Tuesday, July 12, 2016

[DMANET] RAID 2016 -- Call for Participation (early registration ends soon)


19th International Symposium on Research in Attacks,
Intrusions and Defenses (RAID 2016)

Telecom SudParis, France, September 19-21, 2016

** http://www.raid2016.org/registration/ **


The 19th International Symposium on Research in Attacks, Intrusions
and Defenses (RAID 2016), previously known as Recent Advances in
Intrusion Detection, aims at bringing together leading researchers and
practitioners from academia, government, and industry to discuss novel
research contributions related to computer and information security.

Attendees typically include:

- Researchers working in the field of computer and information security
- Academics studying the field of cyber security
- Incident response and security teams with responsibility for
coordinating computer security
- Technical staff who determine security product needs and implement
- Anyone wanting to learn more about computer security in general

RAID 2016 is an excellent opportunity to discuss cutting-edge research
in intrusion detection and defenses, malware, application security,
anomaly detection, special environments and sandboxing, web security
and social networks, and network security, among other topics.


Registration information is available at:



Information on the conference venue is available at:



Monday, September 19, 2016

2:00 - 2:30 pm Welcome and opening

2:30 - 3:30 pm Keynote talk, by Ahmad-Reza Sadeghi

3:30 - 4:00 pm Coffee break

4:00 - 6:00 pm Session I: Systems Security

- GRIM: Leveraging GPUs for Kernel Integrity Monitoring

Lazaros Koromilas
Giorgos Vasiliadis (Qatar Computing Research Institute, HBKU)
Elias Athanasopoulos (VU University Amsterdam)
Sotiris Ioannidis (FORTH)

- Taming Transactions: Towards Hardware-Assisted Control Flow
Integrity using Transactional Memory

Marius Muench (Eurecom)
Fabio Pagani (Eurecom)
Yan Shoshitaishvili (University of California, Santa Barbara)
Christopher Kruegel (University of California, Santa Barbara)
Giovanni Vigna (University of California, Santa Barbara)
Davide Balzarotti (Eurecom)

- Automatic Uncovering of Tap Points From Kernel Executions

Junyuan Zeng (University of Texas at Dallas)
Yangchun Fu (University of Texas at Dallas)
Zhiqiang Lin (University of Texas at Dallas)

- Detecting Stack Layout Corruptions with Robust Stack Unwinding

Yangchun Fu (University of Texas at Dallas)
Junghwan Rhee (NEC Laboratories America)
Zhiqiang Lin (University of Texas at Dallas)
Zhichun Li (NEC Laboratories America)
Hui Zhang (NEC Laboratories America)
Guofei Jiang (NEC Laboratories America)

6:00 - 8:00 pm Cocktail & Poster Session
(see http://www.raid2016.org/list-of-accepted-posters/)

Tuesday, September 20, 2016

9:30 - 10:30 am Keynote talk, [TBA]

10:30 - 11:00 am Coffee break

11:00 - 12:00 pm Session II: Low-level Attacks and Defenses

- APDU-level attacks in PKCS#11 devices

Claudio Bozzato (Ca' Foscari University, Venice)
Riccardo Focardi (Ca' Foscari University, Venice)
Francesco Palmarini (Ca' Foscari University, Venice)
Graham Steel (Cryptosense, Paris)

- CloudRadar: A Real-Time Side-Channel Attack Detection System in Clouds

Tianwei Zhang (Princeton University)
Yinqian Zhang (Ohio State University)
Ruby B. Lee (Princeton University)

12:00 - 1:30 pm Lunch break

1:30 - 3:00 pm Session III: Measurement Studies

- The Abuse Sharing Economy: Understanding the Limits of Threat Exchanges

Kurt Thomas (Google)
Rony Amira (Google)
Adi Ben-Yoash (Google)
Ari Berger (Google)
Ori Folger (Google)
Amir Hardon (Google)
Elie Bursztein (Google)
Michael Bailey (University of Illinois at Urbana-Champaign)

- SANDPRINT: Fingerprinting Malware Sandboxes to Provide Intelligence
for Sandbox Evasion

Akira Yokoyama (Yokohama National University)
Kou Ishii (Yokohama National University)
Rui Tanabe (Yokohama National University)
Yinmin Papa (Yokohama National University)
Katsunari Yoshioka (Yokohama National University)
Tsutomu Matsumoto (Yokohama National University)
Takahiro Kasama (National Institute of Information and
Communications Technology)
Daisuke Inoue (National Institute of Information and
Communications Technology)
Michael Brengel (CISPA, Saarland University)
Michael Backes (CISPA, Saarland University & MPI-SWS)
Christian Rossow (CISPA, Saarland University)

