Detailed Program

Below you can find the program of ARES / CD-MAKE 2022. 

All time designations refer to CEST (UTC+2).

  • 23.08.2022
  • 24.08.2022
  • 25.08.2022
  • 26.08.2022
  • Tuesday 23.08.2022 Detailed

    Time (UTC +2)
    HS 01
    SR 03
    SR 04
    SR 05
    SR 06
    SR 07
    SR 08
    08:00 - 19:00
    Organizers available
    08:45 - 09:00
    ARES Opening
    Edgar Weippl, Mathias Fischer
    HS 01

    Edgar Weippl (SBA Research and University of Vienna, Austria), Mathias Fischer (Universität Hamburg, Germany)

    09:00 - 09:05
    EU Workshop Pitch Session
    Session Chair:
    Florian Skopik (AIT, Austria)
    HS 01

    Short Pitch of each EU Symposium Workshop

    09:05 - 10:30
    ARES Keynote
    Steve Furnell
    HS 01

    The strange world of the password

    Steve Furnell (University of Nottingham, United Kingdom)

    Abstract: Despite years of evidence of poor practice, people continue to choose weak passwords and continue to be allowed to do so. Normally, if something is broken then the answer is to fix or replace it. However, with passwords the problem seems able to persist unchecked and we continue to use them extensively despite the flaws. Adding further evidence of the issue, this presentation reports on the fifth run of a study into the provision of password guidance and the enforcement of password rules by a series of leading websites. The investigation has been conducted every 3-4 years since 2007 and the latest findings continue to reveal areas of notable weakness. This includes many sites still offering little or no meaningful guidance, and still permitting users to choose passwords that ought to be blocked at source. It seems that while we remain ready to criticise users for making poor choices, we repeatedly fail to take steps that would help them to do better.

    10:30 - 10:45
    Short Coffee Break
    10:45 - 12:45
    ARES I
    Best Paper
    Session Chair:
    Mathias Fischer (University of Hamburg, Germany)

    VMIFresh: Efficient and Fresh Caches for Virtual Machine  Introspection

    Thomas Dangl (University of Passau, Germany), Stewart Sentanoe (University of Passau, Germany) and Hans P. Reiser (Reykjavík University, Iceland)

    Privacy-Preserving Polyglot Sharing and Analysis of Confidential Cyber Threat Intelligence

    Davy Preuveneers and Wouter Joosen (imec-DistriNet, KU Leuven, Belgium)

    Distance-based Techniques for Personal Microbiome Identification

    Markus Hittmeir, Rudolf Mayer and Andreas Ekelhart (SBA Research, Austria)

    SOAR4IoT: Securing IoT Assets with Digital Twins

    Philip Empl, Daniel Schlette, Daniel Zupfer and Günther Pernul (University of Regensburg, Germany)

    EPESec I
    Session Chair:
    Theodoros Rokkas (inCITES Consulting, Luxembourg)

    Attacking Power Grid Substations: An Experiment Demonstrating How to Attack the SCADA Protocol IEC 60870-5-104

    László Erdődi, Pallavi Kaliyar, Siv Hilde Houmb, Aida Akbarzadeh and Andre Jung Waltoft-Olsen (Department of Information Security and Communication Technology, Norwegian University of Science and Technology, Norway)

    Substation-Aware. An intrusion detection system for the IEC 61850 protocol

    Jose Antonio Lopez, Iñaki Angulo and Saturnino Martinez (TECNALIA, Basque Research and Technology Alliance (BRTA), Spain)

    Cyber-security measures for protecting EPES systems in the 5G area

    Alexios Lekidis (Public Power Corporation, Greece)

    Handling Critical Infrastructures in Federation of Cyber Ranges: A Classification Model

    Evangelos Chaskos, Jason Diakoumakos, Nicholas Kolokotronis and George Lepouras (University of the Peloponnese Department of Informatics and Telecommunications, Greece)

    Fault-Tolerant SDN Solution for Cybersecurity Applications

    Athanasios Liatifis (University of Western Macedonia, Macedonia), Christos Dalamagkas (Testing Research & Standards Center of Public Power Corporation SA, Greece), Panagiotis Radoglou-Grammatikis (University of Western Macedonia, Macedonia), Thomas Lagkas (International Hellenic University, Greece), Evangelos Markakis (Hellenic Mediterranean University, Greece), Valeri Mladenov (Technical University of Sofia, Bulgaria), Panagiotis Sarigiannidis (University of Western Macedonia, Macedonia)

    Securing Communication and Identifying Threats in RTUs: A Vulnerability Analysis

    Engla Rencelj Ling (Division of Network and Systems Engineering, KTH Royal Institute of Technology, Sweden), Jose Eduardo Urrea Cabus (Division of Network and Systems Engineering, KTH Royal Institute of Technology, Sweden), Ismail Butun (Division of Network and Systems Engineering, KTH Royal Institute of Technology, Sweden), Robert Lagerström (Division of Network and Systems Engineering, KTH Royal Institute of Technology, Sweden), Johannes Olegard (Department of Computer and Systems Sciences, Stockholm University, Sweden)

    IWCSEC I
    Fast-Paced And Secure Code Development And Deployment
    Session Chair:
    Péter Hegedűs (FrontEndART Szoftver Kft., Hungary)

    Explainability-based Debugging of Machine Learning for Vulnerability Discovery

    Angelo Sotgiu, Maura Pintor and Battista Biggio (Pluribus One, University of Cagliari, Italy)

    Lightweight Parsing and Slicing for Bug Identification in C

    Luca Mecenero (University of Trento, Italy), Ranindya Paramitha (University of Trento, Italy), Ivan Pashchenko (TomTom, The Netherlands), Fabio Massacci (University of Trento, Italy, Vrije Universiteit Amsterdam, The Netherlands)

    On the feasibility of detecting injections in malicious npm packages

    Simone Scalco (University of Trento, Italy), Ranindya Paramitha (University of Trento, Italy), Duc-Ly Vu (FPT University, Vietnam) and Fabio Massacci (University of Trento, Italy, Vrije Universiteit Amsterdam, The Netherlands)

    Towards a Security Benchmark for the Architectural Design of Microservice Applications

    Anusha Bambhore Tukaram (Hamburg University of Technology, Germany), Simon Schneider (Hamburg University of Technology, Germany), Nicolás E. Díaz Ferreyra (Hamburg University of Technology, Germany), Georg Simhandl (University of Vienna, Austria), Uwe Zdun (University of Vienna, Austria), Riccardo Scandariato (Hamburg University of Technology, Germany)

    Learning State Machines to Monitor and Detect Anomalies on a Kubernetes Cluster

    Clinton Cao (Delft University of Technology, The Netherlands), Agathe Blaise (Thales SIX GTS France, France), Sicco Verwer (Delft University of Technology, The Netherlands) and Filippo Rebecchi (Thales SIX GTS France, France)

    Security Maturity Self-Assessment Framework for Software Development Lifecycle

    Raluca Brasoveanu (TomTom, The Netherlands), Yusuf Karabulut (TomTom, Germany) and Ivan Pashchenko (TomTom, The Netherlands)

    NG - SOC I

    tba

    SP2I I
    Applied Cryptography, Security And Privacy
    Session Chair:
    Lukas Malina (Brno University of Technology, Czech Republic)

    Security-by-Design in Intelligent Infrastructures: the HAII-T orchestrator

    Gabriele CostaIMT School for Advanced Studies Lucca

    Abstract: In the last years Security-by-Design has emerged as the main methodology for securing the life cycle of software and systems. Its effectiveness is the result of a strong integration with all the development phases, from the earliest conceptualization and design to the final disposal. Large scale, critical infrastructures can benefit the most from this approach. Nevertheless, they also carry an extreme degree of complexity that must be dealt with. In this talk we will consider the SPARTA perspective on the definition and implementation of a secure orchestrator for making intelligent infrastructures Secure-by-Design.

    Implementation of Revocable Keyed-Verification Anonymous Credentials on Java Card

    Raúl Casanova-Marqués (Brno University of Technology, Universitat Jaume I, Czech Republic), Petr Dzurenda (Brno University of Technology, Czech Republic), Jan Hajny (Brno University of Technology, Czech Republic)

    Real-world Deployment of Privacy-Enhancing Authentication System using Attribute-based Credentials

    Petr Dzurenda (Brno University of Technology, Czech Republic), Raúl Casanova-Marqués (Brno University of Technology, Universitat Jaume I, Czech Republic), Lukas Malina (Brno University of Technology, Czech Republic)

    ETACS I
    Cybersecurity Education, Training And Awareness
    Session Chair:
    Jan Hajny (SPARTA, Brno University of Technology, Czech Republic)

    Cybersecurity Skills Gap: ENISA Analysis and Actions

    Fabio Di Franco, ENISA

    Abstract: Fabio will provide a holistic view on the nature and characteristics of the skills gap in Europe and the results of the joint effort done with other EU players (eg. the pilots of the EU Competence Network). He will report on the European Cybersecurity Skills Framework (ECSF) which aims to close the cybersecurity skills’ gap on the European labour market, building comprehensive bridges between European workplace context and learning environment through an EU skills framework.  He will also provide insights on the cybersecurity higher education database (CyberHEAD), an initiative to allow young talents to make informed decisions on the variety of possibilities offered by higher education in cybersecurity through an easy-to-use web portal.

    Properties for Cybersecurity Awareness Posters’ Design and Quality Assessment

    Sunil Chaudhary (Norwegian University of Science and Technology, Norway), Marko Kompara (University of Maribor, Slovenia), Sebastian Pape (Goethe University, Germany), Vasileios Gkioulos (Norwegian University of Science and Technology, Norway)

    Security of Smart Grid Networks in the Cyber Ranges

    Tomas Lieskovan, Jan Hajny (Brno University of Technology, Czech Republic)

    Requirements for an Information Privacy Pedagogy based on the Constructivism Learning Theory

    Thanos Papaioannou (Ionian University, Greece), Aggeliki Tsohou (Ionian University, Greece), Maria Karyda (University of the Aegean, Greece), Stylianos Karagiannis (PDM & FC, Portugal)

    CyBOK - The Cyber Security Body Of Knowledge

    Dr. Yulia Cherdantseva, Senior Lecturer at the School of Computer Science & Informatics at Cardiff University

    Abstract: Cyber Security Body of Knowledge (CyBOK) is a major project sponsored by the UK National Cyber Security Centre with the aim of developing a substantial resource offering a guide to the Cyber Security as a discipline and as a field of professional practice.  CyBOK codifies the foundational knowledge in cyber security for education and professional training.  It is an open and freely accessible resource (www.cybok.org) developed by the Community for the Community with contributions from over 115 experts across the world since 2017. CyBOK v1.1 is constituted by 21 knowledge areas. There are also free supplementary resources for students, educators and trainers, e.g. podcasts, resources for developing programmes based on CyBOK, lab materials, case studies for use in classroom, etc. This presentation will describe the process of developing CyBOK and maintaining it up to date, discuss the role of the international community in this process, outline the use cases of CyBOK and the future directions of the CyBOK project evolution.

