ICIMP 2019 - The Fourteenth International Conference on Internet Monitoring and Protection
July 28, 2019 - August 02, 2019
ICIMP 2019: Call for Papers
The International Conference on Internet Monitoring and Protection continues a series of special events targeting security, performance, vulnerabilities in Internet, as well as disaster prevention and recovery. Dedicated events focus on measurement, monitoring and lessons learnt in protecting the user.
The design, implementation and deployment of large distributed systems are subject to conflicting or missing requirements leading to visible and/or hidden vulnerabilities. Vulnerability specification patterns and vulnerability assessment tools are used for discovering, predicting and/or bypassing known vulnerabilities.
Vulnerability self-assessment software tools have been developed to capture and report critical vulnerabilities. Some of vulnerabilities are fixed via patches, other are simply reported, while others are self-fixed by the system itself. Despite the advances in the last years, protocol vulnerabilities, domain-specific vulnerabilities and detection of critical vulnerabilities rely on the art and experience of the operators; sometimes this is fruit of hazard discovery and difficult to be reproduced and repaired.
System diagnosis represent a series of pre-deployment or post-deployment activities to identify feature interactions, service interactions, behavior that is not captured by the specifications, or abnormal behavior with respect to system specification. As systems grow in complexity, the need for reliable testing and diagnosis grows accordingly. The design of complex systems has been facilitated by CAD/CAE tools. Unfortunately, test engineering tools have not kept pace with design tools, and test engineers are having difficulty developing reliable procedures to satisfy the test requirements of modern systems. Therefore, rather than maintaining a single candidate system diagnosis, or a small set of possible diagnoses, anticipative and proactive mechanisms have been developed and experimented. In dealing with system diagnosis data overload is a generic and tremendously difficult problem that has only grown. Cognitive system diagnosis methods have been proposed to cope with volume and complexity.
Attacks against private and public networks have had a significant spreading in the last years. With simple or sophisticated behavior, the attacks tend to damage user confidence, cause huge privacy violations and enormous economic losses.
The CYBER-FRAUD track focuses on specific aspects related to attacks and counterattacks, public information, privacy and safety on cyber-attacks information. It also targets secure mechanisms to record, retrieve, share, interpret, prevent and post-analyze of cyber-crime attacks.
Current practice for engineering carrier grade IP networks suggests n-redundancy schema. From the operational perspective, complications are involved with multiple n-box PoP. It is not guaranteed that this n-redundancy provides the desired 99.999% uptime. Two complementary solutions promote (i) high availability, which enables network-wide protection by providing fast recovery from faults that may occur in any part of the network, and (ii) non-stop routing. Theory on robustness stays behind the attempts for improving system reliability with regard to emergency services and containing the damage through disaster prevention, diagnosis and recovery.
Highly reliable emergency communications are required by public safety and disaster relief agencies to perform recovery operations or associated with disasters or serious network events. Future advanced network development and evolution should take into consideration these requirements through solutions:
- Identification of suitable technologies, i.e., narrowband and broadband aspects,
- Interoperability and interworking between emergency communications capabilities and public networks,
- Preferential access to communications resources capabilities, applications, and facilities,
- Preferential use of remaining operational resources.
We solicit both academic, research, and industrial contributions. We welcome technical papers presenting research and practical results, position papers addressing the pros and cons of specific proposals, such as those being discussed in the standard fora or in industry consortia, survey papers addressing the key problems and solutions on any of the above topics short papers on work in progress, and panel proposals.
Industrial presentations are not subject to the format and content constraints of regular submissions. We expect short and long presentations that express industrial position and status.
Tutorials on specific related topics and panels on challenging areas are encouraged.
The topics suggested by the conference can be discussed in term of concepts, state of the art, research, standards, implementations, running experiments, applications, and industrial case studies. Authors are invited to submit complete unpublished papers, which are not under review in any other conference or journal in the following, but not limited to, topic areas.
All topics and submission formats are open to both research and industry contributions.
