[Om-announce] SEC 2012 - Call for Participation

sara.foresti at unimi.it sara.foresti at unimi.it
Fri Mar 16 15:21:38 CET 2012

[Apologies if you receive multiple copies of this message]


27th IFIP International Information Security and Privacy Conference 
(SEC 2012)
Creta Maris Hotel, Heraklion, Crete, Greece - June 4-6, 2012


The SEC conferences are a series of well-established international
conferences on Security and Privacy organized annually by the Technical
Committee 11 (TC-11) of IFIP (International Federation for 
Information Processing). The conferences aim to bring together primarily 
researchers, but also practitioners from academia, industry and 
governmental institutions to elaborate and discuss IT Security and 
Privacy Challenges that we are facing today and will be facing in the 
future. The 27th IFIP International Information Security and 
Privacy Conference (SEC 2012) will be held in Heraklion, Crete, Greece. 

The conference will be a 3-days event featuring technical presentations 
of 42 papers plus 11 short ones and 2 invited talks.


Registration and accommodation information is available at


Sunday, June 3rd 2012
19:00 - 20:00 Registration


Monday, June 4th 2012
08:30 - 09:30 Registration (cont'd)

09:30 - 10:00 Opening [Apollo East Room]
              Chairperson: D. Gritzalis
- Welcome address 
  (S. Katsikas, Conference General Chair)
- Technical programme overview 
  (S. Furnell, Program Committee co-Chair)
- Local arrangements 
  (N. Kyrloglou and M. Theoharidou, Organizing Committee Chairs)

10:00 - 11:00 Invited talk  [Apollo East Room]
- U. Helmbrecht, Executive Director ENISA (topic TBA)
11:00 - 11:30 Coffee/tea

11:30 - 13:00 Session A1: Attacks and malicious code 
              [Apollo East Room]
- Relay attacks on secure element-enabled mobile devices 
  (M. Roland, J. Langer, J. Scharinger)
- Would you mind forking this process? A denial of service attack on Android
  (A. Merlo, A. Armando, M. Migliardi, L. Verderame)
- An approach to detecting inter-session data flow induced by object pooling
  (B. Berger, K. Sohr)
- Embedded eavesdropping on Java card
  (G. Barbu, C. Giraud, V. Guerin)

11:30 - 13:00 Session B1: Security architectures 
              [Apollo West Room]
- Authenticated Key Exchange (AKE) in delay tolerant networks
  (S.-A. Menesidou, V. Katos)
- OFELIA: A secure mobile attribute aggregation infrastructure 
  for user-centric identity management
  (A. Augusto, M. E. Correia)
- Smart OpenID: A smart card based OpenID protocol 
  (A. Leicher, A. Schmidt, Y. Shah)
- Peer-to-peer botnet detection based on flow intervals
  (D. Zhao, I. Traore, A. Ghorbani, B. Sayed, S. Saad, W. Lu)
13:00 - 14:30 Lunch

14:30 - 16:00 Session A2: System security 
              [Apollo East Room]
- Towards a universal data provenance framework using dynamic instrumentation
  (E. Gessiou, V. Pappas, E. Athanasopoulos, A. Keromytis, S. Ioannidis)
- Improving flask implementation using hardware assisted in-VM isolation
  (B. Ding, F. Yao, Y. Wu, Y. He)
- HyperForce: Hypervisor-enforced execution of security-critical code
  (F. Gadaleta, N. Nikiforakis, J.-T. Muehlberg, W. Joosen)
- RandHyp: Preventing attacks via Xen Hypercall interface
  (F. Wang, P. Chen, B. Mao)

14:30 - 16:00 Session B2: Access control 
              [Apollo West Room]
- Role mining under role-usage cardinality constraint
  (J. John, S. Sural, V. Atluri, J. Vaidya)
- HIDE DHCP: Covert communications through network configuration messages
  (R. Rios, J. Onieva, J. Lopez)
- Handling stateful firewall anomalies
  (F. Cuppens, N. Cuppens, J. Garcia-Alfaro, T. Moataz, X. Rimasson)
- A framework for threat assessment in access control systems 
  (H. Khambhammettu, S. Boulares, K. Adi, L. Logrippo)

16:00 - 16:30 Coffee/tea

16:30 - 17:30 Session A3: Database security 
              [Apollo East Room]
- Support for write privileges on outsourced data
  (S. De Capitani di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, 
   P. Samarati)
- Malicious users' transactions: Tackling insider threat
  (Q. Yaseen, B. Panda, W. Li)
- Authorization policies for materialized views
  (S. Nait-Bahloul, E. Coquery, M.-S. Hacid)  short paper

16:30 - 17:30 Session B3: Privacy attitudes and properties 
              [Apollo West Room]
- Privacy-preserving television audience measurement using smart TVs
  (G. Drosatos, A. Tasidou, P. Efraimidis)
- Tracking users on the Internet with behavioral patterns: 
  Evaluation of its practical feasibility
  (C. Banse, D. Herrmann, H. Federrath)
- Smartphone Forensics: A proactive Investigation scheme for 
  evidence acquisition 
  A. Mylonas, V. Meletiadis, B. Tsoumas, L. Mitrou)

