We are pleased to announce the RSDA 2016 Keynote by:


Head of the Télécommunication Networks and Services Department, Télécom SudParis

Towards a quantitative approach for threat mitigation and response


Cyber-security has emerged early on during the eighties tackling the issue of detecting attacks against computer systems, named then intrusion detection, to automate log analysis done previously manually. The sheer volume of alerts has required the development and deployment of Security Information and Event Management (SIEM) platforms and opened the research field of alert correlation. Alert correlation aims at automatically grouping alerts and contextualizing them in order to facilitate understanding and limit volume. These alert correlation mechanisms have in turn become insufficient to handle all alerts. It is now necessary to automate additional tasks related to threat mitigation and response, in order to ensure that the easier threats are dealt with automatically and that operators can focus on the more difficult tasks of handling the most complex attacks. In this presentation, we will approach the issue of automatically selecting the proper actions in order to respond to an alert, using a quantitative model to deploy multiple counter-measures in the face of multiple threats. This talk will illustrate the approach on several use cases.

Keynote Speakers in previous RSDA editions:

  • RSDA 2014 - Leyla Yumer, Symantec Research Labs: From Script-kiddies to Cyberwars...
  • RSDA 2014 - Brendan Murphy, Microsoft Research: The Role of Data Analytics in Reliability and Security Verification
  • RSDA 2013 - Nuno Silva, Critical Software: The Role of Data for Safety Critical Systems Development and Validation