International Workshop on AI for Web Application Infrastructure and Cloud Platform Security (AWACS 2022)

Co-located with the 9th European Conf. On Service-Oriented and Cloud Computing (ESOCC 2022) - Operated as online virtual conference, March 22nd to March 24th, 2022 (originally in Lutherstadt Wittenberg, Germany)

The final program can be found on the ESOCC 2022 website. The Proceedings have been published in the ESOCC 2022 Workshop Proceedings by Springer Cham.

In recent decades, cloud computing has enabled the rapid proliferation of web-based information systems that are delivered as services, eliminating the need to purchase and maintain expensive or sophisticated hardware for data storage and processing. Cloud computing systems have therefore minimized the upfront investment of service users while promising high availability, scalability, and elasticity on demand, as well as high levels of performance, fault tolerance, and security.

Artificial intelligence (AI) and Machine Learning (ML) techniques can help DevOps and SecOps teams run cloud services and the underlying web-based information systems in a highly secure and efficient manner. They can gain an accurate and comprehensive understanding of security incidents along the entire system stack, such as unexpected application performance degradation due to network attacks or malicious end-user activity, and proactively initiate appropriate countermeasures.

Current AI- and ML-based approaches and tools mainly focus on detecting and mitigating attacks in isolated technical domains and layers, while attacks on web-based services often leave traces throughout the system. AI-based cross-domain attack detection and orchestrated mitigation therefore have the potential to improve the capabilities of security and risk management systems overall.

The AWACS workshop investigates the general applicability and integration of AI/ML methods in the area of security and risk management in the context of modern web-based information systems. In addition to the automated, domain-specific detection of threats and the determination of countermeasures, special emphasis will be placed on the fusion and integration of domain-specific detectors.

The goal of AWACS is to facilitate the exchange and evolution of relevant innovative ideas and to encourage the participation of researchers from both academia and industry.

Topics include (but are not limited to) the following:

AI-based methods for web application and cloud platform security

• Approaches & applications utilizing federated ML
• Detection and mitigation of network attacks
• AI methods for generating simulations of network attacks
• AI for protocol analysis and verification
• AI methods for design and code analysis
• Governance of AI-based management methods
• AI-based automated (penetration) testing
• AI methods for secure user authentication and authorization

Domains and use cases for AI-based security measures

• Risk control in financial services and systems
• AI in payment transaction systems
• Detection of financial and other types of fraud
• Identity management and misuse prevention
• Intelligent security measures in the IoT
• Experience reports and lessons learned in real-world settings
• Other scenarios and use cases
• Related research projects and initiatives

Important Dates

Paper Submission (extended): 18 February 2022
Acceptance Notification: 11 March 2022
Camera Ready Version: 18 March 2022