20:00 Conference Dinner (place TBA)


Tuesday, June 5th 2012

09:00 - 10:00 Invited talk (speaker and topic TBA) [Apollo East Room]
              Chairperson: S. Furnell

10:00 - 11:00 Session A4: Social networks and social engineering 
              [Apollo East Room]
- Modelling social engineering botnet dynamics across 
  multiple social networks
  (S. Li, X. Yun, Z. Hao, Y. Zhang, X. Cui)
- Layered analysis of security ceremonies
  (G. Bella, L. Coles-Kemp)
- Enhancing the security of on-line transactions with CAPTCHA keyboard
  (Y. Wu, Z. Zhao) short paper

10:00 - 11:00 Session B4: Applied Cryptography, Anonymity and Trust 
              [Apollo West Room]
- A small depth-16 circuit for the AES S-Box
  (J. Boyar, R. Peralta)
- Formal verification of the mERA-based eServices with trusted third 
  party protocol
  (M. Christofi, A. Gouget)
- Fighting pollution attack in peer-to-peer streaming networks: 
  A trust management approach
  (X. Kang, Y. Wu) short paper

11:00 - 11:30 Coffee/tea

11:30 - 13:00 Session A5: Usable security
              [Apollo East Room]
- My authentication album: Adaptive images-based login mechanism
  (A. Herzberg, R. Margulies)
- Balancing security and usability of local security mechanisms 
  for mobile devices
  (S. Yang, G. Bal)
- Analyzing value conflicts for a work-friendly ISS policy implementation 
  (E. Kolkowska, B. De Decker)
- When convenience trumps security. 
  Defining objectives for security and usability of systems
  (G. Dhillon, T. Oliveira, S. Susarapu, M. Caldeira)

11:30 - 13:00 Session B5: Security and trust models
              [Apollo West Room]
- Security-by-contract for the OSGi platform 
  (A. Philippov, O. Gadyatskaya, F. Massacci)
- Cyber weather forecasting: Forecasting unknown Internet worms 
  using randomness analysis
  (H. Park, S.-O. David Jung, H. Lee, H. Peter In)
- Incentive compatible moving target defense against 
  VM-colocation attacks in Clouds 
  (Y. Zhang, M. Li, K. Bai, M. Yu, W. Zang)
- Give rookies a chance: A trust-based institutional 
  online supplier auto-selection framework
  (H. Jiao, J. Liu)

13:00 - 14:30 Lunch

14:30 - 15:30 Session A6: Short papers
              [Apollo East Room]              
- A framework for anonymizing GSM calls over a smartphone VoIP network
  (I. Psaroudakis, V. Katos, P. Efraimidis)
- A browser-based distributed system for the detection of 
  HTTPS stripping attacks against web pages
  (M. Prandini, M. Ramilli)
- Privacy-preserving mechanisms for organizing tasks in a 
  pervasive eHealth system
  (M. Milutinovic, V. Naessens, B. De Decker)
- Web services security assessment: An authentication-focused approach
  (Y. Soupionis, M. Kandias)

14:30 - 15:30 Session A7: Short papers
              [Apollo West Room]
- Open issues and proposals in the IT security management of commercial ports
  (N. Polemi, T. Ntouskas)
- A response strategy model for intrusion response systems
  (N. Anuar, M. Papadaki, S. Furnell, N. Clarke)
- Intrusion tolerance of stealth DoS attacks to web services 
  (M. Ficco, M. Rak)
- Balancing security and usability of local security mechanisms 
  for mobile devices
  (C. Grompanopoulos, I. Mavridis)

16:00 - 16:30 Coffee/tea

16:30 Cultural event (optional)


Wednesday, June 6th 2012

09:30 - 11:00 Session A7: Security economics
              [Apollo East Room]
- A game-theoretic formulation of security investment decisions 
  under ex-ante regulation
  (G. D' Acquisto, M. Flamini, M. Naldi)
- Optimizing network patching policy decisions
  (Y. Beres, J. Griffin)
- A risk assessment method for smartphones
  (M. Theoharidou, A. Mylonas, D. Gritzalis)
- Empirical benefits of training to phishing susceptibility
  (R. Dodge, K. Coronges, E. Rovira)

09:30 - 11:00 Session B7: Authentication and delegation
              [Apollo West Room]
- Multi-modal behavioral biometric authentication for mobile devices
  (H. Saevanee, N. Clarke, S. Furnell)
- Analysis and modelling of false synchronizations in 
  3G-WLAN integrated networks
  (C. Ntantogian, C. Xenakis, I. Stavrakakis)
- Smart card authentication against off-line dictionary attacks
  (Y. Wang)
- Distributed path authentication for dynamic RFID-enabled supply chains 
  (S. Cai, Y. Li, Y. Zhao)
- Enhanced dictionary based rainbow table
  (V. Thing, H.-M. Ying)

11:00 - 11:30 Coffee/tea

11:30 - 12:30 Closing [Apollo East Room]
              Chairperson: D. Gritzalis
- Best student paper award, S. Furnell
- Presentation of SEC-2013 (New Zealand), L. Janczewski        


Additional information about the conference can be found at
For information regarding the conference you may contact: info at sec2012.org

More information about the Om-announce mailing list