    SECPID I
    Session Chair:
    Sebastian Ramacher (AIT Austrian Institute of Technology GmbH, Austria)

    Hide and Seek: Privacy-Preserving and FAA-compliant Drones Location Tracing

    Alessandro Brighente (University of Padova, Italy), Mauro Conti (University of Padova, Italy, Delft University of Technology, The Netherlands), Savio Sciancalepore (Eindhoven University of Technology (TU/e)The Netherlands)

    Revisiting Online Privacy and Security Mechanisms Applied in the In-App Payment Realm from the Consumers’ Perspective

    Salatiel Ezennaya-Gomez, Edgar Blumenthal, Marten Eckardt, Justus Krebs, Christopher Kuo, Julius Porbeck, Emirkan Toplu, Stefan Kiltz and Jana Dittmann (Otto-von-Guericke University Magdeburg, Germany)

    Towards Efficient FHE Based cPIR Schemes and Their Parameter Selection

    Cavidan Yakupoglu and Kurt Rohloff (NJIT, United States)

    12:45 - 13:45
    Lunch Break
    13:45 - 15:15
    IWPSMTS I
    Session Chair:
    Roland Rieke (Fraunhofer Institute for Secure Information Technology SIT, Germany)

    Introduction to the International Workshop on Privacy and Security of Multi-Modal Transport Systems

    Roland Rieke (Fraunhofer SIT | ATHENE, Germany)

    Challenges and solutions for security and seamless authentication services in airport-train multimodal travels 

    Stefano Sebastio (Collins ART, Ireland)

    SECurity Test and Evaluation platform for Autonomous driving

    Daniel Zelle (Fraunhofer SIT | ATHENE, Germany)

    Security Operations Center for Multi-Modal Transport Systems

    Ali Recai Yekta (Yekta IT GmbH, Germany)

    Collaborative Security Pattern for Automotive Electrical/Electronic (E/E) Architectures

    Florian Fenzl (Fraunhofer SIT | ATHENE, Germany)

    EPESec II
    Session Chair:
    Theodoros Rokkas (inCITES Consulting, Luxembourg)

    Demonstration of alignment of the Pan-European Cybersecurity Incidents Information Sharing Platform to Cybersecurity policy, regulatory and legislative advancements

    Dimitrios Skias (Netcompany-Intrasoft, Luxembourg), Sofia Tsekeridou (Netcompany-Intrasoft, Greece), Theodore Zahariadis (SYNELIXIS SOLUTIONS S.A, Greece.), Artemis Voulkidis (SYNELIXIS SOLUTIONS S.A., Greece) and Terpsichori-Helen Velivassaki (SYNELIXIS SOLUTIONS S.A., Greece)

    A Collaborative Intelligent Intrusion Response Framework for Smart Electrical Power and Energy Systems

    Konstantinos P. Grammatikakis, Ioannis Koufos and Nicholas Kolokotronis (University of the Peloponnese, Department of Informatics and Telecommunications, Greece)

    Evaluating The Cyber-Security Culture of the EPES Sector

    Anna Georgiadou, Ariadni Michalitsi-Psarrou and Dimitris Askounis (National Technical University of Athens, Greece)

    Classifying the factors affecting the adoption of the SDN-microSENSE innovations

    Theodoros Rokkas and Ioannis Neokosmidis (inCITES Consulting, Luxembourg)

    IWCSEC II
    Software Certification
    Session Chair:
    Maura Pintor (Pluribus One s.r.l., Italy and University of Cagliari, Italy)

    The AssureMOSS security certification scheme

    Ákos Milánkovich, Gergely Eberhardt and Dávid Lukács (Search-Lab Ltd., Hungary)

    Panel discussion:

    Panel on delta certification - challenges and possible solutions

    NG - SOC II
    SP2I II
    Security And Machine Learning In Intelligent Infrastructures
    Session Chair:
    Raimundas Matulevicius (University of Tartu, Estonia)

    Artificial Intelligence-Assisted Side Channel Attacks

    Xiaolu HouFaculty of Informatics and Information Technologies, Slovak University of Technology

    Abstract: Deep neural networks (DNN) have gained popularity in the last decade due to advances in available computational resources. In particular, side-channel attacks (SCA) have received the most attention as being a classification problem, DNN comes as a natural candidate. In this talk, we will first provide the basics of SCA and explain how it can recover the secret key of a cryptographic implementation. Then, we will present the recent literature on applications of DNN to SCA. As a demonstration, we will detail a work that aims to propose a general framework that helps users with the overall trace analysis aided by DNN, minimizing the necessity for architecture adjustments by the user.

    CloudFL: A Zero-Touch Federated Learning Framework for Privacy-aware Sensor Cloud

    Viraaji Mothukuri (Kennesaw State University, United States), Reza M. Parizi (Kennesaw State University, United States), Seyedamin Pouriyeh (Kennesaw State University, United States), Afra Mashhadi (University of Washington, United States)

    Enhanced anomaly detection for cyber-attack detection in smart water distribution systems

    Branka Stojanovic, Helmut Neuschmied, Martin Winter and Ulrike Kleb (JOANNEUM RESEARCH Forschungsgesellschaft mbH, Austria)

    ETACS II
    Cybersecurity Skills Frameworks And Tools
    Session Chair:
    Jan Hajny (SPARTA, Brno University of Technology, Czech Republic)

    Adding European Cybersecurity Skills Framework into Curricula Designer

    Jan Hajny (Brno University of Technology, Czech Republic), Marek Sikora (Brno University of Technology, Czech Republic), Athanasios Grammatopoulos (University of Piraeus, Greece), Fabio Di Franco (ENISA, Greece)

    The Platform for Czech National Qualifications Framework in Cybersecurity

    Jakub Vostoupal (Masaryk University, Faculty of Informatics, Masaryk University, Faculty of Law, Czech Republic), František Kasl (Masaryk University, Faculty of Informatics, Masaryk University, Faculty of Law, Czech Republic), Pavel Loutocký (Masaryk University, Faculty of Informatics, Masaryk University, Faculty of Law, Czech Republic), Tomáš Pitner (Masaryk University, Faculty of Informatics, Czech Republic), Patrik Valo (Masaryk University, Faculty of Informatics, Czech Republic), Adam Valalský (Masaryk University, Faculty of Informatics, Czech Republic), Damián Paranič (Masaryk University, Faculty of Informatics, Czech Republic)

    Job Adverts Analyzer for Cybersecurity Skills Needs Evaluation

    Sara Ricci (Brno University of Technology, Czech Republic), Marek Sikora (Brno University of Technology, Czech Republic), Simon Parker (Deutsches Krebsforschungszentrum, Germany), Imre Lendak (University of Novi Sad, Serbia), Yianna Danidou (European University Cyprus, Cyprus), Argyro Chatzopoulou (APIROPLUS Solutions Ltd., Cyprus), Remi Badonnel (University of Lorraine, France), Donatas Alksnys (Mykolas Romeris University, Lithuania)

    SECPID II
    Session Chair:
    Stephan Krenn (AIT Austrian Institute of Technology GmbH, Austria)

    YOU SHALL NOT COMPUTE on my Data: Access Policies for Privacy-Preserving Data Marketplaces and an Implementation for a Distributed Market using MPC

    Stefan More and Lukas Alber (Graz University of Technology, Austria)

    Identity and Access Management Framework for Multi-tenant Resources in Hybrid Cloud Computing

    Saurabh Deochake and Vrushali Channapattan (Twitter, United States)

    All that is Solid Melts into Air: Towards Decentralized Cryptographic Access Control

    Harry Halpin (K.U. Leuven, Belgium)

    15:15 - 15:45
    Coffee Break
    15:45 - 17:15
    IWPSMTS II
    Session Chair:
    Roland Rieke (Fraunhofer Institute for Secure Information Technology SIT, Germany)

    Identity management for a seamless authentication in the transportation sector

    Piotr Sobonski (Collins ART, Ireland)

     

     

     

     

    Attribute-based authorization for a transaction between a transport company and a passenger

    Jean-Paul Bultel (CEA, France)

     

     

     

    An authentication and data sharing framework in the mobility service domain

    Henry Gadacz (Fraunhofer SIT | ATHENE, Germany)

     

     

    Utilizing the Trusted Platform Module in automotive networks to secure car sharing applications

    Christian Plappert (Fraunhofer SIT | ATHENE, Germany)

    EPESec III
    Session Chair:
    Theodoros Rokkas (inCITES Consulting, Luxembourg)

    Panel disccusion with representatives from EPES projects

    ENS I
    Session Chair:
    Prof. Wojciech Mazurczyk (Warsaw University of Technology, Poland & FernUniversitaet in Hagen, Germany)

    Distributed Key Management in Microgrids

    Christos Xenakis, University of Piraeus

    Abstract: Security for smart industrial systems is prominent due to the proliferation of cyber threats threatening national critical infrastructures. Smart grid comes with intelligent applications that can utilize the bidirectional communication network among its entities. Microgrids are small-scale smart grids that enable Machine-to-Machine (M2M) communications as they can operate with some degree of independence from the main grid. In addition to protecting critical microgrid applications, an underlying key management scheme is needed to enable secure M2M message transmission and authentication. Existing key management schemes are not adequate due to microgrid special features and requirements. We propose the Micro sElf-orgaNiSed mAnagement (MENSA), which is the first hybrid key management and authentication scheme that combines Public Key Infrastructure (PKI) and Web-of-Trust concepts in micro-grids. Our experimental results demonstrate the efficiency of MENSA in terms of scalability and swiftness.