ICIMP 2019 conference tracks:
CYBERSECURITY: Trends in Cybersecurity
Blockchain and machine learning for cybersecurity; Behavioral biometrics authentication; Privacy by design; Anonymity of blockchain and cryptocurrencies; Threat categorization and threat detection; Threats on critical national infrastructures; Gift card hacking techniques; Medical IoT Device-to-Device communication; Blockchain in supporting critical infrastructures; Vulnerability on social media spaces; Internet of Medical Things (IOMT); Cybersecurity for digital vehicles; Potential radicalization on social media; Blockchain and healthcare systems; Risk-based human behavior profiling; Forensic recovery of cloud evidence; Hacking pacemakers; Prediction of cyber attacks; Ransomware cyberweapon; Liability attribution in smart workplaces; Cybersecurity, laws and regulations; Information from browsers by online advertising platforms; Predicting social engineering victims; Cybercrime awareness
TRENDS: Trends on monitoring with new technologies
Traffic in SND-based data centers; Risk control for shared-servers in data centers; Fraud prevention in Cloud networking; Discovering and monitoring Botnets in SDNs; 5G traffic measurement and monitoring; Monitoring challenges in Smart Cities; Monitoring Smart buildings; Smart metering and monitoring; Smart sensing for ral-time monitoring and control; Monitoring IoT (internet of Things)-based networks; Secure SDNs; Secure IoTs; Monitoring 5G LTE-Advanced networks; LTE-R measurements; Traffic with Big Data; QoE-aware traffic; QoS and QoE in LTE networks; Fraud detection Smart Cities networks; Cyber-attacks in device-to-device Internet; Safety on IoD (Internet of Drones); Monitoring digital health services; Monitoring mission-critical services; Preventing Cyber-systems attacks; Identity control and management; Predictive traffic assessment; Optimal balancing control
TRASI: Internet traffic surveillance and interception
Methods and context to classify legal and illegal traffic;
Methods and procedure to classify wanted and undesired traffic;
Overloads, attacks, and failures;
Detection of attacks via protocols and applications;
Undesired traffic evaluation;
Traffic identification caused by malicious code (spam, virii, and worms, etc.);
Traffic profile during disaster recovery;
Traffic during active emergency services;
Early warning on growing undesired traffic;
Access control and audit detection points;
Denial of service;
Spoofing;
Lawful interception;
Multi-modal undesired traffic detection;
Measurements and data mining correlation;
Countermeasures on undesired traffic
IPERF: Internet performance
Performance-oriented design;
Active and passive performance monitoring; Performance metrics and measurements;
Measurement-based performance evaluation in Internet;
System measurement and monitoring;
Performance model verification and validation;
Stochastic modeling (queues, Petri nets, etc.);
Statistical performance;
Performance of Internet routing;
Performance optimization;
Internet performance prediction;
Internet performance evaluation studies;
Internet performance testbeds;
Performance evaluation of Web search engines;
Performance evaluation of P2P systems
RTSEC: Security for Internet-based real-time systems
Security and availability of Web Services;
Security/Performance trade-off;
Distributed systems security;
Language-based security;
Formalisms for security and protocol verification;
Performance on firewall protected real-time systems;
Security management in real-time systems;
Metrics and techniques for security risk assessment;
Internet monitoring and response security service;
Protecting emergency communications from misuse and exploitation;
Maintaining security in the face of disaster;
Intrusion prevention and detection systems;
Secure networks from web-based threats
DISAS: Disaster prevention and recovery
Survivable networks on chips;
Intrusion detection and defense;
Alerting systems based on outstanding network events;
Recovery methods in various networks;
Disaster diagnosis and continuity plans;
Fighting mechanisms for disaster of networks and applications;
Global positioning systems;
Vehicle localization and navigation systems;
Disaster relief agencies to perform recovery operations;
Survivability-driven defense and do-it-yourself disaster recovery;
Security during disaster recovery;
Budgeting disaster recovery;
Networks emergency services;
Reliable emergency communications and applications;
Response to the networks emergency services;
Disaster prevention and recovery;
Fighting mechanisms for disaster of networks and applications; Networks resiliency methods;
