Annual Computer Security Applications Conference (ACSAC) 2016
 OpenConf Peer Review & Conference Management System

Monday, 5 December 2016
7:30am-8:30am
(Sierra A)
8:30am-12:00pm
Club RoomHiroMandarinSalon 5Salon 6ASalon 6BSalon 8

Two Day

Instructors: Kevin Nauer and SeanMichael Galvin, Sandia National Labs

Two Day

Rance J. DeLong, consultant, LAW General Chair
Gabriela Ciocarlie, SRI International, LAW Program Chair

Two Day

J. Todd McDonald, University of South Alabama, SSPREW General Chair.

Mila Dalla Preda, University of Verona, Italy, SSPREW Program Co-chair.

Natalia Stakhanova, University of New Brunswick, Canada, SSPREW Program Co-chair.

Zinaida Benenson, Univ. of Erlangen-Nurnberg, Program Co-Chair
Carrie Gates, Independent Consultant, Program Co-Chair

Giampaolo Bella, Univ. of Catania, Workshop Organizer
Gabriele Lenzini, Univ. of Luxembourg, Workshop Organizer

 

Full Day

Giovanni Russello, University of Auckland

Full Day

Paolina Centonze, Iona College

Full Day

Fish (Ruoyu) Wang, Yan Shoshitaishvili, and Chris Salls, UC Santa Barbara
12:00pm-1:30pm
(Sierra A)
1:30pm-5:00pm
Club RoomHiroMandarinSalon 5Salon 6ASalon 6BSalon 8

(continues from the morning)

(continues from morning session)

 

(continues from the morning)

(continues from morning session)

 

(continues from the morning)

 

(continues from the morning)

 

(continues from the morning)
Tuesday, 6 December 2016
7:30am-8:30am
(Sierra A)
8:30am-12:00pm
Club RoomHiroMandarinSalon 5Salon 6ASalon 6BSalon 8

(continues from the previous day)

(continues from previous day)

(continues from the previous day)

Half Day

Kurt Rohloff, New Jersey Institute of Technology

Harvey Rubinovitz, The MITRE Corporation, ICSS General Co-chair.
Adam Hahn, Washington State University, ICSS General Co-chair.

Irfan Ahmed, The University of New Orleans, ICSS Program Chair.

Full Day

Craig Smith, Theia Labs and Brendan Harris, US Dept. of Transportation Volpe Center

Full Day

John Ortiz, Harris and UT San Antonio
12:00pm-1:30pm
(Sierra A)
1:30pm-5:00pm
Club RoomHiroMandarinSalon 5Salon 6ASalon 6BSalon 8

(continues from the morning)

(continues from morning session)

(continues from the morning)

Half Day

Hassan Takabi, University of North Texas

(continues from the morning session)

(continues from the morning)

(continues from the morning)
6:00pm-8:00pm
(Sierra Courtyard)
Wednesday, 7 December 2016
7:30am-8:30am
(Sierra A)
8:30am-9:00am
(Sierra CD)Session Chair: Stephen Schwab

ACSAC Conference Welcome, Stephen Schwab, Conference Chair

Best Paper Awards, Dr. Wil Robertson, Program Chair and Dr. Davide Balzarotti, Program Co-Chair

SWSIS Scholarship Awards, Jeremy Epstein, ACSA and Linda Chung Maloney, HPE

 
9:00am-10:00am
(Sierra CD)Session Chair: Stephen Schwab

Scaling Properties of Software and System Security

Dr. Paul Vixie, CEO, Farsight Security
10:00am-10:30am
(Sierra Foyer)
10:30am-12:00pm
Internet of ThingsCloud Security
Club RoomSierra BSierra C
Session Chair: Tomas Vagoun

Moderator: Tomas Vagoun, NITRD Cybersecurity and Privacy R&D Technical Coordinator

Panelists:

Sean Brooks, Privacy Engineer, NIST

Deborah Shands, Program Director, NSF

Jeremy Epstein, Program Manager, DARPA

Erin Kenneally, Program Manager, DHS S&T

Phoebe Rouge, Technologist, FTC

 

