[Om-announce] IFIP TC-11 SEC 2017 - Preliminary Call for Participation

IFIP SEC 2017 sec2017 at unimi.it
Wed Apr 5 10:42:22 CEST 2017

**** Apologies for multiple copies ****


32nd IFIP TC-11 SEC 2017 International Information Security and Privacy Conference
Rome, Italy, May 29 - 31, 2017 - http://ifipsec.org/2017/


The IFIP SEC conference is the flagship event of the International
Federation for Information Processing (IFIP) Technical Committee 11 on
Security and Privacy Protection in Information Processing Systems
(TC-11, www.ifiptc11.org). The 32nd IFIP SEC edition will be held in Rome, 
at the premises of the National Research Council of Italy.  

Topics of interest include, but are not limited to:

- Access control and authentication
- Applied cryptography
- Audit and risk analysis
- Biometrics
- Big data security and privacy
- Cloud security and privacy
- Critical infrastructure protection
- Cyber-physical systems security
- Data protection
- Data and applications security
- Digital forensics
- Human aspects of security and privacy
- Identity management
- Information security education
- Information security management
- Information technology mis-use and the law
- Managing information security functions
- Mobile security
- Multilateral security
- Network & distributed systems security
- Privacy protection and Privacy-by-design
- Privacy enhancing technologies
- Security and privacy in crowdsourcing
- Security and privacy in pervasive systems
- Security and privacy in the Internet of Things
- Security and privacy policies
- Surveillance and counter-surveillance
- Trust management
- Usable security

Sara Foresti, Universita' degli Studi di Milano, Italy
Luigi V. Mancini, University of Roma "La Sapienza", Italy

Sabrina De Capitani di Vimercati, Universita' degli Studi di Milano, Italy
Fabio Martinelli, National Research Council of Italy (CNR), Italy

Giovanni Livraga, Universita' degli Studi di Milano, Italy

Adriana Lazzaroni, National Research Council of Italy (CNR), Italy

Available on the web site http://ifipsec.org/2017/

Registration is now open through the web site: 
(early registration till May 10).

PROGRAM (Preliminary)
Out of 199 submissions, IFIP SEC PC selected 38 papers for presentation 
during the conference. The program is also complemented by three 
Keynote Speeches.


8.50 - 9.00: Opening 

9.00 - 10.00: Keynote

10.00 - 10.30: Coffee Break

10.30 - 12.35: SESSION 1 - Network security and cyber attacks 

Wilfried Mayer and Martin Schmiedecker
Turning Active TLS Scanning to Eleven

Tulio A. Pascoal, Yuri Gil Dantas, Iguatemi E. Fonseca and Vivek Nigam
Slow TCAM Exhaustion DDoS Attack

Gheorghe Hajmasan, Alexandra Mondoc, Radu Portase, Octacian Cret
Evasive Malware Detection using Groups of Processes

Michael Denzel, Mark Ryan and Eike Ritter
A Malware-Tolerant, Self-Healing Industrial Control System Framework

David Myers, Kenneth Radke, Suriadi Suriadi and Ernest Foo
Process Discovery for Industrial Control System Cyber Attack Detection

14:00 - 15:40: SESSION 2 - Security and privacy in social applications and cyber 
attacks defense

Pablo Picazo-Sanchez, Raul Pardo and Gerardo Schneider
Secure Photo Sharing in Social Networks

Lin Yuan, Joel Theytaz and Touradj Ebrahimi
Context-Dependent Privacy-Aware Photo Sharing based on Machine Learning

Khondker Jahid Reza, Md Zahidul Islam and Vladimir Estivill-Castro
3LP: Three Layers of Protection for Individual Privacy in Facebook

Warren J. Connell, Massimiliano Albanese and Sridhar Venkatesan
A Framework for Moving Target Defense Quantification

15:40 - 16:10: Coffee Break

16:10 - 17:25 SESSION 3 - Private queries and aggregations 

Ruben Rios, David Nunez and Javier Lopez
Query Privacy in Sensing-as-a-Service Platforms

Hafiz Asif, Jaideep Vaidya, Basit Shafiq and Nabil Adam
Secure and Efficient k-NN Queries

Stephane Grumbach, Robert Riemann
Secure and Trustable Distributed Aggregation based on Kademlia

19:30 - 23:00 Concert and Social Dinner


9.00 - 10.00: Keynote

10.00 - 10.30: Coffee Break

10.30 - 12.35: SESSION 4 - Operating system and firmware security 

Roberto Di Pietro, Federico Franzoni and Flavio Lombardi
HyBIS: Advanced Introspection for Effective Windows Guest Protection

