ESORICS 2016

FORTH - Institute of Computer Science

Program

Program Overview in PDF

WEDNESDAY/ SEP 28

09:00 - 09:30 Introductions
09:30 - 10:30 Keynote 1: Adrian Perrig
"A Next-generation Secure Internet Architecture for the 21st Century"
10:30 - 11:00 Coffee break
11:00 - 12:30

Session 1: Network and Web Security

  • Bharat Srinivasan, Payas Gupta, Manos Antonakakis and Mustaque Ahamad. "Understanding Cross-Channel Abuse with SMS-Spam Support Infrastructure Attribution"
  • Marc Juarez, Mohsen Imani, Mike Perry, Claudia Diaz and Matthew Wright. "Toward an Efficient Website Fingerprinting Defense"
  • Suryadipta Majumdar, Yosr Jarraya, Taous Madi, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi. "Proactive Verification of Security Compliance for Clouds through Pre-Computation: Application to OpenStack"
11:00 - 12:30

Session 2: Authentication

  • Weining Yang, Ninghui Li, Ian Molloy, Youngja Park and Suresh Chari. "Comparing Password Ranking Algorithms on Real-world Password Datasets"
  • Aldar C-F. Chan, Jianying Zhou, Jun Wen Wong and Joseph C. M. Teo. "Scalable Two-factor Authentication using Historical Data"
  • Ding Wang and Ping Wang. "On the Implications of Zipf's Law in Passwords"
12:30 - 14:00 Lunch
14:00 - 15:30

Session 3: Encrypted Search

  • Jun Zhou, Zhenfu Cao and Xiaolei Dong. "PPOPM: More Efficient Privacy Preserving Outsourced Pattern Matching"
  • Shi-Feng Sun, Joseph K. Liu, Amin Sakzad, Ron Steinfeld and Tsz Hon Yuen. "An Efficient Non-Interactive Multi-client Searchable Encryption with Support for Boolean Queries"
  • Aggelos Kiayias, Ozgur Oksuz, Alexander Russell, Qiang Tang and Bing Wang. "Efficient Encrypted Keyword Search for Multi-User Data Sharing"
14:00 - 15:30

Session 4: Detection and Monitoring

  • Gábor Pék, Zsombor Lázár, Zoltán Várnagy, Márk Félegyházi and Levente Buttyán. "Membrane: A posteriori detection of malicious code loading by memory paging analysis"
  • Luka Malisa, Kari Kostiainen, Srdjan Capkun and Michael Och. "Mobile Application Impersonation Detection Using Dynamic User Interface Extraction"
  • Qianru Wu, Qixu Liu, Yuqing Zhang, Peng Liu and Guanxing Wen. "A Machine Learning Approach for Detecting Third-Party Trackers on the Web"
15:30 - 16:00 Coffee break
16:00 - 17:30

Session 5: Cryptography for Cloud Computing I

  • Céline Chevalier, Fabien Laguillaumie and Damien Vergnaud. "Privately Outsourcing Exponentiation to a Single Server: Cryptanalysis and Optimal Constructions"
  • Nesrine Kaaniche and Maryline Laurent. "Attribute-based Signatures for supporting Anonymous Certification"
  • Yongge Wang and Qutaibah Malluhi. "Privacy Preserving Computation in Cloud Using Noise-Free Fully Homomorphic Encryption (FHE) Schemes"
16:00 - 17:30

Session 6: Operating Systems Security I

  • Carter Yagemann and Wenliang Du. "Intentio Ex Machina: Android Intent Access Control via an Extensible Application Hook"
  • Xiao Zhang, Yousra Aafer, Kailiang Ying and Wenliang Du. "Hey, You, Get Off of My Image: Detecting Data Residue in Android Images"
  • Nico Weichbrodt, Anil Kurmus, Peter Pietzuch and Rüdiger Kapitza. "AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves"
20:00 Gala dinner

THURSDAY / SEP 29
09:00 - 10:00 Keynote 2: Panagiotis Papadimitratos
"Securing wireless networks: bridging theory and practice"
10:00 - 10:30 Coffee break
10:30 - 12:00

