Monday, Sep 08, 2014

Registation for all events - R

4th IFIP International Workshop on Security and Cognitive Informatics for Homeland Defense - SeCIHD I

• Invited talks
  
  Trust Extension Protocol for Authentication in Networks Oriented to Management (TEPANOM)
  Antonio J. Jara
  
  Feature Grouping for Intrusion Detection System based on Hierarchical Clustering
  Jingping Song, Zhiliang Zhu, Chris Price

Information and Participation for Response and Recovery - RISI I

1. Organizing On-Site Volunteers: An App-based Approach
   Stefan Sackmann, Marlen Hofmann, Hans J. Betke
2. Visualization of Recovery Situation in Disaster Area By Using Web Reservation Data
   Yu Ichifuji, Noboru Sonehara

Secure Software Architectures - SAW I

1. Vulnerability-based Security Pattern Categorization in Search of Missing Patterns
   Priya Anand, Jung Woo Ryoo, Rick Kazman
2. Building Sustainable Software by Preemptive Architectural Design Using Tactic-Equipped Patterns
   Dae-kyoo Kim, Jungwoo Ryoo, Suntae Kim
3. Using Assurance Cases to Develop Iteratively Security Features Using Scrum
   Lotfi ben Othmane, Pelin Angin, Bharat Bhargava

Coffee Break - CB

4th IFIP International Workshop on Security and Cognitive Informatics for Homeland Defense - SeCIHD II

1. One-time biometrics for Online Banking and Electronic Payment Authentication
   Aude Plateaux, Patrick Lacharme, Audun Josang, Christophe Rosenberger
2. PrivacyFrost2: A Efficient Data Anonymization Tool Based on Scoring Functions
   Shinsaku Kiyomoto, Yutaka Miyake
3. Crypto-biometric models for information secrecy
   Marek Ogiela, Lidia Ogiela, Urszula Ogiela
4. Building an Initialization Cipher Block with Two-Dimensional Operation and Random Parameters
   Yi-Li Huang, Fang-Yie Leu, Jing-Hao Yang

k-Anonymization for Information Sharing - RISI II

1. A k-anonymity method based on the statistics of search engine queries, for disaster impact statements
   Noboru Sonehara, Hidenobu Oguri
2. A System for Anonymizing Temporal Phrases of Message Posted in Online Social Networks and for Detecting Disclosure
   Hoang-Quoc Nguyen-Son, Minh-Triet Tran, Hiroshi Yoshiura, Noboru Sonehara, Isao Echizen
3. Effects of External Information on Anonymity and Role of Transparency with Example of Social Network De-anonymisation
   Haruno Kataoka, Yohei Ogawa, Isao Echizen, Tetsuji Kuboyama, Hiroshi Yoshiura

Software Security Analysis - SAW II

1. LiSTT: An Investigation into Unsound-incomplete Yet Practical Result Yielding Static Taintflow Analysis
   Marie-Laure Potet, Laurent Mounier, Sanjay Rawat
2. Visualization of Security Metrics for Cyber Situation Awareness
   Igor Kotenko, Evgenia Novikova

Lunch - L

Best Paper Session - ARES Full I

1. A New Access Control Scheme for Facebook-style Social Networks
   Jun Pang, Yang Zhang
2. No Smurfs: Revealing Fraud Chains in Mobile Money Transfers
   Maria Zhdanova, Jürgen Repp, Roland Rieke, Chrystel Gaber, Baptiste Hemery
3. BitTorrent Sync: Network Investigation Methodology
   Mark Scanlon, Jason Farina, M-Tahar Kechadi

Coffee Break - CB

4th IFIP International Workshop on Security and Cognitive Informatics for Homeland Defense - SeCIHD III

1. Expert Knowledge based Design and Verification of Secure Systems with Embedded Devices
   Vasily Desnitsky, Igor Kotenko
2. Towards to analyze sophisticated Attacks, with conditional probability, genetic algorithm and a crime function
   Wolfgang BOEHMER
3. Detection of Malicious Web Pages using System Calls Sequences
   Gerardo Canfora, Francesco Mercaldo, Eric Medvet, Corrado Aaron Visaggio
4. Risk Reduction Overview: A visualization method for risk management
   Hellen Havinga, Olivier Sessink

