The International Conference on Internet Monitoring and Protection continues a series of special events targeting security, performance, vulnerabilities in Internet, as well as disaster prevention and recovery. Dedicated events focus on measurement, monitoring and lessons learnt in protecting the user.

The design, implementation and deployment of large distributed systems are subject to conflicting or missing requirements leading to visible and/or hidden vulnerabilities. Vulnerability specification patterns and vulnerability assessment tools are used for discovering, predicting and/or bypassing known vulnerabilities.

Vulnerability self-assessment software tools have been developed to capture and report critical vulnerabilities. Some of vulnerabilities are fixed via patches, other are simply reported, while others are self-fixed by the system itself. Despite the advances in the last years, protocol vulnerabilities, domain-specific vulnerabilities and detection of critical vulnerabilities rely on the art and experience of the operators; sometimes this is fruit of hazard discovery and difficult to be reproduced and repaired.

System diagnosis represent a series of pre-deployment or post-deployment activities to identify feature interactions, service interactions, behavior that is not captured by the specifications, or abnormal behavior with respect to system specification. As systems grow in complexity, the need for reliable testing and diagnosis grows accordingly. The design of complex systems has been facilitated by CAD/CAE tools. Unfortunately, test engineering tools have not kept pace with design tools, and test engineers are having difficulty developing reliable procedures to satisfy the test requirements of modern systems. Therefore, rather than maintaining a single candidate system diagnosis, or a small set of possible diagnoses, anticipative and proactive mechanisms have been developed and experimented. In dealing with system diagnosis data overload is a generic and tremendously difficult problem that has only grown. Cognitive system diagnosis methods have been proposed to cope with volume and complexity.

Attacks against private and public networks have had a significant spreading in the last years. With simple or sophisticated behavior, the attacks tend to damage user confidence, cause huge privacy violations and enormous economic losses.

The CYBER-FRAUD track focuses on specific aspects related to attacks and counterattacks, public information, privacy and safety on cyber-attacks information. It also targets secure mechanisms to record, retrieve, share, interpret, prevent and post-analyze of cyber-crime attacks.

Current practice for engineering carrier grade IP networks suggests n-redundancy schema. From the operational perspective, complications are involved with multiple n-box PoP. It is not guaranteed that this n-redundancy provides the desired 99.999% uptime. Two complementary solutions promote (i) high availability, which enables network-wide protection by providing fast recovery from faults that may occur in any part of the network, and (ii) non-stop routing. Theory on robustness stays behind the attempts for improving system reliability with regard to emergency services and containing the damage through disaster prevention, diagnosis and recovery.

Highly reliable emergency communications are required by public safety and disaster relief agencies to perform recovery operations or associated with disasters or serious network events. Future advanced network development and evolution should take into consideration these requirements through solutions:

    Identification of suitable technologies, i.e., narrowband and broadband aspects,
    Interoperability and interworking between emergency communications capabilities and public networks,
    Preferential access to communications resources capabilities, applications, and facilities,
    Preferential use of remaining operational resources.

We solicit both academic, research, and industrial contributions. We welcome technical papers presenting research and practical results, position papers addressing the pros and cons of specific proposals, such as those being discussed in the standard fora or in industry consortia, survey papers addressing the key problems and solutions on any of the above topics short papers on work in progress, and panel proposals.

Industrial presentations are not subject to the format and content constraints of regular submissions. We expect short and long presentations that express industrial position and status.

Tutorials on specific related topics and panels on challenging areas are encouraged.

The topics suggested by the conference can be discussed in term of concepts, state of the art, research, standards, implementations, running experiments, applications, and industrial case studies. Authors are invited to submit complete unpublished papers, which are not under review in any other conference or journal in the following, but not limited to, topic areas.

All topics and submission formats are open to both research and industry contributions.