Recovery in various networks;
Theory on robust networks;
Customer protection and serviceability perception;
Cost models and business impact;
Cultural and legal aspects;
Future advanced network development and evolution;
Standards and guidelines;
Lawful interception and defense strategies;
Security issues with emergency services and disaster recovery
EMERG: Networks and applications emergency services
Survivability architecture for e-commerce;
Emergency and non-emergency services;
Emergency coverage and intermittent services;
PSAPs and emergency services;
Future 911 PSAP message interfaces;
Reliable emergency communications;
Next generation of emergency communications;
Response to the networks emergency services;
Voice emergency notification services
MONIT: End-to-end sampling, measurement, and monitoring
Internet monitoring techniques and procedures;
Monitoring tools, functions, and metrics;
Combining, filtering, and reporting monitoring metrics;
Theory and practice on sampling/inversion problem (accuracy, complexity, etc.);
Distributed and adaptive sampling techniques;
Sampling & inverting traffic with passive and active systems;
Internet end-to-end measurements from a sampling perspective;
Impact of sampling on anomaly detection;
Mechanisms for sampling the Internet traffic or collected traces;
On-line and off-line metrics and measurements;
Incident estimation and monitoring;
Internet access monitoring;
Spy software;
Internet monitoring, filtering and blocking software;
Monitoring Internet traffic to optimize network bandwidth;
Remote monitoring
REPORT: Experiences & lessons learnt in securing networks and applications
Platforms for electronic distribution of plane tickets;
Platforms for electronic distribution of hotel booking;
Data accuracy;
E-trade strengths and weaknesses;
Malicious spyware;
Blocking without quarantining the systems/networks;
Out-of-band intrusion prevention;
Antivirus e-mail gateways software;
Security and vulnerability engineering
USSAF: User safety, privacy, and protection over Internet
Countermeasures on fraud prevention;
Trust, trust estimators, and trust mitigation in public e-business;
Customer protection and serviceability perception;
Privacy impacts of emergency presence services;
Authentication/authorization;
Biometric methodologies and ID Cards;
Security on hardware and smart cards;
Identity management;
Automated security analysis;
Electronic Privacy;
Anonymity and pseudo-anonymity;
Security compliance;
Public safety, Instance messages;
Presence protocols;
Priority user service
SYVUL: Systems vulnerabilities
Vulnerability specification languages;
System vulnerability assessment;
Formal methods for safety-critical systems;
Prediction capabilities of vulnerability discovery models;
Highly vulnerable systems;
Critical vulnerabilities;
Errors and configurations leading to vulnerabilities;
Incident reports and handling;
Networks resiliency methods;
Capacity planning for resilience and emergency;
Operational resilience;
Theory of disaster-tolerant systems;
Web service vulnerability;
Protocol vulnerability; Vulnerabilities in database systems;
Vulnerability in control systems;
Vulnerability analysis and. requirements for the security;
Vulnerabilities by self-managed sensors;
Recovery by disruption resource procedures;
Common vulnerability scoring systems;
Cost models and vulnerability business impact
SYDIA: Systems diagnosis
Diagnosis platforms;
Diagnosis policy language;
Diagnosis event formats;
Process algebras for systems diagnosis;
Probabilistic diagnosis of multiprocessor systems;
Self-diagnosis in distributed systems;
Cognitive system diagnosis;
System diagnosis using propagation models;
Technical intuition in systems diagnosis;
Managing conflicts in systems diagnosis;
Hybrid systems diagnosis;
Diagnosis tools;
End-to-end diagnosis;
Remote system diagnosis;
Diagnosis licensing;
Real-time symptom detection and fixing actions;
Forensic/real-time/anticipative diagnosis;
Diagnosing mobility-oriented systems;
Diagnosis of discrete event systems;
Diagnosis of complex dynamical systems
CYBER-FRAUD: Cyber fraud
Epidemiological models for warware and cyber-crime propagation;
Record and retrieval of cyber-crimes;
Forensic analysis;
Cyber-crime prevention;
Cyber-crime vulnerabilities;
Cyber-counterattack at source;
Distributed cyber-attacks;
Orchestrated cyber-attacks;
Recursion attacks;
Cyber-storm attacks;
Spyware and malware;
Cyber-pranks, hoaxes;
Phishing/Pharming and anti-phishing;
Cyber-terrorism;
Online cyber-crime reporting;
Accuracy and security of cyber-reports;
Fighting cyber-crimes;
Cyber-crime laws
