Agenda

CCS 2016 Program Guide (PDF)
Overview Schedule & Floor map (PDF)
Floor Maps (PDF)
CCS 2016 Proceedings (main conference) – OpenTOC

Pre-Conference Workshops on Monday, October 24, 2016 (09.00-17.00)

SPSM 2016

DETAILED PROGRAM
LH B

 

Open TOC SPSM

WPES 2016

DETAILED PROGRAM
LH E

 

Open TOC WPES

WISCS 2016

DETAILED PROGRAM
LH F

 

Open TOC WISCS

MTD 2016

detailed program
LH G

 

Open TOC MTD

SafeConfig 2016

DETAILED PROGRAM
LH H

 

Open TOC SafeConfig

TIs 2016

Detailed program
LH I

 

Open TOC TIs

PLAS 2016

DETAILED PROGRAM
LH J

 

Open TOC PLAS

07.30-09.00

Registration & Early Bird Coffee

08.30/09.00-10.30

SPSM 1

09.00-10.30

WPES 1

08.25-10.30

WISCS 1

09.00-10.30

MTD 1

08.50-11.00

SafeConfig 1

09.00-10.35

TIs 1

09.00-10.30

PLAS 1

08.50-10.30

10.30-11.00

Coffee Break

11.00-12.30

SPSM 2

WPES 2

WISCS 2

MTD 2

SafeConfig 2

TIs 2

PLAS 2

12.30-14.00

Lunch Break

14.00-15.30

SPSM 3

WPES 3

WISCS 3

MTD 3

SafeConfig 3

TIs 3

PLAS 3

15.30-16.00

Coffee Break

16.00-17.30/18.00

SPSM 4

16.00-17.40

WPES 4

16.00-18.10

WISCS 4

16.00-17.30

MTD 4

16.05-17.40

SafeConfig 4

16.00-17.30

TIs 4

16.00-17.30

PLAS 4

16.00-18.10

CCS 2016 Main Conference, Tuesday, October 25, 2016

CCS 2016 Proceedings (main conference) – OpenTOC

Track 1

cryptographic mechanisms

 

Open TOC CCS

Lecture Hall A

Track 2

differential privacy / cryptography / attacks

 

Open TOC CCS

Lecture Hall B

Track 3

web/mobile security

 

Open TOC CCS

Lecture Hall C

Track 4

secure code and systems

 

Open TOC CCS

Lecture Hall D

Track 5

Tutorials & Talks

 

Open TOC CCS

Lecture Hall E

07.30-08.40

Registration & Early Bird Coffee

08.40-08.50

Opening

Lecture Hall C

08.50-09.50

Keynote

Lecture Hall C

Cybersecurity, Nuclear Security, Alan Turing, and Illogical Logic
Keynote by Martin Hellman, Stanford University, US
ACM A.M. Turing Award Winner 2015

10.00-11.30

Session 1A

Blockchain I

 

Session Chair:
Ian Goldberg, University of Waterloo, Canada

Session 1B

Differential Privacy

 

Session Chair:
Prateek Mittal, Princeton University, USA

Session 1C

Android Security

 

Session Chair:
XiaoFeng Wang, Indiana University, USA

Session 1D

Hardware Protection

 

Session Chair:
Taesoo Kim, Georgia Tech, USA

Tutorial

On the Security and Performance of Proof of Work Blockchains
Arthur Gervais (ETH Zürich), Ghassan O. Karame (NEC Laboratories Europe), Karl Wüst, Vasileios Glykantzis, Hubert Ritzdorf and Srdjan Capkun (ETH Zürich)
A Secure Sharding Protocol For Open Blockchains
Loi Luu, Viswesh Narayanan, Chaodong Zheng, Kunal Baweja, Seth Gilbert and Prateek Saxena (National University of Singapore)
The Honey Badger of BFT Protocols
Andrew Miller (University of Maryland), Yu Xia (Tsinghua University), Kyle Croman, Elaine Shi (Cornell University) and Dawn Song (University of California)

Differential Privacy as a Mutual Information Constraint
Paul Cuff and Lanqing Yu (Princeton University)
Advanced Probabilistic Couplings for Differential Privacy
Gilles Barthe (IMDEA Software Institute), Noémie Fong (ENS & IMDEA Software Institute), Marco Gaboardi (University at Buffalo, SUNY), Benjamin Grégoire (Inria), Justin Hsu (University of Pennsylvania) and Pierre-Yves Strub (IMDEA Software Institute)
Differentially Private Bayesian Programming
Gilles Barthe (IMDEA Software Institute), Gian Pietro Farina, Marco Gaboardi (University at Buffalo, SUNY), Emilio Jesús Gallego Arias (CRI Mines – ParisTech), Andy Gordon (Microsoft Research), Justin Hsu (University of Pennsylvania) and Pierre-Yves Strub (IMDEA Software Institute)

The Misuse of Android Unix Domain Sockets and Security Implications
Yuru Shao (University of Michigan), Jason Ott (University of California, Riverside), Yunhan Jack Jia (University of Michigan), Zhiyun Qian (University of California, Riverside) and Z. Morley Mao (University of Michigan)
Call Me Back! Attacks on System Server and System Apps in Android through Synchronous Callback
Kai Wang, Yuqing Zhang (University of Chinese Academy of Sciences, Beijing) and Peng Liu (The Pennsylvania State University)
Draco: A System for Uniform and Fine-grained Access Control for Web Code on Android
Guliz Seray Tuncay, Soteris Demetriou and Carl A. Gunter (University of Illinois at Urbana-Champaign)

