NSF Workshop on Automating Cyber Response

Over the past decades, research and industry have provided several tools for intrusion detection, including network security monitoring, asset inventory, log analysis, and anomaly detection. However, alert fatigue is a problem for security operations personnel. This problem is expanding as the complexity of the networks we need to defend increases and the number of sophisticated attackers grows. 

Furthermore, after an incident is detected, incident recovery is often lengthy, taking several months and providing incomplete results. Therefore, our current incident response security practices will always lag behind attackers' abilities to find vulnerable paths toward critical assets. 

This workshop will bring together leaders from academia, industry, and government to understand and identify the industry and government needs for improving incident response. In particular, the workshop's theme will be real-time incident response and automated forensics. We aim to identify research directions to accelerate incident response with automated, repeatable, and measurable approaches. 

For example, recent research has shown that autonomous cyber defense can leverage reinforcement learning on top of basic automation. These systems can learn effective security policies that maintain system performance in the face of persistent adversaries without being told what those policies should be. 

The workshop will cover the following topics.

•     Reinforcement Learning for autonomous cyber defense

•     Explainable AI for Alert Understanding

•     Real-time incident response 

•     Incident response playbooks

•     Persistence: attacks and defenses

•     Forensics

•     Data provenance

•     Automated security assessments

•     Education and workforce development

•     Data-driven label and description of attacks

Hotel info: 

Hotel offering special group rate:

• Hotel Paradox, Autograph Collection for 135 USD per night

Book your group rate for UCSC NSF Conference Courtesy Block

Event Summary:

UCSC NSF Conference Courtesy Block

Start Date: Wednesday, March 6, 2024

End Date: Friday, March 8, 2024

Last Day to Book with this rate: Tuesday, February 20, 2024

Other Hotels in the area include:

• Fairfield Inn & Suites Marriott, Santa Cruz (Closest to Seymour Center)   (831) 420-0777

• Santa Cruz Dream Inn (on the beach) (831) 426-4330

• Courtyard by Marriott Santa Cruz  (2 Blocks to Santa Cruz Beach Boardwalk) (831) 419-8700

Transportation Guide:

We recommend flying into San Jose International Airport (SJC).  

Drive times from the airports to the UCSC area are as follows: San Jose airport ~45 minutes, San Francisco airport ~90 minutes, Oakland airport ~90 minutes.

Ground transportation to/from the airport

We recommend that you use ride-sharing services from the airport to Santa Cruz.  

Uber/Lyft (most affordable shuttle option)

Early Bird Airport Shuttle (831) 462-3933

Santa Cruz Shuttle (831) 421-9883

Blue Water Sedans and Limousines  (831) 576-4296

Coastal Express Transportation (831) 768-8007

If you are eligible for travel reimbursement from NSF (your email invitation to the event described the reimbursement for those eligible) please read the following before booking your trip:

Reimbursement Guidelines

In accordance with UC policy, please use the most economical method(s) of transportation, and be able to provide receipts which itemize each form of transportation. "Bundled" airfare and lodging packages will not be recognized. Please book your airfare, hotel and transportation  separately! Spouses or other persons accompanying you will not be reimbursed. 

You must book and pay for all your own travel expenses. We cannot reimburse travel booked or paid for by a third party. 

Transportation and Logistics Guide

If traveling by air, please make your reservations as soon as possible to obtain the best rate. We strongly recommend flying into San Jose International Airport (SJC).  We can reimburse only coach class tickets. Drive times from the airports to the UCSC area are as follows: San Jose airport ~45 minutes, San Francisco airport ~90 minutes, Oakland airport ~90 minutes.

If you use your personal vehicle for any leg of the travel, you must provide your departure and destination addresses so that we can calculate your mileage for reimbursement. UCSC does not reimburse the cost of gasoline. However, we can reimburse mileage if using your own car. 

If you choose another form of transportation (such your personal vehicle, car rental, Amtrak or Greyhound) to your destination rather than fly, UCSC will reimburse the lesser of the two costs. *Record of an airfare quote (flight comparison) will need to be provided, please obtain the airfare quote prior to the departure of your trip for submission. Your personal automobile must be insured.

Ground transportation to/from airport

We recommend using ride-sharing services (e.g., Uber, Lyft) from home to your local Airport, and the Airport to Santa Cruz.  If you use your own vehicle, you may claim mileage reimbursement from your home to the airport. You will need to provide an itemized receipt and/or map to/from your destination for reimbursement.

Hotels:

If you wish to be reimbursed for your hotel stay, please book your stay in the following hotel:

• Hotel Paradox, Autograph Collection for 135 USD per night

Book your group rate for UCSC NSF Conference Courtesy Block

Parking

If you choose to drive to campus, you will need to pick up a UCSC parking permit to park at the Seymour Center. Directional signage will point you to attendants who will issue free parking passes for the event.