All times listed are in Central European Summer Time (CEST).
Wednesday, 2 July 2020 - Workshops
First International Workshop on Emerging Security Solutions for Critical Applications (ESSCA)
14:00 - 14:10 – Opening Remarks: Fatima Hussain
14:10 - 14:40 – Plenary Talk: Dr. Salah Sharieh
14:50 - 16:10 – Emerging Security Solutions for Critical Applications
Machine Learning in Action: Securing IAM API by Risk Authentication Decision Engine – Bojan Nokovic (McMaster University, Canada); Nebojsa Djosic and Salah Sharieh (Royal Bank of Canada, Canada)
Generation of realistic signal strength measurements for a 5G Rogue Base Station attack scenario – Mohammad Saedi (Ulster University, United Kingdom (Great Britain)); Adrian Moore (University of Ulster, United Kingdom (Great Britain)); Philip A Perry (Ulster University, United Kingdom (Great Britain)); Mohammad Shojafar (University of Surrey, United Kingdom (Great Britain)); Hanif Ullah and Jonathan Synnott (Ulster University, United Kingdom (Great Britain)); Ruth Brown (BT, United Kingdom (Great Britain)); Ian Herwono (British Telecommunications plc, United Kingdom (Great Britain))
ETAREE: An Effective Trend-Aware Reputation Evaluation Engine for Wireless Medical Sensor Networks – Muhammad Shadi Hajar, M. Omar Al-Kadri and Harsha Kalutarage (Robert Gordon University, United Kingdom (Great Britain))
Adaptive Latency Reduction in LoRa for Mission Critical Communications in Mines – Ahasanun Nessa, Fatima Hussain and Xavier N. Fernando (Ryerson University, Canada)
Sixth International Workshop on Security and Privacy in the Cloud (SPC)
14:30 - 14:40 – Opening Remarks
14:40 - 16:15 – Session 1: Vulnerabilities & Attacks
Insider Attack Detection for Science DMZs Using System Performance Data – Ross Gegan and Brian Perry (University of California Davis, USA); Dipak Ghosal (University of California, Davis, USA); Matt Bishop (University of California Davis, USA)
Security Vulnerabilities of Server-Centric Wireless Datacenters – Sayed Ashraf Mamun, Amlan Ganguly, Panos P. Markopoulos, Andres Kwasinski and Minseok Kwon (Rochester Institute of Technology, USA)
Encrypted-Input Program Obfuscation: Simultaneous Security Against White-Box and Black-Box Attacks – Giovanni Di Crescenzo, Lisa Bahler and Allen McIntosh (Perspecta Labs, USA)
REdiREKT: Extracting Malicious Redirections from Exploit Kit Traffic – Jonah Burgess and Domhnall Carlin (Queen's University Belfast, United Kingdom (Great Britain)); Philip O'Kane (Queens University Belfast, United Kingdom (Great Britain)); Sakir Sezer (Queen's University Belfast & CTO Titan IC, United Kingdom (Great Britain))
Stealthy Privacy Attacks Against Mobile AR Apps – Sarah M. Lehman, Abrar S. Alrumayh, Haibin Ling and Chiu C. Tan (Temple University, USA)
16:30 - 18:05 – Session 2: Models & Applications
Perturbing Inputs to Prevent Model Stealing – Justin Grana (RAND Corporation, USA)
SparseIDS: Learning Packet Sampling with Reinforcement Learning – Maximilian Bachl, Fares Meghdouri, Joachim Fabini and Tanja Zseby (TU Wien, Austria)
Quantitative Verification of Certificate Transparency Gossip Protocols – Michael C Oxford, David Parker and Mark Ryan (University of Birmingham, United Kingdom (Great Britain))
Cloud-Based Face and Speech Recognition for Access Control Applications – Nathalie Tkauc, Thao Tran, Kevin Hernandez-Diaz and Fernando Alonso-Fernandez (Halmstad University, Sweden)
The Quest for Secure and Privacy-preserving Cloud-based Industrial Cooperation – Martin Henze (Fraunhofer FKIE, Germany)
International Workshop on Privacy and Security for Information Systems (WPS)
14:00 - 14:10 – Opening Session
14:10 - 14:50 – Keynote Talk I
15:00 - 16:00 – Technical Session I
Optimal Mechanisms Under Maximal Leakage – Benjamin H Wu, Aaron Wagner and G. Edward Suh (Cornell University, USA)
Maximal alpha-Leakage and Its Properties – Jiachun Liao, Lalitha Sankar and Oliver Kosut (Arizona State University, USA); Flavio P. Calmon (Harvard University, USA)
Notes on Communication and Computation in Secure Distributed Matrix Multiplication – Rafael D'Oliveira (Massachusetts Institute of Technology, USA); Salim El Rouayheb (Rutgers University, USA); Daniel Heinlein (Aalto University, Finland); David Karpuk (Universidad de los Andes, Colombia)
16:10 - 16:50 – Keynote Talk II
17:00 - 18:00 – Technical Session II
Authentication and Partial Message Correction over Adversarial Multiple-Access Channels – Allison Beemer (New Jersey Institute of Technology, USA); Eric Graves (6245 Deep Earth Ln & ARL, USA); Joerg Kliewer (New Jersey Institute of Technology, USA); Oliver Kosut (Arizona State University, USA); Paul Yu (Army Research Laboratory, USA)
Arbitrarily Varying Wiretap Channels with and Without Non-Causal Side Information at the Jammer – Carsten Janda (Technische Universität Braunschweig, Germany); Moritz Wiese (Technical University Munich, Germany); Eduard Jorswieck (Technische Universität Braunschweig, Germany); Holger Boche (Technical University Munich, Germany)
Secure Strong Coordination – Giulia Cervia, Germán Bassi and Mikael Skoglund (KTH Royal Institute of Technology, Sweden)