    The cybersecurity-related ethical issues of cloud technology and how to avoid them

    Aleksandra Pawlicka (ITTI Sp. z o.o. and University of Warsaw, Poland), Marek Pawlicki (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland), Rafał Renk (ITTI Sp. z o.o. and Adam Mickiewicz University, Poland), Rafał Kozik (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland) and Michal Choras (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland)

    PCSCI I
    Critical Infrastructures And Interdependencies
    Session Chair:
    Stefan Schauer (Austrian Insitute of Technology, Austria)

    The PRAETORIAN Project in a Nutshell

    Eva María Muñoz Navarro (ETRA I+D) and Frederic Guyomard (Électricité de France)

    The PRECINCT Project in a Nutshell

    Jenny Rainbird (Inlecom Pathways)

    CI Interdependencies and Cascading Effects

    Stefan Schauer and Sandra König (AIT Austrian Institute of Technology)

    Resilience Management Framework for Interdependent CIs

    Lorcan Connolly (Research Driven Solutions)

    Parametrization of Probabilistic Risk Models

    Sandra König and Abdelkader Magdy Shaaban (AIT Austrian Institute of Technology)

    Response Coordination for Complex Scenarios

    Lazaros Papadopoulos (Institute of Communication and Computer Systems)

    SP2I III
    Security And Trust In Intelligent Infrastructures
    Session Chair:
    Zdenek Martinasek (Brno University of Technology, Czech Republic)

    On Secure and Side-Channel Resistant Hardware Implementations of Post-Quantum Cryptography

    Petr Jedlicka (Brno University of Technology, FEEC, Department of Telecommunications, Czech Republic), Lukas Malina (Brno University of Technology, FEEC, Department of Telecommunications, Czech Republic), Tomas Gerlich (Brno University of Technology, FEEC, Department of Telecommunications, Czech Republic), Zdenek Martinasek (Brno University of Technology, FEEC, Department of Telecommunications, Czech Republic), Jan Hajny (Brno University of Technology, FEEC, Department of Telecommunications, Czech Republic), Petr Socha (Czech Technical University in Prague, Faculty of Information Technology, Dept. of Digital Design, Czech Republic)

    Securing Shared Mobility Integration into Public Transport Infrastructure

    Abasi-Amefon Obot Affia and Raimundas Matulevicius

    An Internet-Wide View of Connected Cars: Discovery of Exposed Automotive Devices

    Takahiro Ueda, Takayuki Sasaki, Katsunari Yoshioka and Tsutomu Matsumoto (Yokohama National University, Japan)

    CyberSane I
    Session Chair:
    Jorge Manuel Martins (Project Manager, PDMFC)

    CyberSANE project: Jorge Manuel Martins & Luis Landeiro Ribeiro

    CyberSANE architecture: Core and 5 components: Thanos Karantjias & Guillermo Yuste

    CyberSANE pilots: use cases and lessons learnt: Pablo Giménez Salazar (Transport and pilot coordination), Robert Bordianu (Energy), Andrius Patapovas  (Health)

     

     

    CS-EDU

    tba

    17:15 - 17:30
    Short Coffee Break
    17:30 - 19:00
    IWPSMTS III
    Session Chair:
    Roland Rieke (Fraunhofer Institute for Secure Information Technology SIT, Germany)

    Ticket based lightweight security solution for small car E/E-components

    Claus-Henning Friederichs (AVL, Germany)

    Practical guidelines to configure homomorphic encryption schemes: An application to machine learning

    Antoine Choffrut (CEA, France)

    Homomorphic Encryption Based Pattern Search for Privacy Preserving Analytics

    Hoang-Gia NGUYEN (CEA, France)

    ROADIE: andRoid App fOr Automotive customizeD servIcEs

    Marco de Vincenzi (CNR, Italy)

    ENS II
    Session Chair:
    Prof. Krzysztof Cabaj (Warsaw University of Technology, Poland)

    SAMM: Situation Awareness with Machine Learning for Misbehavior Detection in VANET

    Mohammed A. Abdelmaguid, Hossam S. Hassanein and Mohammad Zulkernine (School of Computing, Queen’s University, Canada)

    Towards Deployment Shift Inhibition Through Transfer Learning in Network Intrusion Detection

    Marek Pawlicki, Rafał Kozik and Michał Choraś (ITTI Sp. z o.o. Poznań, Bydgoszcz University of Science and Technology Bydgoszcz, Poland)

    Image-based Neural Network Models for Malware Traffic Classification using PCAP to Picture Conversion

    Giorgos Agrafiotis, Eftychia Makri, Ioannis Flionis, Antonios Lalas, Konstantinos Votis and Dimitrios Tzovaras (Centre for Research and Technology Hellas/ Information Technologies Institute (CERTH/ITI), Greece)

    Applying Machine Learning on RSRP-based Features for False Base Station Detection

    Prajwol Kumar Nakarmi, Jakob Sternby and Ikram Ullah (Ericsson, Sweden)

     

    PCSCI II
    Technologies And Use Cases
    Session Chair:
    Stefan Schauer (Austrian Institute of Technology, Austria)

    Physical and Cyber Situational Awareness for CI

    Juan José Hernández Montesino (ETRA I+D) and Stephane Paul (Thales)

    Hybrid Situational Awareness

    Israel Perez Llopis and Javier Hingant Gómez (Universitat Politecnica de Valencia)

    Serious Games in Crisis Situations

    Daniel McCrum and Páraic Carroll (University College Dublin)

    A Methodology for Enhancing Emergency Situational Awareness through Social Media

    Antonios Karteris, Georgios Tzanos, Lazaros Papadopoulos, Konstantinos Demestichas, Dimitrios Soudris, Juliette Pauline Philibert and Carlos López Gómez

    The PRAETORIAN Use Cases in a Nutshell

    Eva María Munoz Navarro (ETRA I+D), Frederic Guyomard (Électricité de France) and
    Tamara Hadjina (KONCAR)

    The PRECINCT Living Labs in a Nutshell

    Isabel Verwee and Shirley Delannoy (VIAS Institute)

    CyberSane II
    Session Chair:
    Luis Landeiro Ribeiro (Head of PMO at PDMFC, Project Manager for the CyberSANE project)

    Standardisation activities: Manos Athanathos

    CyberSANE Business models: Armend Duzha

    Q&A: Jorge Manuel Martins & Luis Landeiro Ribeiro

    19:15 - 23:30
    Evening Reception And “Welcome back to ARES” Party

    Wednesday 24.08.2022 Detailed

    Time (UTC +2)
    HS 01
    SR 03
    SR 04
    SR 05
    SR 08
    08:30 - 17:30
    Organizers available
    08:45 - 10:00
    ARES Keynote
    Delphine Reinhardt
    HS 01

    Usable Privacy: Retrospective and Challenges ahead

    Delphine Reinhardt (University of Göttingen, Germany)

    Abstract: Since the introduction of the GDPR  and the resulting cookie banners, providing or not our consent to data collection has become a recurrent activity that requests attention and time for each visited website.  While consent is an important instrument to protect our privacy, its implementation is a source of annoyance for most website visitors due to its lack of usability. As a result, they may choose the easiest way and click on the most attractive button without a second thought, thus voiding the original intention beyond an informed consent. To avoid such effects for which the users are not to blame, different usable privacy solutions have been proposed in the past. In this keynote, we will consider the different steps beyond consent in which the users can be involved and detail selected examples. Based on them, we will identify future research directions and discuss challenges that we will need to solve in the next years as a community.

    10:00 - 10:30
    Coffee Break
    10:30 - 12:00
    ARES II
    Privacy
    Session Chair:
    Delphine Reinhardt (University of Göttingen, Germany)

    SoK: How private is Bitcoin? Classification and Evaluation of Bitcoin Privacy Techniques

    Simin Ghesmati (SBA Research, Austria), Walid Fdhila (SBA Research, Austria) and Edgar Weippl (University of Vienna and SBA Research, Austria)

    Towards Verifiable Differentially-Private Polling

    Gonzalo Munilla Garrido (SEBIS, Technical University of Munich, Germany), Johannes Sedlmeir (Fraunhofer FIT, Branch Business and Information Systems Engineering, Germany) and Matthias Babel (FIM Research Center, University of Bayreuth, Germany)

    Automatic online quantification and prioritization of data protection risks

    Sascha Sven Zmiewski (University of Duisburg-Essen, Germany), Jan Laufer (University of Duisburg-Essen, Germany) and Zoltán Ádám Mann (University of Amsterdam, The Netherlands)

    Reviewing review platforms: a privacy perspective

    Kevin De Boeck, Jenno Verdonck, Michiel Willocx, Jorn Lapon and Vincent Naessens (imec-DistriNet, Belgium)

    CD-MAKE I
    Explainable AI I
    Session Chair:
    Randy G. Goebel (University of Alberta, Canada)

    Explain to Not Forget: Defending Against Catastrophic Forgetting with XAI

    Sami Ede (Fraunhofer Heinrich Hertz Institute, Germany), Serop Baghdadlian (Fraunhofer Heinrich Hertz Institute, Germany), Leander Weber (Fraunhofer Heinrich Hertz Institute, Germany), An Nguyen (Friedrich Alexander-Universität Erlangen-Nürnberg, Germany), Dario Zanca (Friedrich Alexander-Universität Erlangen-Nürnberg, Germany), Wojciech Samek (Fraunhofer Heinrich Hertz Institute, Technische Universität Berlin, BIFOLD – Berlin Institute for the Foundations of Learning and Data, Germany) and Sebastian Lapuschkin (Fraunhofer Heinrich Hertz Institute, Germany)

    Approximation of SHAP values for Randomized Tree Ensembles

    Markus Loecher (Berlin School of Economics and Law, Germany), Dingyi Lai (Dept. of Statistics, Humboldt University, Germany), Wu Qi (Dept. of Statistics, Humboldt University, Germany)

    Color shadows (part I): exploratory usability evaluation of activation maps in radiological machine learning

    Federico Cabitza (Universit´a degli Studi di Milano-Bicocca, IRCCS Istituto Galeazzi Milano, Italy), Andrea Campagner (Universit´a degli Studi di Milano-Bicocca, Italy), Lorenzo Famiglini (Universit´a degli Studi di Milano-Bicocca, Italy), Enrico Gallazzi (Istituto Ortopedico Gaetano Pini — ASST Pini-CTO, Italy) and Giovanni Andrea La Maida (Istituto Ortopedico Gaetano Pini — ASST Pini-CTO, Italy)

    Effects of Fairness and Explanation on Trust in Ethical AI

    Alessa Angerschmid (Human-Centered AI Lab, University of Natural Resources and Life Sciences Vienna, Austria), Kevin Theuermann (Graz University of Technology, Austria), Andreas Holzinger (Human-Centered AI Lab, University of Natural Resources and Life Sciences Vienna, Austria), Fang Chen (Human-Centered AI Lab, University of Technology Sydney, Australia), Jianlong Zhou (Human-Centered AI Lab, University of Technology Sydney, Australia)

    ENS III
    Session Chair:
    Edgardo Montes de Oca (Montimage, France)

