Agenda
Please click here to view the agenda in PDF format
PRE-CONFERENCE WORKSHOPS, MONDAY, NOVEMBER 3, 2014
PRE-CONFERENCE WORKSHOPS, MONDAY, NOVEMBER 3, 2014 | |||||
Safeconfig | WPES | TrustED | WISCS | MTD | |
Room: Grand Ballroom C | Track A: Grand Ballroom A Track B: Grand Ballroom B |
Room: El Teatro | Room: Grand Ballroom E/F | Room: Grand Ballroom D | |
08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | |
07:30- 08:30 |
Breakfast & Registration (Room: Conference Foyer) | ||||
10:30- 11:00 |
Coffee Break (Room: Conference Foyer) | ||||
12:30- 14:00 |
Lunch Break (Room: Conference Foyer) | ||||
15:30- 16:00 |
Coffee Break (Room: Conference Foyer) |
CCS MAIN CONFERENCE, TUESDAY, NOVEMBER 4, 2014
CCS MAIN CONFERENCE, TUESDAY, NOVEMBER 4, 2014 | ||||
TRACK A | TRACK B | TRACK C | TUTORIAL | |
Room: Grand Ballroom A/B | Room: Grand Ballroom C | Room: Grand Ballroom D | Room: Grand Ballroom E/F | |
07:30- 08:30 |
Breakfast & Registration (Room: Conference Foyer) | |||
08:30- 09:00 |
Opening Remarks (Room: Grand Ballroom A-F) | |||
Session 1-A PAYMENTS AND SECURITY |
Session 1-B CODE MANIPULATION |
Session 1-C OPERATING SYSTEMS |
||
Session Chair Sherman Chow |
Session Chair Michalis Polychronakis |
Session Chair Kevin Butler |
||
09:00-09:30 |
Founding Digital Currency on Secure Computation |
Code Reuse Attacks in PHP: Automated POP Chain Generation |
Rosemary: A Robust, Secure, and High-performance Network Operating System |
|
09:30- 10:00 |
Deanonymisation of clients in Bitcoin P2P network |
Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code |
Hypervision Across Worlds: Real-time Kernel Protection from the ARM TrustZone Secure World |
|
10:00- 10:30 |
How to Use BItcoin to Incentivize Correct Computations |
Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation |
A11y Attacks: Exploiting Accessibility in Operating Systems |
|
10:30- 11:00 |
Coffee Break (Room: Conference Foyer) | |||
Session 2-A ADVERTISEMENT: SECURITY AND PRIVACY |
Session 2-B MALWARE |
Session 2-C OBLIVIOUS COMPUTATIONS |
||
Session Chair Lujo Bauer |
Session Chair Heng Yin |
Session Chair Ch. Papamanthou |
||
11:00- 11:30 |
Private-by-Design Advertising Meets the Real World |
DeTrust: Defeating Hardware Trust Verification with Stealthy Implicitly-Triggered Hardware Trojans |
SCORAM: Oblivious RAM for Secure Computation |
|
11:30- 12:00 |
Your Online Interests – Pwned! A Pollution Attack Against Targeted Advertising |
ATRA: Address Translation Redirection Attack against Hardware-based External Monitors |
Toward Robust Hidden Volumes using Write-Only Oblivious RAM |
|
12:00- 12:30 |
Characterizing Large-Scale Click Fraud in ZeroAccess |
AutoProbe: Towards Automatic Active Malicious Server Probing Using Dynamic Binary Analysis |
Oblivious Data Structure |
|
12:30- 14:00 |
Lunch Break (Room: Conference Foyer) | |||
Session 3–A LOCATION/WEB PRIVACY |
Session 3-B APPLICATIONS ORIENTED CRYPTOSYSTEMS |
Session 3-C NETWORK SECURITY |
||
Session Chair Rob Johnson |
Session Chair Frederik Armknecht |
Session Chair Amir Herzberg |
||
14:00- 14:30 |
A Systematic Approach to Developing and Evaluating Website Fingerprinting Defenses |
Optimal Average-Complexity Ideal-Security Order-Preserving Encryption |
Routing Bottlenecks in the Internet – Causes, Exploits, and Countermeasures |
TUTORIAL 1 |
14:30- 15:00 |
Location Privacy Protection for Smartphone Users |
A New Additive Homomorphic Encryption based on the co-ACD Problem |
VoIP Fraud: Identifying a Wolf in Sheep's Clothing |
|
15:00- 15:30 |
