IFIP SEC 2017 – Day 1

Keynote: Jan Camenisch, IBM: Cryptography for People

SESSION 1 - Network security and cyber attacks

Turning Active TLS Scanning to Eleven - Wilfried Mayer and Martin Schmiedecker

Slow TCAM Exhaustion DDoS Attack - Tulio A. Pascoal, Yuri Gil Dantas, Iguatemi E. Fonseca and Vivek Nigam

Evasive Malware Detection using Groups of Processes - Gheorghe Hajmasan, Alexandra Mondoc, Radu Portase, Octacian Cret

A Malware-Tolerant, Self-Healing Industrial Control System Framework - Michael Denzel, Mark Ryan and Eike Ritter

Process Discovery for Industrial Control System Cyber Attack Detection - David Myers, Kenneth Radke, Suriadi Suriadi and Ernest Foo

SESSION 2 - Security and privacy in social applications and cyber attacks defense

Secure Photo Sharing in Social Networks - Pablo Picazo-Sanchez, Raul Pardo and Gerardo Schneiderz

Context-Dependent Privacy-Aware Photo Sharing based on Machine Learning - Lin Yuan, Joel Theytaz and Touradj Ebrahimi

3LP: Three Layers of Protection for Individual Privacy in Facebook - Khondker Jahid Reza, Md Zahidul Islam and Vladimir Estivill-Castro

Supporting Privacy by Design using Privacy Process Patterns - Vasiliki Diamantopoulou, Christos Kalloniatis, Stefanos Gritzalis and Haralambos Mouratidis

SESSION 3 - Private queries and aggregations

Query Privacy in Sensing-as-a-Service Platforms - Ruben Rios, David Nunez and Javier Lopez

Secure and Efficient k-NN Queries - Hafiz Asif, Jaideep Vaidya, Basit Shafiq and Nabil Adam

Secure and Trustable Distributed Aggregation based on Kademlia - Stephane Grumbach, Robert Riemann

IFIP SEC 2017 - Day 2

09:00 - 10:00

Keynote (Kristian Beckman Award): Gene Spafford, Purdue University: Reflections on the state of cyber security

SESSION 4 - Operating system and firmware security

A Framework for Moving Target Defense Quantification - Warren J. Connell, Massimiliano Albanese and Sridhar Venkatesan

Detection of Side Channel Attacks based on Data Tainting in Android Systems - Mariem Graa, Nora Cuppens, Frederic Cuppens, Jean-Louis Lanet and Routa Moussaileb 

The Fuzzing Awakens: File Format-Aware Mutational Fuzzing on Smartphone Media Server Daemons - Minsik Shin, JungBeen Yu, Youngjin Yoon and Taekyoung Kwon

Towards Automated Classification of Firmware Images and Identification of Embedded Devices - Andrei Costin, Apostolis Zarras and Aurelien Francillon

Runtime Firmware Product Lines using TPM2.0 - Andreas Fuchs, Christoph Krauß and Jürgen Repp

SESSION 5 - User authentication and policies

On the Use of Emojis in Mobile Authentication - Lydia Kraus, Robert Schmidt, Marcel Walch, Florian Schaub and Sebastian Moller

EmojiTCHA: Using Emotion Recognition to Tell Computers and Humans Apart - David Lorenzi, Jaideep Vaidya, Achyuta Aich, Shamik Sural, Vijay Atluri and Joseph Calca

Assisted Authoring, Analysis and Enforcement of Access Control Policies in the Cloud - Umberto Morelli and Silvio Ranise

Capturing Policies for BYOD- Joseph Hallett and David Aspinall

SESSION 6 - Applied cryptography and voting schemes

Improving Blind Steganalysis in Spatial Domain using a Criterion to Choose the Appropriate Steganalyzer between CNN and SRM+EC - Jean-Francois Couchot, Raphael Couturier and Michel Salomon

BinSign: Fingerprinting Binary Functions to Support Automated Analysis of Code Executables - Lina Nouh, Ashkan Rahimian, Djedjiga Mouheb, Mourad Debbabi and Aiman Hanna

Decoy Password Vaults: At Least As Hard As Steganography? - Cecilia Pasquini, Pascal Schoettle and Rainer Boehme

Election-Dependent Security Evaluation of Internet Voting Schemes- Stephan Neumann, Manuel Noll and Melanie Volkamer

IFIP SEC 2017 – Day 3

Keynote Roberto Di Pietro, Nokia Bell Labs: Unleashing e-health potential: security and architectural issues

SESSION 7 - Software security and privacy

Combating Control Flow Linearization - Julian Kirsch, Clemens Jonischkeit, Thomas Kittel, Apostolis Zarras and Claudia Eckert

Ghost Patches: Fake Patches for Fake Vulnerabilities - Jeffrey Avery and Eugene H. Spafford

SIMBER: Eliminating Redundant Memory Bound Checks via Statistical Inference - Hongfa Xue, Yurong Chen, Fan Yao, Yongbo Li, Tian Lan and Guru Venkataramani

Towards Systematic Privacy and Operability (PRIOP) Studies - Rene Meis and Maritta Heisel

Data Minimisation: a Language-Based Approach - Thibaud Antignac, David Sands and Gerardo Schneider

SESSION 8 - Privacy

Differentially Private Neighborhood-based Recommender Systems - Jun Wang and Qiang Tang

Privacy-enhanced Profile-based Authentication using Sparse Random Projection - Somayeh Taheri, Md Morshedul Islam and Reihaneh Safavi-Naini

Evaluating the Privacy Implications of Frequent Itemset Disclosure - Edoardo Serra, Jaideep Vaidya, Haritha Akella and Ashish Sharma

HyBIS: Advanced Introspection for Effective Windows Guest Protection - Roberto Di Pietro, Federico Franzoni and Flavio Lombardi

SESSION 9 - Digital Signature, risk management, and code reuse attacks

Forward-Secure Digital Signature Schemes with Optimal Computation and Storage of Signers - Jihye Kim and Hyunok Oh

RiskInDroid: Machine Learning-based Risk Analysis on Android - Alessio Merlo and Gabriel Claudiu Georgiu

Using Fraud Patterns for Fraud Risk Assessment of E-services - Ahmed Seid Yesuf, Jetzabel Serna-Olvera and Kai Rannenberg

Gadget Weighted Tagging: A Flexible Framework to Protect Against Code Reuse Attacks - Liwei Chen, Mengyu Ma, Wenhao Zhang, Gang Shi and Dan Meng