    Analysis and prediction of web proxies misbehavior

    Zahra Nezhadian, Enrico Branca, and Natalia Stakhanova (University of Saskatchewan, Canada)

    Analyzing RRC Replay Attack and Securing Base Station with Practical Method

    Seongmin Park (Korea Internet & Security Agency, South Korea), Ilsun You (Kookmin University, South Korea), Hoonyong Park (Soonchunhyang University, South Korea) and Dowon Kim (Korea Internet & Security Agency, South Korea)

    Sim2Testbed Transfer: NDN Performance Evaluation

    Enkeleda Bardhi (Sapienza University of Rome, Italy), Mauro Conti (University of Padua, Italy), Riccardo Lazzeretti (Sapienza University of Rome, Italy), Eleonora Losiouk (University of Padua, Italy) and Ahmed Taffal (Sapienza University of Rome, Italy)

    Performance Evaluation of DTLS Implementations on RIOT OS for Internet of Things Applications

    Karol Rzepka, Przemysław Szary, Krzysztof Cabaj and Wojciech Mazurczyk (Warsaw University of Technology, Poland)

    CUING I
    Session Chair:
    Prof. Wojciech Mazurczyk (Warsaw University of Technology, Poland & FernUniversitaet in Hagen, Germany)

    Describing Steganography Hiding Methods with a Unified Taxonomy

    Steffen Wendzel (Scientific Director Center of Technology & Transfer and Professor, Hochschule Worms Lecturer, University of Hagen)

    Abstract: Steganography embraces several hiding techniques which spawn across multiple domains, such as digital media steganography, text steganography, cyber-physical systems steganography, network steganography (network covert channels), and filesystem steganography. However, the related terminology is not unified among the different domains. To cope with this, an attempt has been made in 2015 with the introduction of the so-called “hiding patterns”. Hiding patterns allow to describe hiding techniques in a more abstract manner. Despite significant enhancements, the main limitation of the original taxonomy is that it only considers the case of network steganography. The 2015-taxonomy was optimized over the years but a major revision (presented at ARES’ CUING’21) has paved the path towards a taxonomy that covers all steganography domains.

    This keynote introduces the concept of hiding patterns and reviews the development of the methodology. It will also present a major revision of the patterns-taxonomy, which was developed by a consortium with members from several countries (HS Worms (Germany), CNR (Italy), WUT (Poland), Univ. Goce Delcev (North Macedonia), University of Magdeburg (Germany), and TH Brandenburg (Germany)). The new version of the taxonomy will be made publicly available in mid-August, here.

    A novel, refined dataset for real-time Network Intrusion Detection

    Mikołaj Komisarek (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland), Marek Pawlicki (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland), Maria-Elena Mihailescu (University Politehnica of Bucharest, Romania), Darius Mihai (University Politehnica of Bucharest, Romania), Mihai Carabas, Rafał Kozik (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland) and Michał Choraś (FernUniversität in Hagen and Bydgoszcz University of Science and Technology, Poland)

    CSA I
    Session Chair:
    Salvador Llopis Sanchez (Universitat Politecnica de Valencia, Spain)

    Horizon scanning and strategic knowledge management for future military operations

    Dr. Joachim Klerx, Austrian Insititute of Technology, Austria

    Abstract: Actionable information and strategic knowledge have always created competitive advantages in war situations. However, the digital revolution of the last decades has been proven to be a game changer in the strategic knowledge management for future military operations. Digital innovations did change processes, technologies and capabilities in conflict scenarios and is continuing to do so. This is obvious for operative intelligence, surveillance and reconnaissance (ISR) but is not so obvious for the strategic knowledge management for future military operations.

    In this talk, results from long-term monitoring of military cyber research and AI horizon scanning with intelligent agents are presented. After presenting a short introduction into the methodical approach, this talk will summarize the horizon scanning results for future military AI solutions, including some corresponding future threat scenarios, innovations and trends. Finally, the impacts on cyber situational awareness and future security policy perspectives are discussed.

    VALKYRIES: Harmonization and Pre-Standardization of Technology, Training and Tactical Coordinated Operations for First Responders on EU MCI

    Yantsislav Yanakiev (Bulgarian Defence Institute, Bulgaria), Marta Irene García Cid (Indra, Spain), Jorge Maestre Vidal (Indra, Spain), Nikolai Stoianov (Bulgarian Defence Institute, Bulgaria) and Marco Antonio Sotelo Monge (Indra, Spain)

    Disruptive Quantum Safe Technologies

    Marta Irene Garcia Cid (Indra, UPM, Spain), Jorge Álvaro González (Indra, Spain), Diego Del Río Gómez (Indra, Spain) and Laura Ortíz Martín (Indra, UPM, Spain)

    12:00 - 13:00
    Lunch Break
    13:00 - 14:30
    ARES III
    Cloud Security And Web Privacy
    Session Chair:
    Fabio Massacci (University of Trento, Vrije Universiteit Amsterdam, The Netherlands)

    SoK: Security of Microservice Applications: A Practitioners' Perspective on Challenges and Best Practices

    Priyanka Billawa (Hamburg University of Technology, Germany), Anusha Bambhore Tukaram (Hamburg University of Technology, Germany), Nicolás E. Díaz Ferreyra (Hamburg University of Technology, Germany), Jan-Philipp Steghöfer (Chalmers University of Technology, University of Gothenburg, Sweden), Riccardo Scandariato (Hamburg University of Technology, Germany) and Georg Simhandl (University of Vienna, Austria)

    Themis: A Secure Decentralized Framework for Microservice Interaction in Serverless Computing

    Angeliki Aktypi (Department of Computer Science, University of Oxford, United Kingdom), Dimitris Karnikis (Aarno Labs, United States), Nikos Vasilakis (Massachusetts Institute of Technology, United States) and Kasper Rasmussen (Department of Computer Science, University of Oxford, United Kingdom)

    Assessing discrepancies between network traffic and privacy policies of public sector web services

    Timi Heino, Robin Carlsson, Sampsa Rauti and Ville Leppänen (University of Turku, Finland)

    Cookie Disclaimers: Impact of Design and Users’ Attitude

    Benjamin Maximilian Berens (Karlsruhe Institut of Technology, Germany), Heike Dietmann (Karlsruhe Institut of Technology, Germany), Chiara Krisam (Karlsruhe Institut of Technology, Germany), Oksana Kulyk (IT University of Copenhagen, Denmark) and Melanie Volkamer (Karlsruhe Institut of Technology, Germany))

    CD-MAKE II
    Explainable AI II
    Session Chair:
    Wojciech Samek (Fraunhofer Heinrich Hertz Institute, Germany)

    Towards Refined Classifications driven by SHAP explanations

    Yusuf Arslan (SnT – University of Luxembourg, Luxembourg), Bertrand Lebichot (SnT – University of Luxembourg, Luxembourg), Kevin Allix (SnT – University of Luxembourg, Luxembourg), Lisa Veiber (SnT – University of Luxembourg, Luxembourg), Clément Lefebvre (BGL BNP Paribas, Luxembourg), Andrey Boytsov (BGL BNP Paribas, Luxembourg), Anne Goujon (BGL BNP Paribas, Luxembourg), Tegawendé F. Bissyandé (SnT – University of Luxembourg, Luxembourg) and Jacques Klein (SnT – University of Luxembourg, Luxembourg)

    Global Interpretable Calibration Index, a New Metric to Estimate Machine Learning Models’ Calibration

    Federico Cabitza (Dipartimento di Informatica, Sistemistica e Comunicazione, University of
    Milano-Bicocca, IRCCS Istituto Ortopedico Galeazzi, Italy), Andrea Campagner (Dipartimento di Informatica, Sistemistica e Comunicazione, University of Milano-Bicocca, Italy) and Lorenzo Famiglini (Dipartimento di Informatica, Sistemistica e Comunicazione, University of Milano-Bicocca, Italy)

    The ROC Diagonal is not Layperson’s Chance: a New Baseline Shows the Useful Area

    André M. Carrington (Department of Radiology, Radiation Oncology and Medical Physics, Faculty of Medicine, University of Ottawa and the Ottawa Hospital, Canada), Paul W. Fieguth (Department of Systems Design Engineering, University of Waterloo, Canada), Franz Mayr (Faculty of Engineering, Universidad ORT Uruguay, Uruguay), Nick D. James (Software Solutions, Systems Integration and Architecture, The Ottawa Hospital, Canada), Andreas Holzinger (University of Natural Resources and Life Sciences Vienna, Austria), John W. Pickering (Christchurch Heart Institute, Department of Medicine, University of Otago, New Zealand) and Richard I. Aviv (Department of Radiology, Radiation Oncology and Medical Physics, Faculty of Medicine, University of Ottawa and the Ottawa Hospital, Canada)

    Debiasing MDI Feature Importance and SHAP values in Tree Ensembles

    Markus Loecher (Berlin School of Economics and Law, Germany)

    ENS IV
    Session Chair:
    Prof. Ilsun You (Kookmin University, South Korea)

    We cannot trust in you: a study about the dissonance among anti-malware engines

    Davide Cocca (Yoroi srl, Italy), Antonio Pirozzi (Universita’ Degli Studi Del Sannio, Italy) and Aaron Visaggio (Universita’ Degli Studi Del Sannio, Italy)

    FileUploadChecker: Detecting and Sanitizing Malicious File Uploads in Web Applications at the Request Level

    Pascal Wichmann (Universität Hamburg, Security in Distributed Systems, Germany), Alexander Groddeck (Universität Hamburg, Germany) and Hannes Federrath (Universität Hamburg, Security in Distributed Systems, Germany)

    Joint Security-vs-QoS Framework: Optimizing the Selection of Intrusion Detection Mechanisms in 5G networks

    Arash Bozorgchenani (Lancaster University, United Kingdom), Charilaos C. Zarakovitis (National Centre for Scientific Research “Demokritos”, Greece), Su Fong Chien (MIMOS Berhad, Malaysia), Heng Siong Lim (Multimedia University, Malaysia), Qiang Ni (Lancaster University, United Kingdom), Antonios Gouglidis (Lancaster University, United Kingdom) and Wissam Mallouli (Montimage EURL, France)

    The Owner, the Provider and the Subcontractors : How to Handle Accountability and Liability Management for 5G End to End Service