ICIMP 2022 conference tracks:

CYBERSECURITY: Trends in Cybersecurity

Blockchain and machine learning for cybersecurity; Behavioral biometrics authentication; Privacy by design; Anonymity of blockchain and cryptocurrencies; Threat categorization and threat detection; Threats on critical national infrastructures; Gift card hacking techniques; Medical IoT Device-to-Device communication; Blockchain in supporting critical infrastructures; Vulnerability on social media spaces; Internet of Medical Things (IOMT); Cybersecurity for digital vehicles; Potential radicalization on social media; Blockchain and healthcare systems; Risk-based human behavior profiling; Forensic recovery of cloud evidence; Hacking pacemakers; Prediction of cyber attacks; Ransomware cyberweapon; Liability attribution in smart workplaces; Cybersecurity, laws and regulations; Information from browsers by online advertising platforms; Predicting social engineering victims; Cybercrime awareness

TRENDS: Trends on monitoring with new technologies

Traffic in SND-based data centers; Risk control for shared-servers in data centers; Fraud prevention in Cloud networking; Discovering and monitoring Botnets in SDNs; 5G traffic measurement and monitoring; Monitoring challenges in Smart Cities; Monitoring Smart buildings; Smart metering and monitoring; Smart sensing for ral-time monitoring and control; Monitoring IoT (internet of Things)-based networks; Secure SDNs; Secure IoTs; Monitoring 5G LTE-Advanced networks; LTE-R measurements; Traffic with Big Data; QoE-aware traffic; QoS and QoE in LTE networks; Fraud detection Smart Cities networks; Cyber-attacks in device-to-device Internet; Safety on IoD (Internet of Drones); Monitoring digital health services; Monitoring mission-critical services; Preventing Cyber-systems attacks; Identity control and management; Predictive traffic assessment; Optimal balancing control

TRASI: Internet traffic surveillance and interception

Methods and context to classify legal and illegal traffic; Methods and procedure to classify wanted and undesired traffic; Overloads, attacks, and failures; Detection of attacks via protocols and applications; Undesired traffic evaluation; Traffic identification caused by malicious code (spam, virii, and worms, etc.); Traffic profile during disaster recovery; Traffic during active emergency services; Early warning on growing undesired traffic; Access control and audit detection points; Denial of service; Spoofing; Lawful interception; Multi-modal undesired traffic detection; Measurements and data mining correlation; Countermeasures on undesired traffic

IPERF: Internet performance

Performance-oriented design; Active and passive performance monitoring; Performance metrics and measurements; Measurement-based performance evaluation in Internet; System measurement and monitoring; Performance model verification and validation; Stochastic modeling (queues, Petri nets, etc.); Statistical performance; Performance of Internet routing; Performance optimization; Internet performance prediction; Internet performance evaluation studies; Internet performance testbeds; Performance evaluation of Web search engines; Performance evaluation of P2P systems

RTSEC: Security for Internet-based real-time systems

Security and availability of Web Services; Security/Performance trade-off; Distributed systems security; Language-based security; Formalisms for security and protocol verification; Performance on firewall protected real-time systems; Security management in real-time systems; Metrics and techniques for security risk assessment; Internet monitoring and response security service; Protecting emergency communications from misuse and exploitation; Maintaining security in the face of disaster; Intrusion prevention and detection systems; Secure networks from web-based threats

DISAS: Disaster prevention and recovery

Survivable networks on chips; Intrusion detection and defense; Alerting systems based on outstanding network events; Recovery methods in various networks; Disaster diagnosis and continuity plans; Fighting mechanisms for disaster of networks and applications; Global positioning systems; Vehicle localization and navigation systems; Disaster relief agencies to perform recovery operations; Survivability-driven defense and do-it-yourself disaster recovery; Security during disaster recovery; Budgeting disaster recovery; Networks emergency services; Reliable emergency communications and applications; Response to the networks emergency services; Disaster prevention and recovery; Fighting mechanisms for disaster of networks and applications; Networks resiliency methods; Recovery in various networks; Theory on robust networks; Customer protection and serviceability perception; Cost models and business impact; Cultural and legal aspects; Future advanced network development and evolution; Standards and guidelines; Lawful interception and defense strategies; Security issues with emergency services and disaster recovery

