Agenda
Agenda
Please click here to view the agenda in PDF format
Sunday | Monday | Tuesday | Wednesday | Thursday | Friday
| REGISTRATION, SUNDAY, 2013-11-03 | |||||
| 16:00-18:00 | Registration – Foyer (B02)To avoid long waiting lines on Monday and Tuesday, please try to register on Sunday | ||||
Sunday | Monday | Tuesday | Wednesday | Thursday | Friday
| PRE-CONFERENCE WORKSHOPS, MONDAY, 2013-11-04 | |||||
| WPES | TrustED | CyCAR | AISec | PETShop | |
| Room C01 & B09 | Room B05-B06 | Room B95 | Room B07-B08 | B04 | |
| 08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | |
| 07:30-08:30 | Breakfast & Registration – Room B01/B02 | ||||
| 10:30-11:00 | Coffee Break – Room B01/B02 | ||||
| 12:30-14:00 | Lunch Break – Room B01/B02 | ||||
| 15:30-16:00 | Coffee Break – Room B01/B02 | ||||
Sunday | Monday | Tuesday | Wednesday | Thursday | Friday
| CCS MAIN CONFERENCE, TUESDAY, 2013-11-05 | |||||
| TRACK A | TRACK B | TRACK C | TUTORIALS/INV. TALKS | ||
| Room C01 | Room B05-B06 | Room B09 | Room B07-B08 | ||
| 07:30-08:30 | Breakfast & Registration – Room B01/B02 | ||||
| 08:30-09:10 | Opening (General Chair, PC Chair, SIGSAC Chair) – Room C01 | ||||
| 09:10-09:40 | OPENING KEYNOTE – Room C01Cyber Security in GermanyMartin Schallbruch(Chief Information Officer at the German Federal Ministry of the Interior) | ||||
| 09:40-10:00 | Coffee Break – Room B01/B02 | ||||
| Session 1-ATrusted Systems | Session 1-BHow Crypto Breaks | Session 1-CMalware | |||
| Session ChairRadu Sion | Session ChairVolker Roth | Session ChairThorsten Holz | |||
| 10:00-10:30 | A Security Framework for the Analysis and Design of Software AttestationFrederik Armknecht (Universität Mannheim, Germany), Ahmad-Reza Sadeghi (Technische Universität Darmstadt/CASED), Steffen Schulz (Intel Corporation), Christian Wachsmann (Intel Collaborative Research Institute for Secure Computing at TU Darmstadt) | Rethinking SSL Development in an Appified WorldSascha Fahl (Leibniz University Hannover), Marian Harbach (Leibniz Universität Hannover), Henning Perl (Leibniz Universität Hannover), Markus Koetter (Leibniz Universität Hannover), Matthew Smith (Leibniz Universität Hannover) | A Clinical Study of Risk Factors Related to Malware InfectionsFanny Lalonde Lévesque (École Polytechnique de Montréal), Jude Nsiempba (École Polytechnique de Montréal), José M. Fernandez (École Polytechnique de Montréal), Sonia Chiasson (Carleton University), Anil Somayaji (Carleton University) | ||
| 10:30-11:00 | OASIS: On Achieving a Sanctuary for Integrity and Secrecy on Untrusted PlatformsEmmanuel Owusu (Carnegie Mellon University), Jorge Guajardo (Robert Bosch LLC – Research and Technology Center, Pittsburgh, USA), Jonathan McCune (Carnegie Mellon University), Jim Newsome (Carnegie Mellon University), Adrian Perrig (ETH Zurich, CyLab / Carnegie Mellon University), Amit Vasudevan (Carnegie Mellon University) | Protocol Misidentification Made Easy with Format-Transforming EncryptionKevin P. Dyer (Portland State University), Scott E. Coull (RedJack, LLC.), Thomas Ristenpart (University of Wisconsin-Madison), Thomas Shrimpton (Portland State University) | Delta: Automatic Identification of Unknown Web-Based Infection CampaignsKevin Borgolte (UC Santa Barbara), Christopher Kruegel (UC Santa Barbara), Giovanni Vigna (UC Santa Barbara) | ||
| 11:00-11:30 | BIOS Chronomancy: Fixing the Core Root of Trust for MeasurementJohn Butterworth (MITRE), Corey Kallenberg (MITRE), Xeno Kovah (MITRE), Amy Herzog (MITRE) | An Empirical Study of Cryptographic Misuse in Android ApplicationsManuel Egele (Carnegie Mellon University), David Brumley (Carnegie Mellon University), Yanick Fratantonio (University of California, Santa Barbara), Christopher Kruegel (University of California, Santa Barbara) | Beheading Hydras: Performing Effective Botnet TakedownsYacin Nadji (Georgia Institute of Technology), Manos Antonakakis (Damballa Inc.), Roberto Perdisci (University of Georgia), David Dagon (Georgia Institute of Technology), Wenke Lee (Georgia Institute of Technology) | INVITED TALK: Vincenzo IozzoFrom One Ivory Tower to Another: Wish Listing for Filling the Gaps in Information (In)Security | |