    Chrystel Gaber (Orange, France), Ghada Arfaoui (Orange, France), Yannick Carlinet (Orange, France), Nancy Perrot (Orange, France), Laurent Valleyre (Orange, France), Marc Lacoste (Orange, France), Jean-Philippe Wary (Orange, France), Yacine Anser (Orange,CNAM, France), Rafal Artych (Orange Polska, Poland), Aleksandra Podlasek (Orange Polska, Poland), Edgardo Montesdeoca (Montimage, France), Vinh Hoa La (Montimage, France), Vincent Lefebvre (TAGES, France), Gürkan Gür (Zurich Univeristy of Applied Sciences, Switzerland)

    CUING II
    Session Chair:
    Prof. Angelo Consoli (Scuola universitaria professionale della Svizzera italiana (SUPSI), Switzerland)

    UNCOVER: Development of an efficient steganalysis framework for uncovering hidden data in digital media

    Vaila Leask (Royal Military Academy, Belgium), Rémi Cogranne (Université de Technologie Troyes, France), Dirk Borghys (Royal Military Academy, Belgium) and Helena Bruyninckx (Royal Military Academy, Belgium)

    Revealing MageCart-like Threats in Favicons via Artificial Intelligence

    Massimo Guarascio (CNR, ICAR, Italy), Marco Zuppelli (CNR, IMATI, Italy), Nunziato Cassavia (CNR, ICAR, Italy), Luca Caviglione (CNR, IMATI, Italy) and Giuseppe Manco (CNR, ICAR, Italy)

    Detection of Malicious Images in Production-Quality Scenarios with the SIMARGL Toolkit

    Luca Caviglione (CNR, Italy), Martin Grabowski (Netzfactor GmbH, Germany), Kai Gutberlet (Netzfactor GmbH, Germany), Adrian Marzecki (Orange Polska, Poland), Marco Zuppelli (CNR, Italy), Andreas Schaffhauser (FernUniversität in Hagen, Germany) and Wojciech Mazurczyk (Warsaw University of Technology, Poland)

    Web Page Harvesting for Automatized Large-scale Digital Images Anomaly Detection

    Marcin Kowalczyk, Agnieszka Malanowska, Wojciech Mazurczyk and Krzysztof Cabaj (Warsaw University of Technology, Poland)

    CSA II
    Session Chair:
    Jorge Maestre Vidal (Indra, Spain)

    A Quantitative Analysis of Offensive Cyber Operation (OCO) Automation Tools

    Samuel Zurowski (University of New Haven, United States), George Lord (University of New Haven, United States) and Ibrahim Baggili (University of New Haven, Louisiana State University, United States)

    Panel: Recent advances in Cyber Situational Awareness

    Invited speakers & workshop chairs

    14:30 - 15:00
    Coffee Break
    15:00 - 16:30
    ARES IV
    Web Security
    Session Chair:
    Nils Gruschka (University of Oslo, Norway)

    Web Cryptography API: Prevalence and Possible Developer Mistakes

    Pascal Wichmann, Maximilian Blochberger and Hannes Federrath (University of Hamburg, Germany)

    Dating Phish: An Analysis of the Life Cycles of Phishing Attacks and Campaigns

    Vincent Drury, Luisa Lux and Ulrike Meyer (RWTH Aachen University, Germany)

    Web Bot Detection Evasion Using Deep Reinforcement Learning

    Christos Iliou (Information Technologies Institute, CERTH, Greece and BU-CERT, Bournemouth University, United Kingdom), Theodoros Kostoulas (Department of Information and Communication Systems Engineering, University of the Aegean, Greece), Theodora Tsikrika (Information Technologies Institute, CERTH, Greece), Vasilios Katos (Bournemouth University, United Kingdom), Stefanos Vrochidis (Information Technologies Institute, CERTH, Greece) and Ioannis Kompatsiaris (Information Technologies Institute, CERTH, Greece)

    Rumor and clickbait detection by combining information divergence measures and deep learning techniques

    Christian Oliva (ITEFI-CSIC and UAM, Spain), Ignacio Palacio-Marín (UAM, Spain), Luis F. Lago-Fernández (UAM, Spain) and David Arroyo (ITEFI-CSIC, Spain)

    CD-MAKE III
    Privacy, Identification and Prediction
    Session Chair:
    Mathias Fischer (University of Hamburg, Germany)

    Identifying Fraud Rings Using Domain Aware Weighted Community Detection

    Shaik Masihullah, Meghana Negi, Jose Matthew, and Jairaj Sathyanarayana (Swiggy, Bangalore, India)

    Capabilities, limitations and challenges of style transfer with CycleGANs: a study on automatic ring design generation

    Tomas Cabezon Pedroso (Carnegie Mellon University, United States), Javier Del Ser (TECNALIA, Basque Research & Technology Alliance (BRTA), University of the Basque Country (UPV/EHU), Spain) and Natalia Díaz-Rodríguez (Department of Computer Sciences and Artificial Intelligence, Andalusian Research Institute in Data Science and Computational Intelligence (DaSCI), CITIC, University of Granada, Spain)

    Semantic Causal Abstraction for Event Prediction

    Sasha Strelnikoff, Aruna Jammalamadaka and Tsai-Ching Lu (Information Systems and Sciences Laboratory, HRL Laboratories, LLC, United States)

    WSDF
    Session Chair:
    Virginia Franqueira (University of Kent, UK)

    Coming Back to the Backlog: Can Digital Investigations Catch Up?

    Dr. Andrew Marrington (Zayed University, United Arab Emirates)

    Abstract: Digital evidence is crucial in a wide variety of criminal investigations and prosecutions. The digital footprint of everyday life and the proximity of smartphones and other digital devices to physical crime scenes means that the relevance of digital evidence is by no means confined to cybercrime cases. As a result, law enforcement agencies around the world have huge backlogs of digital evidence awaiting extraction and examination. In the UK alone, the collective backlog is at least 21,000 digital devices (smartphones, computers, tablets, etc), contributing to significant delays in investigations and prosecutions.

    For two decades, digital forensics research has been grappling with this backlog in a variety of ways. Researchers have proposed faster methodologies and tools, more automation of the process of examination and analysis, triage techniques to make better use of examinter time, and more. Nevertheless, the problem of large backlogs persists. This keynote considers the causes of the backlog problem, and discusses how the digital forensics community can try to address it in the years ahead.

    Forensic analysis of Tor in Windows environment: A case study
    Vaia-Maria Angeli, Ahmad Atamli and Erisa Karafili (School of Electronics and Computer Science, University of Southampton, United Kingdom)

    WSL2 Forensics: Detection, Analysis & Revirtualization

    Philipp Boigner (St. Pölten University of Applied Sciences, Austria) and Robert Luh (St. Pölten University of Applied Sciences and University of Vienna, Austria)

    Fast and Blind Detection of Rate-Distortion-Preserving Video Watermarks

    Hannes Mareen (IDLab, Ghent University – imec, Belgium), Glenn Van Wallendael (IDLab, Ghent University – imec, Belgium), Peter Lambert (IDLab, Ghent University – imec, Belgium) and Fouad Khelifi (Department of Computer and Information Sciences, Northumbria University, United Kingdom)

     

    CUING III
    Session Chair:
    Dr. Peter Kieseberg (St. Pölten University of Applied Sciences, Austria)

    Network Steganography Through Redundancy in Higher-Radix Floating-Point Representations

    Carina Heßeling, Jörg Keller and Sebastian Litzinger (FernuUniversitaet Hagen, Germany)

    Using Telegram as a carrier for image steganography: Analysing Telegrams API limits

    Niklas Bunzel (Fraunhofer SIT, ATHENE, Germany), Tobias Chen (TU Darmstadt, Germany) and Martin Steinebach (Fraunhofer SIT, ATHENE, Germany)

    Challenging Channels: Encrypted Covert Channels within Challenge-Response Authentication

    Tobias Schmidbauer (FernUniversität in Hagen, Germany), Jörg Keller (FernUniversität in Hagen, Germany) and Steffen Wendzel (Hochschule Worms and FernUniversität in Hagen, Germany)

    Improving Performance of Machine Learning based Detection of Network Steganography in Industrial Control Systems

    Tom Neubert (Brandenburg University of Applied Sciences, Germany), Antonio José Caballero Morcillo (Universitat Politècnica de València, Spain) and Claus Vielhauer (Brandenburg University of Applied Sciences, Germany)

    IWSECC
    Session Chair:
    Antonio Muñoz (University of Malaga, Spain)

    GTM: Game Theoretic Methodology for optimal cybersecurity defending strategies and investments
    Ioannis Kalderemidis (University of Piraeus, Greece), Aristeidis Farao (University of Piraeus, Greece), Panagiotis Bountakas (University of Piraeus, Greece), Sakshyam Panda (University of Greenwich, United Kingdom), Christos Xenakis (University of Piraeus, Greece)

    Revisiting a Privacy-Preserving Location-based Service Protocol using Edge Computing
    Santosh Kumar Upadhyaya and Srinivas Vivek (International Institute of Information Technology, Bangalore, India)

    A Revisit of Attestable Nodes for Networked Applications
    Mathias Schüpany and Martin Pirker (St.Pölten University of Applied Sciences, Austria)

    16:30 - 16:45
    Short Coffee Break
    16:45 - 17:30
    CD-MAKE Keynote
    R.G. Goebel
    HS 01

    Explanation as an essential component of machine-mediated acquisition of knowledge for predictive models

    R.G. Goebel (University of Alberta and XAI-Lab in Edmonton, Alberta, Canada)

    Abstract: The successful application of machine learning (ML) methods becomes increasingly dependent on their interpretability or explainability. Designing explainable ML systems is instrumental to ensuring transparency of automated decision-making that targets humans. The explainability of ML methods is also an essential ingredient for trustworthy artificial intelligence. A key challenge in ensuring explainability is its dependence on the specific human user (“explainee”).
    The users of machine learning methods might have vastly different background knowledge about machine learning principles. One user might have a university degree in machine learning or related fields, while another user might have never received formal training in high-school mathematics. We measure explainability via the conditional entropy of predictions, given some user signal. This user signal might be obtained from user surveys or biophysical measurements.
    We propose explainable empirical risk minimization (EERM) principle of learning a hypothesis that optimally balances between the subjective explainability and risk.
    The EERM principle is flexible and can be combined with arbitrary machine learning models. We present several practical implementations of EERM for linear models and decision trees. Numerical experiments demonstrate the application of EERM to detecting the use of inappropriate language on social media.