EMERG: Networks and applications emergency services

Survivability architecture for e-commerce; Emergency and non-emergency services; Emergency coverage and intermittent services; PSAPs and emergency services; Future 911 PSAP message interfaces; Reliable emergency communications; Next generation of emergency communications; Response to the networks emergency services; Voice emergency notification services

MONIT: End-to-end sampling, measurement, and monitoring

Internet monitoring techniques and procedures; Monitoring tools, functions, and metrics; Combining, filtering, and reporting monitoring metrics; Theory and practice on sampling/inversion problem (accuracy, complexity, etc.); Distributed and adaptive sampling techniques; Sampling & inverting traffic with passive and active systems; Internet end-to-end measurements from a sampling perspective; Impact of sampling on anomaly detection; Mechanisms for sampling the Internet traffic or collected traces; On-line and off-line metrics and measurements; Incident estimation and monitoring; Internet access monitoring; Spy software; Internet monitoring, filtering and blocking software; Monitoring Internet traffic to optimize network bandwidth; Remote monitoring

REPORT: Experiences & lessons learnt in securing networks and applications

Platforms for electronic distribution of plane tickets; Platforms for electronic distribution of hotel booking; Data accuracy; E-trade strengths and weaknesses; Malicious spyware; Blocking without quarantining the systems/networks; Out-of-band intrusion prevention; Antivirus e-mail gateways software; Security and vulnerability engineering

USSAF: User safety, privacy, and protection over Internet

Countermeasures on fraud prevention; Trust, trust estimators, and trust mitigation in public e-business; Customer protection and serviceability perception; Privacy impacts of emergency presence services; Authentication/authorization; Biometric methodologies and ID Cards; Security on hardware and smart cards; Identity management; Automated security analysis; Electronic Privacy; Anonymity and pseudo-anonymity; Security compliance; Public safety, Instance messages; Presence protocols; Priority user service

SYVUL: Systems vulnerabilities

Vulnerability specification languages; System vulnerability assessment; Formal methods for safety-critical systems; Prediction capabilities of vulnerability discovery models; Highly vulnerable systems; Critical vulnerabilities; Errors and configurations leading to vulnerabilities; Incident reports and handling; Networks resiliency methods; Capacity planning for resilience and emergency; Operational resilience; Theory of disaster-tolerant systems; Web service vulnerability; Protocol vulnerability; Vulnerabilities in database systems; Vulnerability in control systems; Vulnerability analysis and. requirements for the security; Vulnerabilities by self-managed sensors; Recovery by disruption resource procedures; Common vulnerability scoring systems; Cost models and vulnerability business impact

SYDIA: Systems diagnosis

Diagnosis platforms; Diagnosis policy language; Diagnosis event formats; Process algebras for systems diagnosis; Probabilistic diagnosis of multiprocessor systems; Self-diagnosis in distributed systems; Cognitive system diagnosis; System diagnosis using propagation models; Technical intuition in systems diagnosis; Managing conflicts in systems diagnosis; Hybrid systems diagnosis; Diagnosis tools; End-to-end diagnosis; Remote system diagnosis; Diagnosis licensing; Real-time symptom detection and fixing actions; Forensic/real-time/anticipative diagnosis; Diagnosing mobility-oriented systems; Diagnosis of discrete event systems; Diagnosis of complex dynamical systems