A Critical Evaluation of Website Fingerprinting Attacks |
Verifying Curve25519 Software |
Mechanized Network Origin and Path Authenticity Proofs |
|
15:30- 16:00 |
Optimal Geo-Indistinguishable Mechanisms for Location Privacy |
Searchable Encryption with Secure and Efficient Updates |
Security Vulnerability in Processor-Interconnect Router Design |
|
16:00- 16:30 |
Coffee Break (Room: Conference Foyer) | |||
Session 4-A SSL/TLS |
Session 4-B LEAKAGE ATTACKS: SIDE CHANNELS |
Session 4-C ATTACKING WEB ACCOUNTS |
||
Session Chair Florian Kerschbaum |
Session Chair Guoling Xue |
Session Chair Danfeng Yao |
||
16:30- 17:00 |
Multi-ciphersuite security of the Secure Shell (SSH) protocol |
Watching the Watchers: Automatically Inferring TV Content From Outdoor Light Effusions |
Dialing Back Abuse on Phone Verified Accounts |
|
17:00- 17:30 |
ARPKI: Attack Resilient Public-Key Infrastructure |
Acoustic Fingerprinting Revisited: Generate Stable Device ID Stealthy with Inaudible Sound |
Uncovering Large Groups of Active Malicious Accounts in Online Social Networks |
|
17:30- 18:00 |
Securing SSL Certificate Verification through Dynamic Linking |
Do You Hear What I Hear? Fingerprinting Smart Devices Through Embedded Acoustic Components |
Consequences of Connectivity: Characterizing Account Hijacking on Twitter |
|
18:00- 18:30 |
PoliCert: Secure and Flexible TLS Certificate Management |
Context-free Attacks Using Keyboard Acoustic Emanations |
Face in the Distorting Mirror: Revisiting Photo-based Social Authentication |
|
18:30- 20:30 |
Poster Session & Cocktail Reception (Room: Terraza, Outdoor Tent) |
CCS MAIN CONFERENCE, WEDNESDAY, NOVEMBER 5, 2014
CCS MAIN CONFERENCE, WEDNESDAY, NOVEMBER 5, 2014 | ||||
TRACK A | TRACK B | TRACK C | TUTORIAL | |
Room: Grand Ballroom A/B | Room: Grand Ballroom C | Room: Grand Ballroom D | Room: Grand Ballroom E/F | |
07:30- 08:30 |
Breakfast & Registration (Room: Conference Foyer) | |||
Session 5-A ANONYMITY |
Session 5-B HARDWARE SECURITY |
Session 5-C SECURE COMPUTATION PROTOCOLS |
||
Session Chair George Danezis |
Session Chair Ahmad-Reza Sadeghi |
Session Chair Junshan Zhang |
||
08:30- 09:00 |
(Nothing else) MATor(s): Monitoring the Anonymity of Tor's Path Selection |
Breaking Integrated Circuit Device Security through Test Mode Silicon Reverse Engineering |
Reuse It Or Lose It: More Efficient Secure Computation Through Reuse of Encrypted Values |
|
09:00- 09:30 |
Deniable Liaisons |
ARMlock: Hardware-based Fault Isolation for ARM |
UC security is practical: Efficient UC protocols with a Global Random Oracle |
|
09:30- 10:00 |
Community-Enhanced De-anonymization of Online Social Networks |
The Last Mile: An Empirical Study of Some Timing Channels on seL4 |
A Computationally Complete Symbolic Attacker for Equivalence Properties |
|
10:00- 10:30 |
Coffee Break (Room: Conference Foyer) | |||
Session 6-A TRANSPORTATION SECURITY |
Session 6-B CRYPTOGRAPHIC OBFUSCATION |
Session 6-C WEB VULNERABILITIES |
||
Session Chair Nitesh Saxena |
Session Chair Rei Safavi-Naini |
Session Chair Kehuan Zhang |
||
10:30- 11:00 |
Detection of On-Road Vehicles Emanating GPS Interference |
Optimizing Obfuscation: Avoiding Barrington's Theorem |
The web never forgets: Persistent tracking mechanisms in the wild |
|
11:00- 11:30 |
On The Security of Mobile Cockpit Information Systems |
Fully Secure and Fast Signing from Obfuscation |
MACE: Detecting Privilege Escalation Vulnerabilities in Web Applications |
|
11:45- |