| 11:30-12:00 | Flexible and Scalable Digital Signatures in TPM 2.0Liqun Chen (HP Labs), Jiangtao Li (Intel Labs) | Detecting Stealthy, Distributed SSH BruteforcingMobin Javed (UC Berkeley), Vern Paxson (UC Berkeley and ICSI) | Shady Paths: Leveraging Surfing Crowds to Detect Malicious Web PagesGianluca Stringhini (University of California, Santa Barbara), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara) | ||
| 12:00-13:30 | Lunch Break – Room B01/B02 | ||||
| Session 2-APasswords | Session 2-BControl & Information Flow | Session 2-CStorage Security | |||
| Session ChairRob Johnson | Session ChairNinghui Li | Session ChairFlorian Kerschbaum | |||
| 13:30-14:00 | Honeywords: Making Password-Cracking DetectableAri Juels (RSA), Ronald Rivest (MIT) | Monitor Integrity Protection with Space Efficiency and Separate CompilationBen Niu (Lehigh University), Gang Tan (Lehigh University) | Multi-Cloud Oblivious StorageEmil Stefanov (UC Berkeley), Elaine Shi (University of Maryland) | ||
| 14:00-14:30 | Quantifying the Security of Graphical Passwords: The Case of Android Unlock PatternsSebastian Uellenbeck (Ruhr-University Bochum), Markus Dürmuth (Ruhr-University Bochum), Christopher Wolf (Ruhr-University Bochum), Thorsten Holz (Ruhr-University Bochum) | Relational Abstract Interpretation for the Verification of 2-Hypersafety PropertiesMáté Kovács (Technische Universität München), Helmut Seidl (Technische Universität München), Bernd Finkbeiner (Saarland University) | Policy-based Secure DeletionChristian Cachin (IBM Research – Zurich), Kristiyan Haralambiev (IBM Research – Zurich), Hsu-Chun Hsiao (Carnegie Mellon University), Alessandro Sorniotti (IBM Research – Zurich) | TUTORIAL 1: Lecturer: Christof PaarConstructive and Destructive Aspects of Embedded Security in the Internet of Things | |
| 14:30-15:00 | Measuring Password Guessability for an Entire UniversityMichelle L. Mazurek (Carnegie Mellon University), Saranga Komanduri (Carnegie Mellon University), Timothy Vidas (Carnegie Mellon University), Lujo Bauer (Carnegie Mellon University), Nicolas Christin (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University), Patrick Gage Kelley (University of New Mexico), Richard Shay (Carnegie Mellon University), Blase Ur (Carnegie Mellon University) | Formal Verification of Information Flow Security for a Simple ARM-Based Separation KernelMads Dam (KTH), Roberto Guanciale (KTH), Narges Khakpour (CSC, KTH), Hamed Nemati (KTH), Oliver Schwarz (SICS Swedish Institute of Computer Science) | Secure Data Deletion from Persistent MediaJoel Reardon (ETH Zurich), Hubert Ritzdorf (ETH Zurich), David Basin (ETH Zurich), Srdjan Capkun (ETH Zurich) | ||
| 15:00-15:30 | SAuth: Protecting User Accounts from Password Database LeaksGeorgios Kontaxis (Columbia University), Elias Athanasopoulos (Columbia University), Georgios Portokalidis (Stevens Institute of Technology), Angelos D. Keromytis (Columbia University) | ShadowReplica: Efficient Parallelization of Dynamic Data Flow TrackingKangkook Jee (Columbia University), Vasileios P. Kemerlis (Columbia University), Angelos D. Keromytis (Columbia University), Georgios Portokalidis (Stevens Institute of Technology) | PoWerStore: Proofs of Writing for Efficient and Robust StorageDan Dobre (NEC Labs Europe), Ghassan Karame (NEC Labs Europe), Wenting Li (NEC Labs Europe), Matthias Majuntke (Capgemini Deutschland ), Neeraj Suri (TU Darmstadt), Marko Vukolić (Eurecom) | ||
| 15:30-16:00 | Coffee Break – Room B01/B02 | ||||
| Session 3-AOblivious RAM and Oblivious Computation | Session 3-BAnonymous Channels | Session 3-CProtocol Analysis & Synthesis | |||
| Session ChairStefan Katzenbeisser | Session ChairNicholas Christin | Session ChairDavid Basin | |||
