Among the topics we will explore at the workshop are the following:
- models meet models: to what extent do models of different behaviors inform how we think about operating in a compromised cyberspace environment? What are the emerging models that serve either directly or as metaphor for how we should think about defending and protecting ourselves in a compromised environment? Is there potential for “model mash-up” that helps inform us about how to work in this environment?
- models meet data: how do we deal with the massive amounts of dynamically-changing data that the cyberspace environment holds, including the identification of adversarial behavior? Are the right data being collected to populate emerging models? What tools and techniques from the VLDB/XLDB communities are relevant to this problem?
- models meet reality: how can models support real-time decision making by practitioners who deal with cyber threats every hour of every day? Are there gaps in the theoretical research that could help practitioners deal with existing, emerging, or even unanticipated problems?