bootstrap html templates

International Workshop on Big Data Analytics for Cyber Threat Hunting (CyberHunt 2018)

In conjunction with the IEEE International Conference on Big Data 2018
(IEEE BigData 2018)

Event: Dec 10-13, 2018, The Westin Seattle , WASHINGTON, USA



Simon Pope is the Director of Incident Response at the Microsoft Security Response Center (MSRC) – responsible for the Security Operations Center and security incident response activities within the Cloud and AI division, as well as Microsoft-wide cybersecurity crisis response and post-incident response. In his career, he has worked in government, enterprise, and academia and has held science, technology, and business roles across a variety of institutions and enterprises including Australia’s DSTO and IBM T. J. Watson Research. He has degrees in computer science, cognitive science, and management, and his specialization is at the nexus of computing and psychology.

Simon Pope

Director of Incident Response, Microsoft Security Response Center (MSRC)


KEYNOTE: The 21st Century SOC
The challenges and promises of scale and the future of the Security Operations Center

The rapid growth in cloud computing has created both security challenges and opportunities for cloud providers and customers alike. In this talk, the speaker will draw on his experience running security response operations for a major cloud provider, and explore what the future of the Security Operations Center will look like in a world powered by big data and machine learning.

Audun Jøsang is a professor of cyber security at the Department of Informatics, University of Oslo, where he started working in 2008. He previously worked as Associate Professor at QUT in Australia, as Research Scientist the the Distributed Systems Research Centre in Australia, and as telecommunications system engineer at Alcatel Telecom in Belgium. Professor Jøsang holds a PhD from NTNU and a Masters Degree in Information Security from Royal Holloway College University London.

Audun Jøsang, PhD, CISSP, CISM

Professor, Research Group of Information and Cyber Security, University of Oslo, Norway


KEYNOTE: Oslo Analytics Cyber ​​Security Research

This talk gives an overview of Oslo Analytics which is a research project on cyber security at the University of Oslo in Norway. The project, funded by the Research Council of Norway, aims to develop new technology for automated detection, prediction and prevention of cyber attacks, combined with artificial intelligence for situational understanding during cyber attacks. Given that cyber attacks are constantly changing and becoming increasingly deceptive, cyber security tools must be flexible and be able to use new advanced methods to follow developments. Machine learning, intelligence analysis and computational trust are examples of methods taken into use. The partners in Oslo Analytics include: Mnemonic, a key industry player in cyber security, and the Norwegian Computing Centre with expertise in machine learning. This collaboration creates a cluster for outstanding research in cyber security at the University of Oslo.

About the CyberHunt 2018

As cyber-crimes against critical infrastructure and large organizations increase and evolve, automated systems to supplement human analysis are required. In addition, hunting for breaches is like looking for a needle in a haystack. Such organizations are so large, with so much information and data to sort for actionable intelligence, that just knowing where to begin seems impossible. Intelligence analysis of an attack is traditionally an iterative mainly manual process going through unlimited amounts of data trying to determine sophisticated patterns and behaviors of intruders. Furthermore, most detected intrusions will provide a limited set of attributes about a single phase of an attack. Knowing all the stages of an intrusion accurately and in a timely manner would allow us to aid our cyber detective and preventive capabilities, as well as enrich our cyber threat intelligence and facilitate immediate threat information sharing, since we put several pieces together. The workshop is expected to address the aforementioned issues and will aim at presenting novel research in the area of cyber-threat hunting and cyber-threat intelligence.


CyberHunt 2018 welcomes contributions within, but not limited to, the following areas:

o Data Science 
    1. Models for forecasting cyber-attacks and measuring impact
    2. Models for attack-pattern recognition
    3. Data representation and fusion
    4. Applications of intelligent decision support
    5. Models that take into consideration Deception and Uncertainty in cyber-attack         attribution

o Tools
    1. Threat Hunting
    2. Malware Analysis & Detection
    3. Forensics Investigation
    4. Cyber Threat Intelligence
    5. Intrusion detection and Incident Response
    6. Visualization techniques for intelligence analysis and investigation
    7. Logs Analysis
    8. Phishing and Spear-Phishing detection and Prevention

o Decision Making and Interaction
    1. Analytical reasoning systems
    2. Resilience in intelligence analysis
    3. Legal, privacy and ethical factors in intelligence analysis
    4. Improved situational awareness
    5. Decision making
    6. Interactive and computational decision support
    7. Investigative and analytic decision making

o Data
    1. Novel datasets
    2. Data simulation
    3. Anonymisation techniques
    4. Data collection, filtering and storage analysis
    5. New formats and Taxonomies
    6. Semantic Modeling and Data Representation

Special invitation:
- Modern Authentication (Mobile, Biometrics and Advanced Analytics)
- Physical Security and Insider Threats

Accepted papers will be published by the IEEE Computer Society Press.


Vasileios Mavroeidis

Chair, University of Oslo (Norway)

Kamer Vishi

Co-chair, University of Oslo (Norway)

Thirimachos Bourlai

Co-chair, West Virginia University (USA)

Audun Jøsang

PC chair, University of Oslo (Norway)

Mary Dillon

Publicity chair, West Virginia University (USA)

Program Committee

- Andrii Shalaginov, Norwegian University of Science and Technology, Norway
- Audun Jøsang, University of Oslo, Norway  
- Bill Buchanan, Edinburgh Napier University, UK
- Blerim Rexha, University of Prishtina, Kosovo
- Fabio Massimo Zennaro, University of Oslo, Norway
- Fatbardh Veseli, Goethe University Frankfurt/Capgemini, Germany
- Henning Maagerud, Research Council of Norway, Norway
- Hårek Haugerud, Oslo Metropolitan University (OsloMet), Norway   
- Jassim Happa, University of Oxford, UK
- Kai Rannenberg, Goethe University Frankfurt, Germany
- Keith Martin, Royal Holloway University of London, UK
- Laszlo Erdodi, University of Oslo, Norway
- Martin Aastrup Olsen, Fingerprint Cards, Denmark
- Nils Gruschka, University of Oslo, Norway
- Panagiotis Karampelas, Hellenic Air Force Academy, Greece
- Pierre Lison, Norwegian Computing Center, Norway
- Siri Bromander, Mnemonic, Norway
- Øyvind Ytrehus, University of Bergen/Simula, Norway


Oct 10, 2018 Oct 27, 2018

Due date for full workshop papers submission

Nov 1, 2018 Nov 14, 2018

Notification of paper acceptance to authors

Nov 15, 2018 Nov 20, 2018

Camera-ready of accepted papers (Firm deadline)

Monday (December 10, 2018)


Workshop Sponsors

© Copyright 2018 SecurityLab (University of Oslo) - All Rights Reserved. Powered and Developed by CyberHunt webteam