Mariem Graa, Nora Cuppens, Frederic Cuppens, Jean-Louis Lanet and Routa Moussaileb
Detection of Side Channel Attacks based on Data Tainting in Android Systems

Minsik Shin, JungBeen Yu, Youngjin Yoon and Taekyoung Kwon
The Fuzzing Awakens: File Format-Aware Mutational Fuzzing on Smartphone Media Server Daemons

Andrei Costin, Apostolis Zarras and Aurelien Francillon
Towards Automated Classification of Firmware Images and Identification of Embedded Devices

Andreas Fuchs, Christoph Krauß and Jürgen Repp
Runtime Firmware Product Lines using TPM2.0

12.35 - 14.00: Lunch Break

14:00 - 15:40: SESSION 5 - User authentication and policies 

Lydia Kraus, Robert Schmidt, Marcel Walch, Florian Schaub and Sebastian Moller
On the Use of Emojis in Mobile Authentication

David Lorenzi, Jaideep Vaidya, Achyuta Aich, Shamik Sural, Vijay Atluri and Joseph Calca
EmojiTCHA: Using Emotion Recognition to Tell Computers and Humans Apart

Umberto Morelli and Silvio Ranise
Assisted Authoring, Analysis and Enforcement of Access Control Policies in the Cloud

Joseph Hallett and David Aspinall
Capturing Policies for BYOD

15:40 - 16:10 Coffee Break

16:10 - 17:50 SESSION 6 - Applied cryptography and voting schemes 

Jean-Francois Couchot, Raphael Couturier and Michel Salomon
Improving Blind Steganalysis in Spatial Domain using a Criterion to Choose the Appropriate 
Steganalyzer between CNN and SRM+EC

Lina Nouh, Ashkan Rahimian, Djedjiga Mouheb, Mourad Debbabi and Aiman Hanna
BinSign: Fingerprinting Binary Functions to Support Automated Analysis of Code Executables

Cecilia Pasquini, Pascal Schoettle and Rainer Boehme
Decoy Password Vaults: At Least As Hard As Steganography?

Stephan Neumann,  Manuel Noll and  Melanie Volkamer 
Election-Dependent Security Evaluation of Internet Voting Schemes


9.00 - 10.00: Keynote

10.00 - 10.30: Coffee Break

10.30 - 12.35: SESSION 7 - Software security and privacy 

Julian Kirsch, Clemens Jonischkeit, Thomas Kittel, Apostolis Zarras and Claudia Eckert
Combating Control Flow Linearization

Jeffrey Avery and Eugene H. Spafford
Ghost Patches: Fake Patches for Fake Vulnerabilities

Hongfa Xue, Yurong Chen, Fan Yao, Yongbo Li, Tian Lan and Guru Venkataramani
SIMBER: Eliminating Redundant Memory Bound Checks via Statistical Inference

Rene Meis and Maritta Heisel
Towards Systematic Privacy and Operability (PRIOP) Studies

Thibaud Antignac, David Sands and Gerardo Schneider
Data Minimisation: a Language-Based Approach

12.35 - 14.00: Lunch Break

14:00 - 15:40: SESSION 8 - Privacy

Jun Wang and Qiang Tang
Differentially Private Neighborhood-based Recommender Systems

Somayeh Taheri, Md Morshedul Islam and Reihaneh Safavi-Naini
Privacy-enhanced Profile-based Authentication using Sparse Random Projection

Vasiliki Diamantopoulou, Christos Kalloniatis, Stefanos Gritzalis and Haralambos Mouratidis
Supporting Privacy by Design using Privacy Process Patterns

Edoardo Serra, Jaideep Vaidya, Haritha Akella and Ashish Sharma
Evaluating the Privacy Implications of Frequent Itemset Disclosure

15:40 - 16:10 Coffee Break

16:10 - 17:50 SESSION 9 - Digital Signature, risk management, and code reuse attacks 

Jihye Kim and Hyunok Oh
Forward-Secure Digital Signature Schemes with Optimal Computation and Storage of Signers

Alessio Merlo and Gabriel Claudiu Georgiu
RiskInDroid: Machine Learning-based Risk Analysis on Android

Ahmed Seid Yesuf, Jetzabel Serna-Olvera and Kai Rannenberg
Using Fraud Patterns for Fraud Risk Assessment of E-services

Liwei Chen, Mengyu Ma, Wenhao Zhang, Gang Shi and Dan Meng
Gadget Weighted Tagging: A Flexible Framework to Protect Against Code Reuse Attacks

More information about the Om-announce mailing list