Strong Non-Interference and Type-Directed Higher-Order Masking
Gilles Barthe (IMDEA Software Institute), Sonia Belaïd (Thales Communications & Security), François Dupressoir (IMDEA Software Institute), Pierre-Alain Fouque (Université Rennes 1), Benjamin Grégoire (Inria), Pierre-Yves Strub (IMDEA Software Institute) and Rebecca Zucchini (Inria)
MERS: Statistical Test Generation for Side-Channel Analysis based Trojan Detection
Yuanwen Huang, Swarup Bhunia and Prabhat Mishra (University of Florida)
Private Circuits III: Hardware Trojan-Resilience via Testing Amplification
Stefan Dziembowski (University of Warsaw), Sebastian Faust (University of Bochum) and Francois-Xavier Standaert (Université catholique de Louvain)

Program Anomaly Detection: Methodology and Practices
Xiaokui Shu, IBM T. J. Watson Research Center, US & Danfeng Yao, Department of Computer Science Virginia Tech, US

SLIDES

11.30-12.00

Coffee Break

12.00-13.00

Session 2A

Blockchain II

 

Session Chair:
Edgar Weippl, SBA Research, Austria

Session 2B

Differentially Private Systems I

 

Session Chair:
Shai Halevi, IBM Research, USA

Session 2C

Access Control

 

Session Chair:
Gail-Joon Ahn, Arizone State University, USA

Session 2D

Security and Persistence

 

Session Chair:
William Robertson, Northeastern University, USA

Invited Talk

On the Instability of Bitcoin Without the Block Reward
Miles Carlsten, Harry Kalodner, S. Matthew Weinberg and Arvind Narayanan (Princeton University)
Transparency Overlays and Applications
Melissa Chase (Microsoft Research Redmond) and Sarah Meiklejohn (University College London)

A EpicRec: Towards Practical Differentially Private Framework for Personalized Recommendation
Yilin Shen and Hongxia Jin (Samsung Research America)
Heavy Hitter Estimation over Set-Valued Data with Local Differential Privacy
Zhan Qin (Qatar Computing Research Institute), Yin Yang (Hamad Bin Khalifa University), Ting Yu, Issa Khalil (Qatar Computing Research Institute), Xiaokui Xiao (Nanyang Technological University) and Kui Ren (SUNY Buffalo)

AUDACIOUS: User-Driven Access Control with Unmodified Operating Systems
Talia Ringer, Dan Grossman and Franziska Roesner (University of Washington)
Mix&Slice: Efficient Access Revocation in the Cloud
Enrico Bacis (Università degli Studi di Bergamo), Sabrina De Capitani di Vimercati, Sara Foresti (Università degli Studi di Milano), Stefano Paraboschi, Marco Rosa (Università degli Studi di Bergamo) and Pierangela Samarati (Università degli Studi di Milano)

Safe Serializable Secure Scheduling: Transactions and the Trade-Off Between Security and Consistency
Isaac Sheff, Tom Magrino, Jed Liu, Andrew C. Myers and Robert Van Renesse (Cornell)
ProvUSB: Block-level Provenance-Based Data Protection for USB Storage Devices
Dave (Jing) Tian (University of Florida), Adam Bates (University of Illinois at Urbana-Champaign), Kevin R.B. Butler (University of Florida) and Raju Rangaswami (Florida International University)

Colorful like a Chameleon: Security Nightmares of Embedded Systems
Timo Kasper, Kasper&Oswald GmbH, Germany

13.00-14.30

Lunch Break

14.30-16.00

Session 3A

Smart Contracts

 

Session Chair:
Sarah Meiklejohn, University College London, UK

Session 3B

Differentially Private Systems II

 

Session Chair:
Ting Yu, Qatar Computing Research Institute, Qatar

Session 3C

Mobile Software Analysis

 

Session Chair:
Will Enck, NC State University, USA

Session 3D

Kernel Memory Security

 

Session Chair:
Herbert Bos, Vrije Universiteit, Netherlands

Tutorial

Making Smart Contracts Smarter
Loi Luu, Duc-Hiep Chu (National University of Singapore), Hrishi Olickel (Yale-NUS College), Prateek Saxena (National University of Singapore) and Aquinas Hobor (Yale-NUS College & National University of Singapore)
Town Crier: An Authenticated Data Feed for Smart Contracts
Fan Zhang, Ethan Cecchetti (Cornell University), Kyle Croman (Jacobs Institute), Ari Juels (Cornell Tech) and Elaine Shi (Cornell University)
The Ring of Gyges: Investigating the Future of Criminal Smart Contracts
Ari Juels (Jacobs Institute), Ahmed Kosba (University of Maryland) and Elaine Shi (Cornell University)

DPSense: Differentially Private Crowdsourced Spectrum Sensing
Xiaocong Jin (Arizona State University), Rui Zhang (University of Hawaii), Yimin Chen, Tao Li and Yanchao Zhang (Arizona State University)
Deep Learning with Differential Privacy
Martin Abadi; Andy Chu (Google), Ian Goodfellow (OpenAl), H. Brendan McMahan, Ilya Mironov, Kunal Talwar and Li Zhang (Google)
Membership Privacy in MicroRNA-based Studies
Michael Backes, Pascal Berrang, Mathias Humbert and Praveen Manoharan (CISPA, Saarland University)

TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime
Mingshen Sun (The Chinese University of Hong Kong), Tao Wei (Baidu) and John C.S. Lui (The Chinese University of Hong Kong)
Statistical Deobfuscation of Android Applications
Benjamin Bichsel, Veselin Raychev, Petar Tsankov and Martin Vechev (ETH Zurich)
Reliable Third-Party Library Detection in Android and its Security Applications
Michael Backes, Sven Bugiel and Erik Derr (CISPA, Saarland University)

Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR
Daniel Gruss, Clémentine Maurice (TU Graz), Andreas Fogh (G-Data Advanced Analytics), Moritz Lipp and Stefan Mangard (TU Graz)
Breaking Kernel Address Space Layout Randomization with Intel TSX
Yeongjin Jang, Sangho Lee and Taesoo Kim (Georgia Institute of Technology)
Enforcing Least Privilege Memory Views for Multithreaded Applications
Terry Ching-Hsiang Hsu (Purdue University), Kevin Hoffman (eFolder), Patrick Eugster (TU Darmstadt) and Mathias Payer (Purdue University)