 Session Chair: Graham BakerIOT: Formal Security Analysis of Smart Embedded SystemsFarid Molazem , University of British Columbia; Karthik Pattabiraman, University of British ColumbiaIOT: An Ultra-Lightweight White-Box Encryption Scheme for Securing Resource-Constrained IoT DevicesYang Shi, Tongji University; Wujing Wei, Tongji University; Zongjian He, Tongji University; Hongfei Fan, Tongji UniversityIOT: A Multi-Cloud based Privacy-Preserving Data Publishing Scheme for the Internet of ThingsLei Yang, University of Kansas; Abdulmalik Humayed, University of Kansas; Fengjun Li, University of Kansas Session Chair: Thomas MoyerELAR: Extremely Lightweight Auditing and Repairing for Cloud SecurityThao Tran Phuong, KDDI R&D Laboratories; Kazumasa Omote, University of TsukubaPileus: Protecting User Resources from Vulnerable Cloud ServicesYuqiong Sun, Pennsylvania State University; Giuseppe Petracca, Pennsylvania State University; Xinyang Ge, Pennsylvania State University; Trent Jaeger, Pennsylvania State UniversityBootstrapping and Maintaining Trust in the CloudNabil Schear, MIT Lincoln Laboratory; Patrick Cable, MIT Lincoln Laboratory; Thomas Moyer, MIT Lincoln Laboratory; Bryan Richard, MIT Lincoln Laboratory; Robert Rudd, MIT Lincoln Laboratory
12:00pm-1:30pm
(Sierra A)
1:30pm-3:00pm
Network SecurityAccess Control
Club RoomSierra BSierra CSierra D
Session Chair: Benjamin Price

Moderators: Benjamin Price and Michael Zhivich, MIT Lincoln Laboratory

Panelists:

Tim Vidas, CGC Infrastructure Team

Lok Yan, CGC Infrastructure Team

Chris Eagle, CGC Infrastructure Team

Yan Shoshitaishvili, Shellphish Team (3rd Place)

David Melski, TechX Team (2nd Place)

Brian Knudson, DeepRed Team

 Session Chair: Vasileios KemerlisDecomposition of MAC Address Structure for Granular Device InferenceJeremy Martin, US Naval Academy; Erik Rye, US Naval Academy; Robert Beverly, Naval Postgraduate SchoolTiming-based Reconnaissance and Defense in Software-defined NetworksJohn Sonchack, University of Pennsylvania; Anurag Dubey, University of Colorado, Boulder; Adam Aviv, United States Naval Academy; Eric Keller, University of Colorado, Boulder; Jonathan Smith, University of PennsylvaniaRevProbe: Detecting Silent Reverse Proxies in Malicious Server InfrastructuresAntonio Nappa, IMDEA Software Institute; Rana Faisal Munir, Universitat Politecnica de Catalonia; Irfan Khan Tanoli, Gran Sasso Science Institute; Christian Kreibich , LastLine & International Computer Science Institute; Juan Caballero, IMDEA Software Institute Session Chair: Brendan Dolan-GavittLife-experience passwords (LEPs)Simon Woo, USC/ISI; Elsi Kaiser, USC; Ron Artstein, USC/ICT; Jelena Mirkovic, USC/ISIUsing Image Saliency and Regions of Interest to Encourage Stronger Graphical PasswordsMohammad Alshehri, Institute of Public Administration; Heather Crawford, Florida Institute of TechnologyCPAC: Securing Critical Infrastructure with Cyber-Physical Access Controlsriharsha etigowni, Rutgers University; Dave (Jing) Tian, University of Florida; Grant Hernandez, University of Florida; Saman Zonouz, Rutgers University; Kevin Butler, University of Florida Session Chair: Erin Kenneally

Speakers:

Erin Kenneally, Cyber Security Division, DHS

Paul Royal, George Tech Information Security Center (GTISC)

John Heidemann, USC Information Sciences Institute

 
3:00pm-3:30pm
(Sierra Foyer)
3:30pm-5:00pm
Software SecurityWeb Security
Club RoomSierra CSierra D
Session Chair: Charles Payne

Speakers:

Mr. Michael McEvilley, The MITRE Corporation (invited)

Dr. William Young, USAF (invited)