Mobile Security & Attack Prevention - ARES Full II

1. Divide-and-Conquer: Why Android Malware cannot be stopped
   Dominik Maier, Tilo Müller, Mykola Protsenko
2. DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android
   Siegfried Rasthofer, Steven Arzt, Enrico Lovat, Eric Bodden
3. Lobotomy: An Architecture for JIT Spraying Mitigation
   Martin Jauernig, Matthias Neugschwandtner, Paolo Milani-Comparetti, Christian Platzer



Resilient Networks - RISI III

• RISI Keynote: Risk-Aware Design and Management of Resilient Networks
  Prof. Dr. Piotr Cholda, Department of Telecommunications, AGH University of Science and Technology, Krakow, Poland
  
  The Keynote presents a current view on the design of networks resilient to non-malicious failures supported by risk engineering.

Tuesday, Sep 09, 2014

Registation for all events - R

Keynote I - Bart Preneel, Katholieke Universiteit Leuven, Belgium - Keynote

Coffee Break - CB

4th IFIP International Workshop on Security and Cognitive Informatics for Homeland Defense - SeCIHD IV

1. Towards a Key Consuming Detection in QKD-VoIP Systems
   Guohong Zhao, Wanrong Yu, Baokang Zhao, Chunqing Wu
2. A Structure P2P and Semantic based Web Service Registry System
   Qian He, Baokang Zhao, Yunjian Long, Jinshu Su, Ilsun You
3. A High-Speed Network Content Filtering System
   Guohong Zhao, Shuhui Chen, Baokang Zhao, Ilsun You, Jinshu Su, Wanrong Yu
4. Amplication DDoS Attacks: Emerging Threats and Defense Strategies
   Clara Maria Colombini, Antonio Colella

Knowledge Management - CD-ARES I

1. Argumentation-based group decision support for collectivist communities
   Marijke Coetzee
2. A Knowledge Integration approach for Safety-Critical Software Development and Operation based on the Method Architecture
   Shuichiro Yamamoto
3. Metrics-based incremental determinization of finite automata
   Sergiu Balan, Gianfranco Lamperti, Michele Scandale

Ontologies & Integrated Devices - ARES Short I

1. EM Leakage of RFID Devices - Comparison of Two Measurement Approaches
   Thomas Korak, Thomas Plos
2. Supporting Security Automation for Multi-Chassis Link Aggregation Groups via the Interconnected-asset Ontology
   Henk Birkholz, Ingo Sieverdingbeck
3. Concurrent Queries in Location Based Services
   Emad Elabd, Mohand-Said Hacid

Lunch - L

7th International Workshop on Digital Forensics - WSDF

1. Real-time screen watermarking using overlaying layer
   Maciej Piec, Andreas Rauber
2. An Efficient Intrinsic Authorship Verification Scheme Based on Ensemble Learning
   Martin Steinebach, Oren Halvani
3. Efficient Cropping-Resistant Robust Image Hashing
   York Yannikos, Martin Steinebach, Huajian Liu

Secure Protocols - ARES Full III

1. A Formal Model and Analysis of the MQ Telemetry Transport Protocol
   Benjamin Aziz
2. Practical Attack on Bilinear Pairings to Disclose the Secrets of Embedded Devices
   Thomas Unterluggauer, Erich Wenger
3. A Model-based Security Toolkit for the Internet of Things
   Ricardo Neisse, Igor Nai Fovino, Gianmarco Baldini, Vera Stavroulaki, Panagiotis Vlacheas, Raffaele Giaffreda

