Abstacts of the pesented papers at the IFIP SEC 2015
Parallel Session 1a: Privacy I (Chair: Jaap-Henk Hoepman)
O-PSI: Delegated Private Set Intersection on Outsourced Datasets
Aydin Abadi, Sotirios Terzis and Changyu Dong
Flexible and Robust Privacy-Preserving Implicit Authentication
Josep Domingo-Ferrer, Qianhong Wu and Alberto Blanco-Justicia
Towards Relations between the Hitting-Set Attack and the Statistical Disclosure Attack
Dang Vinh Pham and Dogan Kesdogan
Parallel Session 1b: Web Security (Chair: Carlos Rieder)
Cache Timing Attacks revisited: efficient and repeatable browser history, OS and network sniffing
Chetan Bansal, Sören Preibusch and Natasa Milic-Frayling
Enforcing Usage Constraints on Credentials for Web Applications
Jinwei Hu, Heiko Mantel and Sebastian Ruhleder
A Survey of Alerting Websites: Risks and Solutions
Amrit Kumar and Cedric Lauradoux
Parallel Session 2a: Privacy II (Chair: Bart De Decker)
POSN: A Personal Online Social Network
Esra Erdin, Eric Klukovich, Mehmet Gunes and Gurhan Gunduz
Strategic Noninterference
Wojciech Jamroga and Masoud Tabatabaei
Verifying Observational Determinism
Jaber Karimpour, Ayaz Isazadeh and Ali A. Noroozi
Parallel Session 2b: Mobile and Cloud Services Security I (Chair: Nathan Clarke)
ApkCombiner: Combining Multiple Android Apps to Support Inter-AppAnalysis
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein and Yves Le Traon
Assessment of the Susceptibility to Data Manipulation of Android Games with In-app Purchases
Francisco Vigário, Miguel Neto, Diogo Fonseca, Mário M. Freire and Pedro R. M. Inácio
An Empirical Study on Android for Saving Non-shared Data on Public Storage
Xiangyu Liu, Zhe Zhou, Wenrui Diao, Zhou Li and Kehuan Zhang
Parallel Session 3a: Security Management and Human Aspects of Security I (Chair: Ingrid Schaumüller-Bichl)
Social groupings and information security obedience within organizations
Teodor Sommestad
Attack Trees with Sequential Conjunction
Ravi Jhawar, Barbara Kordy, Sjouke Mauw, Sasa Radomirovic and Rolando Trujillo-Rasua
Enhancing the Security of Image CAPTCHAs through Noise Addition
David Lorenzi, Emre Uzun, Jaideep Vaidya, Shamik Sural and Vijay Atluri
Parallel Session 3b: Mobile and Cloud Services Security II (Chair: Leon Strous)
The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation
Mohamed Sabt, Mohammed Achemlal and Abdelmadjid Bouabdallah
On the Privacy, Security and Safety of Blood Pressure and Diabetes Apps
Konstantin Knorr, David Aspinall and Maria Wolters
A Cloud-based eHealth Architecture for Privacy Preserving Data Integration
Alevtina Dubovitskaya, Visara Urovi, Matteo Vasirani, Karl Aberer and Michael I. Schumacher
Parallel Session 4a: Applied Cryptography (Chair: Dominik Herrmann)
Fast Revocation of Attribute-Based Credentials for Both Users and Verifiers
Wouter Lueks, Gergely Alpar, Jaap-Henk Hoepman and Pim Vullers
Chaotic Chebyshev polynomials based remote user authentication scheme in client-server environment
Toan-Thinh Truong, Minh-Triet Tran, Anh-Duc Duong and Isao Echizen
A Secure Exam Protocol Without Trusted Parties
Giampaolo Bella, Rosario Giustolisi, Gabriele Lenzini and P. Y. A. Ryan
Parallel Session 4b: Software Security I (Chair: André Zúquete)
SHRIFT System-wide HybRid Information Flow Tracking
Enrico Lovat, Alexander Fromm, Martin Mohr and Alexander Pretschner
ISboxing: an Instruction Substitution based Data Sandboxing for x86 Untrusted Libraries
Liang Deng, Qingkai Zeng and Yao Liu
Exploit Generation for Information Flow Leaks in Object-Oriented Programs
Quoc Huy Do, Richard Bubel and Reiner Hähnle
Parallel Session 5a: Access Control, Trust and Identity Management I (Chair: Dogan Kesdogan)
A Generalization of ISO/IEC 24761 to Enhance Remote Authentication with Trusted Product at Claimant
Asahiko Yamada
Enhancing Passwords Security using Deceptive Covert Communication
Mohammed Almeshekah, Mikhail Atallah and Eugene Spafford
Information Sharing and User Privacy in the Third-party Identity Management Landscape
Anna Vapen, Niklas Carlsson, Anirban Mahanti and Nahid Shahmehri
Parallel Session 5b: Software Security II (Chair: Hannes Federrath)
Memoized Semantics-Based Binary Diffing with Application to Malware Lineage Inference
Jiang Ming, Dongpeng Xu and Dinghao Wu
Mitigating Code-Reuse Attacks on CISC Architectures in a Hardware Approach
Zhijiao Zhang, Yashuai Lü, Yu Chen, Yongqiang Lü and Yuanchun Shi
Integrity for Approximate Joins on Untrusted Computational Servers
Sabrina De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi and Pierangela Samarati
Parallel Session 6a: Access Control, Trust and Identity Management II (Chair: Simone Fischer-Hübner)
An Iterative Algorithm for Reputation Aggregation in Multi-dimensional and Multinomial Rating Systems
Mohsen Rezvani, Mohammad Allahbakhsh, Lorenzo Vigentini, Aleksandar Ignjatovic and Sanjay Jha
A Comparison of PHY-Based Fingerprinting Methods Used to Enhance Network Access Control
Timothy Carbino, Michael Temple and Juan Lopez Jr.
Model-driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems
Salvador Martínez, Joaquin Garcia-Alfaro, Frédéric Cuppens, Nora Cuppens-Boulahia and Jordi Cabot
Parallel Session 6b: Network Security (Chair: Kai Rannenberg)
Authenticated File Broadcast Protocol
Simão Reis, André Zúquete, Carlos Faneca and José Vieira
Automated Classification of C&C Connections through Malware URL Clustering
Nizar Kheir, Gregory Blanc, Hervé Debar, Joaquin Garcia-Alfaro and Dingqi Yang
B.Hive: A Zero Configuration Forms Honeypot for Productive Web Applications
Christoph Pohl, Alf Zugenmaier, Michael Meier and Hans-Joachim Hof
Parallel Session 7a: Security Management and Human Aspects of Security II (Chair: Philippos Peleties)
Investigation of Employee Security Behaviour: A Grounded Theory Approach
Lena Connolly, Michael Lang and Doug J. Tygar
Practice-Based Discourse Analysis of InfoSec Policies
Fredrik Karlsson, Goran Goldkuhl and Karin Hedström
Understanding Collaborative Challenges in IT Security Preparedness Exercises
Maria B. Line and Nils Brede Moe
Parallel Session 7b: Cyber-physical Systems and Critical Infrastructures Security (Chair: Peter Lambert)
Application of a Game Theoretic Approach in Smart Sensor Data Trustworthiness Problems
Konstantinos Maraslis, Theodoros Spyridopoulos, George Oikonomou, Theo Tryfonas and Mo Haghighi
Securing BACnet’s Pitfalls
Jaspreet Kaur, Jernej Tonejc, Steffen Wendzel and Michael Meier
On the secure distribution of vendor-specific keys in deployment scenarios
Nicolai Kuntze and Carsten Rudolph