BUSINESS: Business continuity
Regulatory compliance;
Techniques for business continuity planning in the real world;
Business contingency and resumption planning;
Emotional continuity management;
Semiotic engineering of online services;
Emergency preparedness for industry and commerce;
Updating, auditing and testing plans;
Reduce downtime with continuous backup;
Global connectivity and international formats;
Web-based planning tools;
Automatic high speed notification and response for business continuity;
Centralized management;
Businesses continuity planning software;
On-demand business transformation
RISK: Risk assessment
Risk assessment information systems;
Modeling risk assessment;
Risk Assessment methods;
Global risk assessment;
Qualitative risk assessments;
Quantitative risk assessment;
Challenges in risk assessment;
Risk assessment for economy;
Risk assessment for security of communications systems;
Safety risk assessment;
Health system risk assessment;
Integrated risk assessment;
Planning tools for proactive risk assessment;
Risk management;
Risk factors and economic impact;
Risk metrics and calibration;
Precaution and risk balance;
Risk and economic analysis of terrorism events;
Risk analysis for extreme events;
Life cycle assessment in decision making;
Environmental risk assessment;
Credit ratings risk assessment;
Risk Assessment statistics & numerical data;
Risk assessment standards;
Risk assessment tools and support software
TRUST: Privacy and trust in pervasive communications
Trust development and management;
Engineering requirements for trust management;
Formalisms for trust specification, verification and validation;
Logics for the analysis of trust and for reasoning about trust;
Legal framework for online trust environments;
Trust in semantic Web services;
Reputation systems;
Distributed trust management;
Trust on anonymous documents;
Privacy and trust;
Trust in collaborative work and risk assessment;
Risk analysis to assess user trust;
Human behaviors in trusted environments;
Trust in virtual communities;
Trust mediation in knowledge management;
Trust planning and evaluation metrics;
Trust policies;
Self-adaptable trust mechanisms;
Identity Management in pervasive environments (requirements, levels of abstractions, context, protection, etc.);
Assurance (compliance, assurance, audit, security requirements)
RIGHT: Digital rights management
Ontology and frameworks on digital rights management;
Digital rights property languages;
Semantic and encoding of digital rights;
Rights granularity;
Digital right technologies;
Digital rights management schemes;
Federated digital rights management;
Distributed digital rights management;
Copyright protection schemes;
Digital rights management ands social norms;
Faire use, innovation, and competition;
Trading fair use for digital rights management;
Digital rights management and open access;
Privacy engineering for digital rights management;
Value-centered design for digital rights management;
Free software and digital rights management;
P2P and digital rights management;
Broadband/IPTV content protection and digital rights management;
Digital right management and content licensing;
Digital rights management issues in real-time and safety/mission systems;
RFID tags for digital rights management;
Digital rights management in learning systems;
Legal policy and digital right management
BIOTEC: Biometric techniques
Models and techniques for biometric technologies;
Finger, facial, iris, voice, and skin biometrics;
Biometric security;
Signature recognition;
Multimodal biometrics;
Verification and identification techniques;
Accuracy of biometric technologies;
Authentication smart cards and biometric metrics;
Performance and assurance testing;
Limitations of biometric technologies;
Biometric card technologies;
Biometric wireless technologies;
Biometric software and hardware;
Biometric standards
EMDRM: Enterprise & Media DRM
Digital Policy Management;
Enterprise Rights Management (adoption and case studies);
DRM Interoperability;
Operational Risk Management;
Compliance and Regulatory Frameworks (SOX, Basel II, HIPPA, etc.);
Corporate Governance;
Content and Knowledge Management (financial, CAD, IP, trade secrets, etc.);
Interorganizational System (IOS);
Retention Policies and Classification;
Traceability, Monitoring, tracking, usage metering, audit trails
Deadlines:
Submission | Apr 26, 2019 |
Notification | May 26, 2019 |
Registration | Jun 09, 2019 |
Camera ready | Jun 20, 2019 |
Deadlines differ for special tracks. Please consult the conference home page for special tracks Call for Papers (if any).
