ESORICS 2017: CALL FOR PARTICIPATION
22nd European Symposium on Research in Computer Security
Oslo, Norway — September 11-15, 2017
==============================================================================
WWW: https://www.ntnu.edu/web/esorics2017/
Overview
------------------------------------
ESORICS is the annual European research event in Computer Security. The
Symposium started in 1990 and has been held in several European
countries, attracting a wide international audience from both the
academic and industrial communities.
The 22nd European Symposium on Research in Computer Security (ESORICS
2017) will be held in Oslo, Norway.
ESORICS 2017 spans a total of 3 days, featuring:
* 3 keynote speeches
(Cormac Herley, Paul Syverson, Sandro Etalle)
* 54 paper presentations in 3 days (Sep 11-13)
* 8 workshops (Sept 14 - 15)
Presentations Program
------------------------------------
The 54 papers of ESORICS 2017 are distributed between **18 sessions**
in **two parallel tracks**.
Following is the list of paper presentations for the main ESORICS
conference. For the workshop programs, please consult their
corresponding websites:
* SECPRE 2017: https://samosweb.aegean.gr/secpre2017/
* SecSE 2017: http://secse.org
* CBT 2017: http://www.deic.uab.cat/~jherrera/CBT/
* DPM 2017: http://deic.uab.cat/conferences/dpm/dpm2017/
* STM 2017: http://stm2017.di.unimi.it
* QASA 2017: http://www.iit.cnr.it/qasa2017/
* CyberICPS: http://www.ds.unipi.gr/cybericps2017/
* SIoT 2017: http://siot-workshop.org
### September 11 - Day 1 ###########
09:30 - 10:30
* Keynote: Cormac Herley
- Justifying Security Measures - a Position Paper
11:00 - 12:30
* Session 1: Security of embedded things
- Shortfall-based Optimal Placement of Security Resources for Mobile
IoT Scenarios
Antonino Rullo, Edoardo Serra, Elisa Bertino and Jorge Lobo
- Analyzing the Capabilities of the CAN Attacker
Sibylle Froeschle and Alexander Stühring
- Boot Attestation: Secure Remote Reporting with Off-The-Shelf IoT
Sensors
Steffen Schulz, André Schaller, Florian Kohnhäuser, and Stefan
Katzenbeisser
* Session 2: Cryptographic Application I
- Per-Session Security: Password-Based Cryptography Revisited
Gregory Demay, Peter Gazi, Ueli Maurer and Björn Tackmann
- Non-Interactive Provably Secure Attestations for Arbitrary RSA Prime
Generation Algorithm
Fabrice Benhamouda, Houda Ferradi, Rémi Géraud and David
Naccache
- Tightly Secure Ring-LWE Based Key Encapsulation with Short
Ciphertexts
Martin Albrecht, Emmanuela Orsini, Kenneth Paterson, Guy Peer and
Nigel Smart
14:00 - 15:30
* Session 3: Documents and Authorship
- Identifying Multiple Authors in a Binary Program
Xiaozhu Meng, Barton Miller and Kwang-Sung Jun
- Verifiable Document Redacting
Herve Chabanne, Rodolphe Hugel and Julien Keuffer
- Source Code Authorship Attribution using Long Short-Term Memory
Based Networks
Bander Alsulami, Edwin Dauber, Richard Harang, Spiros Mancoridis
and Rachel Greenstadt
* Session 4: Analysis of Security Protocols
- Automated analysis of equivalence properties for security protocols
using else branches
Ivan Gazeau and Steve Kremer and Levente Buttyán
- Secure Authentication in the Grid: A formal analysis of DNP3: SAv5
Cas Cremers, Martin Dehnel-Wild and Kevin Milner
- Modular Verification of Protocol Equivalence in the Presence of
Randomness
Matthew Bauer, Rohit Chadha and Mahesh Viswanathan
16:00 - 17:30
* Session 5: Threat Analysis
- Preventing Advanced Persistent Threats in Complex Control Networks
Juan E. Rubio, Cristina Alcaraz and Javier Lopez
- MTD CBITS: Moving Target Defense for Cloud-Based IT Systems
Alexandru G. Bardas, Sathya C. Sundaramurthy, Xinming Ou and Scott
A. Deloach
- Is my attack tree correct?
