What Is a Hot Topic? presented at HotSec 2015

by Douglas Maughan, Jeremy Epstein,

Summary : What makes a hot topic? Is it that researchers are inspired by some new idea or approach? Or is it driven by funding from external organizations? And what role does industry play in this? For example, at one point applying machine learning to IDS’s was hot, but now, while still researched, the topic itself does not inspire the same kind of fervor that it once did within the research community. Yet it is currently a hot topic within industry, but using the phrase security analytics instead to describe the same underlying techniques. Another example is that continuous authentication / mobile authentication is currently a hot topic. Why? And what role should funding play in developing or encouraging hot topics, versus supporting more basic research? For example, should funding go towards continuous authentication, or should more basic research (e.g., in passwords) be supported?