18:10 - 18:50 – Keynote Talk III
19:00 - 20:00 – Technical Session III
Physical Layer Authentication Techniques Based on Machine Learning with Data Compression – Linda Senigagliesi, Marco Baldi and Ennio Gambi (Università Politecnica delle Marche, Italy)
Adversarial Multiple Access Channels and a New Model of Multimedia Fingerprinting Coding – Grigory Kabatiansky and Elena Egorova (Skolkovo Institute of Science and Technology, Russia)
Modeling Temperature Behavior in the Helper Data for Secret-Key Binding with SRAM PUFs – Lieneke Kusters and Alexandros Rikos (Eindhoven University of Technology, The Netherlands); Frans MJ Willems (Technical University Eindhoven, The Netherlands)
Workshop on Cyber-Physical Systems Security (CPS-Sec)
14:45 - 15:00 – Opening Remarks
15:00 - 16:00 – Security in Cyber Physical Systems
Secure End-to-End Sensing in Supply Chains – Jan Pennekamp (RWTH Aachen University, Germany); Fritz Alder (KU Leuven, Belgium); Roman Matzutt (RWTH Aachen University, Germany); Jan Tobias Mühlberg and Frank Piessens (KU Leuven, Belgium); Klaus Wehrle (RWTH Aachen University, Germany)
Modelling Adversarial Flow in Software-Defined Industrial Control Networks Using Queueing Network Model – Livinus O Nweke (Norwegian University of Science and Technology, Norway); Stephen Wolthusen (Royal Holloway - University of London, Norway)
On the Feasibility of Exploiting Traffic Collision Avoidance System Vulnerabilities – Paul Berges (Virginia Tech, USA); Basavesh Ammanaghatta Shivakumar (Purdue University, USA); Timothy Graziano and Ryan M Gerdes (Virginia Tech, USA); Z. Berkay Celik (Purdue University, USA)
16:10 - 17:10 – Keynote Talk
Defense in Depth for CPS Security: What Does It Take and How Can Researchers Help? – Danfeng Yao - Professor of Computer Science at Virginia Tech University
Keynote Abstract: Because of the scale and heterogeneity of many cyber-physical systems (CPS), applying defense-in-depth strategies is extremely challenging. Defense in depth aims to build multiple somewhat redundant security layers for critical assets. It requires an organization to have a comprehensive and accuracy knowledge of its assets, their individual properties, and how they interact.
However, in reality this basic requirement is hard to achieve, in particular for massive-scale industrial control systems (ICS) and legacy CPS systems (e.g., weapon systems). In this talk, I will use examples to illustrate the technical challenges and realistic security goals associated with defending complex CPS systems.
There are promising directions for researchers to contribute towards achieving defense in depth in CPS, e.g., quantitative and precise asset inventory, patch management, risk management in legacy systems, and benchmarking. Prioritizing these tasks with deployment constraints in mind is the key.
Speaker Biography: Dr. Danfeng (Daphne) Yao is a Professor of Computer Science at Virginia Tech. She is an Elizabeth and James E. Turner Jr. ’56 Faculty Fellow and CACI Faculty Fellow. Her research interests are on building deployable and proactive cyber defenses, focusing on detection accuracy and scalability.
She creates new models, algorithms, techniques, and deployment-quality tools for securing large-scale software and systems. Her tool CryptoGuard helps large software companies and Apache projects harden their cryptographic code. She systematized program anomaly detection in the book Anomaly Detection as a Service. She has multiple US patents for her inventions on network causal analysis for forensics.
Her enterprise data-loss prevention papers are among top downloaded articles in IEEE SPS and Wiley WIREs. Dr. Yao received the NSF CAREER Award for her work on human-behavior driven malware detection and ARO Young Investigator Award for her semantic reasoning for mission-oriented security work. Dr. Yao is the ACM SIGSAC Treasurer/Secretary and is a member of the ACM SIGSAC executive committee since 2017. Daphne received her Ph.D. degree from Brown University, M.S. degrees from Princeton University and Indiana University, Bloomington, B.S. degree from Peking University in China.
17:20 - 18:00 – Security in Military Applications
A Security Reference Model for Autonomous Vehicles in Military Operations – Federico Mancini (FFI - Norwegian Defence Research Establishment, Norway); John Melrose (DSTL, United Kingdom (Great Britain)); Stefano Fioravanti (NATO Centre for Maritime Research and Experimentation, Italy); Frederick Leve and Logan Mailloux (Air Force Institute of Technology & United States Air Force, USA); Solveig Bruvoll (Norwegian Defence Research Establishment, Norway); Raphael Ernst and Kellyn Rein (Fraunhofer FKIE, Germany); Diego Merani and Robert Been (CMRE - NATO Centre for Maritime Research and Experimentation, Italy)
Autonomous Space Resupply Vehicle Systems Security Design Principle Case Study – Logan Mailloux (Air Force Institute of Technology & United States Air Force, USA); Robert F Mills (Air Force Institute of Technology, USA)
18:00 - 18:10 – Closing Remarks