Software Security - CD-ARES II

1. Towards Developing Secure Software using Problem-oriented Security Patterns
   Azadeh Alebrahim, Maritta Heisel
2. Visual Analytics for Detecting Anomalous Activity in Mobile Money Transfer Services
   Igor Kotenko , Evgenia Novikova
3. A review of Security Requirements Engineering methods with respect to Risk Analysis and Model-Driven Engineering
   Denisse Munante, Vanea Chiprianov, Laurent Gallon, Philippe Aniorte

Coffee Break - CB

Mobile and Social Computing - CD-ARES III

1. Mobile Computing is not Always Advantageous: Lessons Learned from a Real-World Case Study in a Hospital
   Andreas Holzinger, Bettina Sommerauer, Peter Spitzer, Simon Juric, Carsten Röcker, Martina Ziefle
2. Adaptive User-Centered Security
   Sven Wohlgemuth
3. Semantic-aware Mashups for Personal Resources in SemanticLIFE and SocialLIFE
   Sao-Khue VO, Amin Anjomshoaa, A Min Tjoa
4. Towards Interactive Visualization of Longitudinal Data to support Knowledge Discovery on Multi-Touch Tablet Computers
   Andreas Holzinger, Michael Schwarz, Bernhard Ofner, Fleur Jeanquartier, Carsten Roecker, Martina Ziefle

Session I - RAMSS I

1. Practical Applications of Advanced Statistical Models in Reliability Data Analysis
   Vasiliy Krivtsov, Olexandr Yevkin
2. Stochastic Model for Medical Image Segmentation
   Zeev Volkovich, Zeev Barzily, Mingyue Ding
3. Fast Monte Carlo simulation methods adapted to simple Petri net models
   Laurent Bordes, Stéphane Collas, Maïder Estecahandy, Christian Paroissin
4. Monte-Carlo based reliability modelling of a gas network using graph theory approach
   Pavel Praks, Vytis Kopustinskas

Trust & Availability - ARES Full IV

1. Rethread: A Low-cost Transient Fault Recovery Scheme for Multithreaded Processors
   Jian Fu, Qiang Yang, Raphael Poss, Chris Jesshope, Chunyuan Zhang
2. Visualizing Transaction Context in Trust and Reputation Systems
   Johannes Sänger, Günther Pernul
3. Enhanced Configuration Generation Approach for Highly Available COTS Based Systems
   Parsa Pourali, Maria Toeroe, Ferhat Khendek
4. Phishdentity: Leverage Website Favicon to Offset Polymorphic Phishing Website
   Jeffrey Soon Fatt Choo, Kang Leng Chiew, San Nah Sze

Wednesday, Sep 10, 2014

Registation for all events - R

Keynote II - Volkmar Lotz, SAP Research, Germany - Keynote

Coffee Break - CB

2nd International Workshop on Emerging Cyberthreats and Countermeasures - ECTCM I

1. The SMM Rootkit Revisited: Fun with USB
   Joshua Schiffman, David Kaplan
2. Towards a Hardware Trojan Detection Cycle
   Edgar Weippl, Johanna Ullrich, Katharina Krombholz, Heidelinde Hobel, Adrian Dabrowski
3. PhiGARo: Automatic Phishing Detection and Incident Response Framework
   Jakub Cegan, Martin Husák



ARES Industrial Track - ARES-IND I

• ARES-IND Keynote Speech: Cloud Security Issues for SMEs
  Gerald Quirchmayr, University of Vienna and University of South Australia
  
  Abstract: Cloud computing is a very cost effective technology that already has a great impact on business applications, especially for small and medium size enterprises. While the technology itself comes at a very low cost for users and frees them from having to bother with the maintenance of infrastructures and software, the security aspects lead to considerable challenges. Given the requirements imposed by privacy and other legislation, many small and medium size enterprises consequently wonder whether cloud technology is really the best solution for them. This talk therefore aims at giving an overview of the most relevant technical, organizational and legal issues and points to some selected solutions for small and medium size enterprises.

