10th Workshop on Security Information Workers (WSIW'24)
The human element is often considered the weakest element in security. Although many kinds of humans interact with systems that are designed to be secure, one particular type of human is especially important, the security and privacy information workers who develop, use, and manipulate privacy and security-related information and data as a significant part of their jobs.
Workshop
The workshop will feature a keynote talk and paper presentations, as well as breakout sessions to provide an opportunity for smaller group interactive discussion about related topics of interest, which may include methods, challenges, and future directions in security information workers research.
Happening | Date (23:59 AoE) | |
---|---|---|
Submission Deadline | Tuesday, June 4, 2024 | >|
Acceptance Notification | Tuesday, June 18, 2024 | |
Camera-Ready Papers Due | Thursday, June 20, 2024 | |
Workshop | Sunday, August 11, 2024 |
Philadelphia Marriott Downtown
1201 W Market Street
Philadelphia, PA 19107
USA
+1 215.625.2900
Agenda
Sunday, August 11, 2024, 2:30pm – 6:00pm Eastern Daylight Time
Welcome, Introduction, and Workshop Agenda
The Threat Modeling Naturally Tool: An Interactive Tool Supporting More Natural Flexible and Ad-Hoc Threat Modeling
Ronald E. Thompson (Tufts University), Madison Red (Tufts University), Richard Zhang (Tufts University), Yaejie Kwon (Swathmore College), Lisa Dang (Tufts University), Christopher Pellegrini (Northeastern University), Esam Nesru (University of Maryland, Baltimore County), Mira Jain (Tufts University), Caroline Chin (Tufts University), and Daniel Votipka (Tufts University)
Understanding Symbolic Execution Workflow from Security Analysts (Position Paper)
Zeming Yu (Arizona State University), James Mattei (Tufts University), Selina Li (Arizona State University), Ruoyu Wang (Arizona State Univeristy), Daniel Votipka (Tufts University), and TIffany Bao (Arizona State Univeristy)
Usability for Digital Forensics Professionals (Work in Progress)
Prakruthi Reddy and Cori Faklaris (University of North Carolina at Charlotte)
Factoring Humans into power systems cybersecurity: rethinking the weakest link - Katya Le Blanc
Katya is a senior human factors scientist who has been conducting research in the energy sector for 14 years. She leads human factors research in several complex, multidisciplinary subjects including nuclear power, electric grid, human-automation and human-AI interaction, and cybersecurity. Her research in nuclear power plant modernization has led to transformational change in the way field operators conduct procedures and has improved operator interfaces for control of nuclear power plant equipment in the field and in the control room. Her cybersecurity work includes cyber risk characterization in nuclear power and critical infrastructure, visualization to support coordination between system operators and cybersecurity professionals, and addressing the technical and regulatory risks related to cyber security in nuclear power. She is deputy national technical director for the DOE NE advanced reactors safeguards and security program where she directs cybersecurity research. Katya has over 100 technical publications in human factors in the energy sector. She is a senior member of IEEE and holds a PhD and master’s degree in cognitive psychology from New Mexico State University and a BS in psychology from New Mexico Institute of Mining and Technology.
Breakout groups and discussion
Registration
WSIW'24 will happen in-person. Registration costs $75 and can be completed through the SOUPS Website.
Call for Papers
We solicit papers describing new research contributions in the area of security and privacy information workers, as well as case studies, work in progress, preliminary results, novel ideas, and position papers. Successful submissions to this workshop will explicitly be informed by an understanding of how security/privacy information workers do their jobs, and the results will explicitly address how we understand these workers.
- Software developers, who design and build software that manages and protects sensitive information;
- Security and system administrators, who deploy and manage security-sensitive software and hardware systems;
- IT professionals, whose decisions have impact on end users' security and privacy;
- Intelligence analysts, who collect and analyze data about security matters to understand information and make predictions;
- Security consultants and educators, who provide guidance to individuals and organizations on practicing good security behaviors and implementing security technologies; and
- Privacy engineers and professionals, who ensure that privacy considerations are built into products and who help develop privacy policie.
- Empirical studies of security/privacy information workers, including case studies, experiments, field studies, and surveys;
- New tools designed to assist security/privacy information workers;
- Infrastructure for better understanding security/privacy information workers;
- Information visualization and other techniques designed to help security/privacy information workers do their jobs;
- Evaluations of tools and techniques for security/privacy information workers
Submission
The deadline for submissions is Thursday, May 23, 2024 23:59 AoE (Anywhere on Earth).
Format:
- Papers should be atmost 6 pages (excluding references).
- Using the SOUPS template format (MS Word, LaTeX).
- Submissions should be fully anonymized.
Submissions may be made at: https://wsiw2024.usenix.hotcrp.com/.
Submission: Papers should be succinct, but thorough in presenting the work. Typical papers will be 5–6 pages long (plus references) but papers can be shorter (e.g., 2–3 pages) if, for example, they present a novel idea with limited preliminary results or a position likely to drive a lively discussion. Shorter, more focused papers are encouraged and will be reviewed like any other paper. If you only need 2 or 4 pages (plus references) to clearly explain your work or idea, please submit a paper of that length. Reviewers will be instructed to assess the value of the talk to the workshop audience irrespective of the paper length; however, we stress again that the presentation should be sufficiently thorough for reviewers to make this evaluation.
Workshop papers will be made available to attendees prior to the workshop. However, they will not appear in the official SOUPS proceedings.
Presentation: Paper presentations will be approximately 12–13 minutes in length followed by 5 minutes of questions and answers. Presentations can be in-person or remotely using Zoom.
Organization
Program Committee
- Omer Akgul, Carnegie Mellon University
- Kelsey Fulton, Colorado School of Mines
- Clement Fung, Carnegie Mellon University
- Ron Thompson, Tufts University
- Daniel Votipka, Tufts University