INSTRUCTION FOR THE AUTHORS
Authors of selected papers will be invited to submit extended versions to one of the IARIA Journals.
Publisher: XPS (Xpert Publishing Services)
Archived: ThinkMindTM Digital Library (free access)
Prints available at Curran Associates, Inc.
How to submit to appropriate indexes.
Only .pdf or .doc files will be accepted for paper submission. All received submissions will be acknowledged via an automated system.
Contribution types
- regular papers [in the proceedings, digital library]
- short papers (work in progress) [in the proceedings, digital library]
- ideas: two pages [in the proceedings, digital library]
- extended abstracts: two pages [in the proceedings, digital library]
- posters: two pages [in the proceedings, digital library]
- posters: slide only [slide-deck posted on www.iaria.org]
- presentations: slide only [slide-deck posted on www.iaria.org]
- demos: two pages [posted on www.iaria.org]
FORMATS
Only .pdf or .doc files will be accepted for paper submission. All received submissions will be acknowledged via an automated system.
Final author manuscripts will be 8.5" x 11", not exceeding 6 pages; max 4 extra pages allowed at additional cost.
Helpful information for paper formatting for MS Word can be found here.
There is a community provided LaTeX template: the CTAN package iaria (with full IARIA formatting rules, including IARIA citation style, but for providing citation style it is tightly bound to pdflatex+biblatex+biber). In addition, there is also iaria-lite (not bound to pdflatex+biblatex+biber, but compatible with any TeX stack; thus, it cannot provide the IARIA citation formattings, but only the titlepage and content-related IARIA formatting rules). Based on the iaria package, there is a minimal working example as Overleaf template. When you are using the LaTeX templates, please still adhere to the additional editorial rules.
Slides-based contributions can use the corporate/university format and style.
Your paper should also comply with the additional editorial rules.
Once you receive the notification of contribution acceptance, you will be provided by the publisher an online author kit with all the steps an author needs to follow to submit the final version. The author kits URL will be included in the letter of acceptance.
We would recommend that you should not use too many extra pages, even if you can afford the extra fees. No more than 2 contributions per event are recommended, as each contribution must be separately registered and paid for. At least one author of each accepted paper must register to ensure that the paper will be included in the conference proceedings and in the digital library, or posted on the www.iaria.org (for slide-based contributions).
CONTRIBUTION TYPE
Regular Papers (up to 6-10 page article -6 pages covered the by regular registration; max 4 extra pages allowed at additional cost- ) (oral presentation)
These contributions could be academic or industrial research, survey, white, implementation-oriented, architecture-oriented, white papers, etc. They will be included in the proceedings, posted in the free-access ThinkMind digital library and sent for indexing. Please submit the contributions following the instructions for the regular submissions using the "Submit a Paper" button and selecting the appropriate contribution type. 12-14 presentation slides are suggested.
Short papers (work in progress) (up to 4 pages long) (oral presentation)
Work-in-progress contributions are welcome. These contributions represent partial achievements of longer-term projects. They could be academic or industrial research, survey, white, implementation-oriented, architecture-oriented, white papers, etc. Please submit the contributions following the instructions for the regular submissions using the "Submit a Paper" button and selecting the contribution type as work in progress. Contributors must follow the conference deadlines, describing early research and novel skeleton ideas in the areas of the conference topics. The work will be published in the conference proceedings, posted in the free-access ThinkMind digital library and sent for indexing. For more details, see the Work in Progress explanation page. 12-14 presentation slides are suggested.
