2nd International Workshop on Traffic Measurements for Cybersecurity
(WTMC 2017)

co-located with
38th IEEE Symposium on Security and Privacy

logo logo_sandp logo_COMSOC

San Jose, California
May 25, 2017

Current communication networks are increasingly becoming pervasive, complex, and ever-evolving due to factors like enormous growth in the number of network users, continuous appearance of network applications, increasing amount of data transferred, and diversity of user behaviors. Understanding and measuring traffic in such networks is a difficult yet vital task for network management but recently also for cybersecurity purposes. Network traffic measuring and monitoring can, for example, enable the analysis of the spreading of malicious software and its capabilities or can help to understand the nature of various network threats including those that exploit users’ behavior and other user’s sensitive information. On the other hand network traffic investigation can also help to assess the effectiveness of the existing countermeasures or contribute to building new, better ones. Recently, traffic measurements have been utilized in the area of economics of cybersecurity e.g. to assess ISP “badness” or to estimate the revenue of cyber criminals.

The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of cybersecurity and understand how traffic measurements can influence it. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. This workshop presents some of the most relevant ongoing research in cybersecurity seen from the traffic measurements perspective.

The workshop will be accessible to both non-experts interested in learning about this area and experts interesting in hearing about new research and approaches.

Topics of interest include, but are not limited to:

  • Measurements for network incidents response, investigation and evidence handling
  • Measurements for network anomalies detection
  • Measurements for economics of cybersecurity
  • Network traffic analysis to discover the nature and evolution of the cybersecurity threats
  • Measurements for assessing the effectiveness of the threats detection/prevention methods and countermeasures
  • Novel passive, active and hybrid measurements techniques for cybersecurity purposes
  • Traffic classification and topology discovery tools for monitoring the evolving status of the network from the cybersecurity perspective
  • Correlation of measurements across multiple layers, protocols or networks for cybersecurity purposes
  • Novel visualization approaches to detect network attacks and other threats
  • Analysis of network traffic to provide new insights about network structure and behavior from the security perspective
  • Measurements of network protocol and applications behavior and its impact on cybersecurity and users' privacy
  • Measurements related to network security and privacy
  • Ethical issues in measurements for cybersecurity


Papers will be accepted based on peer review (3 per paper) and should contain original, high quality work. All papers must be written in English.

Authors are invited to submit regular papers (maximum 6 pages) via EasyChair. Papers must be formatted for US letter (not A4) size paper with margins of at least 3/4 inch on all sides. The text must be formatted in a two-column layout, with columns no more than 9” high and 3.375” wide. The text must be in Times font, 10-point or larger, with 12-point or larger line spacing. Authors are encouraged to use the IEEE conference proceedings templates found here: Manuscript Template. Failure to adhere to the page limit and formatting requirements will be grounds for rejection.

Papers describing cybersecurity measurement studies should include an ethical considerations paragraph, and where applicable reach out to their institutional ethics committee or institutional review board. For guidance see the Menlo Report and its companion document.

Submission page: https://easychair.org/conferences/?conf=wtmc2017

Submission of a paper implies that should the paper be accepted, at least one of the authors will register and present the paper in the conference.

Papers accepted by the workshop will be published in the Conference Proceedings published by IEEE Computer Society Press. The extended versions of all accepted papers will be considered for publication in a special issue of the Journal of Cyber Security and Mobility (confirmed) or EURASIP Journal on Information Security (confirmed). The decision will depend on the quality of the paper and quality of the presentation at WTMC 2017. The final decision will be made by co-chairs after the workshop.


January 22, 2017 (EXTENDED): Regular Paper Submission
February 15, 2017: Notification Date
March 15, 2017: Camera-Ready Paper Deadline

The 2nd WTMC workshop will be held at the Fairmont Hotel, San Jose, California.
Maciej Korczyński, Delft University of Technology, The Netherlands
Wojciech Mazurczyk, Warsaw University of Technology, Poland
Katsunari Yoshioka, Yokohama National University, Japan
Michel van Eeten, Delft University of Technology, The Netherlands
Engin Kirda, Northeastern University, USA


Tomasz Andrysiak, UTP Bydgoszcz, Poland
Hadi Asghari, Delft University of Technology, Netherlands
Elias Bou-Harb, National Cyber Forensics and Traning Alliance & Florida Atlantic University, Canada
Giovane C. M. Moura, SIDN, Netherlands
Pedro Casas, Austrian Institute of Technology, Austria
Luca Caviglione, CNR ISSIA, Italy
Eric Chan-Tin, Oklahoma State University, USA
Michal Choras, ITTI Ltd., Poland
Richard Clayton, University of Cambridge, UK
Andrzej Duda, Grenoble Institute of Technology, France
Romain Fontugne, Internet Initiative Japan (IIJ), Japan
Pawel Foremski, Institute of Theoretical and Applied Informatics, Polish Academy of Sciences, Poland
Kensuke Fukuda, National Institute of Informatics, Japan
Zeno Geradts, Netherlands Forensic Institute, Netherlands
Carlos H. Gañán, Delft University of Technology, Netherlands
Amir Houmansadr, The University of Texas at Austin, USA
Artur Janicki, Warsaw University of Technology, Poland
Bartosz Jasiul, Military Communication Institute, Poland
Christian Keil, DFN-CERT Services GmbH, Germany
Joerg Keller, FernUniversitaet in Hagen, Germany
Igor Kotenko, SPIIRAS, Russia
Zbigniew Kotulski, Warsaw University of Technology, Poland
Christian Kraetzer, Otto-von-Guericke University Magdeburg, Germany
Jean-Francois Lalande, INSA Centre Val de Loire, France
Matthew Luckie, University of Waikato, New Zealand
Tyler Moore, University of Tulsa, USA
Philippe Owezarski, LAAS-CNRS, France
Giancarlo Pellegrino, Saarland University, Germany
Pedro Luis Prospero Sanchez, University of Sao Paulo, Brazil
William Robertson, Northeastern University, USA
Johnson Thomas, Oklahoma State University, USA
Hui Tian, National Huaqiao University, China
Guillaume Urvoy-Keller, Université de Nice Sophia-Antipolis, France
Jeroen van der Ham, National Cyber Security Centrum (NCSC), Netherlands
Roland van Rijswijk – Deij, Surfnet/University of Twente, Netherlands
Zachary Weinberg, Carnegie Mellon University, USA
Steffen Wendzel, Fraunhofer FKIE, Germany
Yang Xiao, The University of Alabama, USA


WTMC 2016


Contact WTMC 2017 chairs using this email address: chairs@wtmc.info.