Security & Privacy - ARES Short II

1. What does the Fox Say? On the Security Architecture of Firefox OS.
   Marta Piekarska, Bhargava Shastry, Ravishankar Borgaonkar
2. Palpable Privacy through Declarative Information Flows Tracking for Smart Buildings
   François Lesueur , Sabina Surdu, Romuald Thion, Yann Gripay, Meriam Ben Ghorbel-Talbi
3. Privacy Dashboards: Reconciling data-driven business models and privacy
   Christian Zimmermann, Rafael Accorsi, Günter Müller
4. Healthcare Services in the Cloud - Obstacles to Adoption, and a Way Forward
   Karin Bernsmed, Daniela Soares Cruzes, Martin Gilje Jaatun, Børge Haugset, Erlend Andreas Gjære

Session II - RAMSS II

1. Performance Determination for MSS Manufacturing System by Lz-transform and Stochastic Processes Approach
   Ilia Frenkel, Anatoly Lisnianski, Svetlana Daichman, Lev Khvatskin, Neta Avraham, Oshrit Zihry
2. On Availability Comparison of Reservation Modes for Multi-state Air Conditioning Systems using Markov Approach
   Lev Khvatskin, Ilia Frenkel
3. Semi-Markov Modelling for Multi-State Systems
   Andreas Makrides, Alex Karagrigoriou, Vlad Stefan Barbu
4. Optimizing the availability and the operational cost of a periodically inspected multi-stage deteriorating system with condition based maintenance policies
   Sonia Malefaki, Vasilis Koutras, Agapios Platis

ARES Industrial Track - ARES-IND I

1. Fighting Botnets with Cyber-Security Analytics
   Beatriz Gallego-Nicasio Crespo, Alan Garwood
2. Network Security Analysis Using Behavior History Graph
   Mirko Sailio, Matti Mantere, Sami Noponen

Lunch - L

2nd International Workshop on Emerging Cyberthreats and Countermeasures - ECTCM II

1. Performance Measures of Behavior-based Signatures - An Anti-malware Solution for Platforms with Limited Computing Resource
   Yanzhen Qu, Kelly Hughes
2. Network Security Monitoring in a Small-Scale Smart-Grid Laboratory
   Matti Mantere, Sami Noponen, Pia Olli, Jarno Salonen
3. Increasing the Resilience and Trustworthiness of OpenID Identity Providers for Future Networks and Services
   Eduardo Feitosa, Diego Kreutz, Hugo Cunha, Heiko Niedermayer, Holger Kinkelin



ARES Industrial Track - ARES-IND III

• ARES-IND Tutorial: Open Source Information Analysis
  Gerhard Backfried, SAIL LABS Technology and Gerald Quirchmayr, University of Vienna
  
  Abstract: This tutorial will start with an overview of issues related to open source information analysis. It will then go deeper into the Sail Labs Media Mining System and the underlying technology. After discussing the architexture and functionality and giving some examples of current applications of the system, a case study on the use of the systems application in the context of the QuOIMA project will be presented.

Session III - RAMSS III

1. Analysis of Algorithms for Computation of Direct Partial Logic Derivatives in Multiple-Valued Decision Diagrams
   Jozef Kostolny, Miroslav Kvassay, Elena Zaitseva
2. A Comparative Study of Control Charts for Zero-Inflated Binomial Processes
   Athanasios Rakitzis, Petros Maravelakis, Philippe Castagliola
3. Statistical Inference for Heavy-Tailed Distributions in Technical Systems
   Alex Karagrigoriou, Ilia Vonta
4. On Sensitivity of Reliability Models to the Shape Of Life and Repair Time Distributions
   Vladimir Rykov, Dmitry Efrosinin, Vladimir Vishnevskiy

Software Security & Authentication - ARES Short III

1. Continuous and Non-Intrusive Reauthentication of Web Sessions based on Mouse Dynamics
   Eric Medvet, Alberto Bartoli, Francesca Boem, Fabiano Tarlao
2. Verification of Implementing Security Design Patterns Using a Test Template
   Masatoshi Yoshizawa, Takanori Kobashi, Nobukazu Yoshioka, Takao Okubo, Haruhiko Kaiya, Hironori Washizaki, Yoshiaki Fukazawa
3. An Incident Management Ontology
   David Mundie, Samuel Perl, Ruefle Robin
4. AES-SEC: Improving software obfuscation through hardware-assistance
   Sebastian Schrittwieser, Stefan Katzenbeisser, Georg Merzdovnik, Peter Kieseberg, Edgar Weippl