Ideas contributions (2 pages long) (oral presentation)
This category is dedicated to new ideas in their very early stage. Idea contributions are expression of yet to be developed approaches, with pros/cons, not yet consolidated. Ideas contributions are intended for a debate and audience feedback. Please submit the contributions following the instructions for the regular submissions using the "Submit a Paper" button and selecting the contribution type as Idea. Contributors must follow the conference deadlines, describing early research and novel skeleton ideas in the areas of the conference topics. The work will be published in the conference proceedings, posted in the free-access ThinkMind digital library and sent for indexing. For more details, see the Ideas explanation page. 12-14 presentation slides are suggested.
Extended abstracts (2 pages long) (oral presentation)
Extended abstracts summarize a long potential publication with noticeable results. It is intended for sharing yet to be written, or further on intended for a journal publication. Please submit the contributions following the instructions for the regular submissions using the "Submit a Paper" button and selecting the contribution type as Extended abstract. Contributors must follow the conference deadlines, describing early research and novel skeleton ideas in the areas of the conference topics. The work will be published in the conference proceedings, posted in the free-access ThinkMind digital library and sent for indexing. 12-14 presentation slides are suggested.
Posters (paper-based, two pages long) (oral presentation)
Posters are intended for ongoing research projects, concrete realizations, or industrial applications/projects presentations. The poster may be presented during sessions reserved for posters, or mixed with presentation of articles of similar topic. A two-page paper summarizes a presentation intended to be a POSTER. This allows an author to summarize a series of results and expose them via a big number of figures, graphics and tables. Please submit the contributions following the instructions for the regular submissions using the "Submit a Paper" button and selecting the contribution type as Poster Two Pages. Contributors must follow the conference deadlines, describing early research and novel skeleton ideas in the areas of the conference topics. The work will be published in the conference proceedings, posted in the free-access ThinkMind digital library and sent for indexing. 8-10 presentation slides are suggested. Also a big Poster is suitable, used for live discussions with the attendees, in addition to the oral presentation.
Posters (slide-based, only) (oral presentation)
Posters are intended for ongoing research projects, concrete realizations, or industrial applications/projects presentations. The poster may be presented during sessions reserved for posters, or mixed with presentation of articles of similar topic. The slides must have comprehensive comments. This type of contribution only requires a 8-10 slide-deck. Please submit the contributions following the instructions for the regular submissions using the "Submit a Paper" button and selecting the contribution type as Poster (slide-only). The slide-deck will be posted, post-event, on www.iaria.org.
8-10 presentation slides are suggested. Also a big Poster is suitable, used for live discussions with the attendees, additionally to the oral presentation.
Presentations (slide-based, only) (oral presentation)
These contributions represent technical marketing/industrial/business/positioning presentations. This type of contribution only requires a 12-14 slide-deck. Please submit the contributions following the submission instructions by using the "Submit a Paper" button and selecting the contribution type as Presentation (slide-only). The slide-deck will be posted, post-event, on www.iaria.org.
12-14 presentation slides are suggested.
Demos (two pages) [posted on www.iaria.org]
Demos represent special contributions where a tool, an implementation of an application, or a freshly implemented system is presented in its alfa/beta version. It might also be intended for thsoe new application to gather the attendee opinion. A two-page summary for a demo is intended to be. It would be scheduled in special time spots, to ensure a maximum attendance from the participants. Please submit the contributions following the submission instructions by using the "Submit a Paper" button and selecting the contribution type as Demos. The Demos paper will be posted, post-event, on www.iaria.org.
Tutorial proposals
Tutorials provide overviews of current high interest topics. Proposals should be for 2-3 hour long. Proposals must contain the title, the summary of the content, and the biography of the presenter(s). The tutorial slide decks will be posted on the IARIA site.
Please send your proposals to tutorial proposal
Panel proposals
The organizers encourage scientists and industry leaders to organize dedicated panels dealing with controversial and challenging topics and paradigms. Panel moderators are asked to identify their guests and manage that their appropriate talk supports timely reach our deadlines. Moderators must specifically submit an official proposal, indicating their background, panelist names, their affiliation, the topic of the panel, as well as short biographies. The panel slide deck will be posted on the IARIA site.
Please send your proposals to panel proposal