08:45 – 09:00

NPSec: Welcome Remarks

Room: WILLOW OAK

09:00 - 10:00

NPSec: Keynote

Room: WILLOW OAK

Dan Massey Dr. Dan Massey is a program manager in the Cyber Security Division, Science and Technology Directorate, US Department of Homeland Security. At DHS, his portfolio includes security for cyber physical systems, distributed denial of service defense, routing security, and open source security. He is the author of over 75 peer reviewed publications. Prior to joining DHS, Dr. Massey worked as a tenured associate professor at Colorado State University and previously a project leader and research assistant professor at the University of Southern California Information Science Institute (USC/ISI). Some of his projects have included serving as an editor for the DNS Security Extensions (DNSSEC), work on Internet BGP monitoring and analysis as well as security enhancements such as the Route Origin Verifier (ROVER), and work on the Named Data Networking (NDN) project that is developing a new information centric architecture. (DHS S&T Cyber Security Division): “A New Look at the Old DDoS Problem This talk challenges the research community to reconsider the problem of Distributed Denial of Service (DDoS) attacks. DDoS attacks are used to render key resources unavailable. Prominent DDoS attacks have been conducted against financial institutions, news organizations, providers of internet security resources, and government agencies. Any organization that relies on network resources is considered a potential target. The current environment provides several advantages to the attacker, considering that the resource acquisition cost for attackers is relatively low. An attacker often relies on a large number of compromised computers to conduct the attack. Further, as the network bandwidth and computational power increases, the attacker benefits from the increased resources, resulting in the capability to conduct more powerful attacks. Organizations that make use of network services must invest in resources that keep pace with the increasing significance of the attacks; while organizations that fail to do so run the risk of being compromised. In addition, organizations that deploy resources carelessly may simply provide the attacker with easily compromised resources that can then be used in future attacks. Even businesses with global scale reach, including those providing security related services, have faced challenges in keeping pace with vast DDoS attacks. In addition, the network infrastructure continues to evolve, therefore enabling the potential for both new types of DDoS attacks and new defenses. For example, attackers are now adapting to growth in smart devices, cyber physical systems, and cloud computing, and are developing new types of DDoS attacks that exploit the unique characteristics of these systems. In the case of a classic network, the talk argues the aim should be to mitigate the attack impact of a 1 Tbps attack originating from over 1000 locations. In the case of non-traditional targets, the talk argues there are opportunities to build in innate defense capabilities while these new systems are still emerging. ”

10:00 - 10:30

Coffee Break

Room: OAK FOREST A

10:30 - 12:00

NPSec Session 1: Security for Software-Defined Networking and the Internet

Room: WILLOW OAK

Chair: Eric Osterweil (Verisign Labs, USA)

OperationCheckpoint: SDN Application Control (slides)

Sandra Scott-Hayward (Queen's University Belfast, United Kingdom); Christopher Kane (Queen's University Belfast, United Kingdom); Sakir Sezer (Queens University Belfast, United Kingdom)

DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking

Bing Wang (Virginia Tech, USA); Yao Zheng (Virginia Polytechnic Institute and State University, USA); Wenjing Lou (Virginia Tech, USA); Thomas Hou (Virginia Tech, USA)

Disincentivizing/Incentivizing Malicious/Honest Behavior on the Internet Via Privacy-preserving AppCoins

Karim El Defrawy (HRL Laboratories, USA); Joshua Lampkins (UCLA, USA)

12:00 - 13:30

Lunch Break

Room: OAK FOREST A

13:30 - 15:00

NPSec Session 2: Security Protocol Analysis

Room: WILLOW OAK

Chair: Alvaro Retana (Cisco, USA)

The Shape and Size of Threats: Defining a Networked System's Attack Surface (slides)

Eric Osterweil (Verisign Labs, USA); Danny McPherson (Verisign, Inc., USA); Lixia Zhang (University of California at Los Angeles, USA)

Reflections on Security Options for the Real-time Transport Protocol Framework (slides)

Colin Perkins (University of Glasgow, United Kingdom)

Vulnerabilities of RFID Security Protocol Based on Chaotic Maps

Mete Akgün (Tubitak UEKAE, Turkey); M. Ufuk Caglayan (Bogazici University, Turkey)

15:00 - 15:30

Coffee Break

Room: OAK FOREST A

15:30 - 17:00

NPSec Session 3: New Security Protocols and Mechanisms

Room: WILLOW OAK

Chair: Colin Perkins (University of Glasgow, United Kingdom)

Delegated Authenticated Authorization for Constrained Environments (slides)

Stefanie Gerdes (Universitaet Bremen, Germany); Olaf Bergmann (Universitaet Bremen, Germany); Carsten Bormann (Universität Bremen, Germany)

Heisenberg Groups as Platform for the AAG Key-Exchange Protocol

Delaram Kahrobaei (New York City College of Technology (CUNY), USA); Ha Lam (City University of New York, USA)

MetaCAPTCHA: A Metamorphic Throttling Service for the Web (slides)

Akshay Dua (Portland State University, USA); Thai Bui (Portland State University, USA); Tien Le (Portland State University, USA); Nhan Huynh (Portland State University, USA); Wu-chang Feng (Portland State University, USA)

17:00 - 17:15

Concluding Remarks

Room: WILLOW OAK