| 16:00-16:30 | Path ORAM: An Extremely Simple Oblivious RAM ProtocolEmil Stefanov (UC Berkeley), Marten van Dijk (University of Connecticut), Elaine Shi (University of Maryland), Christopher Fletcher (MIT), Ling Ren (MIT), Xiangyao Yu (MIT), Srinivas Devadas (MIT) | Users Get Routed: Traffic Correlation on Tor by Realistic AdversariesAaron Johnson (U.S. Naval Research Laboratory), Chris Wacek (Georgetown University), Rob Jansen (U.S. Naval Research Laboratory), Micah Sherr (Georgetown University), Paul Syverson (U.S. Naval Research Laboratory) | An Analysis of the EMV Channel Establishment ProtocolChristina Brzuska (Tel Aviv University), Nigel P. Smart (University of Bristol), Bogdan Warinschi (University of Bristol), Gaven J. Watson (University of Bristol) | ||
| 16:30-17:00 | PHANTOM: Practical Oblivious Computation in a Secure ProcessorMartin Maas (UC Berkeley), Eric Love (UC Berkeley), Emil Stefanov (UC Berkeley), Mohit Tiwari (UT Austin), Elaine Shi (University of Maryland), Krste Asanovic (UC Berkeley), John Kubiatowicz (UC Berkeley), Dawn Song (UC Berkeley) | PCTCP: Per-Circuit TCP-over-IPsec Transport for Anonymous Communication Overlay NetworksMashael Alsabah (Qatar Computing Research Institute), Ian Goldberg (University of Waterloo) | On the Security of TLS RenegotiationFlorian Giesen (Ruhr-Universität Bochum), Florian Kohlar (Ruhr-Universität Bochum), Douglas Stebila (Queensland University of Technology) | ||
| 17:00-17:30 | Practical Dynamic Proofs of RetrievabilityElaine Shi (University of Maryland), Emil Stefanov (UC Berkeley), Charalampos Papamanthou (University of Maryland) | Cover Your ACKs: Pitfalls of Covert Channel Censorship CircumventionJohn Geddes (University of Minnesota), Maxfield Schuchard (University of Minnesota), Nicholas Hopper (University of Minnesota) | Using SMT Solvers to Automate Design Tasks for Encryption and Signature SchemesJoseph A. Akinyele (Johns Hopkins University), Matthew Green (Johns Hopkins University), Susan Hohenberger (Johns Hopkins University) | ||
| 17:30-18:30 | PANEL Discussion – Room C01Distributed Monitoring and Analytics: Finding the Needle in the Haystack in Real TimeModerator: David McGrew (Cisco) | ||||
| 18:30-20:30 | Poster Session & Cocktail Reception – Room B01 | ||||
Sunday | Monday | Tuesday | Wednesday | Thursday | Friday
| CCS MAIN CONFERENCE, WEDNESDAY, 2013-11-06 | ||||
| TRACK A | TRACK B | TRACK C | TUTORIALS/INV. TALKS | |
| Room C01 | Room B05-B06 | Room B09 | Room B07-B08 | |
| 07:30-08:30 | Breakfast – Room B01/B02 | |||
| 08:30-09:30 | KEYNOTE – Room C01The Science, Engineering and Business of Cyber SecurityRavi Sandhu(Executive Director of the Institute for Cyber Security at the UT San Antonio) | |||
| Session 4-ANetwork Security | Session 4-BCritical Infrastructures | Session 4-CAttribute-based Encryption | ||
| Session ChairDongyan Xu | Session ChairKlaus Kursawe | Session ChairLiqun Chen | ||
| 09:30-10:00 | AVANT-GUARD: Scalable and Vigilant Switch Flow Management in Software-Defined NetworksSeungwon Shin (Texas A&M University), Vinod Yegneswaran (SRI International), Phillip Porras (SRI International), Guofei Gu (Texas A&M University) | Impact of Integrity Attacks on Real-Time Pricing in Smart GridsRui Tan (Advanced Digital Sciences Center, Illinois at Singapore), Varun Badrinath Krishna (Advanced Digital Sciences Center, Illinois at Singapore), David K. Y. Yau (Advanced Digital Sciences Center, Illinois at Singapore and Singapore Univeristy of Technology and Design), Zbigniew Kalbarczyk (University of Illinois at Urbana-Champaign) | Practical Constructions and New Proof Methods for Large Universe Attribute-Based EncryptionYannis Rouselakis (University of Texas at Austin), Brent Waters (University of Texas at Austin) | TUTORIAL 2: Lecturers:Jan-Erik Ekberg, Kari Kostiainen, N. AsokanTrusted Execution Environments on Mobile Devices |