Security on Wheels: Security and Privacy for Vehicular Communication Systems
Part I
Panos Papadimitratos, KTH, Sweden

16.00-16.30

Coffee Break

16.30-18.00

Session 4A

Secure MPC I

 

Session Chair:
Vladimir Kolesnikov, Bell Labs, USA

Session 4B

Attacks on Ciphers

 

Session Chair:
Ralf Küsters, University of Trier, Germany

Session 4C

Big Data Meets Security

 

Session Chair:
Daphne Yao, Virginia Tech, USA

Session 4D

Types and Memory Safety

 

Session Chair:
Long Lu, Stony Brook University, USA

Tutorial

Improvements to Secure Computation with Penalties
Ranjit Kumaresan, Vinod Vaikuntanathan and Prashant Nalini Vasudevan (MIT)
Amortizing Secure Computation with Penalties
Ranjit Kumaresan (MIT) and Iddo Bentov (Cornell)
MPC-Friendly Symmetric Key Primitives
Lorenzo Grassi, Christian Rechberger (TU Graz), Dragos Rotaru, Peter Scholl, Nigel P. Smart (University of Bristol)

Message-Recovery Attacks on Feistel-Based Format Preserving Encryption
Mihir Bellare (UC San Diego), Viet Tung Hoang and Stefano Tessaro (UC Santa Barbara)
On the Practical (In-)Security of 64-bit Block Ciphers: Collision Attacks on HTTP over TLS and OpenVPN
Karthikeyan Bhargavan and Gaëtan Leurent (INRIA)
A Systematic Analysis of the Juniper Dual EC Incident
Stephen Checkoway (University of Illinois at Chicago), Jacob Maskiewicz (UC San Diego), Christina Garman (Johns Hopkins University), Joshua Fried (University of Pennsylvania), Shaanan Cohney (University of Pennsylvania), Matthew Green (Johns Hopkins University), Nadia Heninger (University of Pennsylvania), Ralf-Philipp Weinmann (Comsecuris), Eric Rescorla and Hovav Shacham (UC San Diego)

Scalable Graph-based Bug Search for Firmware Images
Qian Feng, Rundong Zhou, Chengcheng Xu, Yao Cheng, Brian Testa and Heng Yin (Syracuse University)
SmartWalk: Enhancing Social Network Security via Adaptive Random Walks
Yushan Liu (Princeton University), Shouling Ji (Georgia Tech) and Prateek Mittal (Princeton University)
High Fidelity Data Reduction for Big Data Security Dependency Analyses
Zhang Xu (College of William and Mary), Zhenyu Wu, Zhichun Li, Kangkook Jee, Junghwan Rhee, Xusheng Xiao, Fengyuan Xu (NEC Laboratories America), Haining Wang (University of Delaware) and Guofei Jiang (NEC Laboratories America)

TypeSanitizer: Practical Type Confusion Detection
Istvan Haller (Vrije Universiteit Amsterdam), Yuseok Jeon, Hui Peng, Mathias Payer (Purdue University), Cristiano Giuffrida, Herbert Bos and Erik van der Kouwe (Vrije Universiteit Amsterdam)
CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump
Jun Xu (Pennsylvania State University), Dongliang Mu (Nanjing University) Ping Chen, Xinyu Xing and Peng Liu (Pennsylvania State University)
Twice the Bits, Twice the Trouble: Vulnerabilities Induced by Migrating to 64-Bit Platforms
Christian Wressnegger, Fabian Yamaguchi, Alwin Maier and Konrad Rieck (TU Braunschweig)

Security on Wheels: Security and Privacy for Vehicular Communication Systems
Part II
Panos Papadimitratos, KTH, Sweden

18.30-23.00

Mayor’s Dinner @ Vienna City Hall

Poster / Demo Session & Award Ceremony

 

18.15 Meeting point in front of the Conference Venue entrance (or you join us directly at the City Hall)
18.30 Doors open at Vienna City Hall (ticket = badge)
19.00 Opening
20.30 Award Ceremony
21.00 Poster/Demo Session

 

How to get there

CCS 2016 Main Conference, Wednesday, October 26, 2016

CCS 2016 Proceedings (main conference) – OpenTOC

Track 1

cryptographic mechanisms

 

Open TOC CCS

Lecture Hall A

Track 2

differential privacy / cryptography / attacks

 

Open TOC CCS

Lecture Hall B

Track 3

web/mobile security

 

Open TOC CCS

Lecture Hall C

Track 4

secure code and systems

 

Open TOC CCS

Lecture Hall D

Track 5

Tutorials & Talks

 

Open TOC CCS

Lecture Hall E

07.30-08.50

Registration & Early Bird Coffee

08.50-09.50

Keynote

Lecture Hall C

Is it practical to build a truly distributed payment system?
Keynote by Ross Anderson, University of Cambridge, UK

10.00-11.30

Session 5A

Secure MPC II

 

 

Session Chair:
Claudio Orlandi, Aarhus University, Denmark

Session 5B

Physically Based Authentication

 

 

Session Chair:
Erman Ayday, Bilkent University, Turkey

Session 5C

Web Security

 

 

Session Chair:
Ben Livshits, Microsoft Research, USA

Session 5D

Security Bug Finding

 

 

Session Chair:
Adam Doupé, Arizona State University, USA

Tutorial

(CCS)^2 – Crypto-Currencies Special @ CCS 2016 (Part I)