CYBER-FRAUD: Cyber fraud

Epidemiological models for warware and cyber-crime propagation; Record and retrieval of cyber-crimes; Forensic analysis; Cyber-crime prevention; Cyber-crime vulnerabilities; Cyber-counterattack at source; Distributed cyber-attacks; Orchestrated cyber-attacks; Recursion attacks; Cyber-storm attacks; Spyware and malware; Cyber-pranks, hoaxes; Phishing/Pharming and anti-phishing; Cyber-terrorism; Online cyber-crime reporting; Accuracy and security of cyber-reports; Fighting cyber-crimes; Cyber-crime laws

BUSINESS: Business continuity

Regulatory compliance; Techniques for business continuity planning in the real world; Business contingency and resumption planning; Emotional continuity management; Semiotic engineering of online services; Emergency preparedness for industry and commerce; Updating, auditing and testing plans; Reduce downtime with continuous backup; Global connectivity and international formats; Web-based planning tools; Automatic high speed notification and response for business continuity; Centralized management; Businesses continuity planning software; On-demand business transformation

RISK: Risk assessment

Risk assessment information systems; Modeling risk assessment; Risk Assessment methods; Global risk assessment; Qualitative risk assessments; Quantitative risk assessment; Challenges in risk assessment; Risk assessment for economy; Risk assessment for security of communications systems; Safety risk assessment; Health system risk assessment; Integrated risk assessment; Planning tools for proactive risk assessment; Risk management; Risk factors and economic impact; Risk metrics and calibration; Precaution and risk balance; Risk and economic analysis of terrorism events; Risk analysis for extreme events; Life cycle assessment in decision making; Environmental risk assessment; Credit ratings risk assessment; Risk Assessment statistics & numerical data; Risk assessment standards; Risk assessment tools and support software

TRUST: Privacy and trust in pervasive communications

Trust development and management; Engineering requirements for trust management; Formalisms for trust specification, verification and validation; Logics for the analysis of trust and for reasoning about trust; Legal framework for online trust environments; Trust in semantic Web services; Reputation systems; Distributed trust management; Trust on anonymous documents; Privacy and trust; Trust in collaborative work and risk assessment; Risk analysis to assess user trust; Human behaviors in trusted environments; Trust in virtual communities; Trust mediation in knowledge management; Trust planning and evaluation metrics; Trust policies; Self-adaptable trust mechanisms; Identity Management in pervasive environments (requirements, levels of abstractions, context, protection, etc.); Assurance (compliance, assurance, audit, security requirements)

RIGHT: Digital rights management

Ontology and frameworks on digital rights management; Digital rights property languages; Semantic and encoding of digital rights; Rights granularity; Digital right technologies; Digital rights management schemes; Federated digital rights management; Distributed digital rights management; Copyright protection schemes; Digital rights management ands social norms; Faire use, innovation, and competition; Trading fair use for digital rights management; Digital rights management and open access; Privacy engineering for digital rights management; Value-centered design for digital rights management; Free software and digital rights management; P2P and digital rights management; Broadband/IPTV content protection and digital rights management; Digital right management and content licensing; Digital rights management issues in real-time and safety/mission systems; RFID tags for digital rights management; Digital rights management in learning systems; Legal policy and digital right management

BIOTEC: Biometric techniques

Models and techniques for biometric technologies; Finger, facial, iris, voice, and skin biometrics; Biometric security; Signature recognition; Multimodal biometrics; Verification and identification techniques; Accuracy of biometric technologies; Authentication smart cards and biometric metrics; Performance and assurance testing; Limitations of biometric technologies; Biometric card technologies; Biometric wireless technologies; Biometric software and hardware; Biometric standards

EMDRM: Enterprise & Media DRM

Digital Policy Management; Enterprise Rights Management (adoption and case studies); DRM Interoperability; Operational Risk Management; Compliance and Regulatory Frameworks (SOX, Basel II, HIPPA, etc.); Corporate Governance; Content and Knowledge Management (financial, CAD, IP, trade secrets, etc.); Interorganizational System (IOS); Retention Policies and Classification; Traceability, Monitoring, tracking, usage metering, audit trails