Maxime Audinot, Sophie Pinchinat and Barbara Kordy
* Session 6: Side Channels and data leakage
- On-Demand Time Blurring to Support Side-Channel Defense
Weijie Liu, Debin Gao and Mike Reiter
- Acoustic Data Exfiltration from Speakerless Air-Gapped Computers via
Covert Hard-Drive Noise
Mordechai Guri, Yosef Solewicz, Andrey Daidakulov and Yuval
Elovici
- Practical Keystroke Timing Attacks in Sandboxed JavaScript
Moritz Lipp, Daniel Gruss, Michael Schwarz, David Bidner,
Clémentine Maurice and Stefan Mangard
### September 12 - Day 2 ###########
09:00 - 10:00
* Keynote: Paul Syverson
- The Once and Future Onion
10:30 - 12:00
* Session 7: Vulnerabilities and Malware
- Mirage: Toward a Stealthier and Modular Malware Analysis Sandbox for
Android
Lorenzo Bordoni, Mauro Conti and Riccardo Spolaor
- VuRLE: Automatic Vulnerability Detection and Repair by Learning from
Examples
Siqi Ma, Ferdian Thung, David Lo, Cong Sun and Robert Deng
- Adversarial Examples for Malware Detection
Kathrin Grosse, Nicolas Papernot, Praveen Manoharan, Backes
Michael and Patrick McDaniel Russo
* Session 8: Privacy in Systems
- PerfWeb: How to Violate Web Privacy with Hardware Performance Events
Berk Gulmezoglu, Andreas Zankl, Thomas Eisenbarth and Berk Sunar
- SePCAR: A Secure and Privacy-enhancing Protocol for Car Access
Provision
Iraklis Symeonidis, Abdelrahaman Aly, Mustafa Asan Mustafa, Bart
Mennink, Siemen Dhooghe and Bart Preneel
- Privacy Implications of Room Climate Data
Philipp Morgner, Christian Müller, Matthias Ring, Björn
Eskofier, Christian Riess, Frederik Armknecht and Zinaida Benenson
13:30 - 15:00
* Session 9: Network security
- Link-Layer Device Type Classification on Encrypted Wireless Traffic
with COTS Radios
Rajib Ranjan Maiti, Sandra Siby, Ragav Sridharan and Nils Ole
Tippenhauer
- Preventing DNS amplification attacks using the history of DNS
queries with SDN
Soyoung Kim, Sora Lee, Geumhwan Cho, Muhammad Ejaz Ahmed, Jaehoon
Paul Jeong and Hyoungshick Kim
- Zero Round-Trip Time for the Extended Access Control Protocol
Jacqueline Brendel and Marc Fischlin
* Session 10: Controlling Access
- No sugar but all the taste! Memory Encryption without Architectural
Support
Panagiotis Papadopoulos, George Christou, Giorgos Vasiliadis,
Evangelos Markatos and Sotiris Ioannidis
- Tree-based Cryptographic Access Control
James Alderman, Naomi Farley and Jason Crampton
- Securing Data Analytics on SGX With Randomization
Swarup Chandra, Vishal Karande, Zhiqiang Lin, Latifur Khan, Murat
Kantarcioglu and Bhavani Thuraisingham
15:30 - 17:00
* Session 11: Information Flow
- We are Family: Relating Information-Flow Trackers
Musard Balliu, Daniel Schoepe and Andrei Sabelfeld
- A Better Composition Operator for Quantitative Information Flow
Analyses
Kai Engelhardt
- WebPol: Fine-grained Information Flow Policies for Web Browsers
Abhishek Bichhawat, Vineet Rajani, Jinank Jain, Deepak Garg and
Christian Hammer
* Session 12: Blockchain and social networks
- A Traceability Analysis of Monero's Blockchain
Amrit Kumar, Clément Fischer, Shruti Tople and Prateek Saxena
-RingCT 2.0: A Compact Linkable Ring Signature Based Protocol for
Blockchain Cryptocurrency Monero
Shi-Feng Sun, Man Ho Au, Joseph Liu and Tsz Hon Yuen
- Secure Computation in Online Social Networks
Foteini Baldimtsi, Dimitrios Papadopoulos, Stavros Papadopoulos,