Alternative Implementations of Secure Real Numbers
Vassil Dimitrov (University of Calgary), Liisi Kerik (Cybernetica), Toomas Krips (STACC), Jaak Randmets and Jan Willemson (Cybernetica)
Garbling Gadgets for Boolean and Arithmetic Circuits
Marshall Ball, Tal Malkin (Columbia University) and Mike Rosulek (Oregon State University)
Optimizing Semi-Honest Secure Multiparty Computation for the Internet
Aner Ben-Efraim (Ben-Gurion University), Yehuda Lindell (Bar-Ilan University) and Eran Omri (Ariel University)

MEMS Gyroscopes as Physical Unclonable Functions
Oliver Willers, Chrisptopher Huth (Robert Bosch GmbH), Jorge Guajardo (Robert Bosch LLC – RTC) and Helmut Seidel (Saarland University)
On the Security and Usability of Segment-based Visual Cryptographic Authentication Protocols
Tianhao Wang, Huangyi Ge, Omar Chowdhury, Hemanta K. Maij and Ninghui Li (Purdue University)
Instant and Robust Authentication and Key Agreement among Mobile Devices
Wei Xi (Xi’an Jiaotong University), Chen Qian (University of Kentucky), Jinsong Han, Kun Zhao (Xi’an Jiaotong University), Sheng Zhong (Nanjing University), Xiang-Yang Li (University of Science and Technology of China) and Jizhong Zhao (Xi’an Jiaotong University)

Measurement and Analysis of Private Key Sharing in the HTTPS Ecosystem
Frank Canglialosi (University of Maryland), Taejoong Chung, David Choffnes (Northeastern University), Dave Levin (University of Maryland), Bruce M. Maggs (Duke University), Alan Mislove and Christo Wilson (Northeastern University)
Chainsaw: Chained Automated Workflow-based Exploit Generation
Abeer Alhuzali, Birhanu Eshete, Rigel Gjomemo and V.N. Venkatakrishnan (University of Illinois at Chicago)
CSPAutoGen: Black-box Enforcement of Content Security Policy upon Real-world Websites
Xiang Pan (Northwestern University), Yinzhi Cao (Lehigh University), Shuangping Liu, Yu Zhou, Yan Chen, Yang Hu (Northwestern University) and Tingzhe Zhou (Lehigh University)

How I Learned to be Secure: a Census-Representative Survey of Security Advice Sources and Behavior
Elissa M. Redmiles (University of Maryland), Sean Kross (Johns Hopkins University) and Michelle L. Mazurek (University of Maryland)
Practical Detection of Entropy Loss in Pseudo-Random Number Generators
Felix Dörre and Vladimir Klebanov (Karlsruhe Institute of Technology)
Build It, Break It, Fix It: Contesting Secure Development
Andrew Ruef, Michael Hicks, James Parker, Dave Levin, Michelle L. Mazurek (University of Maryland) and Piotr Mardziel (Carnegie Mellon University)

Cryptographic Currencies Crash Course (C5)
Aljosha Judmayer, SBA Research, Austria

SLIDES

11.30-12.00

Coffee Break

12.00-13.00

Session 6A

Phone security using formal methods

 

Session Chair:
Zhou Li, RSA Labs, USA

Session 6B

Attestation

 

Session Chair:
Kevin Butler, University of Florida, USA

Session 6C

Mine your Literature

 

Session Chair:
Davide Balzarotti, EURECOM, France

Session 6D

Security Studies

 

Session Chair:
Chris Kanich, University of Illinois at Chicago, USA

Tutorial

(CCS)^2 – Crypto-Currencies Special @ CCS 2016 (Part II)

SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles
Luke Deshotels (North Carolina State University), Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest), Lucas Davi (TU Darmstadt), William Enck (North Carolina State University) and Ahmad-Reza Sadeghi (TU Darmstadt)
Computational Soundness for Dalvik Bytecode
Michael Backes, Robert Kuennemann (CISPA, Saarland University) and Esfandiar Mohammadi (ETH Zurich)

SANA: Secure and Scalable Aggregate Network Attestation
Moreno Ambrosin, Mauro Conti (University of Padua), Ahmad Ibrahim (TU Darmstadt), Gregory Neven (IBM Research), Ahmad-Reza Sadeghi (TU Darmstadt) and Matthias Schunter (Intel Labs – Darmstadt)
C-FLAT: Control-FLow Attestation for Embedded Systems Software
Tigist Abera (TU Darmstadt), N. Asokan (Aalto University), Lucas Davi (TU Darmstadt), Jan-Erik Ekberg (Trustonic), Thomas Nyman, Andrew Paverd (Aalto University), Ahmad-Reza Sadeghi (TU Darmstadt) and Gene Tsudik (University of California, Irvine)

Acing the IOC Game: Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence
Xiaojing Liao (Georgia Institute of Technology), Kan Yuan (Indiana University Bloomington), XiaoFeng Wang (Indiana University Bloomington), Zhou Li (ACM member), Luyi Xing (Indiana University Bloomington) and Raheem Beyah (Georgia Institute of Technology)
FeatureSmith: Automatically Engineering Features for Malware Detection by Mining the Security Literature
Ziyun Zhu and Tudor Dumitras (University of Maryland)

An In-Depth Study of More Than Ten Years of Java Exploitation
Philipp Holzinger, Stefan Triller (Fraunhofer SIT), Alexandre Bartel (TU Darmstadt) and Eric Bodden (Paderborn University)
The “Web/Local” Boundary Is Fuzzy: A Security Study of Chrome’s Process-based Sandboxing
Yaoqi Jia, Zheng Leong Chua, Hong Hu (National University of Singapore), Shuo Chen (Microsoft Research), Prateek Saxena and Zhenkai Liang (National University of Singapore)

Introduction to Credit Networks
Aniket Kate, Purdue University, US

SLIDES

(12.00 – 13.15)

13.00-14.30

Lunch Break

14.30-16.00

Session 7A

Secure MPC III

 

Session Chair:
Stefan Katzenbeisser, TU Darmstadt, Germany

Session 7B

Side-Channel Attacks

 