KEYNOTE 1 (Room: Grand Ballroom A-F) Exciting Security Research Opportunity: Next-generation Internet Prof. Adrian Perrig (ETH, Zürich) Session Chair: Trent Jaeger |
|||
12:45- 14:00 |
Lunch Break (Room: Conference Foyer) | |||
Session 7-A REAL-WORLD SYTEMS: ANALYSIS AND THREATS |
Session 7-B USER ASPECTS |
Session 7-C WIRELESS SECURITY |
||
Session Chair Alexei Czeskis |
Session Chair Rida Bazzi |
Session Chair Kui Ren |
||
14:00- 14:30 |
Security Analysis of the Estonian Internet Voting System |
Increasing Security Sensitivity With Social Proof: A Large-Scale Experimental Confirmation |
Vulnerability and Protection of Channel State Information in Multiuser MIMO Networks |
TUTORIAL 2 |
14:30- 15:00 |
Harvesting high value foreign currency transactions from EMV contactless credit cards without the PIN |
Are You Ready to Lock? Understanding User Motivations for Smartphone Locking Behaviors |
Blind Transmitter Authentication for Spectrum Security and Enforcement |
|
15:00- 15:30 |
Real Threats to Your Data Bills: Security Loopholes and Defenses in Mobile Data Charging |
ALETHEIA: Improving the Usability of Static Security Analysis |
RevCast: Fast, Private Certificate Revocation over FM Radio |
|
15:30- 16:00 |
Coffee Break (Room: Conference Foyer) | |||
Session 8-A SECURE OUTSOURCED COMPUTATIONS |
Session 8-B MOBILE SECURITY |
Session 8-C SECURITY OF WEB COMPONENTS |
||
Session Chair Christian Cachin |
Session Chair Long Lu |
Session Chair Adam Doupé |
||
16:00- 16:30 |
Taking Authenticated Range Queries to Arbitrary Dimensions |
Wiretapping via Mimicry: Short Voice Imitation Man-in-the-Middle Attacks on Crypto Phones |
Clubbing Seals: Exploring the Ecosystem of Third-party Security Seals |
|
16:30- 17:00 |
Outsourced Proofs of Retrievability |
Context-Based Zero-Interaction Pairing and Key Evolution for Advanced Personal Devices |
A Nearly Four-Year Longitudinal Study of Search-Engine Poisoning |
|
17:00- 17:30 |
Efficiently Verifiable Computation on Encrypted Data |
OAuth Demystified for Mobile Application Developers |
From Patches to Honey-Patches: Lightweight Attacker Misdirection, Deception, and Disinformation |
|
17:30- 18:00 |
ALITHEIA: Towards Practical Verifiable Graph Processing |
Beware, Your Hands Reveal Your Secrets ! |
A Threat for Tablet PCs in Public Space: Remote Visualization of Screen Images Using EM Emanation |
|
18:30- 21:00 |
Award Ceremony and Dinner (Room: Cypress Court) | |||
CCS MAIN CONFERENCE, THURSDAY, NOVEMBER 6, 2014
CCS MAIN CONFERENCE, THURSDAY, NOVEMBER 6, 2014 | ||||
TRACK A | TRACK B | TRACK C | TUTORIAL | |
Room: Grand Ballroom A/B | Room: Grand Ballroom C | Room: Grand Ballroom D | Room: Grand Ballroom E/F | |
07:30- 08:30 |
Breakfast & Registration (Room: Conference Foyer) | |||
Session 9-A CLOUD & SEARCH ISSUES |
Session 9-B CRYPTO IMPLEMENTATIONS |
Session 9-C DATA PRIVACY |
||
Session Chair Mahesh Tripunitara |
Session Chair Dongwan Shin |
Session Chair Marina Blanton |
||
08:30- 09:00 |
Quantifying Web-Search Privacy |
SCharacterization of Real-Life PRNGs
under Partial State Corruption |
Structural Data De-anonymization: Quantification, Practice, and Implications |
|
09:00- 09:30 |
Mayhem in the Push Clouds: Understanding and Mitigating Security Hazards in Mobile Push-Messaging Services |
Synthesis of Fault Attacks on Cryptographic Implementations |
RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response |
|
09:30- 10:00 |
Cross-Tenant Side-Channel Attacks in PaaS Clouds |
ShadowCrypt: Encrypted Web Applications for Everyone |
PrivEx: Private Collection of Traffic Statistics for Anonymous Communication Networks |
|