| 10:00-10:30 | MinimaLT: Minimal-latency Networking Through Better SecuritMichael Petullo (University of Illinois at Chicago), Jon Solworth (University of Illinois at Chicago), Daniel Bernstein (University of Illinois at Chicago), Tanja Lange (TU Eindhoven), Xu Zhang (University of Illinois at Chicago) | Configuration-based IDS for Advanced Metering InfrastructureMuhammad Qasim Ali (University of North Carolina at Charlotte), Ehab Al-Shaer (UNCC) | Blackbox Traceable CP-ABE: How to Catch People Leaking Their Keys by Selling Decryption Devices on eBayZhen Liu (Shanghai Jiao Tong University, City University of Hong Kong), Zhenfu Cao (Shanghai Jiao Tong University), Duncan Wong (City University of Hong Kong) | |
| 10:30-11:00 | Coffee Break – Room B01/B02 | |||
| Session 5-AProgramming Securely | Session 5-BSecure Multiparty Computation | Session 5-CFormal Methods | ||
| Session ChairJose Fernandez | Session ChairMichael Waidner | Session ChairClaudia Diaz | ||
| 11:00-11:30 | Obfuscation Resilient Binary Code Reuse through Trace-oriented ProgrammingJunyuan Zeng (University of Texas at Dallas), Yangchun Fu (University of Texas at Dallas), Kenneth Miller (University of Texas at Dallas), Zhiqiang Lin (University of Texas at Dallas), Xiangyu Zhang (Purdue University), Dongyan Xu (Purdue University) | Fast Two-Party Secure Computation with Minimal AssumptionsAbhi Shelat (University of Virginia), Chih-Hao Shen (University of Virginia) | Belief Semantics of Authorization LogicAndrew Hirsch (George Washington University), Michael Clarkson (George Washington University) | |
| 11:30-12:00 | Chucky: Exposing Missing Checks in Source Code for Vulnerability DiscoveryFabian Yamaguchi (University of Goettingen), Christian Wressnegger (idalab GmbH), Hugo Gascon (University of Goettingen), Konrad Rieck (University of Goettingen) | More Efficient Oblivious Transfer and Extensions for Faster Secure ComputationGilad Asharov (Bar-Ilan University), Yehuda Lindell (Bar-Ilan University), Thomas Schneider (TU Darmstadt), Michael Zohner (TU Darmstadt) | Automatic Verification of Protocols with Lists of Unbounded LengthBruno Blanchet (INRIA Paris-Rocquencourt), Miriam Paiola (INRIA Paris-Rocquencourt) | |
| 12:00-12:30 | Scheduling Blackbox Mutational FuzzingMaverick Woo (Carnegie Mellon University), Sang Kil Cha (Carnegie Mellon University), Samantha Gottlieb (Carnegie Mellon University), David Brumley (Carnegie Mellon University) | An Architecture for Practical Actively Secure MPC with Dishonest MajorityMarcel Keller (University of Bristol), Peter Scholl (University of Bristol), Nigel Smart (University of Bristol) | Relational Abstraction in Community-Based Secure CollaborationPhilip Fong (University of Calgary), Pooya Mehregan (University of Calgary), Ram Krishnan (University of Texas at San Antonio) | |
| 12:30-14:00 | Lunch Break – Room B01/B02 | |||
| Session 6-AMobile Security Issues | Session 6-BRandomness | Session 6-CHardware Security | ||
| Session ChairKosta Beznosov | Session ChairGiuseppe Ateniese | Session ChairRuby Lee | ||
| 14:00-14:30 | When Kids Toys Breach Mobile Phone SecurityAbdul Serwadda (Louisiana Tech University), Vir Phoha (Louisiana Tech University) | Security Analysis of Pseudo-Random Number Generators with Input: /dev/random is not RobustYevgeniy Dodis (New York University), David Pointcheval (Ecole Normale Superieure), Sylvain Ruhault (Ecole Normale Superieure and Oppida), Damien Vergnaud (Ecole Normale Superieure), Daniel Wichs (Northeastern University) | FANCI: Identification of Stealthy Malicious Logic Using Boolean Functional AnalysisAdam Waksman (Columbia University), Matthew Suozzo (Columbia University), Simha Sethumadhavan (Columbia University) | |
| 14:30-15:00 | Vetting Undesirable Behaviors in Android Apps with Permission Use AnalysisYuan Zhang (Fudan University), Min Yang (Fudan University), Bingquan Xu (Fudan University), Zhemin Yang (Fudan University), Guofei Gu (Texas A&M University), Peng Ning (NC State University), X. Sean Wang (Fudan University), Binyu Zang (Fudan University) | Predictability of Android OpenSSL’s Pseudo Random Number GeneratorSoo Hyeon Kim (The Attached Institute of ETRI and KOREA Unisversity), Daewan Han (The Attached Institute of ETRI), Dong Hoon Lee (KOREA University) | Security Analysis of Integrated Circuit CamouflagingJeyavijayan Rajendran (Polytechnic Institute of NYU), Michael Sam (Polytechnic Insitute of NYU), Ozgur Sinanoglu (New York University Abu Dhabi), Ramesh Karri (Polytechnic institute of NYU) | |