Session Chair:
Ahmad-Reza Sadeghi, TU Darmstadt, Germany

 

Session 7C

Acoustic attacks

 

Session Chair:
Amir Houmansadr, UMass Amherst, USA

Session 7D

Protection Across Executions

 

Session Chair:
Thorsten Holz, Ruhr-Universität Bochum, Germany

 

Tutorial

(CCS)^2 – Crypto-Currencies Special @ CCS 2016 (Part III)

High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority
Toshinori Araki, Jun Furukawa (NEC), Yehuda Lindell, Ariel Nof (Bar-llan University) and Kazuma Ohara (NEC)
Efficient Batched Oblivious PRF with Applications to Private Set Intersection
Vladimir Kolesnikov (Bell Labs), Ranjit Kumaresan (MIT), Mike Rosulek and Ni Trieu (Oregon State University)
MASCOT: Faster Malicious Arithmetic Secure Computation with Oblivious Transfer
Marcel Keller, Emmanuela Orsini and Peter Scholl (University of Bristol)

Covert Channels through Random Number Generator: Mechanisms, Capacity Estimation and Mitigations
Dmitry Evtyushkin and Dmitry Ponomarev (SUNY Binghamton)
Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices
Xiaokuan Zhang, Yuan Xiao and Yinqian Zhang (The Ohio State University)
A Software Approach to Defeating Side Channels in Last-Level Caches
Ziqiao Zhou, Michael K. Reiter (University of North Carolina at Chapel Hill) and Yinqian Zhang (Ohio State University)

Leave Your Phone at the Door: Side Channels that Reveal Factory Floor Secrets
Avesta Hojjati (University of Illinois at Urbana-Champaign), Anku Adhikari (University of Illinois at Urbana-Champaign & ADSC), Katarina Struckmann, Edward Chou (University of Illinois at Urbana-Champaign), Thi Ngoc Tho Nguyen (ADSC), Kushagra Madan (University of Illinois at Urbana-Champaign), Marianne S. Winslett (University of Illinois at Urbana-Champaign & ADSC), Carl A. Gunter and William P. King (University of Illinois at Urbana-Champaign)
My Smartphone Knows What You Print: Exploring Smartphone-based Side-channel Attacks Against 3D Printers
Chen Song, Feng Lin, Zhongije Ba, Kui Ren, Chi Zhou, Wenyao Xu (University at Buffalo, State University of New York)
The Sounds of the Phones: Dangers of Zero-Effort Second Factor Login based on Ambient Audio
Babins Shrestha, Maliheh Shirvanian, Prakash Shrestha and Nitesh Saxena (University of Alabama at Birmingham)

UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages
Kangjie Lu, Chengyu Song, Taesoo Kim and Wenke Lee (Georgia Institute of Technology)
iLock: Immediate and Automatic Locking of Mobile Devices against Data Theft
Tao Li, Yimin Chen, Jinchao Sun, Xiaocong Jin, Yanchao Zhang (Arizona State University)
Hypnoguard: Protecting Secrets across Sleep-Wake Cycles
Lianying Zhao, Mohammad Mannan (Concordia University)

On the Security and Scalability of Bitcoin’s Blockchain
Ghassan O. Karame, NEC Laboratories, Europe

16.00-16.30

Coffee Break

16.30-18.00

Session 8A

Lattices and Obfuscation

 

Session Chair:
Stefan Dziembowski, University of Warsaw, Poland

Session 8B

Attacks and Defences

 

Session Chair:
Yinqian Zhang, The Ohio State University, USA

Session 8C

Phone Security

 

Session Chair:
Manuel Egele, Boston University, USA

Session 8D

Infrastructure attacks

 

Session Chair:
Zhiyun Qian, UC Riverside, USA

Invited Talk

5Gen: A Framework for Prototyping Applications Using Multilinear Maps and Matrix Branching Programs
Kevin Lewi (Stanford University), Alex J. Malozemoff (Galois), Daniel Apon (University of Maryland), Brent Carmer (Oregon State University), Adam Foltzer, Daniel Wagner, David W. Archer (Galois), Daniel Boneh (Stanford University), Jonathan Katz (University of Maryland) and Mariana Raykova (Yale University)
Λ○λ: Functional Lattice Cryptography
Eric Crockett (Georgia Institute of Technology) and Chris Peikert (University of Michigan)
Frodo: Take off the ring! Practical, Quantum-Secure Key Exchange from LWE
Joppe Bos (NXP Semiconductors), Craig Costello (Microsoft Research), Léo Ducas (CWI), Ilya Mironov (Google), Michael Naehrig (Microsoft Research), Valeria Nikolaenko (Stanford University), Ananth Raghunathan (Google) and Douglas Stebila (McMaster University)

On Code Execution Tracking via Power Side-Channel
Yannan Liu, Lingxiao Wei, Zhe Zhou, Kehuan Zhang (The Chinese University of Hong Kong), Wenyuan Xu (Zhejiang University) and Qiang Xu (The Chinese University of Hong Kong)
Drammer: Deterministic Rowhammer Attacks on Mobile Platforms
Victor van der Veen (Vrije Universiteit Amsterdam), Yanick Fratantonio, Martina Lindorfer (UC Santa Barbara), Daniel Gruss, Clementine Maurice (TU Graz), Giovanni Vigna (UC Santa Barbara), Herbert Bos, Kaveh Razavi and Cristiano Giuffrida (Vrije Universiteit Amsterdam)
Error Handling of In-vehicle Networks Makes Them Vulnerable
Kyong-Tak Cho and Kang G. Shin (University of Michigan)