 Session Chair: Juan CaballeroCode Obfuscation Against Symbolic Execution AttacksSebastian Banescu, Technisch Universität München; Christian Collberg, University of Arizona; Vijay Ganesh, University of Waterloo; Zack Newsham, University of Waterloo; Alexander Pretschner, Technisch Universität MünchenVulPecker: An Automated Vulnerability Detection System Based on Code Similarity AnalysisZhen Li, Huazhong University of Science and Technology; Hebei University; Deqing Zou, Huazhong University of Science and Technology; Shouhuai Xu, University of Texas at San Antonio; Hai Jin, Huazhong University of Science and Technology; Hanchao Qi, Huazhong University of Science and Technology; Jie Hu, Huazhong University of Science and TechnologyEvilCoder: Automated Bug InsertionJannik Pewny, Horst-Görtz Institute, Ruhr-University Bochum; Thorsten Holz, Horst-Görtz Institute, Ruhr-University Bochum Session Chair: Davide BalzarottiCatching Predators at Watering Holes: Finding and Understanding Strategically Compromised WebsitesSumayah alrwais, Indiana University at Bloomington; Kan Yuan, Indiana University at Bloomington; Eihal Alowaisheq, Indiana University at Bloomington; Xiaojing Liao, Georgia Institute of Technology; Alina Oprea, RSA Labs; Xiaofeng Wang, Indiana University at Bloomington; Zhou Li, RSA LabsThe Achilles' Heel of OAuth: A Multi-Platform Study of OAuth-based AuthenticationHui Wang, Shanghai Jiao Tong University; Yuanyuan Zhang, Shanghai Jiao Tong University; Juanru Li, Shanghai Jiao Tong University; Dawu Gu, Shanghai Jiao Tong UniversityAdaptive Encrypted Traffic Fingerprinting With Bi-Directional DependenceKhaled Al-Naami, The University of Texas at Dallas; Swarup Chandra, The University of Texas at Dallas; Ahmad Mustafa, The University of Texas at Dallas; Latifur Khan, The University of Texas at Dallas; Zhiqiang Lin, The University of Texas at Dallas; Kevin Hamlen, The University of Texas at Dallas; Bhavani Thuraisingham, The University of Texas at Dallas
6:30pm-9:30pm
(Sierra A)
Thursday, 8 December 2016
7:30am-8:30am
(Sierra A)
9:00am-10:00am
(Sierra CD)Session Chair: Stephen Schwab

Software Security in the Real World

Dr. Úlfar Erlingsson, Manager of Security Research, Google
10:00am-10:30am
(Sierra Foyer)
10:30am-12:00pm
Internet of ThingsAccess Control
Club RoomSierra BSierra CSierra D
Session Chair: Cynthia Bauer

Hackers and Evil Doers – How to Keep Your Digital Experience Safe and Secure on the Cloud, Bob McCandless, Blue Iron Network


Encrypting the Brain of IOT, Ed Yu, Overnest, Inc.


Impact of the Physical Web and Beacons in the Classroom and College, Debasis Bhattacharya, University of Maui College

 Session Chair: Trent JaegerOn the (in)security of the Latest Generation Implantable Cardiac Defibrillators and How to Secure ThemEduard Marin , KU Leuven, ESAT-COSIC and iMinds; Dave Singelée, KU Leuven, ESAT-COSIC and iMinds; Flavio Garcia , School of Computer Science, University of Birmingham; Tom Chothia, School of Computer Science, University of Birmingham; Rik Willems, KU Leuven, Department of Cardiovascular Sciences; Bart Preneel, KU Leuven, ESAT-COSIC and iMindsMulti-Receiver GPS Spoofing Detection: Error Models and RealizationKai Jansen, Ruhr-University Bochum; Nils Ole Tippenhauer, Singapore University of Technology and Design; Christina Pöpper, New York University Abu DhabiIOT: Location-enhanced Authentication using the IoT Because You Cannot Be in Two Places at OnceIoannis Agadakos, Stevens Institute of Technology; Per Hallgren, Chalmers University of Technology; Dimitrios Damopoulos, Stevens Institute of Technology; Andrei Sabelfeld, Chalmers University of Technology; Georgios Portokalidis, Stevens Institute of Technology Session Chair: Omer TrippTheft-Resilient Mobile Payments: Transparently Authenticating NFC Users with Tapping Gesture BiometricsBabins Shrestha, University of Alabama at Birmingham; Manar Mohamed, University of Alabama at Birmingham; Sandeep Tamrakar, Aalto University; Nitesh Saxena, University of Alabama at BirminghamGametrics: Towards Attack-Resilient Behavioral Authentication with Simple Cognitive GamesManar Mohamed, University of Alabama at Birmingham; Nitesh Saxena, University of Alabama at BirminghamDevice Fingerprinting for Augmenting Web Authentication: Classification and Analysis of MethodsFurkan Alaca, Carleton University; Paul Van Oorschot, Carleton University Session Chair: Charles Payne

Speaker:

Deborah Frincke, Director of Research, NSA
12:00pm-1:30pm
(Sierra A)
1:30pm-3:00pm
Applied CryptoMalware
Club RoomSierra BSierra CSierra D
Session Chair: Adam Aviv

Moderator:

Adam Aviv, US Naval Academy

Panelists:

Mark Gondree, Sonoma State University

Colleen Lewis, Harvey Mudd College

Jelena Mirkovic, University of Southern California Information Sciences Institute

 

 Session Chair: William RobertsonPractical and Secure Dynamic Searchable Encryption via Oblivious Access on Distributed Data StructureThang Hoang, Oregon State University; Attila Yavuz, Oregon State University; Jorge Guajardo, Robert Bosch Research and Technology CenterCoKey: Fast Token-Based Cooperative CryptographyJulian Horsch, Fraunhofer AISEC; Sascha Wessel, Fraunhofer AISEC; Claudia Eckert, Technische Universität MünchenThe Cloudier Side of Cryptographic End-to-end Verifiable Voting: A Security Analysis of HeliosAleksander Essex, Western University; Nicholas Chang-Fong, Western University Session Chair: Dongyan XuShieldFS: A Self-healing, Ransomware-aware FilesystemAndrea Continella, Politecnico di Milano; Alessandro Guagnelli, Politecnico di Milano; Giovanni Zingaro, Politecnico di Milano; Giulio De Pasquale, Politecnico di Milano; Alessandro Barenghi, Politecnico di Milano; Stefano Zanero, Politecnico di Milano; Federico Maggi, Politecnico di MilanoCypider: Building Community-Based Cyber-Defense Infrastructure for Android Malware DetectionElMouatez Billah KARBAB, Concordia University; Mourad Debbabi, Concordia University; Abdelouahid Derhab, King Saud University; Djedjiga Mouheb, Concordia UniversityIntelligent, Automated Red Team EmulationAndy Applebaum, The MITRE Corporation; Doug Miller, The MITRE Corporation; Blake Strom, The MITRE Corporation; Chris Korban, The MITRE Corporation; Ross Wolf, The MITRE Corporation Session Chair: Kevin Greene

Speakers:

Kevin Greene, Cyber Security Division, DHS

Dr Robert McGraw, CTO, RAM Laboratories, Inc.

Joshua Garcia, Associate Project Scientist, Institute for Software Research, UC Irvine
3:00pm-3:30pm
(Sierra Foyer)

Chocoholic Extravaganza

"Las cosas claras y el chocolate espeso." (Ideas should be clear and chocolate thick.) Spanish proverb
3:30pm-5:00pm
Mobile SecurityPrivacy & Data Protection
Sierra BSierra CSierra D
Session Chair: Georgios PortokalidisYou Can Promote, But You Can't Hide: Large-Scale Abused App Detection in Mobile App StoresZhen Xie, The Pennsylvania State University; Sencun Zhu, The Pennsylvania State University; Wenjing Wang, Bluecoat Inc.; Qing Li, Bluecoat Inc.Swords and Shields - A Study of Mobile Game Hacks and Existing DefensesYuan Tian, Carnegie Mellon University; Eric Chen, Gridspace; Xiaojun Ma, Google; Shuo Chen, Microsoft Research; Xiao Wang, Carnegie Mellon University; Patrick Tague, Carnegie Mellon UniversityUnderstanding and Defending the Binder Attack Surface In AndroidHuan Feng, The University of Michigan, Ann Arbor; Kang Shin, The University of Michigan, Ann Arbor Session Chair: Stephen SchwabInferring Browser Activity and Status Through Remote Monitoring of Storage UsageHyungsub Kim, Pohang University of Science and Technology & Agency for Defense Development; Sangho Lee, Georgia Institute of Technology; Jong Kim, Pohang University of Science and TechnologyAmplifying Side Channels Through Performance DegradationThomas Allan, The University of Adelaide and Data61; Billy Bob Brumley, Tampere University of Technology; Katrina Falkner, The University of Adelaide; Joop Van de Pol, University of Bristol; Yuval Yarom, The University of Adelaide and Data61Efficient, Adversarial Neighbor Discovery using Logical Channels on Microsoft AzureMehmet Sinan INCI, Worcester Polytechnic Institute; Gorka Irazoqui, Worcester Polytechnic Institute; Thomas Eisenbarth, Worcester Polytechnic Institute; Berk Sunar, Worcester Polytechnic Institute Session Chair: Dan Massey

Speakers:

CPSSEC Program Overview, Dan Massey, Cyber Security Division, DHS

The Intrinsically Secure, Open, and Safe Cyber-physically Enabled, Life-critical Essential Services (ISOSCELES), Todd Carpenter, Adventium Labs