| 15:00-15:30 | The Impact of Vendor Customizations on Android SecurityLei Wu (North Carolina State University), Michael Grace (North Carolina State University), Yajin Zhou (North Carolina State University), Chiachih Wu (North Carolina State University), Xuxian Jiang (North Carolina State University) | Delegatable Pseudorandom Functions and ApplicationsAggelos Kiayias (National and Kapodistrian University of Athens), Stavros Papadopoulos (University of Science & Technology, Hong Kong), Nikos Triandopoulos (RSA Laboratories and Boston University), Thomas Zacharias (National and Kapodistrian University of Athens) | Low-Fat Pointers: Compact Encoding and Efficient Gate-Level Implementation of Fat Pointers for Spatial Safety and Capability-based SecurityAlbert Kwon (University of Pennsylvania, Philadelphia), Udit Dhawan (University of Pennsylvania, Philadelphia), Jonathan Smith (University of Pennsylvania, Philadelphia), Thomas Knight (BAE Systems), Andre Dehon (University of Pennsylvania, Philadelphia) | INVITED TALK: Ivan MartinovicFasten Your Seatbelts – An Overview and Security Considerations of Next Generation Air Traffic Communication |
| 15:30-16:00 | Unauthorized Origin Crossing on Mobile Platforms: Threats and MitigationRui Wang (Microsoft Research), Luyi Xing (Indiana University), Xiaofeng Wang (Indiana University), Shuo Chen (Microsoft Research) | Ensuring High-Quality Randomness in Cryptographic Key GenerationHenry Corrigan-Gibbs (Stanford University), Wendy Mu (Stanford University), Dan Boneh (Stanford University), Bryan Ford (Yale University) | Breaking and Entering through the SiliconClemens Helfmeier (Semiconductor Devices, TU Berlin), Dmitry Nedospasov (Security in Telecommunications, TU Berlin), Christopher Tarnovsky (IOActive Inc.), Jan Krissler (Security in Telecommunications, TU Berlin), Christian Boit (Semiconductor Devices, TU Berlin), Jean-Pierre Seifert (Security in Telecommunications, TU Berlin) | |
| 16:00-16:30 | Coffee Break – Room B01/B02 | |||
| Session 7-AWeb Attacks | Session 7-BPrivacy-Preserving Protocols | Session 7-CSystems’ Attack Mitigation | ||
| Session ChairSotiris Ioannidis | Session ChairThomas Schneider | Session ChairWeidong Cui | ||
| 16:30-17:00 | Polyglots: Crossing Origins by Crossing FormatsJonas Magazinius (Chalmers University of Technology), Billy Rios (Google), Andrei Sabelfeld (Chalmers University of Technology) | When Private Set Intersection Meets Big Data: An Efficient and Scalable ProtocolChangyu Dong (University of Strathclyde), Liqun Chen (Hewlett-Packard Laboratories), Zikai Wen (University of Strathclyde) | Düppel: Retrofitting Commodity Operating Systems to Mitigate Cache Side Channels in the CloudYinqian Zhang (University of North Carolina at Chapel Hill), Michael Reiter (University of North Carolina at Chapel Hill) | INVITED TALK: Jacob AppelbaumThe New Threat Models |
| 17:00-17:30 | Catching Click-Spam in Search Ad NetworksVacha Dave (UC San Diego), Saikat Guha (Microsoft Research India), Yin Zhang (The University of Texas at Austin) | Privacy-Preserving Matrix FactorizationValeria Nikolaenko (Stanford), Stratis Ioannidis (Technicolor), Udi Weinsberg (Technicolor), Marc Joye (Technicolor), Nina Taft (Technicolor), Dan Boneh (Stanford) | Tappan Zee (North) Bridge: Mining Memory Accesses for IntrospectionBrendan Dolan-Gavitt (Georgia Institute of Technology), Tim Leek (MIT Lincoln Laboratory), Josh Hodosh (MIT Lincoln Laboratory), Wenke Lee (Georgia Institute of Technology) | |