Using Reflexive Eye Movements For Fast Challenge-Response Authentication
Ivo Sluganovic, Marc Roeschlin, Kasper B. Rasmussen and Ivan Martinovic (University of Oxford)
When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals
Mengyuan Li, Yan Meng, Junyi Liu, Haojin Zhu (Shanghai Jiao Tong University), Xiaohui Liang (University of Massachusetts at Boston), Yao Liu (University of South Florida) and Na Ruan (Shanghai Jiao Tong University)
VoiceLive: A Phoneme Localization based Liveness Detection for Voice Authentication on Smartphones
Linghan Zhang, Sheng Tan, Jie Yang (Florida State University) and Yingying Chen (Stevens Institute of Technology)

Limiting the Impact of Stealthy Attacks on Industrial Control Systems
David I. Urbina, Jairo Giraldo, Alvaro A. Cardenas (The University of Texas at Dallas), Nils Ole Tippenhauer (Singapore University of Technology and Design), Junia Valente, Mustafa Faisal, Justin Ruths (The University of Texas at Dallas), Richard Candell (National Institute of Standards and Technology) and Henrik Sandberg (Royal Institute of Technology)
Over-The-Top Bypass: Study of a Recent Telephony Fraud
Merve Sahin and Aurélien Francillon (Eurecom)
New Security Threats Caused by IMS-based SMS Service in 4G LTE Networks
Guan-Hua Tu (Michigan State University), Chi-Yu Li (National Chiao Tung University), Chunyi Peng (Ohio State University), Yuanjie Li and Songwu Lu (University of California, Los Angeles)

Design requirements on resilient command control and signaling systems in the railway sector – First preliminary results of the CYSIS working group on IT security

Thorsten Borrmann, DB Netz AG, Germany

(16.30 – 17.15)

Experiences in Securing Smart Grids and their Operations
Klaus Kursawe, GridSec.org, The Netherlands

(17.15 – 18.00)

18.05-19.00

Panel Discussion

Lecture Hall C

Impact of Academic Security Research: Frogs in Wells, Storms in Teacups, or Raw Diamonds?

 

Chair: Ahmad-Reza Sadeghi, TU Darmstadt, CYSEC, Germany

 

Panelists:
Ross Anderson, University of Cambridge, UK
Davide Balzarotti, EURECOM, France
Robert Broberg, Cisco Systems Inc
Bart Preneel, KU Leuven, Belgium
Anand Rajan, Intel Labs
Greg Shannon, White House Office of Science & Technology Policy, USA

19.05-24.00

Traditional Viennese Dinner @ Heuriger

 

The Dinner will take place at a “Heuriger” (traditional wine tavern), located on the outskirts of Vienna.
Besides homegrown white wine and grape juices you will enjoy traditional Austrian food and music.

 

19.05 Meeting point in front of the Conference Venue entrance
19.10 Departure of the busses (20min drive)
22.00 – 24.00 Busses at regular intervals back to the Conference Venue

 

More information

CCS 2016 Main Conference, Thursday, October 27, 2016

CCS 2016 Proceedings (main conference) – OpenTOC

Track 1

cryptographic mechanisms

 

Open TOC CCS

Lecture Hall A

Track 2

differential privacy / cryptography / attacks

 

Open TOC CCS

Lecture Hall B

Track 3

web/mobile security

 

Open TOC CCS

Lecture Hall C

Track 4

secure code and systems

 

Open TOC CCS

Lecture Hall D

Track 5

Tutorials & Talks

 

Open TOC CCS

Lecture Hall E

08.15-09.30

Registration & Early Bird Coffee

09.00/09.30-11.00

Session 9A

Order-Revealing and Searchable Encryption

 

Session Chair:
Florian Kerschbaum, SAP SE,  Germany

(09.00 – 11.00)

Session 9B

Authentication

 

Session Chair:
Frederik Armknecht, University of Mannheim, Germany

(09.30 – 11.00)

Session 9C

Passwords

 

Session Chair:
Wenyuan Xu, University of South Carolina, USA

(09.30 – 11.00)

Session 9D

Internet security

 

Session Chair:
Konrad Rieck, TU Braunschweig, Germany

(09.30 – 11.00)

POPE: Partial Order Preserving Encoding
Daniel S. Roche (United States Naval Academy), Daniel Apon (University of Maryland), Seung Geol Choi (United States Naval Academy) and Arkady Yerukhimovich (MIT Lincoln Laboratory)
Σoφoς – Forward Secure Searchable Encryption
Raphael Bost (Direction Générale de l’Armement – Maitrise de l’Information & Université de Rennes 1)
What Else is Revealed by Order-Revealing Encryption?
F. Betül Durak (Rutgers University), Thomas M. DuBuisson (Galois, Inc.) and David Cash (Rutgers University)
Order-Revealing Encryption: New Constructions, Applications, and Lower Bounds
Kevin Lewi and David J. Wu (Stanford University)

Practical Anonymous Password Authentication and TLS with Anonymous Client Authentication
Zhenfeng Zhang, Kang Yang (Chinese Academy of Sciences), Xuexian Hu (State Key Laboratory of Mathematical Engineering and Advanced Computing) and Yuchen Wang (Chinese Academy of Sciences)
Efficient Cryptographic Password Hardening Services From Partially Oblivious Commitments
Jonas Schneider, Nils Fleischhacker (CISPA, Saarland University), Dominique Schröder (Friedrich-Alexander-University Erlangen-Nürnberg) and Michael Backes (CISPA, Saarland University)
 A Comprehensive Formal Security Analysis of OAuth 2.0
Daniel Fett, Ralf Küsters and Guido Schmitz (University of Trier)

An Empirical Study of Mnemonic Sentence-based Password Generation Strategies
Weining Yang, Ninghui Li, Omar Chowdhury, Aiping Xiong and Robert W. Proctor (Purdue University)
On the Security of Cracking-Resistant Password Vaults
Maximilian Golla, Benedict Beuscher and Markus Dürmuth (Ruhr-University Bochum)
Targeted Online Password Guessing: An Underestimated Threat
Ding Wang, Zijian Zhang, Ping Wang (Peking University), Jeff Yan (Lancaster University) and Xinyi Huang (Fujian Normal University)

