse operational and protection systems
  • How to design robust systems, detection systems (federated learning), or bricks of detection systems (SOCs at system and user level)

 

Topics of interest are, but not restricted to:

  • Learning emerging behaviors for security detection
  • Low signals for detection
  • Graph representation learning for security: knowledge, provenance, connectivity graphs.
  • Advanced learning paradigms
  • Distributed learning and Decentralized learning
  • Federated learning
  • Stream learning
  • User interactions
  • Machine learning for security attack and defense
  • Detection in heterogeneous environments
  • LLM for security, security for LLMs
  • Adversarial machine learning
  • Trustworthy machine learning

 

Application domains are, but not restricted to:

  • IoT environments
  • Critical infrastructures
  • Cloud infrastructures
  • IT Networks

 

Fundamental and theoretical as well as applied research work are welcome.

 

 

Submission instructions:

 

For all updates and comprehensive instructions for autors please refer to:

http://kes2024.kesinternational.org/submission.php

 

Papers are invited for KES2024 on topics lying within the scope of the session. All contributions must be of high quality, original, and must not have been previously published elsewhere or intended for publication elsewhere.

All papers will be reviewed by members of the International Program Committee and depending on their level and attributes, may be selected for oral or poster presentation, and publication in the conference proceedings.

Full papers will be reviewed by the IPC and if accepted and presented, they will be published in Elsevier's Procedia Computer Science open access journal, available in ScienceDirect and submitted to be indexed/abstracted in CPCI (ISI conferences and part of Web of Science), Engineering Index, and Scopus.

Authors of selected papers may be invited to submit extended versions of their papers for publication as full journal papers, for example in the KES Journal or other journals.

 

Submitting your work

 

Please submit your work to:

http://kes2024.kesinternational.org/easychair.php

Full papers should be detailed academic articles in conventional format. The guide length for full papers is 8 to 10 pages (maximum).

 

 

Session organisation committee

  • Pierre Parrend, LRE/ICube (France)
  • Marc-Oliver Pahl, IMT-Atlantique (France)
  • Nida Meddouri, Ph.D., LRE (France)

 

Program committee:

  • Pierre Parrend, LRE/ICube (France)
  • Marc-Oliver Pahl, IMT-Atlantique (France)
  • Martin Husak, Brno (Czech Republic)
  • Nida Meddouri, Ph.D., LRE (France)
  • Mohamed Lamine Messai, University Lyon II (France)
  • Badis Hammi Télécom Sud Paris (France)
  • Sofiane Lagraa, Fujitsu (Luxembourg)
  • Amel Borgi, LIPAH (Tunisie)
  • Juba Agoun, Lyon 2 (France)
  • Ilef Ben Slima, ISMAI-K (Tunisie)

 

Main Contributing Research Centers :

  • ICube laboratory, University of Strasbourg (France)
  • LRE (Laboratoire de Recherche de l'EPITA), Paris (France)
  • IMT-Atlantique, Rennes (France)

 

 

Email & Contact Details:

 

 

Name, Title and Affiliation of Chair: Pierre Parrend, Prof., EPITA/University of Strasbourg

 

Bio:

Pierre Parrend is HDR Professor at EPITA and head of Security & Systems team ar LRE - Laboratoire de Recherche de l'EPITA, and member of the ICube laboratory of the University of Strasbourg. His research interests focus on the use of graphs for explainable detection of cyberattacks in critical systems, which he studies in DGA project DAMIAGE, and ANR projects THIA-ArtiC and Correau. Pierre is also deputy director of the LRE. In this context, he coordinates the contribution of EPITA's regional sites in Strasbourg, Rennes, Lyon and Toulouse to the school's partner research laboratories. Pierre was responsible for the BICS (Biostatistics, Informatics, and Complex Systems) research platform at the ICube laboratory, and responsible for the teaching department in computer science and mathematics at ECAM Strasbourg-Europe between 2012 and 2021. He is graduated with a Habilitation to Direct Research from the University of Strasbourg (2017) and a PhD in Computer Science from INSA Lyon (2008).