2013 NSCU Summer Workshop: Building a Science of Security
Note on links to most articles: the links are to the public citation pages in online databases (ACM Digital Library, IEEEXplore, etc.) or electronically published journals. All of these linked items are available through the NCSU libraries, and should also be available through other institutional libraries.
Monday, June 3
| 9:00 am - Noon: Foundations | ||
| 9:00 - 9:30 | Metrics Validation | "Validating Software Metrics: A Spectrum of Philosophies." ACM Transactions of Software Engineering and Methodology (TOSEM), Vol. 21, No. 4, November 2012, Article 24. |
| Presentation, Jason King | ||
| 9:30 - 10:00 | Grounded Theory | Strauss, A. & Corbin, J. "Grounded Theory Methodology: An Overview." in Strategies of Qualitative Inquiry, Denzin, N.K. & Lincoln, Y.S. (Eds.) Sage Publications, 1998 |
| Goede, R. & de Villiers, C. "The Applicability of Grounded Theory as Research Methodology in Studies on the Use of Methodologies in IS Practices." SAICSIT '03: Proceedings of the 2003 annual research conference of the South African institute of computer scientists and information technologists on Enablement through technology, 2003, 208-217. |
||
| Presentation, Tsung-Hsuan Ho & Vasant Tendulkar | ||
| 10:00 - 10:15 | Break | |
| 10:15 - 10:45 | Experimental Design | Shadish, W.R. & Luellen, "Quasi-Experimental Design." Handbook of Complimentaryy Methods in Education Research. J. K. Green, J.L.; Camilli, G.; Elmore, P.B. & Skukauskaite, A. (Eds.) Lawrence Erlbaum Associates, 2006, 539-550 |
| Lundstedt, T.; Seifert, E.; Abramo, L.; Thelin, B.; Nyström, A.; Pettersen, J. Bergman, R. "Experimental design and optimization." Chemometrics and Intelligent Laboratory Systems, 1998, 42, 3-40. |
||
| Presentation, KyungWha Hong & Arpan Chakraborty | ||
| 10:45 - 11:15 | Theory Building | Sarker, S.; Lau, F. & Sahay, S. "Using an Adapted Grounded Theory Approach for Inductive Theory Building About Virtual Team Development." SIGMIS Database, ACM Press, 2001, 32, 38-56 |
| Hannay, J.E.; Sjoberg, Dag I K; Dyba, Tore, " A Systematic Review of Theory Use in Software Engineering Experiments", Software Engineering, IEEE Transactions on, vol. 33, no. 2, pp. 87-107, Feb. 2007 |
||
| Presentation, Vivek Nair & Zach Jorgensen | ||
| 11:15 - Noon | Open Discussion | |
| Noon - 1:00 | Lunch | |
| 1:00 - 5:00 pm: Workshop on Creating Guidelines for our Science of Security work | ||
| 1:00 - 1:30 | Guidelines 1 | Per Runeson and Martin Höst. "Guidelines for Conducting and Reporting Case Study Researching Software Engineering." Empirical Softw. Engg. 14, 2 (April 2009), 131-164 |
| 1:30 - 2:00 | Guidelines 2 | Jedlitschka, Andreas, Marcus Ciolkowski, and Dietmar Pfahl. "Reporting Experiments in Software Engineering." In Guide to Advanced Empirical Software Engineering, pp. 201-228. Springer London, 2008. |
| Presentation, Maria Riaz | ||
| 2:00 - 2:45 | Break | |
| 3:00 - 3:45 | Small group work; random group formation and discussion of creating general guidelines for conducting and reporting SoS work | |
| 3:45 - 4:15 | Groups report their guidelines to the Lablet | |
| 4:15 - 5:00 | Open Discussion | |
Tuesday, June 4
Working Papers
Everyone will have been randomly assigned 3 of the following 5 papers to read before the workshop.