PIPSEA: A Practical IPsec Gateway on Embedded APUs
Jungho Park, Wookeun Jung, Gangwon Jo, Ilkoo Lee and Jaejin Lee (Seoul National University)
MiddlePolice: Toward Enforcing Destination-Defined Policies in the Middle of the Internet
Zhuotao Liu (UIUC), Hao Jin (Nanjing University), Yih-Chun Hu and Michael Bailey (UIUC)
Protecting Insecure Communications with Topology-aware Network Tunnels
Georgios Kontaxis and Angelos D. Keromytis (Columbia University)

11.00-11.30

Coffee Break

11.30-13.00

Session 10A

Specialized crypto tools

 

Session Chair:
Abhi Shelat, Northeastern University, USA

Session 10B

Crypto Implementations

 

Session Chair:
Jakub Szefer, Yale University, USA

Session 10C

Measuring security in the wild

 

Session Chair:
Alejandro Russo, Chalmers University of Technology, Sweden

Session 10D

Network security I

 

Session Chair:
Mohammad Mannan, Concordia University, Canada

Tutorial

Function Secret Sharing: Improvements and Extensions
Elette Boyle (IDC Herzliya), Niv Gilboa (Ben Gurion University) and Yuval Ishai (Technion)
Hash First, Argue Later: Adaptive Verifiable Computations on Outsourced Data
Dario Fiore (IMDEA Software Institute), Cédric Fournet (Microsoft Research), Esha Ghosh (Brown University), Markulf Kohlweiss, Olga Ohrimenko and Bryan Parno (Microsoft Research)
Practical Non-Malleable Codes from l-more Extractable Hash Functions
Aggelos Kiayias (University of Edinburgh), Feng-Hao Liu (Florida Atlantic University) and Yiannis Tselekounis (National and Kapodistrian University of Athens)

A Surfeit of SSH Cipher Suites
Maritin R. Albrecht, Jean Paul Degabriele ,Torben Brandt Hansen and Kenneth G. Paterson (Royal Holloway, University of London)
Systematic Fuzzing and Testing of TLS Libraries
Juraj Somorovsky (Ruhr University Bochum)
Attacking OpenSSL Implementation of ECDSA with a Few Signatures
Shuqin Fan (State Key Laboratory of Cryptology), Wenbo Wang and Qingfeng Cheng (Luoyang University of Foreign Languages)

Content Security Problems? Evaluating the Effectiveness of Content Security Policy in the Wild
Stefano Calzavara, Alvise Rabitti and Michele Bugliesi (Università Ca’ Foscari Venezia)
CSP is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of the Content Security Policy
Lukas Weichselbaum, Michele Spagnuolo, Sebastian Lekies and Artur Janc (Google)
Online tracking: A 1-million-site measurement and analysis
Steven Englehardt and Arvind Narayanan (Princeton University)

PhishEye: Live Monitoring of Sandboxed Phishing Kits
Xiao Han, Nizar Kheir (Orange Labs) and Davide Balzarotti (Eurecom)
All Your DNS Records Point to Us: Understanding the Security Threats of Dangling DNS Records
Daiping Liu (University of Delaware), Shuai Hao College of (William and Mary) and Haining Wang (University of Delaware)
Identifying the Scan and Attack Infrastructure behind Amplification DDoS attacks
Johannes Krupp, Michael Backes and Christian Rossow (CISPA, Saarland University)

Privacy and Security in the Genomic Era
Erman Ayday, Bilkent University, Turkey & Jean-Pierre Hubaux, EPFL, Switzerland

SLIDES

13.00-14.30

Lunch Break

14.30-16.00

Session 11A

Key Exchange

 

Session Chair:
Dario Fiore, IMDEA Software Institute, Spain

Session 11B

Attacks using a little leakage

 

Session Chair:
Gang Tan, Penn State University, USA

Session 11C

More attacks

 

Session Chair:
Michael Franz, UC Irvine, USA

Session 11D

Network security II

 

Session Chair:
Tudor Dumitras, UMCP, USA

Tutorial

A Unilateral-to-Mutual Authentication Compiler for Key Exchange (with Applications to Client Authentication in TLS 1.3)
Hugo Krawczyk (IBM Research)
Attribute-based Key Exchange with General Policies
Vladimir Kolesnikov (Bell Labs), Hugo Krawczyk (IBM Research), Yehuda Lindell (Bar-llan University), Alex Malozemoff (Galios) and Tal Rabin (IBM Research)
Identity-Concealed Authenticated Encryption and Key Exchange
Yunlei Zhao (Fudan University)

Generic Attacks on Secure Outsourced Databases
Georgios Kellaris (Harvard University), George Kollios (Boston University), Kobbi Nissim (Ben-Gurion University) and Adam O´Neill (Georgetown University)
The Shadow Nemesis: Inference Attacks on Efficiently Deployable, Efficiently Searchable Encryption
David Pouliot and Charles V. Wright (Portland State University)
Breaking Web Applications Built On Top of Encrypted Data
Paul Grubbs (Cornell University), Richard McPherson (University of Texas, Austin), Muhammed Naveed (University of Southern California), Thomas Risenpart and Vitaly Shmatikov (Cornell Tech)