Alessandra Scafuro and Nikos Triandopoulos
### September 13 - Day 3 ###########
09:00 - 10:00
* Keynote: Sandro Etalle
- From Intrusion Detection to Software Design
10:30 - 12:30
* Session 13: Web Security
- DeltaPhish: Detecting Phishing Webpages in Compromised Websites
Igino Corona, Battista Biggio, Matteo Contini, Luca Piras, Roberto
Corda, Mauro Mereu, Guido Mureddu, Davide Ariu and Fabio Roli
- DOMPurify: Client-Side Protection against XSS and Markup Injection
Mario Heiderich, Christopher Späth, and Jörg Schwenk
- Quantifying Web Adblocker Privacy
Arthur Gervais, Alexandros Filios, Vincent Lenders and Srdjan
Capkun
* Session 14: Cryptographic signatures
- Reusing Nonces in Schnorr Signatures
Marc Beunardeau, Aisling Connolly, Remi Geraud, David Naccache and
Damien Vergnaud
- How to Circumvent the Structure-Preserving Signatures Lower Bounds
MEssam Ghadafi
- Server-Supported RSA Signatures for Mobile Devices
Ahto Buldas, Aivo Kalu, Peeter Laud and Mart Oruaas
13:30 - 15:00
* Session 15: Formal techniques
- Inference-Proof Updating of a Weakened View under the Modification
of Input Parameters
Joachim Biskup and Marcel Preuß
- Verifying Constant-Time Implementations by Abstract Interpretation
Sandrine Blazy, David Pichardie and Alix Trieu
- AVR Processors as a Platform for Language-Based Security
Florian Dewald, Heiko Mantel and Alexandra Weber
* Session 16: Privacy and garbled circuits
- Labeled Homomorphic Encryption: Scalable and Privacy-Preserving
Processing of Outsourced Data
Manuel Barbosa, Dario Catalano and Dario Fiore
- New Way for Privacy-Preserving Decision Tree Evaluation
Raymond K. H. Tai, Jack P. K. Ma, Yongjun Zhao and Sherman S. M.
Chow
- Enforcing Input Correctness via Certification in Garbled Circuit
Evaluation
Yihua Zhang, Marina Blanton and Fattaneh Bayatbabolghani
15:30 - 17:00
* Session 17: Intrusion Detection
- Secure IDS Offloading with Nested Virtualization and Deep VM
Introspection
Shohei Miyama and Kenichi Kourai
- Network Intrusion Detection based on Semi-Supervised Variational
Auto-Encoder
Genki Osada, Kazumasa Omote and Takashi Nishide
- LeaPS: Learning-Based Proactive Security Auditing for Clouds
Suryadipta Majumdar, Yosr Jarraya, Momen Oqaily, Amir
Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi
* Session 18: Cryptographic Applications II
- Multiple Rate Threshold FlipThem
David Leslie, Chris Sherfield and Nigel Smart
- Stringer: Measuring the Importance of Static Data Comparisons to
Detect Backdoors and Undocumented Functionality
Sam L. Thomas, Tom Chothia and Flavio D. Garcia
- Generic Constructions for Fully Secure Revocable Attribute-Based
Encryption
Kotoko Yamada, Nuttapong Attrapadung, Keita Emura, Goichiro
Hanaoka and Keisuke Tanaka
**********************************************************
*
* Contributions to be spread via DMANET are submitted to
*
* DMANET@zpr.uni-koeln.de
*
* Replies to a message carried on DMANET should NOT be
* addressed to DMANET but to the original sender. The
* original sender, however, is invited to prepare an
* update of the replies received and to communicate it
* via DMANET.
*
* DISCRETE MATHEMATICS AND ALGORITHMS NETWORK (DMANET)
* http://www.zaik.uni-koeln.de/AFS/publications/dmanet/
*
**********************************************************