    19:00 - 20:30
    Sightseeing Tour Schönbrunn Castle

    Thursday 25.08.2022 Detailed

    Time (UTC +2)
    HS 01
    SR 03
    SR 04
    SR 05
    SR 08
    08:15 - 18:00
    Organizers available
    08:30 - 10:00
    ARES V
    Secure Software And Malware Detection
    Session Chair:
    Marc Ohm (University of Bonn, Germany)

    Precise Analysis of Purpose Limitation in Data Flow Diagrams

    Hanaa Alshareef (Chalmers University of Technology, Sweden), Katja Tuma (Vrije Universiteit Amsterdam, The Netherlands), Sandro Stucki (Chalmers University of Technology, Sweden), Gerardo Schneider (University of Gothenburg, Sweden) and Riccardo Scandariato (Hamburg University of Technology, Germany)

    Compiler-Aided Development of Trusted Enclaves with Rust

    Felix Dreissig (noris network AG, Germany), Jonas Röckl (FAU Erlangen-Nürnberg, Germany) and Tilo Müller (Hof University of Applied Sciences, Germany)

    Bridging the Gap Between Certification and Software Development

    Claudio A. Ardagna (Department of Computer Science, Università degli Studi di Milano, Italy), Nicola Bena (Department of Computer Science, Università degli Studi di Milano, Italy) and Ramon Martín de Pozuelo (CaixaBank, Spain)

    SMODIC: A Model Checker for Self-modifying Code

    Tayssir Touili and Xin Ye (LIPN, CNRS, France)

    CD-MAKE IV
    Learning
    Session Chair:
    Andre Carrington (University of Ottawa, Canada)

    An Evaluation Study of Intrinsic Motivation Techniques applied to Reinforcement Learning over Hard Exploration Environments

    Alain Andres (TECNALIA, Basque Research & Technology Alliance (BRTA), University of the Basque Country (UPV/EHU), Spain), Esther Villar-Rodriguez (TECNALIA, Basque Research & Technology Alliance (BRTA), Spain) and Javier Del Ser (TECNALIA, Basque Research & Technology Alliance (BRTA), University of the Basque Country (UPV/EHU), Spain))

    Towards Generating Financial Reports From Tabular Data Using Transformers

    Clayton Leroy Chapman (University of Bonn, Germany), Lars Hillebrand (University of Bonn, Fraunhofer IAIS, Germany), Marc Robin Stenzel (Fraunhofer IAIS, Germany), Tobias Deußer (University of Bonn, Fraunhofer IAIS, Germany), David Biesner (University of Bonn, Fraunhofer IAIS, Germany), Christian Bauckhage (University of Bonn, Fraunhofer IAIS, Germany) and Rafet Sifa (Fraunhofer IAIS, Germany)

    Evaluating the performance of SOBEK text mining keyword extraction algorithm

    Eliseo Reategui (PGIE, UFRGS, Brazil), Marcio Bigolin (PGIE, UFRGS, IFRS, Brazil), Michel Carniato (PUCRS, Brazil), Rafael Antunes dos Santos (PGIE, UFRGS, Brazil)

    Classification of Screenshot Image Captured in Online Meeting System

    Minoru Kuribayashi, Kodai Kamakari and Nobuo Funabiki (Graduate School of Natural Science and Technology, Okayama University, Japan)

    IoT-SECFOR I
    Security Assessment And Threat Analysis
    Session Chair:
    Virginia Franqueira (University of Kent, UK)

    Cyber Security when IT meets OT

    Sokratis K. KatsikasDirector of the Norwegian Centre for Cybersecurity in Critical Sectors Professor with the Department of Information Security and Communication Technology, Norwegian University of Science and Technology, Norway

    Abstract: The current trend of automation and data exchange in industry, through the development, use and integration of cyber-physical systems, the Internet of things, cloud computing, artificial intelligence and other enabling technologies is expected to bring tremendous benefits in the economy, including improved productivity and efficiency, better flexibility and agility, and increased profitability. However, it also comes with increased cybersecurity risks, primarily deriving from the integration of information technology and operational technology. Thus, as in all cases of a major shift in computing paradigms, a number of cybersecurity challenges arise, that cannot be addressed by simply porting solutions from other domains. In this talk a brief overview of such challenges, and current best practices for addressing them, as well as open issues will be provided.

    STRIPED: A Threat Analysis Method for IoT Systems

    Kamakshi Srikumar, Komal Kashish, Kolja Eggers, Nicolás E. Díaz Ferreyra, Julian Koch, Thorsten Schüppstuhl and Riccardo Scandariato (Hamburg University of Technology, Germany)

    An Investigation of PSA Certified

    Seonghan Shin, Tomoyuki Ogawa, Ryo Fujita, Mari Itoh and Hirotaka Yoshida (National Institute of Advanced Industrial Science and Technology (AIST), Japan))

    CUING IV
    Session Chair:
    Prof. Joerg Keller (FernUniversitaet in Hagen, Germany)

    Limitations of Web Cryptojacking Detection: A Practical Evaluation

    Pawel Rajba (University of Wroclaw, Poland) and Wojciech Mazurczyk (Warsaw University of Technology, Poland)

    Data Acquisition on a large Darknet Marketplace

    York Yannikos, Julian Heeger and Martin Steinebach (Fraunhofer SIT, Germany)

    A synopsis of critical aspects for darknet research

    Florian Platzer (Fraunhofer SIT, Germany) and Alexandra Lux (TU Darmstadt, Germany)

    Towards Image Hashing Robust Against Cropping and Rotation

    Martin Steinebach (Fraunhofer SIT, Germany), Tiberius Berwanger (TU Darmstadt, Germany) and Huajian Liu (Fraunhofer SIT, Germany)

     

    IWAPS I
    Blockchain Security Applications
    Session Chair:
    Christos Xenakis (University of Piraeus, Greece)

    Trusted and Secure Self-Sovereign Identity framework

    Vaios Bolgouras, Anna Angelogianni, Ilias Politis and Christos Xenakis (University of Piraeus, Greece)

    Improving Security and Scalability in Smart Grids using Blockchain Technologies

    Mandana Falahi (University POLITEHNICA of Bucharest, Romania), Andrei Vasilateanu (University POLITEHNICA of Bucharest, Romania), Nicolae Goga (University POLITEHNICA of Bucharest, Romania), George Suciu (BEIA Consult International, Romania), Mari-Anais Sachian (BEIA Consult International, Romania), Robert Florescu (University POLITEHNICA of Bucharest, Romania), Ștefan-Daniel Stanciu (University POLITEHNICA of Bucharest, Romania)

    ConSenseIoT: A Consensus Algorithm for Secure and Scalable Blockchain in the IoT context

    Harris Niavis and Konstantinos Loupos (Inlecom Innovation, Greece)

    INCOGNITO: IdeNtity verifiCatiOn with privacy-preservinG credeNtIals for anonymous access To Online services

    Vaios Bolgouras  (University of Piraeus, Greece)

    10:00 - 10:15
    Short Coffee Break
    10:15 - 11:45
    ARES VI
    Network And Hardware Security

    FOLPETTI: A Novel Multi-Armed Bandit Smart Attack for Wireless Networks

    Emilie Bout (Inria, France), Alessandro Brighente (University of Padova, Italy), Mauro Conti (University of Padova, Italy) and Valeria Loscri (Inria, France)

    Limiting the Size of a Predictive Blacklist While Maintaining Sufficient Accuracy

    Samuel Šuľan (Faculty of Informatics, Masaryk University, Czech Republic) and Martin Husák (Institute of Computer Science, Masaryk University, Czech Republic)

    Secure Services for Standard RISC-V Architectures

    Davide Bove (Friedrich-Alexander-Universität Erlangen-Nürnberg, Germany)

    RIPEMB: A framework for assessing hardware-assisted software security schemes in embedded systems

    Stefan Tauner (TU Wien, Austria)

    CD-MAKE V
    Analytics, Explanation and Applications 1
    Session Chair:
    André Calero Valdez (University of Lübeck, Germany)

    A survey on the application of virtual reality in event-related potential research

    Vladimir Marochko (The Artificial Intelligence and Cognitive Load research lab, the Applied Intelligence Research Center, School of Computer Science, Technological University Dublin, Ireland), Richard Reilly (School of Medicine, Institute of Neuroscience, Trinity College Dublin, The University of Dublin, Ireland), Rachel McDonnell (School of Computer Science and Statistics, The University of Dublin, Trinity College, Ireland) and Luca Longo (The Artificial Intelligence and Cognitive Load research lab, the Applied Intelligence Research Center, School of Computer Science, Technological University Dublin, Ireland)

    Visualizing Large Collections of URLs Using the Hilbert Curve

    Poornima Belavadi (Human-Computer Interaction Center, RWTH Aachen University, Germany), Johannes Nakayama (Human-Computer Interaction Center, RWTH Aachen University, Germany), and André Calero Valdez (Institute for Multimedia and Interactive Systems, University of Lübeck, Germany)

    How to Reduce the Time Necessary for Evaluation of Tree-based Models

    Viera Anderková and František Babič (Department of Cybernetics and Artificial Intelligence, Faculty of Electrical Engineering and Informatics, Technical University of Košice, Slovakia)

    An Empirical Analysis of Synthetic-Data-based Anomaly Detection
    Majlinda Llugiqi (Vienna University of Technology, Austria) and Rudolf Mayer (SBA Research & Vienna University of Technology, Austria)

    SECI Model in Data-Based Procedure for the Assessment of the Frailty State in Diabetic Patient

    František Babič (Department of Cybernetics and Artificial Intelligence, Faculty of Electrical Engineering and
    Informatics, Technical University of Košice, Slovakia), Viera Anderková (Department of Cybernetics and Artificial Intelligence, Faculty of Electrical Engineering and Informatics, Technical University of Košice, Slovakia), Zvonimir Bosnić (Department of Family Medicine, Faculty of Medicine, Josip Juraj Strossmayer University of Osijek, Croatia), Mile Volarić (Faculty of Medicine, Josip Juraj Strossmayer University of Osijek, Croatia), Ljiljana Trtica Majnarić (Department of Family Medicine, Faculty of Medicine, Josip Juraj Strossmayer University of Osijek, Croatia)

    IoT-SECFOR II
    Security Attacks And Solutions
    Session Chair:
    Virginia Franqueira (University of Kent, UK)

    Reactive Jamming Detection for LoRaWAN Based on Meta-Data Differencing

    Henri Ruotsalainen (Institute of IT Security Research / St. Pölten University of Applied Sciences, Austria)

    MalRec: A Blockchain-based Malware Recovery Framework for Internet of Things

    Ahmed Lekssays, Giorgia Sirigu, Barbara Carminati and Elena Ferrari (Università degli Studi dell’Insubria, Italy)