10:00- 10:30 |
Coffee Break (Room: Conference Foyer) | |||
Session 10-A INFORMATION FLOW |
Session 10-B MALWARE STUDIES |
Session 10-C SYSTEM-ORIENTED CRYPTO INTEGRATION |
||
Session Chair William Enck |
Session Chair Hongxin Hu |
Session Chair Nick Nikiforakis |
||
10:30- 11:00 |
Automating Information Flow Analysis of Low Level Code |
Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs |
PixelVault: Using GPUs for Securing Cryptographic Operations |
|
11:00- 11:30 |
Collaborative Verification of Information Flow for a High-Assurance App Store |
An Epidemiological Study of Malware Encounters in a Large Enterprise |
Hey, NSA: Stay Away from my Market! Future Proofing App Markets against Powerful Attackers |
|
11:45- |
KEYNOTE 2 (Room: Grand Ballroom A-F) Privacy: Beyond Confidentiality Prof. Chris Clifton (Purdue University, US) Session Chair: Gail-Joon Ahn |
|||
12:45- 14:00 |
Lunch Break (Room: Conference Foyer) | |||
Session 11-A ACCESS CONTROL |
Session 11-B AUTHENTICATION |
Session 11-C WEB SECURITY TOOLS |
||
Session Chair Gang Tan |
Session Chair Liam Mayron |
Session Chair Ehab Al-Shaer |
||
14:00- 14:30 |
Fail-Security in Access Control |
Multi-Stage Key Exchange and the Case of Google's QUIC Protocol |
S3: A Symbolic String Solver for Vulnerability Detection in Web Applications |
TUTORIAL 3 |
14:30- 15:00 |
World-Driven Access Control for Continuous Sensing |
Algebraic MACs and Keyed-Verification Anonymous Credentials |
ClickMiner: Towards Forensic Reconstruction of User-Browser Interactions from Network Traces |
|
15:00- 15:30 |
Decide Now or Decide Later? Quantifying the Tradeoff between Prospective and Retrospective Access Decisions |
Security Analyses of Click-based Graphical Passwords via Image Point Memorability |
Moving Target: Security and Rapid-Release in Firefox |
|
15:30- 16:00 |
Coffee Break (Room: Conference Foyer) | |||
Session 12-A CRYPTOGRAPHIC SCHEMES & TECHNIQUES |
Session 12-B SECURE PROGRAMING & APPS |
Session 12-C SYSTEMS: ATTACKS AND SECURITY |
||
Session Chair Alina Oprea |
Session Chair Hassan Takabi |
Session Chair Ziming Zhao |
||
16:00- 16:30 |
System-level Non-interference for Constant-time Cryptography |
RockJIT: Securing Just-In-Time Compilation Using Modular Control-Flow Integrity |
A Tale of Two Kernels: Towards Ending Kernel Hardening Wars with Split Kernel |
|
16:30- 17:00 |
Controlled Functional Encryption |
Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps |
Beyond Pattern Matching: A Concurrency Model for Stateful Deep Packet Inspection |
|
17:00- 17:30 |
Formatted Encryption Beyond Regular Languages |
You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code |
The UNIX Process Identity Crisis: A Standards-Driven Approach to Setuid |
|
17:30- 18:00 |
VerSum: Verifiable Computations over Large Public Logs |
AutoCog: Measuring the Description-to-permission Fidelity in Android Applications |
Blind Recognition of Touched Keys on Mobile Devices |
|
POST-CONFERENCE WORKSHOPS, FRIDAY, NOVEMBER 7, 2014
POST-CONFERENCE WORKSHOPS, FRIDAY, NOVEMBER 7, 2014 | |||||
SIW | AISec | SEGS | SPSM | CCSW | |
Room: Grand Ballroom B | Room: Grand Ballroom E/F | Room: Grand Ballroom A | Room: Grand Ballroom C | Room: Grand Ballroom D | |
08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | 08:30 – 18:00 | |
07:30- 08:30 |
Breakfast & Registration (Room: Conference Foyer) | ||||
10:30- 11:00 |
Coffee Break (Room: Conference Foyer) | ||||
12:30- 14:00 |
Lunch Break (Room: Conference Foyer) | ||||
15:30- 16:00 |
Coffee Break (Room: Conference Foyer) |