Tenth International Conference on

Information Systems Security (ICISS) – 2014 held at IDRBT

The Institute has organised the Tenth International Conference on Information Systems Security (ICISS – 2014) during December 18 – 20, 2014 at IDRBT, Hyderabad. The ICISS – 2014 held annually, provides a forum for disseminating the latest research results in Information and Systems Security.

The Conference is of major importance due to increasing use of internet in all walks of life and the attendant risks associated with Information Security. The cyber world is a borderless world and there are not many laws to control the cyber crime and not many treaties to deal with such crimes. This conference is a platform to disseminate advances in technologies, help increase awareness and adoption of systems security assuring a safer and secure world.

In his welcome speech, Dr. A. S. Ramasastri, Director, IDRBT , provided an introduction of the Institute and its evolution. He said that the conference is a good opportunity to build relationship between the academia and the industry apart from deliberating upon issues pertaining to Information Systems Security.

Prof. Venu Govindaraju , Director, Center for Unified Biometrics and Sensors, University at Buffalo, USA and Distinguished Fellow, IDRBT briefed about the Conference and the value addition such conferences offer by bringing in people across the world to share one platform to deliberate and discuss the issues related to Information Systems Security. Prof. Atul Prakash, University of Michigan and Prof. R. Shyamsundar, Tata Institute of Fundamental Research, briefed about the evaluation process of the research papers and the takeaways of this Conference.

Dr. C. Rangarajan, Former Governor, Reserve Bank of India inaugurated the conference on December 18, 2014 at IDRBT Auditorium, IDRBT. In his inaugural address, Dr. Rangarajan spoke on “Information System Security: Some Concerns”. The key points are as under:

Technology: Transforming the Banking System

Far reaching changes in computers and communications technology have fundamentally altered the way in which banking is being performed. The days of ‘virtual banking’ has arrived. Today one can get most of the banking services without having to visit a bank.

The introduction of the various technology products has had a beneficial impact on both banks and customers. For the customers, the important benefits are Anywhere Banking, Internet Banking, ATM Banking and Mobile Banking. For the banks, the major benefits are centralization of customer information, centralized transaction process, centralized accounting process, basic MIS reporting and real-time information availability.

IT has had a positive impact on the payment and settlement systems of the country. “Electronification” of payment system has become the hallmark of the decade, wherein electronic based payments are superior to paper system in terms of traceability, efficiency, speed and safety.

Information Systems Security

The perpetual tug of war between convenience and safety assumes critical importance in information systems. Security is at the root of technology-centric banking.

Today, the world is grappling with issues such as computer virus, hacking, etc. The need for a secured network for transmission of information becomes essential. Proper identification and authorization of person and transactions is the most essential feature of financial deals , but now it is also critical in all communication and information sharing systems which carry critical data.

Cyber Security

As the fabric of interconnectivity has grown, the dangers to the system by criminally manipulating the system has also grown. Cyber Security thus implies safeguarding the confidentiality, integrity and availability of data. It in effect assures protection of assets which include data as well as transmission networks.

Way Forward

Well-structured cyber crime can be a threat to a nation’s security and economy. Modern day cyber crimes are dangerous as they can destroy the banking systems or the communications systems in the country. That is why we need to take appropriate action to combat cyber crime:

  • To make our systems safe
  • Adopt appropriate early warning systems
  • Evolve measures to respond quickly to cyber attacks.

In his conclusion, Dr. Rangarajan expressed the need for affordable internet access and increase in the internet penetration rate as the scope for expanding internet activity is high. But at the same time he cautioned against cyber attacks and adequate measures to keep the cyber information space safe and secure.

The three-day conference was preceded by a two-day tutorial on December 16 – 17, 2014 on the following topics:

  • Network Traffic Analysis and Anomaly Detection by Dr. Narasimha Reddy, Texas A&M University
  • Evolutionary Computation in Cyber Security by Prof. Dipankar Dasgupta , University of Memphis, Tennessee, USA
  • Quantitative Security Analysis of Enterprise Systems: Techniques & Challenges by Dr. Anoop Singhal, NIST, USA
  • Mobile Security by Prof. Atul Prakash, University of Michigan, USA.