    A Resilient Network Node for the Industrial Internet of Things

    Lukas Jäger, Dominik Lorych and Michael Eckel (Fraunhofer Institute SIT | ATHENE, Germany)

    Announcement of best paper award & final remarks

    FARES I
    Post-Quantum, Digital Identity, & Access Control
    Session Chair:
    Lorenzo Musarella (Università Mediterranea di Reggio Calabria, Italy)

    SoK: A Survey on Technological Trends for (pre)Notified eIDAS Electronic Identity Schemes

    Amir Sharif (Fondazione Bruno Kessler, Italy), Matteo Ranzi (University of Trento, Italy), Roberto Carbone (Fondazione Bruno Kessler, Italy), Giada Sciarretta (Fondazione Bruno Kessler, Italy), Silvio Ranise (Fondazione Bruno Kessler,University of Trento, Italy)

    Distributed Enforcement of Access Control policies in Intelligent Transportation System (ITS) for Situation Awareness
    Tahir Ahmad (Fondazione Bruno Kessler (FBK), Italy), Umberto Morelli (Fondazione Bruno Kessler (FBK), Italy), Silvio Ranise (Fondazione Bruno Kessler (FBK), University of Trento, Italy)

    Applying a cryptographic metric to post-quantum lattice-based signature algorithms

    Markus Rautell (VTT Technical Research Centre of Finland, Finland), Outi-Marja Latvala (VTT Technical Research Centre of Finland, Finland), Visa Vallivaara (VTT Technical Research Centre of Finland, Finland), Kimmo Halunen (University of Oulu and National Defence University of Finland, Finland)

    Introducing Quantum Computing in Mobile Malware Detection

    Giovanni Ciaramella (Institute for Informatics and Telematics, National Research Council of Italy (CNR), Italy), Giacomo Iadarola (Institute for Informatics and Telematics, National Research Council of Italy (CNR), Italy), Francesco Mercaldo (University of Molise, Institute for Informatics and Telematics, National Research Council of Italy (CNR), Italy), Marco Storto (University of Molise), Antonella Santone (University of Molise, Italy), Fabio Martinelli (Institute for Informatics and Telematics, National Research Council of Italy (CNR), Italy)

    IWAPS II
    Next Generation Security Applications
    Session Chair:
    Angeliki Panou (University of Piraeus, Greece)

    Secure Agents on Trusted Embedded Boards: A Proof of Concept based on TPM-enabled Raspberry Boards

    Antonio Muñoz (University of Malaga, Spain)

    Secret sharing a key in a distributed way, Lagrange vs Newton

    Anastassios Voudouris, Ilias Politis and Christos Xenakis (University of Piraeus, Greece)

    Fraudulent Activities in the Cyber Realm: DEFRAUDify Project

    Razvan-Alexandru Bratulescu, Robert-Ionut Vatasoiu, Sorina-Andreea Mitroi, George Suciu, Mari-Anais Sachian, Daniel-Marian Dutu and Serban-Emanuel Calescu (Beia Consult International, Romania)

    SealedGRID: Scalable, trustEd, and interoperAble pLatform for sEcureD smart GRID

    Christos Fakitsas (University of Piraeus, Greece)

    11:45 - 12:45
    Lunch Break
    12:45 - 14:00
    CD-MAKE Keynote
    Matthew Taylor
    HS 01

    Reinforcement Learning in the Real World: Challenges and Opportunities for Human-Agent Interaction

    Matthew E. Taylor (Director, Intelligent Robot Learning Lab, Associate Professor & Graduate Admissions Chair, Computing Science; Fellow and Fellow-in-Residence, Alberta Machine Intelligence Institute Canada and CIFAR AI Chair, Amii, Canada)

    Abstract: While reinforcement learning (RL) has had many successes in video games and toy domains, recent success in high-impact problems shows that this mature technology can be useful in the real world. This talk will highlight some of these successes, with an emphasis on how RL is making an impact in commercial settings, as well as what problems remain before it can become plug-and-play like many supervised learning technologies. Further, we will argue that RL, like all current AI technology, is fundamentally a human-in-the-loop paradigm. This framing will help motivate why additional fundamental research at the interaction of humans and RL agents is critical to helping RL move out of the lab and into the hands of non-academic practitioners.

    14:00 - 14:30
    Coffee Break
    14:30 - 16:00
    ARES VII
    Awareness And Incident Response

    SoK: Applications and Challenges of using Recommender Systems in Cybersecurity Incident Handling and Response

    Martin Husák and Milan Čermák (Institute of Computer Science, Masaryk University, Czech Republic)

    Model-Based Incident Response Playbooks

    Avi Shaked, Yulia Cherdantseva and Pete Burnap (School of Computer Science and Informatics, Cardiff University, United Kingdom)

    BISCUIT - Blockchain Security Incident Reporting based on Human Observations

    Benedikt Putz, Manfred Vielberth and Günther Pernul (University of Regensburg, Germany))

    SoK: A Taxonomy for Contrasting Industrial Control Systems Asset Discovery Tools

    Emmanouil Samanis, Joseph Gardiner and Awais Rashid (Bristol Cyber Security Group, University of Bristol, United Kingdom)

    IWSMR
    Session Chair:
    Steffen Wendzel (Worms University of Applied Sciences, Germany)

    Security of Social Networks: Lessons Learned on Twitter Bot Analysis in the Literature
    Sanaz Adel Alipour, Rita Orji and Nur Zincir-Heywood (Faculty of Computer Science, Dalhousie University, Canada)

    TaxIdMA: Towards a Taxonomy for Attacks related to Identities
    Daniela Pöhn and Wolfgang Hommel (Universität der Bundeswehr München, Germany)

    Cyber-Security Culture Assessment in Academia: A COVID-19 Study
    Anna Georgiadou, Ariadni Michalitsi-Psarrou and Dimitris Askounis (Decision Support Systems Laboratory, School of Electrical & Computer Engineering, National Technical University of Athens, Greece)

    SecHealth I
    Session Chair:
    Svetlana Boudko (Norwegian Computing Center, Norway)

    IoT security for smart health and smart assisted living

    Reijo M. SavolaUniversity of Jyväskylä, Finland

    Abstract: IoT solutions are in the core of effective and efficient smart health and smart assisted living solutions. Considerable increase in well-being and cost savings can be achieved by them. During the last years, IoT cybersecurity threat landscape has become wider, due to the rapidly increasing use of IoT in smart services, and the scarce computational resources available in IoT devices. This increases the risk of compromising reliable and secure use of them. Systematic proactive assistance of IoT-based smart services with cybersecurity services is essential. Cybersecurity should be designed in the services and the technologies used in a seamless way, and automation is needed. In this talk, a brief overview of challenges in IoT security for smart health and smart assisted living is will be provided, with current practices to overcome them, as well as directions for further research.

    Authentication for Operators of Critical Medical Devices: A Contribution to Analysis of Design Trade-offs

    Marwa Gadala (Aston University, City, University of London, United Kingdom), Lorenzo Strigini (City, University of London, United Kingdom), Radek Fujdiak (Brno University of Technology, Czech Republic)

    FARES II
    Threat Intelligence And Detection
    Session Chair:
    Vincenzo De Angelis (Università Mediterranea di Reggio Calabria, Italy)

    Scenarios for Process-Aware Insider Attack Detection in Manufacturing
    Martin Macak (Masaryk University, Faculty of Informatics, Czech Republic), Radek Vaclavek (Masaryk University, Faculty of Informatics, Czech Republic), Dasa Kusnirakova (Masaryk University, Faculty of Informatics, Czech Republic), Raimundas Matulevičius (Institute of Computer Science, University of Tartu, Estonia), Barbora Buhnova (Masaryk University, Faculty of Informatics, Czech Republic)

    Botnet Detection in the Internet of Things through All-in-one Deep Autoencoding
    Marta Catillo, Antonio Pecchia and Umberto Villano (Università degli Studi del Sannio, Italy)

    Current Challenges of Cyber Threat and Vulnerability Identification Using Public Enumerations

    Lukáš Sadlek(Masaryk University), Pavel Čeleda(Masaryk University), Daniel Tovarňák(Masaryk University)

    An Early Detection of Android Malware Using System Calls based Machine Learning Model

    Xinrun Zhang (Purdue University Northwest, United States), Akshay Mathur (The University of Toledo, United States), Lei Zhao (Purdue University Northwest, United States), Safia Rahmat (The University of Toledo, United States), Quamar Niyaz (Purdue University Northwest, United States), Ahmad Javaid (The University of Toledo, United States), Xiaoli Yang (Purdue University Northwest, United States)

    IWAPS III
    Cyber Insurance Applications
    Session Chair:
    Angeliki Panou (University of Piraeus, Greece)

    MITRE ATT&CK-driven Cyber Risk Assessment

    Mohamed G Ahmed (University of Greenwich, United Kingdom), Sakshyam Panda (University of Greenwich, United Kingdom), Christos Xenakis (University of Piraeus, Greece), Emmanouil Panaousis (University of Greenwich, United Kingdom)

    Analyzing Coverages of Cyber Insurance Policies Using Ontology

    Markos Charalambous (Cyprus University of Technology, Cyprus), Aristeidis Farao (University of Piraeus, Greece), George Kalantzantonakis (LSTech ESPANA, Spain), Panagiotis Kanakakis (LSTech ESPANA, Spain), Nikos Salamanos (Cyprus University of Technology, Cyprus), Evangelos Kotsifakos (LSTech ESPANA, Spain), Evangellos Froudakis (University of Piraeus, Greece)

    NetPhish: Antiphishing Project

    Panagiotis Bountakas (University of Piraeus, Greece)

    SECONDO: A Security ECONomics service platform for smart security investments and cyber insurance pricing in the beyonD 2020 netwOrking era

    Aristeidis Farao (University of Piraeus, Greece)

    16:00 - 16:30
    Coffee Break
    16:30 - 18:00
    ARES VIII
    Threat Intelligence And Intrusion Detection
    Session Chair:
    Martin Steinebach (Fraunhofer SIT | ATHENE, Germany)

    Detecting Unknown DGAs without Context Information

    Arthur Drichel, Justus von Brandt and Ulrike Meyer (RWTH Aachen University, Germany)

    HybridDAD: Detecting DDoS Flooding Attack using Machine Learning with Programmable Switches

    Mostafa Roshani (ACM Member, Iran) and Mehdi Nobakht (University of New South Wales (UNSW), Australia)

    Evading Deep Reinforcement Learning-based Network Intrusion Detection with Adversarial Attacks

