IFIP SEC 2019 - Conference Program

Crypto and Encryption

Chair: André Zúquete

Arcana: Enabling Private Posts on Public Microblog Platforms (#12)

Anirudh Narasimman, Qiaozhi Wang, Fengjun Li, Dongwon Lee, and Bo Luo

Fast Keyed-Verication Anonymous Credentials on Standard Smart Cards (#21)

Jan Camenisch, Manu Drijvers, Petr Dzurenda and Jan Hajny

BlockTag: Design and Applications of a Tagging System for Blockchain Analysis (#42)

Yazan Boshmaf, Husam Al Jawaheri, and Mashael Al Saba

Organizational and Behavioral Security

Chair: Lech Janczewski

Dierentially Private Generative Adversarial Networks for Time Series, Continuous, and Discrete Open Data (#32)

Lorenzo Frigerio, Anderson Santana de Oliveira, Laurent Gomez, and Patrick Duverger

ESARA: A Framework for Enterprise Smartphone Apps Risk Assessment (#64)

Majid Hatamian, Sebastian Pape and Kai Rannenberg

SocialAuth: Designing Touch Behavioral Smartphone User Authentication based on Social Networking Applications (#81)

Weizhi Meng, Wenjuan Li, Lijun Jiang, and Jianying Zhou

User Data and Privacy Controls

Chair: Bart De Decker

Predicting Students’ Security Behavior Using Information-Motivation-Behavioral Skills Model (#46)

Ali Farooq, Debora Jeske, and Jouni Isoaho

Why Do People Pay for Privacy-Enhancing Technologies? The Case of Tor and JonDonym (#50)

David Harborth, Xinyuan Cai, and  Sebastian Pape

Towards Contractual Agreements for Revocation of Online Data (#37)

Theodor Schnitzler, Markus Dürmuth, and Christina Pöpper


Chair: Kane Smith

Physical presence verification using TOTP and QR codes (#87)

Emin Huseynov and Jean-Marc Seigneur

An Authentication and Key Agreement Scheme using ECQV in IoT Environments (#90)

Dae-Hwi Lee and Im-Yeong Lee

Efficiently Vectorized Anonymization in Data Mining using Genetic Algorithms (#99)

Fatemeh Amiri, Gerald Quirchmayr, Peter Kieseberg, Alessio Bertone and Edgar Weippl

Access Control Models via Non-Standard Logics (#101)

Mikhail M. Kucherov and Bogulskaya Nina A.

Data Integrity and Security

Chair: Carlos Rieder

On the Eectiveness of Control-Flow Integrity Against Modern Attack Techniques (#44)

Sarwar Sayeed and Hector Marco-Gisbert

Automatically Proving Purpose Limitation in Software Architectures(#67)

Kai Bavendiek, Tobias Mueller, Florian Wittner, Thea Schwaneberg, Christian-Alexander Behrendt, Wolfgang Schulz, Hannes Federrath, and Sibylle Schupp

Commit Signatures for Centralized Version Control Systems (Extended Abstract) (#70)

Sangat Vaidya, Santiago Torres-Arias, Reza Curtmola, and Justin Cappos


Chair: Matt Bishop

A Short-cycle Framework Approach to Integrating Psychometric Feedback and Data Analytics to Rapid Cyber Defense (#22)

Erik Moore, Steve Fulton, Roberta Mancuso, Tristen Amador and Daniel Likarish

Identifying Security Requirements Body of Knowledge for the Security Systems Engineer (#12) 

Sune von Solms and Annlize Marnewick

Introducing Research into the Undergraduate Curriculum in Cybersecurity (#17) 

Susanne Wetzel and Dimitrios Damopoulos

Intrusion Detection & Access Control

Chair: Abbas Shahim

Towards an Automated Extraction of ABAC Constraints from Natural Language Policies (#59)

Manar Alohaly, Hassan Takabi, and Eduardo Blanco

An Ecient and Scalable Intrusion Detection System on Logs of Distributed Applications (#48)

David Lanoë, Michel Hurn, Eric Totel, and Carlos Maziero

Hunting Brand Domain Forgery: A Scalable Classication for Homograph Attack (#17)

Tran Phuong Thao, Yukiko Sawaya, Hoang-Quoc Nguyen-Son, Akira Yamada, Kazumasa Omote, and Ayumu Kubota

Organizational and Behavioral Security

Chair: Nora Cuppens

The Inuence of Organizational, Social and Personal Factors on Cybersecurity Awareness and Behavior of Home Computer Users (#19)

