4th Workshop on
Quality of Protection
Workshop co-located with CCS-2008

Mon. Oct. 27, 2008 - Alexandria VA, USA


Home

Programme

Invited Speaker

Submission instructions

Accepted papers

Call For Papers

Call For Participation

Committees

Registration

Acknowledgments

QoP 2005

QoP 2006

QoP 2007

MetriSec 2009


Workshop Programme

09:00 - 09:15

Opening

Ketil Stølen (SINTEF)

Welcome Address

09:15 - 10:15

Invited Talk

Gunnar Peterson (Arctec Group)
The Economics of Finding and Fixing Vulnerabilities in Distributed Systems

Abstract

10:15 - 10:35

Session 1: Security Measurement
Chair: Riccardo Scandariato (Katholieke Universiteit Leuven)

Karen Scarfone, Peter Mell
Vulnerability Scoring for Security Configuration Settings (short)
Abstract

10:35 - 11:00

Coffee Break

11:00 - 12:20

Session 1: Security Measurement (continued)
Chair: Riccardo Scandariato (Katholieke Universiteit Leuven)

Aaron Visaggio, Gerardo Canfora
Does Enforcing Anonymity Mean Decreasing Data Usefulness?
Abstract

Marcel Frigault, Lingyu Wang, Anoop Singhal, Sushil Jajodia
Measuring Network Security Using Dynamic Bayesian Network
Abstract

Yijun Yu, haruhiko kaiya, Hironori Washizaki, Yingfei Xiong, Zhenjiang Hu
Enforcing a Security Pattern in Stakeholder Goal Models (short)
Abstract

12:20 - 13:45

Lunch

13:45 - 15:05

Session 2: Software Security
Chair: Andy Ozment

Michael Gegick, Laurie Williams, Jason Osborne, Mladen Vouk
Prioritizing Software Security Fortification through Code-Level Security Metrics
Abstract

Mariano Ceccato, Massimiliano Di Penta, Jasvir Nagra, Paolo Falcarin, Filippo Ricca, Marco Torchiano, Paolo Tonella
Towards Experimental Evaluation of Code Obfuscation Techniques
Abstract

Yonghee Shin and Laurie Williams
Is Complexity Really the Enemy of Software Security? (short)
Abstract

15:05 - 15:25

Coffee Break

15:25 - 16:45

Sesssion 3: Risk
Chair: Ketil Stølen (SINTEF)

K. Clark, E. Singleton, S. Tyree, J. Hale
Strata-Gem: Risk Assessment Through Mission Modeling
Abstract

Yudistira Asnar, Nicola Zannone
Perceived Risk Assessment
Abstract

Marco Aime, Andrea Atzeni, Paolo Carlo Pomi
The Risks With Security Metrics (short)
Abstract

16:45 - 17:00

Coffee Break

17:00 - 17:45

Panel
Chair: Riccardo Scandariato (Katholieke Universiteit Leuven)


Security Analytics: Status and Roadmap in Security Modeling

17:45 - 18:00

Closing

Short paper presentations should be at most 20 minutes.
Long paper presentations should be at most 30 minutes.