Session 7: Information Flow

  • Nataliia Bielova and Tamara Rezk. "Spot the Difference: Secure Multi-Execution and Multiple Facets"
  • Oliver Woizekowski and Ron van der Meyden. "On Reductions from Multi-Domain Noninterference to the Two-level Case"
  • Marco Vassena, Pablo Buiras, Lucas Waye and Alejandro Russo. "Flexible Manipulation of Labeled Values for Information-Flow Control Libraries"
10:30 - 12:00

Session 8: Attacks

  • Johanna Ullrich and Edgar Weippl. "The Beauty or The Beast? Attacking Rate Limits of the Xen Hypervisor"
  • Nethanel Gelernter and Amir Herzberg. "Autocomplete Injection Attack"
  • Mohamed Sabt and Jacques Traoré. "Breaking Into the KeyStore: A Practical Forgery Attack Against Android KeyStore"
12:00 - 13:30 Lunch
13:30 - 15:00

Session 9: Cryptography for Cloud Computing II

  • Jia Xu, Anjia Yang, Jianying Zhou and Duncan Wong. "Lightweight Delegatable Proofs of Storage"
  • Michael Backes, Amir Herzberg, Aniket Kate and Ivan Pryvalov. "Anonymous RAM"
  • Russell W. F. Lai, Tao Zhang, Sherman S. M. Chow and Dominique Schröder. "Efficient Sanitizable Signatures without Random Oracles"
13:30 - 15:00

Session 10: Leakage Management and Obfuscation

  • Andreas Zankl, Katja Miller, Johann Heyszl and Georg Sigl. "Towards Efficient Evaluation of a Time-Driven Cache Attack on Modern Processors"
  • Michael Goodrich, Evgenios Kornaropoulos, Michael Mitzenmacher and Roberto Tamassia. "More Practical and Secure History-Independent Hash Tables"
  • Brendan Sheridan and Micah Sherr. "On Manufacturing Resilient Opaque Constructs Against Static Analysis"
15:00 - 15:30 Coffee break
15:30 - 17:00

Session 11: Secure Multiparty Computation

  • Michel Abdalla, Mario Cornejo, Anca Nitulescu and David Pointcheval. "Robust Password-Protected Secret Sharing"
  • Niklas Buescher, Andreas Holzer, Alina Weber and Stefan Katzenbeisser. "Compiling Low Depth Circuits for Practical Secure Computation"
  • Xiao Wang, S. Dov Gordon, Allen McIntosh and Jonathan Katz. "Secure Computation of MIPS Machine Code"
15:30 - 17:00

Session 12: Operating Systems Security II

  • Elias Athanasopoulos, Vasileios P. Kemerlis, Georgios Portokalidis and Angelos Keromytis. "NaClDroid: Native Code Isolation for Android Applications"
  • Fabo Wang, Yuqing Zhang, Kai Wang, Peng Liu and Wenjie Wang. "Stay in Your Cage! A Sound Sandbox for Third-Party Libraries on Android"
  • Bahman Rashidi, Carol Fung, Anh Nguyen and Tam Vu. "Android Permission Recommendation Using Transitive Bayesian Inference Model"
17:00 - 17:30 Coffee break
17:30 - 18:30

Session 13: Secure Logging

  • Roel Peeters and Tobias Pulls. "Insynd: Improved Privacy-Preserving Transparency Logging"
  • Benjamin Dowling, Felix Günther, Udyani Herath and Douglas Stebila. "Secure Logging Schemes and Certificate Transparency"
17:30 - 18:30

Session 14: Economics of Security

  • Aron Laszka, Mingyi Zhao and Jens Grossklags. "Banishing Misaligned Incentives for Validating Reports in Bug-Bounty Platforms"
  • Mhr Khouzani, Pasquale Malacaria, Chris Hankin, Andrew Fielder and Fabrizio Smeraldi. "Efficient Numerical Frameworks for Multi-Objective Cyber Security Planning"