A galaxy of renowned international researchers in the area of Information and Systems Security including the following participated in the ICISS – 2014 and delivered keynote talks:

  • Prof. Sushil Jajodia, George Mason University, USA on Adversarial and Uncertain Reasoning for Adaptive Cyber Defense: Building the Scientific Foundation
  • Prof. Herbert Bos, Vrije Universiteit Amsterdam, Netherlands on The Bug that Bites
  • Dr. Vyas Sekar, Carnegie Mellon University, USA, SNIPS: A Software-Defined Approach for Scaling Intrusion Prevention Systems via Offloading
  • Dr. Zhenkai Liang, National University of Singapore on Application Architectures for Critical Data Isolation.

Information Systems Security is an area that deals with protecting data from intrusions, malwares, frauds and any criminal activities that are surfacing in systems to maintain non-repudiation, confidentiality and integrity of data. In the present day world, as the systems are more inter-connected and networked, information systems security has become a huge challenge due to various vulnerabilities. This challenge has evoked the interest of the researchers in this area.

The objectives of this conference series are to discuss in depth the current state of research and practices in Information Systems Security, provide a platform for the researchers to share and disseminate the research results.

The Conference had a total of seven Technical Sessions and a Ph.D. Forum session chaired by following session chairs:

  • Technical Session 1: Security Inferences, Session Chair: Mr. Ashok K Agarwal, CSI, Hyderabad
  • Technical Session 2: Location Based Security Services, Session Chair: Dr. Atul Negi, University of Hyderabad
  • Technical Session 3: Security Policies, Session Chair: Mr. Koduri Srinivas, IEEE, Hyderabad
  • Technical Session 4: Forensics, Session Chair: Dr. Chandan Mazumdar, Jadhavpur University, Kolkata
  • Technical Session 5: Security User Interfaces, Session Chair: Dr. Vijay Atluri, Rutgers University, USA
  • Technical Session 6: Security Attacks, Session Chair: Prof. M. B. Srinivas, BITS, Hyderabad
  • Technical Session 7: Malware Detection, Session Chair: Prof. Arun Agarwal, University of Hyderabad
  • Ph.D. Forum Presentations, Session Chair: Prof. V.N. Sastry, IDRBT, Hyderabad.

From the number of participating countries in this edition of the conference, it is evident that it has achieved global recognition. The ICISS 2014 had 25 research presentations from Australia, Belgium, Brazil, United Kingdom, UAE, Saudi Arabia, Singapore, South Africa, USA,, France, Germany, Iceland, China, Italy, Spain, Canada, Vietnam, Japan, New Zealand, India. Besides, three doctoral students delivered presentations during the Ph.D. Forum.

The acceptance rate of the conference series has been consistently low. This forces the contributors to ensure the quality of work and to give upmost focus on quality in the areas concerned.

The acceptance rate has been constantly within the range 0.25 to 0.4. There was only a single occurrence of acceptance rate value reaching 0.4, except this, it has been around 0.25.

The conference deliberated on theoretical and practical problems in Information and Systems Security.

The three-day conference was preceded by a two-day tutorial on December 16 – 17, 2014 on the following topics:

Awards – ICISS 2014

The Awards Committee consisting of Prof. B. L. Deekshatulu, Distinguished Fellow, IDRBT; Prof. D. Manjunath, IIT Bombay; and Prof. Atul Negi, University of Hyderabad has recommended the following awards based upon the reviews, the presentation, interaction and importance of the topic and the problem of the papers for this Conference.

And the award winners were:

In the Ph. D. Forum Presentations, the award was given to the paper on Intrusion Detection Mechanisms for P2P Networks by Pratik Narang, BITS – Hyderabad.

On the Sidelines

During the conference, IDRBT research scholars interacted with the various tutorial/keynote speakers, and paper presenters on various research fronts. Some of the tutorial/keynote speakers visited labs (for e.g., MBSL, CIAM) and had good discussion with the research scholars on the research areas in which they are pursuing their Ph.D.

The Conference was well attended by participants from India, Italy, Vietnam, France, Germany, and USA. The delegates came from variety of backgrounds – academia, industry, Government labs, and banks. A large number of Chief Information Security Officers from various banks participated in the tutorials as well as the conference. The conference was well received and appreciated by the delegates as well as speakers. The conference received wide publicity in various media.