WTMC 2016 (http://wtmc.info) International Workshop on Traffic Measurements for Cybersecurity co-located with 11th ACM Asia Conference on Computer and Communications Security (AsiaCCS 2016) Xi'an, China, May 30, 2016 (submission deadline: February 1, 2016) Today's world's societies are becoming more and more dependent on open networks such as the Internet - where commercial activities, business transactions and government services are realized. This has led to the fast development of new cyber threats and numerous information security issues which are exploited by cyber criminals. The inability to provide trusted secure services in contemporary computer network technologies has a tremendous socio-economic impact on global enterprises as well as individuals. Current communication networks are increasingly becoming pervasive, complex, and ever-evolving due to factors like enormous growth in the number of network users, continuous appearance of network applications, increasing amount of data transferred, and diversity of user behaviors. Understanding and measuring traffic in such networks is a difficult yet vital task for network management but recently also for cybersecurity purposes. Network traffic measuring and monitoring can, for example, enable the analysis of the spreading of malicious software and its capabilities or can help to understand the nature of various network threats including those that exploit users' behavior and other user's sensitive information. On the other hand network traffic investigation can also help to assess the effectiveness of the existing countermeasures or contribute to building new, better ones. Recently, traffic measurements have been utilized in the area of economics of cybersecurity e.g. to assess ISP "badness" or to estimate the revenue of cyber criminals. Topics of interest include, but are not limited to: - Measurements for network incidents response, investigation and evidence handling - Measurements for network anomalies detection - Measurements for economics of cybersecurity - Network traffic analysis to discover the nature and evolution of the cybersecurity threats - Measurements for assessing the effectiveness of the threats detection/prevention methods and countermeasures - Novel passive, active and hybrid measurements techniques for cybersecurity purposes - Traffic classification and topology discovery tools for monitoring the evolving status of the network from the cybersecurity perspective - Correlation of measurements across multiple layers, protocols or networks for cybersecurity purposes - Novel visualization approaches to detect network attacks and other threats - Analysis of network traffic to provide new insights about network structure and behavior from the security perspective - Measurements of network protocol and applications behavior and its impact on cybersecurity and users' privacy - Measurements related to network security and privacy Info: chairs@wtmc.info ---------------------------------