- John Demme, Robert Martin, Adam Waksman, and Simha Sethumadhavan. 2012. "Side-channel vulnerability factor: a metric for measuring information leakage." In Proceedings of the 39th Annual International Symposium on Computer Architecture (ISCA '12). IEEE Computer Society, Washington, D.C., USA, 106-117.
- Brandimarte, L.; Acquisiti, A. & Loewenstein, G. "Misplaced Condifences: Privacy and the Control Paradox" Social Psychological and Personality Science, 2013, 4, 340-347.
- Bonneau, J. " The Science of Guessing: Analayzing and Anonymized Corpus of 70 Million Passwords." Security and Privacy (SP), 2012 IEEE Symposium on, 2012, 538-552.
- Leyla Bilge and Tudor Dumitras. 2012. "Before We Knew It: An Empirical Study of Zero-Day Attacks in the Real World." In Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS'12). ACM, New York, NY, USA, 883-844.
- Martín Abadi and Gordon D. Plotkin. 2012. "On Protection by Layout Randomization." ACM Trans. Inf. Syst. Secur. 15, 2, Article 8 (July 2012), 29 pages.
| 9:00 am - Noon: Applying and Revising Guidelines | ||
| 9:00 - 9:30 | Applying guidelines to published papers, grouped by first assigned paper | |
| 9:30 - 10:00 | Applying guidelines to published papers, grouped by second assigned paper | |
| 10:00 - 10:30 | Applying guidelines to published papers, grouped by third assigned paper | |
| 10:30 - 10:45 | Break | |
| 10:45 - 11:30 | Guidelines Revision Discussion in Small Groups | |
| 11:30 - Noon | Open Discussion on Guideline Revisions | |
| Noon - 1:00 pm | Lunch | |
| 1:00 - 5:00 | Working as a Community to Build a Science of Security | |
| 1:00 - 1:30 | Family of Experiments | Basili, V.R.; Shull, F.; Lanubile, F., "Building knowledge through families of experiments", Software Engineering, IEEE Transactions on, vol. 25, no. 4, pp. 456-473, Jul/Aug 1999 |
| Presentation, Ling Chen | ||
| 1:30-2:30 | Methods of Assessing Science | Committee on Assessing Behavioral and Social Science Research on Aging. The National Academies Press, 2006. Chapter 4: Progress in Science |
| Committee on Assessing Behavioral and Social Science Research on Aging, Irwin Feller and Paul C. Stern, editors, National Research Council, A Strategy for Assessing Science: Behavioral and Social Research on Aging. The National Academies Press, 2006. Chapter 5: Methods of Assessing Science | ||
| Presentation, Brent Harrison | ||
| 2:30 - 2:45 | Break | |
| 2:45 - 3:15 | Assessing Basic Research | Martin, B. R. & Irvine, J. "Assessing Basic Research: Some Partial Indicators of Scientific Progress in Radio Astronomy" Research Policy, 1983, 12, 61 - 90 |
| Presentation, Amiangshu Bosu | ||
| 3:15 - 3:45 | Replication | Omar S. Gomez, Natalia Juristo, and Sira Vegas. 2010. "Replications Types in Experimental Disciplines." Proceedings of the 2010 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM '10). ACM, New York, NY, USA, Article 3 |
| Presentation, Trisha Biswas | ||
| 3:45 - 5:00 | Open Discussion and Action Plans | |
Post-Workshop Evaluation
Follow-on Activities
- Each project documents a research design for their SoS work and submits by June 14. Each project will be assigned 2-3 other projects for which they will review their submitted research design. The groups will get together to discuss the research design from June 14-June 27.
Research Design Groups:- Group 1: Vasant Tendulkar, Tsung-Hsuan Ho, Ashwin Shashidharan, Vivek Nair
- Group 2: KyungWha Hong, Rucha Tembe, Magreth Mushi, Trisha Biswas
- Group 3: Arpan Cakraborty, Brent Harrison, Nirav Ajmeri, Neelesh Salian
- Group 4: Maria Riaz, Jason King, Ling Chen, Jorgensen Zachary
- The afternoon of June 27, each project will present their research design and what they have learned through this process.