Side-Channel Causal Analysis for Design of Cyber-Physical Security, David Payton, HRL Laboratories
5:15pm-6:00pm
(Sierra C)Session Chair: Thomas Moyer
6:15pm-9:00pm
(Sierra A)Session Chair: Thomas Moyer
Friday, 9 December 2016
7:30am-8:30am
(Sierra A)
8:30am-10:00am
Software SecurityPrivacy & Data Protection
Club RoomSierra BSierra C
Session Chair: Amir Houmansadr

Moderator: Amir Houmansadr, University of Massachusetts Amherst

Panelists:

Adam Fisk, Lantern

Eric Wustrow, Univ. of Colorado Boulder

Daniel Ellard, Raytheon BBN Technologies

Ben Schwartz, Google

 

 

 Session Chair: Christophe HauserVTPin: Practical VTable Hijacking Protection for BinariesPawel Sarbinowski, Vrije Universiteit Amsterdam; Vasileios P. Kemerlis, Brown University; Cristiano Giuffrida, Vrije Universiteit Amsterdam; Elias Athanasopoulos, Vrije Universiteit AmsterdamLMP: Light-Weighted Memory Protection with Hardware AssistanceWei Huang, University of Toronto; Zhen Huang, University of Toronto; Dhaval Miyani, University of Toronto; David Lie, University of TorontoFASE: Functionality-Aware Security EnforcementPetar Tsankov, ETH Zurich; Marco Pistoia, IBM T. J. Watson Research Center; Omer Tripp, Google; Martin Vechev, ETH Zurich; Pietro Ferrara, Julia Session Chair: Hassan TakabiReliably Determining Data Leakage in the Presence of Strong AttackersRiccardo Bortolameotti, University of Twente; Andreas Peter, University of Twente; Maarten H. Everts, TNO; University of Twente; Willem Jonker, University of Twente and EIT Digital; Pieter Hartel, University of TwenteSanitizing Data is Not Enough! Towards Sanitizing Structural Artifacts in Flash MediaBo Chen, University of Memphis; Shijie Jia, Chinese Academy of Sciences; Luning Xia, Chinese Academy of Sciences; Peng Liu, Pennsylvania State UniversityAUROR: Defending Against Poisoning Attacks in Collaborative Deep Learning SystemsShiqi Shen, National University of Singapore; Shruti Tople, National University of Singapore; Prateek Saxena, National University of Singapore
10:00am-10:30am
(Sierra Foyer)
10:30am-12:00pm
Trust ManagementForensics and Incident Response
Sierra BSierra C
Session Chair: David BalensonA security analysis of automated Chinese Turing TestsAbdalnaser Algwil, Lancaster University; Dan Ciresan, IDSIA (SUPSI-USI); Beibei Liu, South China University of Technology; Jeff Yan, Lancaster UniversityThe Cross Domain Desktop Compositor: Using hardware-based video compositing for a multi-level secure user interfaceMark Beaumont, DST Group, Department of Defence; Jim McCarthy, DST Group, Department of Defence; Toby Murray, University of Melbourne / Data61 CSIROCASTLE: CA Signing in a Touch-Less EnvironmentStephanos Matsumoto, Carnegie Mellon University/ETH Zurich; Samuel Steffen, ETH Zurich; Adrian Perrig, ETH Zurich Session Chair: Thomas MoyerSpicy: A Unified Deep Packet Inspection Framework for Safely Dissecting All Your DataRobin Sommer, International Computer Science Institute / Lawrence Berkeley National Laboratory; Johanna Amann, International Computer Science Institute; Seth Hall, International Computer Science InstituteTrace-Free Memory Data Structure Forensics via Past Inference and Future SpeculationsPengfei Sun, Rutgers University; Rui Han, University of Miami; Mingbo Zhang, Rutgers University; Saman Zonouz, Rutgers UniversityHERCULE: Attack Story Reconstruction via Community Discovery on Correlated Log GraphKexin Pei, Columbia University; Zhongshu Gu, IBM T.J. Watson Research Center; Brendan Saltaformaggio, Purdue University; Shiqing Ma, Purdue University; Fei Wang, Purdue University; Zhiwei Zhang, Purdue University; Luo Si, Purdue University; Xiangyu Zhang, Purdue University; Dongyan Xu, Purdue University
12:00pm-12:15pm
(Sierra C)

Attend our giveaway at the closing plenary! So don't leave early!
12:45pm-5:00pm
(Sierra Foyer)

Outing to LACMA/Peterson Museum

 

Powered by OpenConf®
Copyright©2002-2016 Zakon Group LLC