The Fifth International Workshop on Graphical Models for Security Oxford, UK - July 8, 2018 *Submission deadline extended until April 20* http://gramsec.uni.lu Co-located with CSF 2018 In conjunction with FLoC 2018 SCOPE The use of graphical security models to represent and analyse the security of systems has gained an increasing research attention over the last two decades. Formal methods and computer security researchers, as well as security professionals from the industry and government, have proposed various graphical security models, metrics, and measurements. Graphical models are used to capture different security facets and address a range of challenges including security assessment, automated defence, secure services composition, security policy validation, and verification. For example, attack graphs, attack trees, attack–defence trees, and attack countermeasure trees represent possible ways of attacking and defending a system while misuse cases and mal-activity diagrams capture threats and abusive behaviour of users. TOPICS This year, we are particularly keen to encourage excellent submissions related, but not restricted, to the following broad headings: • Graph representations: mathematical, conceptual, and implemented tools for describing and reasoning about security • Logical approaches: formal logical tools for representing and reasoning about graphs and their use as modelling tools in security • Machine learning: modelling and reasoning about the role of big data and machine learning in security operations • Networks in national security: terrorist networks, counter-terrorism networks; safety in national infrastructure (e.g., utilities and transportation) • Risk analysis and management: models of risk management in business and organizational architectures • Social networks: using and reasoning about social graphs, network analysis, network protocols, social mapping, sociometry. Preference will be given to papers likely to stimulate high-quality debate at the Workshop. PAPER SUBMISSION We solicit two types of submissions: • Regular papers (up to 15 pages, excluding the bibliography and well-marked appendices) describing original and unpublished work within the scope of the workshop. • Short papers (up to 7 pages, excluding the bibliography and well-marked appendices) describing original and unpublished work in progress. The reviewers are not required to read the appendices, so the papers should be intelligible without them. All submissions must be prepared using the LNCS style: http://www.springer.com/computer/lncs?SGWID=0-164-6-793341-0 Each paper will undergo a thorough review process. All accepted (regular and short) papers will be included in the workshop's post-proceedings. The GraMSec 2018 post-proceedings will be published in the Lecture Notes in Computer Science (LNCS) series of Springer. Submissions should be made using the GraMSec 2018 EasyChair website: https://easychair.org/conferences/?conf=gramsec2018 IMPORTANT DATES • Submission deadline: Friday, April 20, 2018 (extended) • Acceptance notification: Tuesday, May 15, 2018 • Workshop: Sunday, July 8, 2018 INVITED SPEAKER Mike Fisk, Chief Information Officer at Los Alamos National Laboratory, NM, USA Invited talk: Intrusion Tolerance in Complex Cyber Systems PROGRAM CHAIRS • George Cybenko, Dartmouth College, NH, USA • David J. Pym, UCL, UK GENERAL CHAIR • Barbara Kordy, INSA Rennes, IRISA, FR PC MEMBERS Ludovic Apvrille, Télécom ParisTech, CNRS LTCI, France Stefano Bistarelli, Università di Perugia, Italy Tristan Caulfield, University College London, UK Nora Cuppens-Boulahia, IMT Atlantique, France Harley Eades, Augusta University, USA Olga Gadyatskaya, University of Luxembourg, Luxembourg René Rydhof Hansen, Aalborg University, Denmark Sushil Jajodia, George Mason University, USA Sjouke Mauw, University of Luxembourg, Luxembourg Guy McCusker, University of Bath, UK Per Håkon Meland, SINTEF Digital, Norway Andreas L. Opdahl, University of Bergen, Norway Xinming Ou, University of South Florida, USA Stéphane Paul, Thales Research and Technology, France Sophie Pinchinat, Univ Rennes, CNRS, IRISA, France Saša Radomirovic, University of Dundee, UK Mariëlle Stoelinga, University of Twente, The Netherlands Jan Willemson, Cybernetica, Estonia