The first CRIS International Workshop on
Critical Information Infrastructures (CIIW'05)

Cyber blackouts: How fast is the recovery,
and what preparatory measures do we have in place?

May 17-18, 2005 Linköping, Sweden

SCOPE

The turn of 2004 has seen the unprecedented growth of malcode. Security vendors estimate the time that it takes for a software-driven attack to find and infect an unprotected PC connected to the Internet to as little as six to fifteen seconds. The CERT Coordination Center that had reported security incidents rising from 21,756 in 2000 to 137,529 in 2003, each of them involving several thousands of sites, stopped counting attacks against Internet-connected systems.

The steady rise in malcode, spam, phishing, and concerted efforts to thwart delivery of services has led to the term "machine wars" being used to describe the challenges that the IT security community faces today. The information infrastructures on which the society depends can neither be immune nor ignore the risks to service continuity that these threats bring.

There are two potential outlooks on information infrastructures. The extension of Internet enabled devices to third generation mobile phones, digital TV systems, PDAs, on-line media devices, and industrial control systems inevitably brings the threats to new domains in an unforeseen scale. Best practices, automated protection and response mechanisms, and better law enforcement can mitigate some of the risks and focus on the security of the critical infrastructures.

This workshop is sponsored by CRIS, The International Institute for Research on Critical Infrastructures that brings together researchers from Europe, American continent and Asia with common interests on research issues for protecting critical infrastructures. An earlier workshop organised by CRIS gathered world experts in Power systems analysing recent power blackouts in the USA/Canada and Europe. This workshop will bring together world experts and authorities with interest in security of information infrastructures. This is in clear recognition that new generations of other critical infrastructures such as power systems, transport systems, banking and finance, defence and health systems are inevitably affected by vulnerabilities in the information infrastructures.

The workshop seeks two categories of papers:

1. high quality unpublished papers (full papers)
2. work-in-progress and student papers discussing recent interesting work

related to the following research areas:

• Dynamic network protection with adaptive and proactive methods
• Intrusion prevention, detection, tolerance and response
• Defence strategies for ISP networks
• Infrastructure vulnerabilities and dependencies
• Monitoring and analysing attack patterns within specific systems or domains
• Monitoring and analysing attack patterns in Internet data
• Recognition and response systems for distributed attacks, e.g. CAPTCHAs
• Distributed denial of service attacks
• Self-propagating malicious code
• Cyber terrorism and organized crime
• System management and self-managed systems
• Self-healing systems, automated patching and node/link recovery, ad-hoc routing
• Real-time response and mitigation
• Network fault-tolerance: wireless networks, sensor networks, IP networks
• Security policy, protection, access control and authentication
• Models and architectures for network survivability
• Interoperability between hybrid wireline/wireless networks
• Robust infrastructures

Selected papers will be proposed for a special issue of a distinguished journal (contacts in progress).