Bonjour à tous,

 

Vous trouverez ci-dessous l’appel à article pour la session ‘Detection of complex attacks’ que nous organisons lors de la conférence KES’24.

N’hésitez pas à transmettre à vos partenaires !  (les partenaires habituels de l’équipe sont déjà informés).

 

Bien à vous,

 

Pierre

 

Dear partners,

 

Please find below the call for paper for the Session on 'Detection of Complex Attacks' at KES'2024.

 

Session: 'Detection of Complex Attacks through Advanced Learning Models'

Conference: KES’2024, the 28th International Conference on Knowledge-Based and Intelligent Information & Engineering Systems

When: 11-13 September 2024

Where: Seville, Spain

Deadline: 8^th April 2024

All information: https://kes-dca.lre.epita.fr/

Submission: http://kes2024.kesinternational.org/easychair.php

 

Scope of Session

 

This session intends to address the next challenges in the coupling of cybersecurity and AI by focusing on a blind spot of detection of complex cybersecurity attacks: the analysis of weak signals and stealthy interactions inside the systems to be protected.

 

Attacks and their countermeasures have grown dramatically more complex with the combination of extensive digital transformation in service and industries, the maturation of both defense and attack software, and the growing pressure of increasing cybersecurity threats. In this context, efficient detection requires a radical refinement of these systems which can no longer be considered as monolithic (or monolithic abstractions). The specificities of the user, machine, operating system, and service levels must be considered, while maintaining a technical control, and a cognitive one for the operator in charge, over the ever-growing heterogeneity. In particular: weak signals, traffic betraying an ongoing APT (advanced Persistent Threat), or attacks against the detection systems easily evade state of the art detectors. Being able to hunt these novel threats necessitates to support the identification of emerging behaviors, tracking the evolution of connections as well as connection patterns, or even making correlations through remote systems. And to do so in an antagonist environment where the adversary does not passively wait to be detected but takes actives steps to evade, lure or exploit the detection systems.

 

The session on "Interactions for security detection" deals with following key challenges:

• How to model interactions between users, machines, systems, and services?
• How to detect low signals and their drift, as well as learn and handle novel threats in antagonist environments?
• How to exploit these low signals to abuse operational and protection systems
• How to design robust systems, detection systems (federated learning), or bricks of detection systems (SOCs at system and user level)

 

Topics of interest are, but not restricted to:

·         Learning emerging behaviors for security detection

·         Low signals for detection

·         Graph representation learning for security: knowledge, provenance, connectivity graphs.

·         Advanced learning paradigms

·         Distributed learning and Decentralized learning

·         Federated learning

·         Stream learning

·         User interactions

·         Machine learning for security attack and defense

·         Detection in heterogeneous environments

·         LLM for security, security for LLMs

·         Adversarial machine learning

·         Trustworthy machine learning

 

Application domains are, but not restricted to:

·         IoT environments

·         Critical infrastructures

·         Cloud infrastructures

·         IT Networks

 

Best regards,

 

Pierre Parrend, Marc-Oliver Pahl, Nidà Meddouri

 

Pierre Parrend

Deputy Head of LRE – Research Laboratory at EPITA

Head of Security and Systems Team

Professor, Dr. HDR