Host of Troubles: Multiple Host Ambiguities in HTTP Implementations
Jianjun Chen (Tsinghua University), Jian Jiang (University of California, Berkeley), Haixin Duan (Tsinghua University), Nicholas Weaver (International Computer Science Institute), Tao Wan (Huawei Canada) and Vern Paxson (International Computer Science Institute
Accessorize to a Crime: Real and Stealthy Attacks on State-Of-The-Art Face Recognition
Mahmood Sharif, Sruti  Bhagavatula, Lujo Bauer (Carnegie Mellon University) and Michael K. Reiter (University of North Carolina Chapel Hill)
Lurking Malice in the Cloud: Understanding and Detecting Cloud Repository as a Malicious Service
Xiaojing Liao (Georgia Institute of Technology), Sumayah Alrwais, Kan Yuan, Luyi Xing, XiaoFeng Wang (Indiana University Bloomington), Shuang Hao (University of California Santa Barbara) and Raheem Beyah (Georgia Institute of Technology)

Safely Measuring Tor
Rob Jansen and Aaron Johnson (U.S. Naval Research Laboratory)
PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration
Shuang Hao (UC Santa Barbara), Alex Kantchelian (UC Berkeley), Brad Miller (Google), Vern Paxson (UC Berkeley) and Nick Feamster (Princeton University)
Stemming Downlink Leakage from Training Sequences in Multi-User MIMO Networks
Yunlong Mao, Yuan Zhang and Sheng Zhong (Nanjing University)

Adversarial Data Mining: Big Data Meets Cyber Security
Part I
Murat Kantarcioglu, University of Texas at Dallas, US & Bowei Xi, Purdue University, US

SLIDES

16.00-16.30

Coffee Break

16.30-18.00

Session 12A

Secure Protocols

 

Session Chair:
René Mayrhofer, JKU Linz, Austria

Session 12B

DSA/ECDSA

 

Session Chair:
Markulf Kohlweiss, Microsoft Research, UK

Session 12C

Even more attacks

 

Session Chair:
Mathias Payer, Purdue University, USA

Session 12D

Censorship Resistance

 

Session Chair:
Amir Herzberg, Bar Ilan University, Israel

Tutorial

A Protocol for Privately Reporting Ad Impressions at Scale
Matthew Green (Johns Hopkins University), Watson Ladd (University of California Berkeley) and Ian Miers (Johns Hopkins University)
Secure Stable Matching at Scale
Jack Doerner, David Evans and Abhi Shelat (University of Virginia)
BeleniosRF: A Non-Interactive Receipt-Free Electronic Voting Scheme
Pyrros Chaidos, (University College London), Véronique Cortier (CNRS), Georg Fuchsbauer (Inria) and David Galindo (University of Birmingham)

ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels
Daniel Genkin (Technion), Lev Pachmanov, Itamar Pipman, Eran Tromer (Tel Aviv University) and Yuval Yarom (The University of Adelaide)
Make Sure DSA Signing Exponentiations Really Are Constant-Time
Cesar Pereida Garcia (Aalto University), Billy Bob Brumley (Tampere University of Technology) and Yuval Yarom (The University of Adelaide)
On the provable security of (EC)DSA signatures
Manuel Fersch, Eike Kiltz and Bertram Poettering (Ruhr University Bochum)

Android ION Hazard: the Curse of Customizable Memory Management System
Hang Zhang, Dongdong She and Zhiyun Qian (University of California, Riverside)
Coverage-based Greybox Fuzzing as Markov Chain
Marcel Boehme, Van-Thuan Pham and Abhik Roychoudhury (National University of Singapore)
SFADiff: Automated Evasion Attacks and Fingerprinting Using Blackbox Differential Automata Learning
George Argyros (Columbia University), Ioannis Stais (University of Athens), Suman Jana, Angelos Keromytis (Columbia University) and Aggelos Kiayias (University of Edinburgh)

Slitheen: Perfectly imitated decoy routing through traffic replacement
Cecylia Bocovich and Ian Goldberg (University of Waterloo)
Practical Censorship Evasion Leveraging Content Delivery Networks
Hadi Zolfaghari and Amir Houmansadr (UMass Amherst)
GAME OF DECOYS: Optimal Decoy Routing Through Game Theory
Milad Nasr and Amir Houmansadr (UMass Amherst)

Adversarial Data Mining: Big Data Meets Cyber Security
Part II
Murat Kantarcioglu, University of Texas at Dallas, US & Bowei Xi, Purdue University, US

18.00-19.00

CCS Business Meeting

Lecture Hall C

19.10-20.30

optional Sightseeing Tour

(For ticket holders only!)

Post-Conference Workshops on Friday, October 28, 2016 (09.00-17.00)

CCSW 2016

DETAILED PROGRAM

Open TOC CCSW
LH B

CPS-SPC 2016

DETAILED PROGRAM

Open TOC CPS-SPC
LH E

TRUSTED 2016

DETAILED PROGRAM 

Open TOC TrustED
LH F

FEAST 2016

DETAILED PROGRAM
LH G

MIST 2016

DETAILED PROGRAM

Open TOC MIST
LH H

SPRO 2016

DETAILED PROGRAM

Open TOC SPRO
LH I

Aisec 2016

DEtailed program

Open TOC AISec
LH J

07.30-09.00

Registration & Early Bird Coffee

08.30/09.00-10.30

CCSW 1

09.00-10.30

CPS-SPC 1

08.50-10.30

TrustED 1

09.00-10.30

FEAST 1

08.30-10.30

MIST 1

08.50-10.30

SPRO 1

08.30-10.30

AIsec 1

08.50-10.30

10.30-11.00

Coffee Break

11.00-12.30

CCSW 2

CPS-SPC 2

TrustED 2

FEAST 2

MIST 2

SPRO 2

AIsec 2

12.30-14.00

Lunch Break

14.00-15.30

CCSW 3

CPS-SPC 3

TrustED 3

FEAST 3

MIST 3

SPRO 3

AIsec 3

15.30-16.00

Coffee Break

16.00-17.30/18.00

CCSW 4

16.00-18.00

CPS-SPC 4

16.00-17.30

TrustED 4

16.00-17.30

FEAST 4

16.00-18.00

MIST 4

16.00-17.30

SPRO 4

16.00-18.00

AIsec 4

16.00-17.45

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close