| 17:30-18:00 | mXSS Attacks: Attacking well-secured Web-Applications by using innerHTML MutationsMario Heiderich (Ruhr-Universität Bochum), Jörg Schwenk (Ruhr-Universität Bochum), Tilman Frosch (Ruhr-Universität Bochum), Jonas Magazinius (Chalmers University of Technology), Edward Z. Yang (Stanford University) | PICCO: A General-Purpose Compiler for Private Distributed ComputationYihua Zhang (University of Notre Dame), Aaron Steele (University of Notre Dame), Marina Blanton (University of Notre Dame) | Towards Reducing the Attack Surface of Software BackdoorsFelix Schuster (Ruhr-Universität Bochum), Thorsten Holz (Ruhr-Universität Bochum) | |
| 18:00-18:45 | Award Ceremony and Announcements – Room C01 | |||
| 19:00-19:30 | Bus Transfer to Wasserwerk (30 minutes) | |||
| 20:00-00:00 | Gala Dinner at Wasserwerk | |||
Sunday | Monday | Tuesday | Wednesday | Thursday | Friday
| CCS MAIN CONFERENCE, THURSDAY, 2013-11-07 | ||||
| TRACK A | TRACK B | TRACK C | TUTORIALS/INV. TALKS | |
| Room C01 | Room B05-B06 | Room B09 | Room B07-B08 | |
| 07:30-08:30 | Breakfast – Room B01/B02 | |||
| Session 8-ASecure Outsourcing Protocols | Session 8-BPrivacy Models | Session 8-CBe Aware & Beware | ||
| Session ChairBryan Parno | Session ChairGeorge Danezis | Session ChairAri Juels | ||
| 08:30-09:00 | Verifiable Delegation of Computation on Outsourced DataMichael Backes (Saarland University and Max Planck Institute for Software Systems), Dario Fiore (Max Planck Institute for Software Systems), Raphael M. Reischuk (Saarland University) | Membership Privacy: A Unifying Framework For Privacy DefinitionsNinghui Li (Purdue University), Wahbeh Qardaji (Purdue University), Dong Su (Purdue University), Yi Wu (Purdue University), Weining Yang (Purdue University) | Control-Alt-Hack: The Design and Evaluation of a Card Game for Computer Security Awareness and EducationTamara Denning (University of Washington), Adam Lerner (University of Washington), Adam Shostack, Tadayoshi Kohno (University of Washington) | |
| 09:00-09:30 | Outsourced Symmetric Private Information RetrievalStanislaw Jarecki (University of California, Irvine), Charanjit Jutla (IBM T.J. Watson Research Center), Hugo Krawczyk (IBM), Marcel C. Rosu (IBM T.J. Watson), Michael Steiner (IBM Research) | Geo-Indistinguishability: Differential Privacy for Location-Based SystemsMiguel E. Andres (École Polytechnique), Nicolás E. Bordenabe (INRIA and École Polytechnique), Konstantinos Chatzikokolakis (CNRS and École Polytechnique ), Catuscia Palamidessi (INRIA and École Polytechnique) | Security Analysis of a Widely Deployed Locking SystemMichael Weiner (Technische Universität München), Maurice Massar (Technische Universität Kaiserslautern), Erik Tews (Technische Universität Darmstadt), Dennis Giese (Technische Universität Darmstadt), Wolfgang Wieser (Ludwig-Maximilians-Universität München) | |
| 09:30-10:30 | KEYNOTE – Room C01The Arms RaceMikko Hypponen(Chief Research Officer of F-Secure) | |||
| 10:30-11:00 | Coffee Break – Room B01/B02 | |||
| Session 9-ACrypto Tools | Session 9-BAudit & Code Randomization | Session 9-CMobile Privacy | ||
| Session ChairFrederik Armknecht | Session ChairSimha Sethumadavan | Session ChairLujo Bauer | ||
| 11:00-11:30 | How to Keep a Secret: Leakage Deterring Public-key CryptosystemsAggelos Kiayias (National and Kapodistrian University of Athens and University of Connecticut), Qiang Tang (National and Kapodistrian University of Athens and University of Connecticut) | ASIST: Architectural Support for Instruction Set RandomizationAntonis Papadogiannakis (Institute of Computer Science, Foundation for Research and Technology – Hellas), Laertis Loutsis (Institute of Computer Science, Foundation for Research and Technology – Hellas), Vassilis Papaefstathiou (Institute of Computer Science, Foundation for Research and Technology – Hellas), Sotiris Ioannidis (Institute of Computer Science, Foundation for Research and Technology – Hellas) | Identity, Location, Disease and More: Inferring Your Secrets from Android Public ResourcesXiaoyong Zhou (Indiana University, Bloomington), Soteris Demetriou (University of Illinois at Urbana-Champaign), Dongjing He (University of Illinois at Urbana-Champaign), Muhammad Naveed (University of Illinois at Urbana-Champaign), Xiaorui Pan (Indiana University, Bloomington), Xiaofeng Wang (Indiana University, Bloomington), Carl Gunter (University of Illinois at Urbana-Champaign), Klara Nahrstedt (University of Illinois at Urbana-Champaign) | |
