Two papers accepted at ISCC-SFCS and COMPSAC-SIMICE 2015

Yi-Ching Liao and I co-authored papers that were accepted for presentation this summer.

The first paper, „Events and Causal Factors Charting of Kernel Traces for Root Cause analysis“, will be presented at the ISCC-SFCS 2015, the Third International Workshop on Security and Forensics in Communication Systems, co-located with the Twentieth IEEE Symposium on Computers and Communications. Here is the abstract:

Constructing an events and causal factors chart can assist investigators in conducting an in-depth investigation and identifying the root causes of incidents. We regard kernel traces as one of the potential evidence sources for forensic readiness, and propose a systematic approach to construct an events and causal factors chart from kernel traces by employing layers of abstraction. Through employing graphical elements to represent kernel traces and applying clustering techniques to reduce the trace volume, the proposed approach can alleviate the complexity and quantity problems in kernel traces. Moreover, the proposed approach is helpful in improving the readability and understandability of kernel traces, facilitating effective communication of the investigation findings, and providing flexibility in depth of investigation.

The second paper, „Developing Metrics for Surveillance Impact Assessment“, will be presented at the COMPSAC-SIMICE 2015, the 1st IEEE International Workshop on Secure Identity Management in the Cloud Environment, co-located with COMPSAC 2015, the 39th Annual International Computers, Software & Applications Conference. Here is the abstract:

Conducting surveillance impact assessment is the first step to solve the „Who monitors the monitor?“ problem. Since the surveillance impacts on different dimensions of privacy and society are always changing, measuring compliance and impact through metrics can ensure the negative consequences are minimized to acceptable levels. To develop metrics systematically for surveillance impact assessment, we follow the top-down process of the Goal/Question/Metric paradigm: 1) establish goals through the social impact model, 2) generate questions through the dimensions of surveillance activities, and 3) develop metrics through the scales of measure. With respect to the three factors of impact magnitude: the strength of sources, the immediacy of sources, and the number of sources, we generate questions concerning surveillance activities: by whom, for whom, why, when, where, of what, and how, and develop metrics with the scales of measure: the nominal scale, the ordinal scale, the interval scale, and the ratio scale. In addition to compliance assessment and impact assessment, the developed metrics have the potential to address the power imbalance problem through sousveillance, which employs surveillance to control and redirect the impact exposures.

 

About Author: Hanno Langweg

Comments are closed.

Search