- Enabling Network Security Through Active DNS Datasets

Athanasios Kountouras (Georgia Institute of Technology)
Panagiotis Kintis (Georgia Institute of Technology)
Chaz Lever (Georgia Institute of Technology)
Yizheng Chen (Georgia Institute of Technology)
Yacin Nadji (Netrisk)
David Dagon (Georgia Institute of Technology)
Manos Antonakakis (Georgia Institute of Technology)
Rodney Joffe (Neustar)

3:00 - 3:30 pm Coffee break

3:30 - 5:00 pm Session IV: Malware Analysis

- A Formal Framework for Environmentally Sensitive Malware

Jeremy Blackthorne (Rensselaer Polytechnic Institute)
Benjamin Kaiser (Rensselaer Polytechnic Institute)
Bulent Yener (Rensselaer Polytechnic Institute)

- AVClass: A Tool for Massive Malware Labeling

Marcos Sebastian (IMDEA Software Institute)
Richard Rivera (IMDEA Software Institute & Universidad
Politecnica de Madrid)
Platon Kotzias (IMDEA Software Institute & Universidad
Politecnica de Madrid)
Juan Caballero (IMDEA Software Institute)

- Semantics-Preserving Dissection of JavaScript Exploits via
Dynamic JS-Binary Analysis

Xunchao Hu (Syracuse University)
Aravind Prakash (Binghamton University)
Jinghan Wang (Syracuse University)
Rundong Zhou (Syracuse University)
Yao Cheng (Syracuse University)
Heng Yin (Syracuse University)

5:00 pm - Banquet at Vaux-le-Vicomte (visit and dinner)

Wednesday, September 21, 2016

9:30 - 10:30 am Session V: Network Security

- The Messenger Shoots Back: Network Operator Based IMSI
Catcher Detection

Adrian Dabrowski (SBA Research)
Georg Petzl (T-Mobile Austria)
Edgar R. Weippl (SBA Research)

- On the Feasibility of TTL-based Filtering for DRDoS Mitigation

Michael Backes (CISPA, Saarland University & MPI-SWS)
Thorsten Holz (Ruhr University Bochum)
Christian Rossow (CISPA, Saarland University)
Teemu Rytilahti (Ruhr University Bochum)
Milivoj Simeonovski (CISPA, Saarland University)
Ben Stock (CISPA, Saarland University)

10:30 - 11:00 am Coffee break

11:00 - 12:30 pm Session VI: Systematization of Knowledge and Experience

- A Look into 30 Years of Malware Development from a Software
Metrics Perspective

Alejandro Calleja (Universidad Carlos III de Madrid)
Juan Tapiador (Universidad Carlos III de Madrid)
Juan Caballero (IMDEA Software Institute)

- Small Changes, Big Changes: An Updated View on the Android
Permission System

Yury Zhauniarovich (Qatar Computing Research Institute, HBKU)
Olga Gadyatskaya (SnT, University of Luxembourg)

- Who Gets the Boot? Analyzing Victimization by DDoS-as-a-Service

Arman Noroozian (Delft University of Technology)
Maciej Korczynski (Delft University of Technology)
Carlos Hernandez Ganan (Delft University of Technology)
Daisuke Makita (Yokohama National University)
Katsunari Yoshioka (Yokohama National University)
Michel van Eeten (Delft University of Technology)

12:30 - 1:30 pm Lunch break

1:30 - 3:30 pm Session VII: Web & Mobile Security

- Uses and Abuses of Server-Side Requests

Giancarlo Pellegrino (Saarland University)
Onur Catakoglu (Eurecom)
Davide Balzarotti (Eurecom)
Christian Rossow (Saarland University)

- Identifying Extension-based Ad Injection via Fine-grained Web
Content Provenance

Sajjad Arshad (Northeastern University)
Amin Kharraz (Northeastern University)
William Robertson (Northeastern University)

- Trellis: Privilege Separation for Multi-User Applications
Made Easy

Andrea Mambretti (Northeastern University)
Kaan Onarlioglu (Northeastern University)
Collin Mulliner (Northeastern University)
William Robertson (Northeastern University)
Engin Kirda (Northeastern University)
Federico Maggi (Politecnico di Milano)
Stefano Zanero (Politecnico di Milano)

- Blender: Self-randomizing Address Space Layout for Android Apps

Mingshen Sun (The Chinese University of Hong Kong)
John C.S. Lui (The Chinese University of Hong Kong)
Yajin Zhou (Qihoo 360 Technology Co. Ltd.)

3:30pm Closing Remarks & Farewell Coffee


Additional information is available at:

* Contributions to be spread via DMANET are submitted to
* DMANET@zpr.uni-koeln.de
* Replies to a message carried on DMANET should NOT be
* addressed to DMANET but to the original sender. The
* original sender, however, is invited to prepare an
* update of the replies received and to communicate it
* via DMANET.
* http://www.zaik.uni-koeln.de/AFS/publications/dmanet/