| 11:30-12:00 | Zero-Knowledge Using Garbled Circuits: How To Prove Non-Algebraic Statements EfficientlyMarek Jawurek (SAP Research), Florian Kerschbaum (SAP Research), Claudio Orlandi (Aarhus University) | librando: Transparent Code Randomization for Just-in-Time CompilersAndrei Homescu (University of California Irvine), Stefan Brunthaler (University of California, Irvine), Per Larsen (University of California, Irvine), Michael Franz (University of California, Irvine) | Preventing Accidental Data Disclosure in Modern Operating SystemsAdwait Nadkarni (North Carolina State University), William Enck (North Carolina State University) | INVITED TALK: Felix ‘FX’ LindnerResistance is Not Futile – Fighting Nation-State Actors and the Borg |
| 12:00-12:30 | Elligator: Elliptic-Curve Points Indistinguishable from Uniform Random StringsDaniel Bernstein (University of Illinois at Chicago), Mike Hamburg (Cryptography Research), Anna Krasnova (RU Nijmegen), Tanja Lange (Technische Universiteit Eindhoven) | LogGC: Garbage Collecting Audit LogKyu Hyung Lee (Purdue University), Xiangyu Zhang (Purdue University), Dongyan Xu (Purdue University) | AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage DetectionZhemin Yang (Fudan University), Min Yang (Fudan University), Yuan Zhang (Fudan University), Guofei Gu (Texas A&M University), Peng Ning (NC State University), X. Sean Wang (Fudan University) | |
| 12:30-14:00 | Lunch Break – Room B01/B02 | |||
| Session 10-AGraphics, Vision & Security | Session 10-BAuthentication | Session 10-CPrivacy Issues | ||
| Session ChairN. Asokan | Session ChairSrdjan Capkun | Session ChairNick Hopper | ||
| 14:00-14:30 | Cross-Origin Pixel Stealing: Timing Attacks Using CSS FiltersRobert Kotcher (Carnegie Mellon University), Yutong Pei (Carnegie Mellon University), Pranjal Jumde (Carnegie Mellon University), Collin Jackson (Carnegie Mellon University) | Anonymous Credentials LightFoteini Baldimtsi (Brown University), Anna Lysyanskaya (Brown University) | FPDetective: Dusting the Web for FingerprintersGunes Acar (KU Leuven), Marc Juarez (Institut d’Investigació en Intel-ligència Artificial and KU Leuven), Nick Nikiforakis (KU Leuven), Claudia Diaz (KU Leuven), Seda Gurses (New York University and KU Leuven), Frank Piessens (KU Leuven), Bart Preneel (KU Leuven) | TUTORIAL 3: Lecturer:Eric BoddenEasily Instrumenting Android Applications for Security Purposes |
| 14:30-15:00 | Seeing Double: Reconstructing Obscured Typed Input from Repeated Compromising ReflectionsYi Xu (University of North Carolina at Chapel Hill), Jared Heinly (University of North Carolina at Chapel Hill), Andrew White (University of North Carolina at Chapel Hill), Jan-Michael Frahm (University of North Carolina at Chapel Hill), Fabian Monrose (University of North Carolina at Chapel Hill) | Heart-to-Heart (H2H): Authentication for Implanted Medical DevicesMasoud Rostami (ECE Dept, Rice University), Ari Juels (RSA Laboratories), Farinaz Koushanfar (Rice University) | Addressing the Concerns of the Lacks Family: Quantification of Kin Genomic PrivacyMathias Humbert (EPFL), Erman Ayday (EPFL), Jean-Pierre Hubaux (EPFL), Amalio Telenti (Institute of Microbiology, University Hospital and University of Lausanne) | |
| 15:00-15:30 | The Robustness of Hollow CAPTCHAsHaichang Gao (Xidian University), Wei Wang (Xidian University), Jiao Qi (Xidian University), Xuqin Wang (Xidian University), Xiyang Liu (Xidian University), Jeff Yan (Newcastle University) | OAKE: A New Family of Implicitly Authenticated Diffie-Hellman ProtocolsAndrew C. Yao (IIIS, Tsinghua University, Beijing, China), Yunlei Zhao (Software School, Fudan University, Shanghai, China) | Hang with Your Buddies to Resist Intersection AttacksDavid Wolinsky (Yale University), Ewa Syta (Yale University), Bryan Ford (Yale University) | |
