2nd Model-driven Simulation and Training Environments
for Cybersecurity (MSTEC)
17 September, 2020 — Guildford, United Kingdom
co-located with the The European Symposium on Research in Computer Security (ESORICS)

COVID-19 update (from ESORICS)

Last updated Monday 4 May 2020

The safety and well-being of all conference participants is our priority. After evaluating the ongoing COVID-19 situation, the decision has been made to run ESORICS 2020 and the associated workshops as an all-digital conference experience, and it will now be an online event. Therefore, ESORICS 2020 will take place as entirely virtual. The conference and workshop dates remain the same: September 14 - 18, 2020.

Camera-ready papers, Video presentations, and Registration

Last updated Friday 28 August 2020

The camera-ready versions of the paper must be send via email at hatzivas@ics.forth.gr. The PDF as well as the source file (Word or Latex) must be in accordance with the Springer LNCS template (available from http://www.springer.de/comp/lncs/authors.html). The authors have also to sign the consent form for the Springer Proceedings. You can download the file from here. The deadline is set for 31/08/2020.

Due to the COVID-19 situation, the authors have also to send two video presentations for each accepted paper: i) a video with an abstract presentation lasting 1 minute and ii) the main video presentation lasting around 20 minutes. The presenter has to upload the videos to YouTube and send the link at hatzivas@ics.forth.gr. Instructions for this can be found here. Each presenter has also to sign a relevant consent form (available here) and send it both at hatzivas@ics.forth.gr and esorics2020@surrey.ac.uk. The deadline is set for 31/08/2020.

Moreover, everyone who wants to participate or attend the event must complete the registration in ESORICS at ESORICS 2020 Registration.


MSTEC will not have any keynote presentation. The Keynotes from ESORICS 2020 can be found at ESORICS 2020 Keynotes

Conference Program

A printable version can be downloaded from this link

09:00 – 09:15


09:15 – 10:15

Session 1: Cyber Security Training Modelling

Chairs: George Hatzivasilis & Sotiris Ioannidis

Cyber Taxi: A Taxonomy of Interactive Cyber Training and Education Systems

Marcus Knupfer, Tore Bierwirth, Lars Stiemert, Matthias Schopp, Sebastian Seeber, Daniela Pohn, and Peter Hillmann

Cyber Range Training Programme Specification through Cyber Threat and Training Preparation Models

Michail Smyrlis, Konstantinos Fysarakis, George Spanoudakis, and George Hatzivasilis

10:15 – 11:15

Session 2: Serious Games

Chairs: George Hatzivasilis & Sotiris Ioannidis

A Pond Full of Phishing Games - Analysis of Learning Games for Anti-Phishing Education

Rene Roepke, Klemens Koehler, Vincent Drury, Ulrik Schroeder, Martin R. Wolf, and Ulrike Meyer

Conceptualization of a CyberSecurity Awareness Quiz

Sebastian Pape, Ludger Goeke, Alejandro Quintanar, and Kristian Beckers

11:15 – 12:15

Session 3: Emulation & Simulation Studies

Chairs: George Hatzivasilis & Sotiris Ioannidis

Towards the Monitoring and Evaluation of Trainees' Activities in Cyber Ranges

Chiara Braghin, Stelvio Cimato, Ernesto Damiani, Fulvio Frati, Elvinia Riccobene, and Sadegh Astaneh

Automatically protecting network communities by systematically analysing the simulation results from malware epidemiological models

Xiao-Si Wang, Jessica Welding, and Tek Kan Chung

12:15 – 12:30

Panel discussion

12:30 – 13:30

Coffee Break

13:30 – 14:30

Session 4: Attacks

Chairs: George Hatzivasilis & Sotiris Ioannidis

Chasing Botnets: A Real Security Incident Investigation

Martin Kunc and George Hatzivasilis

Software System Exploration using Library Call Analysis

Marinos Tsantekidis and Vassilis Prevelakis

14:30 – 15:30

Session 5: Security Policies

Chairs: George Hatzivasilis & Sotiris Ioannidis

A pattern–driven adaptation in IoT orchestrations to guarantee SPDI properties

Manos Papoutsakis, Konstantinos Fysarakis, Emmanouil Michalodimitrakis, Eftychia Lakka, Nikolaos Petroulakis, George Spanoudakis, and Sotiris Ioannidis

Password Management: How Secure Is Your Login Process?

George Hatzivasilis

15:30 – 15:45

Panel discussion - Closing

Call for Papers

Important dates

  • Paper submission deadline: May 31, 2020 extended to July 26, 2020 (AoE, UTC-12)
  • Acceptance notification: July 31, 2020
  • Final paper due: August 31, 2020
  • Workshop: September 17, 2020


The 2nd Model-driven Simulation and Training Environments for Cybersecurity (MSTEC) addresses recent advances in the field of cyber modeling and simulation. It is aimed at providing a forum of practitioners and researchers to discuss cyber modeling and simulation (M&S) as well as its application to the development of cyber-security training scenarios and courses of action (COAs). Specifically, it will focus on the verification and validation (V&V) process, which provides the operational community with confidence in knowing that cyber models represent the real world, and will discuss how defense training may benefit from cyber models. It will also investigate advances in emulators, simulators and their potential combination. The workshop papers are expected to take a holistic approach to the overall system assurance process, presenting advances in the simulation of people, policies, processes, and technologies currently available in the field. The workshop aims to connect the multiple threads that currently compose cyber modelling and simulation into a coherent view of what is usable in order to train experts and non-computer-savvy users toward and assured operation of critical systems. The workshop will precede the ESORICS 2020 conference.

MSTEC encourages systems security researchers to share early iterations of bleeding-edge ideas with the community, before they are further developed into full papers. Reciprocally, authors receive feedback to help steer and improve their research to its full potential.

Topics of Interest

We invite submissions of full research and survey papers as well as posters on related topics to cybersecurity, including but not limited to:

  • Cyber threat and training preparation models
  • Cyber models and training design
  • Cyber ranges for cybersecurity training and training facility
  • Training platforms and evaluation scenarios
  • On-line training procedures and courses of action (COAs)
  • Training adaptation and training for non-cybersecurity experts
  • Gamification and serious games
  • Modeling and simulation for cyber training (M&S)
  • Simulation and emulation of information systems, networks, and cyber attacks
  • Real-time monitoring and visualization
  • System assurance verification and validation (V&V)

In accordance with the spirit of MSTEC, we also seek:

  • Quantified or insightful experience with existing systems
  • Reproduction or refutation of previous results
  • Negative results and early ideas

Paper submissions

Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference/workshop with proceedings. The symposium proceedings will be published by Springer in the Lecture Notes in Computer Science series (LNCS).

All submissions should follow the LNCS template (available from http://www.springer.de/comp/lncs/authors.html) from the time they are submitted. Submitted papers should be at most 16 pages (using 10-point font), excluding the bibliography and well-marked appendices, and at most 20 pages total. Committee members are not required to read the appendices, so the paper should be intelligible without them. All submissions must be written in English. Submissions are to be made to the submission web site. Only pdf files will be accepted. Submissions are not anonymous.

Submissions not meeting these guidelines risk rejection without consideration of their merits. Authors of accepted papers must agree with Springer LNCS copyright and guarantee that their papers will be presented at the conference.

Submission website: https://easychair.org/conferences/?conf=mstec2020.


Program Chair

General Chairs

Technical Chairs

  • George Hatzivasilis, FORTH, Greece
  • Fulvio Frati, University of Milan, Italy
  • Marinos Tsantekidis, Technical University of Braunschweig, Germany
  • Kostantinos Fysarakis, Sphynx Technology Solutions AG, Switzerland
  • Ludger Goeke, Social-Engineering Academy, Germany
  • Hristo Koshutanski, ATOS, Spain
  • George Leftheriotis, TUV Hellas, Greece
  • George Tsakirakis, ITML, Greece

Web Chairs