Supported by:

In cooperation with:

SIG SIDAR of the German Informatics Society

Co-located with:

DIMVA2011-Logo

EWNI 2010:

1st European Workshop on Internet Early Warning and Network Intelligence

Please note:
EWNI 2011 has been canceled for internal reasons!



EWNI 2011 - Call for Papers

2nd European Workshop on Internet Early Warning and Network Intelligence

  • July 06, 2011
  • Amsterdam, The Netherlands

Introduction

Threats in the Internet are numerous. They have to be dealt with at many levels - ranking from firewalls or intrusion detection systems (IDS) to measures with a broader or even global focus. Early Warning Systems (EWS) are such broadly focused measures. EWS usually consist of distributed sensors networks and some central analysis or assessment facilities. The sensors collect raw data, e.g. statistics about connections (NetFlows), malware samples, or IDS events. By means of the centralized analysis facilities the "big picture" of what is happening can be obtained. EWS is valuable to numerous roles and entities. Be it larger organizations, governments, or Computer Emergency Response Teams (CERT). All greatly benefit from EWS and the resulting (global) network situational awareness when having to judge the security of their own networks. The usefulness of EWS for Critical Information Infrastructure Protection (CIIP) follows directly from this. Only when many actors deliver pieces can the puzzle be put together.

Thus, the need for collaboration has been - more or less - accepted. However, large scale, collaborative detection efforts have been difficult. EWS started addressing this a couple of years ago, already. And while certain technical requirements (privacy, data protection, ...) have been met, EWS still require a lot of research efforts and improvements in order to keep up with the perpetuous arms race between attackers and defenders.

Topics

The goal of this workshop is twofold: Evaluate the current state of the art of EWS and explore both related and future research areas. On an organizational level the workshop is intended to stimulate collaborative efforts.

The program committee solicits submissions particularly from the following areas but will carefully consider all contributions which are sufficiently related to Early Warning and Network Intelligence:

  • modeling EWS
  • organizational and operational issues of EWS
    • practical experiences
    • international cooperation
    • inter-organizational communication/cooperation
    • interoperability
  • next generation EWS
  • distributed sensor networks
  • data acquisition
  • data aggregation/evaluation
  • visualization
  • data navigation/user interfaces
  • infrastructural network security
  • privacy and data protection in EWS
  • management of large-scale EWS installations
  • HCI aspects of EWS

Important Dates

Paper Submission 2011-03-11 (extended)
Notification of Acceptance  2011-04-01
Camera ready version 2011-04-22
Workshop 2011-07-06

Submission details

The EWNI PC solicits

  • Full papers, presenting novel research results, are limited to 16 pages, prepared as instructed below. The program committee will review all papers. Papers accepted for presentation at EWNI will be included in the proceedings.
  • Short papers (extended abstracts), presenting original, still ongoing work, are limited to 8 pages, prepared according to the instructions provided below. They will also be reviewed by the program committee, and papers accepted for presentation at EWNI will be included in the proceedings (containing Extended Abstract in the title).
The following applies in either case:
  • All submissions must be in English and in PDF format.
  • Submitted full papers must not substantially overlap with work that has been published before, or that is simultaneously in submission to a journal or a conference with proceedings. Simultaneous submission, submission of previously published work, and plagiarism constitute dishonesty or fraud. EWNI prohibits these practices and may take appropriate action against authors who have committed them.
  • Accepted papers must follow the format of GI's Lecture Notes in Informatics (LNI). Details can be found in the LNI author's guidelines.
  • The LaTeX template has to be used.
  • Submissions have to be made via the EWNI 2011 submission page.

Proceedings

GI Logo Accepted papers will be published in GI's Lecture Notes in Informatics (LNI) series.

Conference Program

The program will be made available here as soon as the review process is over.

Registration and fees

TBA

Program committee

The program committee members are:

Agris Belasovs (ENISA)
Carol Overes (Du Telecom)
Fabien Pouget (Agence nationale de la sécurité des systèmes d’information)
Hans-Peter Jedlicka (Bundesamt für Sicherheit in der Informationstechnik)
Klaus-Peter Kossakowski  (PRESECURE Consulting GmbH)
Marco Thorbrügge (ENISA)
Peter Haag (SWITCH-CERT)
Piotr Kijewski (CERT POLSKA)
Roman D. Danyliw (CERT/CC)
Thorsten Holz (Ruhr-University Bochum)
Till Dörges (PRESENSE Technologies GmbH)
Tobias Limmer (University of Erlangen)
Ulrich Flegel (University of Applied Sciences Offenburg)

Support and such

EWNI2011 is organized by PRESENSE Technologies GmbH.

EWNI2011 is supported by the European Network and information Security Agency (ENISA).

EWNI2011 is in cooperation with the SIG SIDAR of the German Informatics Society (Fachgruppe SIDAR der Gesellschaft für Informatik e.V.)

Contact information

You can reach the organizers at

ewni2011@pre-sense.de