Joëlle Simonet and Stephanie Teufel

To Be, or Not to Be Notied Eliciting Privacy Notication Preferences for Online mHealth Services (#47)

Patrick Murmann, Delphine Reinhardt, and Simone Fischer-Hübner

A Structured Comparison of the Corporate Information Security Maturity Level (#49)

Michael Schmid and Sebastian Pape


Chair: Onyi Nwafor

Privacy by Design using Agents and Sovereign Identities (#91)

Kalman Toth and Alan Anderson-Priddy

ID-Based Proxy Re-encryption for Collusion Resistance in Cloud Storage (#92)

Won-Bin Kim and Im-Yeong Lee

A Machine Learning Framework for Studying User Behaviors in Phishing Email Processing (#97)

Yi Li, Kaiqi Xiong and Xiangyang Li

On the Administrative Information Security: definition and impact on Security Governance

Gurpreet Dhillon and Winnie Picoto


Chair: Erik Moore

Learning Principles and the Secure Programming Clinic (#26) 

Matt Bishop, Melissa Dark, Lynn Futcher and Johan van Niekerk

Light Cryptography (#14)

Pascal Lafourcade, Takaaki Mizuki, Atsuki Nagao and Kazumasa Shinagawa

An Educational Intervention for Teaching Secure Coding Practices (#10)

Vuyolwethu Mdunyelwa, Lynn Futcher and Johan van Niekerk

Access Control

Chair: Kai Rannenberg

Performance of Password Guessing Enumerators Under Cracking Conditions (#35)

Mathieu Valois, Patrick Lacharme, and Jean-Marie Le Bars

An Oine Dictionary Attack against zkPAKE Protocol (#23)

José Becerra, Peter Y. A. Ryan, Petra Sala, and Marjan Skrobot

Fine-Grained Access Control in Industrial Internet of Things: Evaluating Outsourced Attribute-Based Encryption (#56)

Dominik Ziegler, Josef Sabongui, and Gerald Palfinger


Chair: Lynette Drevin

Lessons Learned from an Organizational Information Security Awareness Campaign (#20)

 Jacques Ophoff and Juan-Marc Scrimgeour

A Comprehensive Framework for Understanding Security Culture in Organizations (#9) 

Alaa Tolah, Steven Furnell and Maria Papadaki

Using Gamification to Improve Information Security Behavior: A Password Strength Experiment (#25) 

Jacques Ophoff and Frauke Dietz

Identity & Access Control

Chair: Fredrik Karlsson

Forward Secure Identity-based Signature Scheme with RSA (#80)

Hankyung Ko, Gweonho Jeong, Jongho Kim, Jihye Kim and Hyunok Oh

Removing Problems in Rule-Based Policies (#63)

Zheng Cheng , Jean-Claude Royer, and Massimo Tisi

Is This Really You? An Empirical Study on Risk-Based Authentication Applied in the Wild (#11)

Stephan Wieing, Luigi Lo Iacono, and Markus Dürmuth

Jacques Ophoff

Andragogy as a Scientific Basis for Training Professionals in Information Security (#5) Alexander Tolstoy and Natalia Miloslavskaya

Identifying Information Security Risks in a Social Network using Self-organising Map (#11) 

Rudi Serfontein, Hennie Kruger and Lynette Drevin

Blockchain and its Security: Ignore or Insert into Academic Training? (#1) 

Natalia Miloslavskaya and Alexander Tolstoy

Intrusion Detection

Chair: Yuko Murayama

Control Logic Injection Attacks on Industrial Control Systems (#45)

Hyunguk Yoo and Irfan Ahmed

GanDef: A GAN based Adversarial Training Defense for Neural Network Classier (#6)

Guanxiong Liu, Issa Khalil, and Abdallah Khreishah

WISE Working Group

Chair: Natalia Miloslavskaya

Addressing the Graduate Student Pipeline Problem in Cybersecurity

Susanne We


Chair: Ella Kolkowska

Integrating Blockchain into Security Curricula

Kane Smith

A theoretical study and review on Blockchain's Privacy Mechanisms (98)

Adam Mihai Gergely and Bogdan Crainicu

WHOIS and the GDPR - A (never) ending story in cyberspace? (85)

Matthias Hudobnik

Soter: Trust Discovery Framework for Internet of Medical Things (IoMT) (#93)

Maha Allouzi and Javed Khan

 IFIP Information Security Conference & Privacy Conference - IFIP Technical Committee 11