Learning from Authoritative Security Experiment Results
LASER 2016 Call for Papers
The LASER Workshop is sponsored by the National Science Foundation (NSF) and the Applied Computer Security Associates (ACSA).
LASER 2016 will be held as an IEEE Symposium on Security and Privacy Workshop (SPW 2016), co-located with the 37th IEEE Symposium on Security and Privacy ("Oakland"). The workshop will be held on Thursday, May 26, 2016 in San Jose, CA, USA.
Each year, the Learning from Authoritative Security Experiment Results (LASER) workshop focuses on some aspect of experimentation in computer security. The 2016 workshop focus is on methodologies for computer security experimentation that can provide insight that might help to catalyze a new generation of useful, experimental computer security research. Central to this will be new approaches to experimentation that are repeatable and can be shared across communities.
It should be noted that this call for research into the computer security experimentation is different from the current fundamental research into the "science of cybersecurity," though they are certainly complementary in their eventual goals. Along with establishing a field of research into useful evidence derived from computer security experiments, substantial new approaches to sharing are needed in order to enable scalable, cross-disciplinary experiments.
LASER 2016 seeks research papers that focus on computer security experimentation methods and results and that demonstrate approaches to increasing the repeatability and archiving of experiments, methods, results, and data so that they can teach valuable lessons to the computer security research community regarding conducting security experiments and ultimately serve to foster a dramatic change in the paradigm of computer security research and experimentation.
One aspect of experimental research is the potential for unexpected results or even failed experiments. Early LASER workshops focused on both the need for sound science and on studying these unexpected or negative results. LASER 2016 returns to this idea while examining the experimental approaches employed and seeking new research into defining and standardizing scientifically based experimental methods. Thus, papers discussing either positive or negative results from well-executed experiments are welcomed and encouraged. This includes both research that is considered "successful," as well as research that was unsuccessful, either because of a so-called "negative result" or perhaps because of some sort of unexpected issue arising in the experimental approach. This doesn't mean "bad" research -- it means research that had a valid hypothesis and well-reasoned methods that others can learn from.
Workshop Papers of greatest interest to LASER 2016 will focus on meaningful topics in computer security, include a well-reasoned hypothesis, well-defined method for testing that hypothesis, and understandable results, regardless of whether they support the hypothesis or not. LASER 2016 welcomes papers describing methodologies whose results are presented in other venues (conferences, journals) but for LASER focuses on the methods and lessons learned. We stress that the methodology and approaches to making experimentation repeatable and transferrable as well as learning what parts of the methodology worked as expected, did not work as expected, and/or were surprising -- are of substantially higher importance than the specific technical outcome of the experimental research itself. Papers should document the methodology sufficiently so that others can theoretically follow the same path.
Position papers and research submissions can be 6-10 pages long including tables, figures, and references. Short papers of up 3-6 pages long are also welcome. Papers should be submitted via EasyChair. Submissions must be in PDF format using USENIX conference paper formatting guidelines. Papers in either category are requested to include a structured abstract of roughly 200-500 words in length in total. They should contain concise statements, presented in a consistent structure to help quickly facilitate an understanding of the study. Essential elements of structured abstracts are: background, aim, method, results, and conclusions:
- Background. State the background and context of the work described in the paper.
- Aim. State the research question, objective, or purpose of the work in the paper.
- Method. Briefly summarize the method used to conduct the research, including subjects, procedures, data, and analytical methods.
- Results. State the outcome of the research using measures appropriate for the study conducted.
- Conclusions. State the surprises, lessons learned as a result of the study, and recommendations for future work.
Because of the complex and open nature of the experimental methods, LASER is designed to be a workshop in the traditional sense. Presentations are expected to be interactive with the expectation that a substantial amount of this time may be given to questions and audience discussion, rather than pure presentation. Papers and presentations should be conducive to discussion, and the audience is encouraged to participate. To promote a high level of interaction, attendance is limited. First preference is given to participating authors. Additional seats are available on a first-come first-served basis.
Additionally, a pre-workshop version of the paper will be distributed to attendees. However, authors are encouraged to incorporate comments from the discussions at the workshop into final, camera-ready versions of their paper, to be published publicly by USENIX. Camera-ready paper versions are not due until approximately one month after the workshop.
LASER also seeks to foster learning in experimental methods for the next generation of computer security researchers. As such, LASER offers a limited number of student scholarships for participation.
Paper Submissions Due: January 29, 2016 (Firm date: there will be NO Extensions)
Paper Decisions to Authors: February 29, 2016