| 15:30-16:00 | Coffee Break – Room B01/B02 | |||
| Session 11-AWeb and Code Security | Session 11-BCrypto Symbolic Analysis | Session 11-CSecurity/Cryptographic Utilities | ||
| Session ChairAmir Herzberg | Session ChairBruno Blanchet | Session ChairMatthew Smith | ||
| 16:00-16:30 | Content-Based Isolation: Rethinking Isolation Policy Design on Client SystemsAlexander Moshchuk (Microsoft Research), Helen Wang (Microsoft Research), Yunxin Liu (Microsoft Research Asia) | Certified Computer-Aided Cryptography: Efficient Provably Secure Machine Code from High-Level ImplementationsJosé Bacelar Almeida (HASLab, INESC TEC and Universidade do Minho), Manuel Barbosa (HASLab, INESC TEC and Universidade do Minho), Gilles Barthe (IMDEA Software Institute), François Dupressoir (IMDEA Software Institute) | Efficient Targeted Key Subset Retrieval in Fractal Hash SequencesKelsey Cairns (Washington State University), Thoshitha Gamage (Washington State University), Carl Hauser (Washington State University) | |
| 16:30-17:00 | Diglossia: Detecting Code Injection Attacks With Precision and EfficiencySooel Son (The University of Texas at Austin), Kathryn McKinley (Microsoft Research and The University of Texas at Austin), Vitaly Shmatikov (The University of Texas at Austin) | Computationally Complete Symbolic Attacker and Key ExchangeGergei Bana (INRIA, Paris), Koji Hasebe (University of Tsukuba), Mitsuhiro Okada (Keio University) | HIFS: History Independence for File SystemsSumeet Bajaj (Stony Brook University), Radu Sion (Stony Brook University) | |
| 17:00-17:30 | 25 Million Flows Later – Large-scale Detection of DOM-based XSSSebastian Lekies (SAP AG), Ben Stock (Friedrich-Alexander-University Erlangen-Nuremberg), Martin Johns (SAP AG) | Fully Automated Analysis of Padding-Based Encryption in the Computational ModelGilles Barthe (IMDEA Software Institute), Juan Manuel Crespo (IMDEA Software Institute), Benjamin Gregoire (INRIA Sophia-Antipolis), César Kunz (IMDEA Software Institute), Yassine Lakhnech (Université de Grenoble, VERIMAG ), Benedikt Schmidt (IMDEA Software Institute), Santiago Zanella-Béguelin (Microsoft Research) | AUTOCRYPT: Enabling Homomorphic Computation On Servers To Protect Sensitive Web ContentShruti Tople (National University of Singapore), Shweta Shinde (National University of Singapore), Prateek Saxena (National University of Singapore), Zhaofeng Chen (National University of Singapore) | |
| 17:30-18:00 | deDacota: Toward Preventing Server-Side XSS via Automatic Code and Data SeparationAdam Doupe (University of California, Santa Barbara), Weidong Cui (Microsoft Research), Mariusz Jakubowski (Microsoft Research), Marcus Peinado (Microsoft Research), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara) | Deduction Soundness: Prove One, Get Five for FreeFlorian Böhl (Karlsruhe Institute of Technology), Véronique Cortier (LORIA – CNRS), Bogdan Warinschi (University of Bristol) | Protecting Sensitive Web Content from Client-side Vulnerabilities with CryptonsXinshu Dong (National University of Singapore), Zhaofeng Chen (Peking University), Hossein Siadati (Polytechnic Institute of New York University), Shruti Tople (National University of Singapore), Prateek Saxena (National University of Singapore), Zhenkai Liang (National University of Singapore) | |
| 18:00-18:20 | Closing Remarks – Room C01 | |||
Sunday | Monday | Tuesday | Wednesday | Thursday | Friday
| POST-CONFERENCE WORKSHOPS, FRIDAY, 2013-11-08 | ||||
| CCSW | DIM | SPSM | SEGS | |
| Room C01 | Room B05-B06 | Room B09 | Room B07-B08 | |
| 08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | |
| 07:30-08:30 | Breakfast & Registration – Room B01/B02 | |||
| 10:30-11:00 | Coffee Break – Room B01/B02 | |||
| 12:30-14:00 | Lunch Break – Room B01/B02 | |||
| 15:30-16:00 | Coffee Break – Room B01/B02 | |||
Recently updated pages:
