CODASPY 2017 Program




Wednesday - March 22, 2017

08:45
09:00
Welcome
09:00
10:00
Keynote I: Kang Shin, University of Michigan
Research Issues and Approaches for Connected and Automated Vehicles
Session chair: TBA
10:00
10:30
Coffee Break
10:30
12:15
Session I:
Threats and Anomaly Detection

Session chair: TBA
F Shagufta Mehnaz and Elisa Bertino
Ghostbuster: A Fine-grained Approach for Anomaly Detection in File System Accesses
S Hugo Gascon, Bernd Grobauer, Thomas Schreck, Lukas Rist, Daniel Arp and Konrad Rieck
Mining Attributed Graphs for Threat Intelligence
F Margaux Canet; Amrit Kumar; Cédric Lauradoux; Mary-Andréa Rakotomanga; Reihaneh Safavi-Naini
Decompression Quines and Anti-Viruses
F Shameek Bhattacharjee; Aditya Thakur; Simone Silvestri; Sajal K. Das
Statistical Security Incident Forensics against Data Falsification in Smart Grid Advanced Metering Infrastructure
12:15
13:30
Lunch
13:30
15:00
Session II:
Access Control

Session chair: TBA
F Jason Crampton; Conrad Williams
Canonical Completeness in Lattice-Based Languages for Attribute-Based Access Control
F Tahmina Ahmed; Ravi Sandhu; Jaehong Park
Classifying and Comparing Attribute-Based and Relationship-Based Access Control
F Panagiotis Ilia; Barbara Carminati; Elena Ferrari; Paraskevi Fragopoulou; Sotiris Ioannidis
SAMPAC: Socially-Aware collaborative Multi-Party Access Control
15:00
15:15
Coffee Break
15:15
16:30
Session III:
Privacy I

Session chair: TBA
F Jan Henrik Ziegeldorf; Jan Metzke; Jan Rüth; Martin Henze; Klaus Wehrle
Privacy-Preserving HMM Forward Computation
F Daniele Ucci; Leonardo Aniello; Roberto Baldoni
Share a pie? Privacy-Preserving Knowledge Base Export through Count-min Sketches
S Fabian Foerg; Susanne Wetzel; Ulrike Meyer
Efficient Commodity Matching for Privacy-Preserving Two-Party Bartering
16:30
16:45
Break
16:45
17:45
Session IV:
Privacy II

Session chair:TBA
F Vincent Bindschaedler; Shantanu Rane; Alejandro Brito; Vanishree Rao; Ersin Uzun
Achieving Differential Privacy in Secure Multiparty Data Aggregation Protocols on Star Networks
F Hamza Harkous; Karl Aberer
"If You Can't Beat them, Join them": A Usability Approach to Interdependent Privacy in Cloud Apps
18:00
Session V:
Reception and Poster Session

Session chair: Jae Park
P Abdelouahab Amira; Abdelraouf Ouadjaout; Abdelouahid Derhab; Nadjib Badache
Sound and Static Analysis of Session Fixation Vulnerabilities in PHP web Applications
P Chi Sing Chum; Xiaowen Zhang
A new Bloom filter structure for searchable encryption schemes
P Syed Rafiul Hussain; Shagufta Mehnaz; Shahriar Nirjon; Elisa Bertino
Seamless and Secure Bluetooth LE Connection Migration
P Oana-Georgiana Niculaescu; Mihai Maruseac; Gabriel Ghinita
Differentially-Private Big Data Analytics for High-Speed Research Network Traffic Measurement
P Rakesh Verma; Ayman El Assal
Comprehensive method for detecting phishing emails using correlation based analysis and user participation
P Fang Liu; Haipeng Cai; Gang Wang; Danfeng Yao; Karim Elish; Barbara Ryder
MR-Droid: A Scalable and Prioritized Analysis of Inter-App Communication Risks
P Pierre Bergé; Jason Crampton; Gregory Gutin; Rémi Watrigant
The Authorization Policy Existence Problem
P Cetin Sahin; Brandon Kuczenski; Omer Egecioglu; Amr El Abbadi
Towards Practical Privacy-Preserving Life Cycle Assessment Computations



Thursday - March 23, 2017

09:00
10:00
Keynote II: Raj Rajagopalan, Honeywell
The human capital model for Security Research: Adventures in Tech Transition
Session chair: TBA
10:00
10:30
Coffee Break
10:30
12:15
Session VI:
Protection Against Malware and Static Analysis

Session chair: TBA
F Yufei Gu; Qingchuan Zhao; Yinqian Zhang; Zhiqiang Lin
Transparent Backward-Edge Control Flow Violation Detection Using Intel Processor Trace
F Sebastian Banescu; Mohsen Ahmadvand; Alexander Pretschner; Robert Shield; Chris Hamilton
Detecting Patching of Executables without System Calls
S Julian Vetter; Jan Nordholz; Jean-Pierre Seifert; Shay Gueron
Fault Attacks on Encrypted General Purpose Compute Platforms
F Babak Yadegari; Jon Stephens; Saumya Debray
Analysis of Exception-Based Control Transfers
12:15
13:30
Lunch Break
13:30
14:45
Session VII:
Panel
Trustworthy Data Science
Session chair: Adam Doupe
14:45
15:00
Coffee Break
15:00
16:15
Session VIII:
Malware Detection

Session chair: TBA
S Mohamed Elsabagh; Daniel Barbara; Dan Fleck; Angelos Stavrou
Detecting ROP with Statistical Learning of Program Characteristics
F Bo Li; Kevin Roundy; Chris Gates; Yevgeniy Vorobeychik
Large-Scale Identification of Malicious Singleton Files
F Mehadi Hassen; Philip K. Chan
Scalable Function-Call Graph based Malware Classification
16:15
16:30
Break
16:30
17:45
Session IX:
Virtualization and Hardware
Session chair: TBA
F Zhe Zhou; Zhou Li; Kehuan Zhang
All Your VMs are Disconnected: Attacking Hardware Virtualized Network
S Samuel Weiser; Mario Werner
SGXIO: Generic Trusted I/O Path for Intel SGX
F Rui Shu; Xiaohui Gu; William Enck
A Study of Security Vulnerabilities on Docker Hub
18:00
Banquet



Friday - March 24, 2017

09:00
10:30
Session X:
Mobile Security

Session chair: TBA
S Yifei Zhang; Tian Tan; Yue Li; Jingling Xue
Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments
F Luka Malisa; Kari Kostiainen; Srdjan Capkun
Detecting Mobile Application Spoofing Attacks by Leveraging User Visual Similarity Perception
S Niall McLaughlin; Jesus Martinez Del Rincon; Boojoong Kang; Suleiman Yerima; Paul Miller; Sakir Sezer; Yeganeh Safaeisemnani; Erik Trickel; Ziming Zhao; Adam Doupé; Gail Joon Ahn
Deep Android Malware Detection
F Guillermo Suarez-Tangil; Santanu Kumar Dash; Mansour Ahmadi; Johannes Kinder; Giorgio Giacinto; Lorenzo Cavallaro
DroidSieve: Fast and Accurate Classification of Obfuscated Android Malware
10:30
10:45
Coffee Break
10:45
12:30
Session XI:
Applications

Session chair: TBA
S Luca Compagna; Daniel Ricardo Dos Santos; Serena Elisa Ponta; Silvio Ranise
Aegis: Automatic Enforcement of Security Policies in Workflow-driven Web Applications
S Alexander Sjösten; Steven Van Acker; Andrei Sabelfeld
Discovering Browser Extensions via Web Accessible Resources
F Zhiyuan Lin; Mahesh Tripunitara
Graph Automorphism-Based, Semantics-Preserving Security for the Resource Description Framework (RDF)
F
Alexandra Dmitrienko; Christian Plappert
Secure Free-Floating Car Sharing for Offline Cars
 S  Andrew Reed; Michael Kranch
Identifying HTTPS-Protected Netflix Videos in Real-Time
12:30
Take-away lunch


LEGEND:

( F ) - Full Paper (30 minutes)
( S ) - Short Paper (15 minutes)
( P ) - Poster