FRIDAY / SEP 30
09:00 - 10:00 Keynote 3: Ernesto Damiani
"Controlling Leakage and Disclosure Risk in Big Data applications"
10:00 - 10:30 Coffee break
10:30 - 12:30

Session 15: E-voting and E-commerce

  • Ilias Giechaskiel, Cas Cremers and Kasper B. Rasmussen. "On Bitcoin Security in the Presence of Broken Cryptographic Primitives"
  • Siamak Shahandashti and Feng Hao. "DRE-ip: A Verifiable E-Voting Scheme without Tallying Authorities"
  • Myrto Arapinis, Véronique Cortier and Steve Kremer. "When are three voters enough for privacy properties?"
  • Wacław Banasik, Stefan Dziembowski and Daniel Malinowski. "Efficient Zero-Knowledge Contingent Payments in Cryptocurrencies Without Scripts"
10:30 - 12:30

Session 16: Security of the Internet of Things

  • Andreea-Ina Radu and Flavio D. Garcia. "LeiA: A Lightweight Authentication Protocol for CAN"
  • David J. Wu, Ankur Taly, Asim Shankar and Dan Boneh. "Privacy, Discovery, and Authentication for the Internet of Things"
  • Florian Kohnhäuser and Stefan Katzenbeisser. "Secure Code Updates for Mesh Networked Commodity Low-End Embedded Devices"
  • Kim Thuat Nguyen, Nouha Oualha and Maryline Laurent. "Authenticated Key Agreement mediated by a Proxy Re-encryptor for the Internet of Things"
12:30 - 14:00 Lunch
14:00 - 15:30

Session 17: Data Privacy

  • Joachim Biskup and Marcel Preuß. "Information Control by Policy-Based Relational Weakening Templates"
  • Arthur Gervais, Hubert Ritzdorf, Mario Lucic, Vincent Lenders and Srdjan Capkun. "Quantifying Location Privacy Leakage from Transaction Prices"
  • Tobias Nilges, Joern Mueller-Quade and Valerie Fetzer. "A Formal Treatment of Privacy in Video Data"
14:00 - 15:30

Session 18: Security of Cyber-physical systems

  • Marco Rocchetto and Nils Ole Tippenhauer. "On Attacker Models and Profiles for Cyber-Physical Systems"
  • Vivek Nigam, Carolyn Talcott and Abraão Aires Urquiza. "Towards the Automated Verification of Cyber-Physical Security Protocols: Bounding the Number of Timed Intruders"
  • Cristina Alcaraz and Javier Lopez. "Safeguarding Structural Controllability in Cyber-Physical Control Systems"
15:30 - 16:00 Coffee break
16:00 - 17:30

Session 19: Software Security

  • Daniel Schoepe, Musard Balliu, Frank Piessens and Andrei Sabelfeld. "Let's Face It: Faceted Values for Taint Tracking"
  • Spandan Veggalam, Sanjay Rawat, Istvan Haller and Herbert Bos. “IFuzzer: An Evolutionary Interpreter Fuzzer using Genetic Programming"
  • Patrick Wollgast, Robert Gawlik, Behrad Garmany, Benjamin Kollenda and Thorsten Holz. "Automated Multi-Architectural Discovery of CFI-Resistant Code Gadgets"
16:00 - 17:30

Session 20: Attribute-based cryptography

  • Jianting Ning, Zhenfu Cao, Xiaolei Dong, Junqing Gong and Jie Chen. "Traceable CP-ABE with Short Ciphertexts: How to Catch People Selling Decryption Devices on eBay Efficiently"
  • Hui Cui, Robert H. Deng, Yingjiu Li and Baodong Qin. "Server-Aided Revocable Attribute-Based Encryption"
  • Weiran Liu, Jianwei Liu, Qianhong Wu, Bo Qin and Kaitai Liang. "Online/Offline Public-Index Predicate Encryption for Fine-Grained Mobile Access Control"
18:00 - 22:00

Guided tour to the archaeological Museum of Heraklion