The use of graphical security models to represent and analyse the security of systems has gained an increasing research attention over the last two decades. Formal methods and computer security researchers, as well as security professionals from the industry and government, have proposed various graphical security models, metrics, and measurements. Graphical models are used to capture different security facets and address a range of challenges including security assessment, automated defence, secure services composition, security policy validation, and verification. For example, attack graphs, attack trees, attack–defence trees, and attack countermeasure trees represent possible ways of attacking and defending a system while misuse cases and mal-activity diagrams capture threats and abusive behaviour of users.
TOPICSThis year, we are particularly keen to encourage excellent submissions related, but not restricted, to the following broad headings:
- Graph representations: mathematical, conceptual, and implemented tools for describing and reasoning about security
- Logical approaches: formal logical tools for representing and reasoning about graphs and their use as modelling tools in security
- Machine learning: modelling and reasoning about the role of big data and machine learning in security operations
- Networks in national security: terrorist networks, counter-terrorism networks; safety in national infrastructure (e.g., utilities and transportation)
- Risk analysis and management: models of risk management in business and organizational architectures
- Social networks: using and reasoning about social graphs, network analysis, network protocols, social mapping, sociometry.
Preference will be given to papers likely to stimulate high-quality debate at the Workshop.
The GraMSec workshop seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of graphical models for security.