Coffee Break - CB

Keynote III - Allison Mankin, Director of Verisign Labs, Verisign, Inc., US - Keynote

Thursday, Sep 11, 2014

Registation for all events - R

9th International Workshop on Frontiers in Availability, Reliability and Security - FARES I

1. A Usable Android Application Implementing Distributed Cryptography For Election Authorities
   Stephan Neumann, Oksana Kulyk, Melanie Volkamer
2. Complete SIP message obfuscation: PrivaSIP over Tor
   Georgios Karopoulos, Alexandros Fakis, Georgios Kambourakis
3. Privacy Preservation in Location-based Mobile Applications: Research Directions
   Asma Patel, Esther Palomar
4. Challenges of Composing XACML Policies
   Bernard Stepien, Amy Felty, Stan Matwin

International Workshop on Security in Air Traffic Management and other Critical Infrastructures - SecATM I

1. EMFASE - An Experimental Framework for Security Design and Economic Trade-Off
   Fabio Massacci, Federica Paci, Bjornar Solhaug, Alessandra Tedeschi
2. The Social Acceptance of the Passivation of Misused Aircraft
   Ana P. G. Martins
3. Mathematical Modelling in Air Traffic Management Security
   Denis Kolev, Evgeniy Morozov
4. A Relative Cost-Benefit Approach for Evaluating Alternative Airport Security Policies
   Alessandro Pollini, Alessandra Tedeschi, Fabio Massacci, Woohyun Shim

International Workshop on Security of Mobile Applications I - IWSMA I

1. A Trust Management based Security Mechanism against Collusion Attacks in a MANET Environment
   Aida Ben Chehida Douss, Ryma Abassi, Sihem Guemara EL Fatmi
2. A Resource-optimized Approach to Efficient Early Detection of Mobile Malware
   Jelena Milosevic, Andreas Dittrich, Miroslaw Malek, Alberto Ferrante
3. An Improved Role-based Access to Android Applications with JCHR
   Stefano Bistarelli, Gianpiero Costantino, Fabio Martinelli, Francesco Santini

Coffee Break - CB

9th International Workshop on Frontiers in Availability, Reliability and Security - FARES II

1. EmailCloak: A Practical and Flexible Approach to Improve Email Privacy
   Italo Dacosta, Andreas Put, Bart De Decker
2. Quality Matters: Systematizing Quality Deficiencies in the Documentation of Business Security Requirements
   Christian Sillaber, Ruth Breu
3. Evaluating the effectiveness of ISO 27001:2013 based on Annex A
   Bahareh Shojaie, Hannes Federrath, Iman Saberi
4. A Proposal for an Unified Identity Card for Use in an Academic Federation Environment
   Felipe Coral Sasso, Jean Everson Martina, Ricardo Alexandre Reinaldo de Moraes

International Workshop on Security in Air Traffic Management and other Critical Infrastructures - SecATM II

1. Design-in security for air traffic control
   Martin Hawley, Karol Gotz, John Hird, Chris Machin
2. Learn to SWIM
   Matias Krempel , Martin Gilje Jaatun
3. Security Situation Management
   Rainer Koelle

International Workshop on Security of Mobile Applications II - IWSMA II

1. Qualified Electronic Signature via SIM Card Using JavaCard 3 Connected Edition Platform
   Adam Pomothy, Jakub Breier

International Workshop on Security of Mobile Applications III - IWSMA III

• Panel Discussion: Future Topics in Mobile Security

Lunch - L

(ISC)2 SecureFribourg - Seminar

• (ISC)2 SecureFribourg (free for ARES delegates)
  What do we really know about our Security Position?