    Mohamed Amine Merzouk (Polytechnique Montréal, Canada and IRT SystemX, France), Joséphine Delas (Polytechnique Montréal, Canada and IRT SystemX, France), Christopher Neal (Polytechnique Montréal, Canada and IRT SystemX, France), Nora Boulahia-Cuppens (Polytechnique Montréal, Canada), Frédéric Cuppens (Polytechnique Montréal, Canada) and Reda Yaich (IRT SystemX, France)

    A Near Real-Time Scheme for Collecting and Analyzing IoT Malware Artifacts at Scale

    Joseph Khoury (The University of Texas at San Antonio, United States), Morteza Safaei Pour (San Diego State University, United States) and Elias Bou-Harb (The University of Texas at San Antonio, United States)

    IWSMA/IWSRSC
    Session Chair:
    Peter Kieseberg (St. Pölten University of Applied Sciences, Austria)

    On the Feasibility of Supervised Machine Learning for the Detection of Malicious Software Packages

    Marc Ohm (Rheinische Friedrich-Wilhelms-Universität Bonn, Germany), Felix Boes (Rheinische Friedrich-Wilhelms-Universität Bonn, Germany), Christian Bungartz (Rheinische Friedrich-Wilhelms-Universität Bonn, Germany), Michael Meier (Rheinische Friedrich-Wilhelms-Universität Bonn, Fraunhofer FKIE, Germany)

    SoK: Combating threats in the digital supply chain

    Arne Roar Nygård and Sokratis Katsikas (Norwegian University of Science and Technology, Norway)

    Federated learning based IDS approach for the IoV

    Amal Hbaieb (University of Technology of Troyes, France), Samiha Ayed (University of Technology of Troyes, France), Lamia Chaari (CRNS-SM@RTS (Laboratory of Signals, systeMs, aRtificial Intelligence and neTworkS) Sfax, Tunesia)

    SecHealth II
    Session Chair:
    Svetlana Boudko (Norwegian Computing Center, Norway)

    A Critique of EU Digital COVID-19 Certificates: Do Vaccine Passports endanger privacy?

    Harry Halpin (KU Leuven, Belgium)

    Modelling privacy harms of compromised personal medical data – beyond data breach

    Samuel Wairimu (Karlstad University, Sweden) and Lothar Fritsch (Oslo Metropolitan University, Norway)

    IWCC
    Session Chair:
    Steffen Wendzel (Worms University of Applied Sciences, Germany)

    SASP: a Semantic web-based Approach for management of Sharable cyber security Playbooks
    Mehdi Akbari Gurabi (Fraunhofer FIT,RWTH Aachen University, Germany), Avikarsha Mandal (Fraunhofer FIT, Germany), Jan Popanda (Fraunhofer FIT, Germany), Robert Rapp (University of Stuttgart, Germany), Stefan Decker (Fraunhofer FIT, RWTH Aachen University, Germany)

    Deep Reinforcement Learning-Based Defense Strategy Selection

    Axel Charpentier (Polytechnique Montréal, IRT SystemX, Canada), Nora Boulahia Cuppens (Polytechnique Montréal, France), Frédéric Cuppens (Polytechnique Montréal, France), Reda Yaich (IRT SystemX, France)

    Preliminary Analysis of Privacy Implications Observed in Social-Media Posts Across Shopping Platforms

    Bethany Sumner, Gokila Dorai and John Heslen (Augusta University, United States)

    Shedding Light on the Targeted Victim Profiles of Malicious Downloaders

    François Labrèche (École Polytechnique de Montréal, Canada), Enrico Mariconti (University College London, United Kingdom), Gianluca Stringhini (Boston University, United States)

    IWAPS IV
    EU-funded Projects
    Session Chair:
    Christos Xenakis (University of Piraeus, Greece)

    PHYSICS: Optimized hybrid space-time service continuum in FAAS

    Ilias Politis (InQbit, Romania)

    EVOLVED-5G: Experimentation and Validation Openness for Long-term evolution of VErtical inDustries in 5G era and beyond

    Ilias Politis (InQbit, Romania)

    ERATOSTHENES: Secure management of IoT devices lifecycle through identities, trust and distributed ledgers

    Harris Niavis (INLECOM, Greece)

    CyberSane: Cyber Security Incident Handling, Warning and Response System for the European Critical Infrastructures

    Christoforos Dadoyan (Ionian University, Greece)

    18:00 - 21:00
    Traditional Viennese Dinner

    Friday 26.08.2022 Detailed

    Time (UTC +2)
    HS 01
    SR 03
    SR 04
    SR 05
    08:45 - 14:45
    Organizers available
    09:00 - 10:15
    CD-MAKE Keynote
    Alexander Jung
    HS 01

    Explainable Empirical Risk Minimization

    Alexander Jung (Assistant Professor, Aalto University, Finland; Associate Editor, IEEE Signal Processing Letters)

    Abstract: The successful application of machine learning (ML) methods becomes increasingly dependent on their interpretability or explainability. Designing explainable ML systems is instrumental to ensuring transparency of automated decision-making that targets humans. The explainability of ML methods is also an essential ingredient for trustworthy artificial intelligence. A key challenge in ensuring explainability is its dependence on the specific human user (“explainee”).
    The users of machine learning methods might have vastly different background knowledge about machine learning principles. One user might have a university degree in machine learning or related fields, while another user might have never received formal training in high-school mathematics. We measure explainability via the conditional entropy of predictions, given some user signal. This user signal might be obtained from user surveys or biophysical measurements.
    We propose explainable empirical risk minimization (EERM) principle of learning a hypothesis that optimally balances between the subjective explainability and risk.
    The EERM principle is flexible and can be combined with arbitrary machine learning models. We present several practical implementations of EERM for linear models and decision trees. Numerical experiments demonstrate the application of EERM to detecting the use of inappropriate language on social media.

    10:15 - 10:45
    Coffee Break
    10:45 - 12:15
    ARES IX
    Cryptography

    Improved Integer-wise Homomorphic Comparison and Division based on Polynomial Evaluation

    Koki Morimura, Daisuke Maeda and Takashi Nishide (University of Tsukuba, Japan)

    Machine-Learning Side-Channel Attacks on the GALACTICS Constant-Time Implementation of BLISS

    Soundes Marzougui (Technical University of Berlin, Germany), Nils Wisiol (Technical University of Berlin, Germany), Patrick Gersch (Technical University of Berlin, Germany), Juliane Krämer (University of Regensburg, Germany) and Jean-Pierre Seifert (Technical University of Berlin, Germany)

    ZEKRO: Zero-Knowledge Proof of Integrity Conformance

    Heini Bergsson Debes (Technical University of Denmark, Denmark) and Thanassis Giannetsos (Ubitech Ltd., Greece)

    CD-MAKE VI
    Analytics, Explanation and Applications 2
    Session Chair:
    Matthew E. Taylor, University of Alberta, Canada

    Comparing machine learning correlations to domain experts’ causal knowledge: Employee turnover use case

    Eya Meddeb (Department of Computing, Worcester Business School, University of Worcester, United Kingdom), Christopher Bowers (Department of Computing, Worcester Business School, University of Worcester, United Kingdom), Lynn Nichol (Worcester Business School, University of Worcester, United Kingdom)

    Machine learning and knowledge extraction to support work safety for smart forest operations

    Ferdinand Hönigsberger (University of Natural Resources and Life Sciences, Vienna, Austria), Anna Saranti (University of Natural Resources and Life Sciences, Vienna, Austria), Alessa Angerschmid (University of Natural Resources and Life Sciences, Vienna, Austria), Carl Orge Retzlaff (University of Natural Resources and Life Sciences, Vienna, Austria), Christoph Gollob (University of Natural Resources and Life Sciences, Vienna, Austria), Sarah Witzmann (University of Natural Resources and Life Sciences, Vienna, Austria), Arne Nothdurft (University of Natural Resources and Life Sciences, Vienna, Austria), Peter Kieseberg (University of Applied Sciences St.Poelten, Austria), Andreas Holzinger (University of Natural Resources and Life Sciences, Vienna, Austria) and Karl Stampfer (University of Natural Resources and Life Sciences, Vienna, Austria)

    IOSec I
    Session Chair:
    Stylianos Karagiannis (PDM FC S.A, Portugal)

    Security for Healthcare Services: Needs, Solutions and Challenges

    Prof. George SpanoudakisCity University London

    Abstract: This talk reviews the current state of practice and state of the art in the security of healthcare services. More specifically, it reviews the key security challenges faced by healthcare service providers, the types of security assessments needed, the methods for security risk management, and the landscape of the security solutions available. The latter are reviewed in terms of maturity and the expectations for emerging solutions in the short (1-2 years) and medium-term (3-5 years).

    SSE I
    Malware And Vulnerability Analysis
    Session Chair:
    Juha Röning (University of Oulu, Finland)

    Register Automata for Malware Specification

    Tayssir Touili (LIPN, CNRS & University Paris 13, France)

    CopypastaVulGuard – A browser extension to prevent copy and paste spreading of vulnerable source code in forum posts

    Holger Schmidt, Max van Aerssen, Christian Leich, Abdulkader Benni, Salar Al Ali and Jakob Tanz (Düsseldorf University of Applied Sciences, Germany)

    A Quantitative Assessment of the Detection Performance of Web Vulnerability Scanners
    Emma Lavens, Pieter Philippaerts, Wouter Joosen (imec – DistriNet, KU Leuven, Belgium)

    Symbolic analysis meets federated learning to enhance malware identifier
    Charles-Henry Bertrand Van Ouytsel, Khanh Huu The Dam and Axel Legay (Universite Catholique de Louvain, Belgium)

    12:15 - 13:15
    Lunch Break
    13:15 - 14:45
    ARES X
    Authentication

    SoK: A Systematic Literature Review of Knowledge-Based Authentication on Augmented Reality Head-Mounted Displays

    Reyhan Düzgün (Karlsruhe Institute of Technology, Germany), Naheem Noah (University of Denver, United States), Peter Mayer (Karlsruhe Institute of Technology, Germany), Sanchari Das (University of Denver, United States) and Melanie Volkamer (Karlsruhe Institute of Technology, Germany)

    Combining Variational Autoencoders and Transformer Language Models for Improved Password Generation

    David Biesner (Fraunhofer IAIS and University of Bonn, Germany), Kostadin Cvejoski (Fraunhofer IAIS, Germany) and Rafet Sifa (Fraunhofer IAIS, Germany)

    Analysis and Evaluation of Hardware Trust Anchors in the Automotive Domain

    Christian Plappert (Fraunhofer Institute SIT, ATHENE, Germany), Andreas Fuchs (Fraunhofer Institute SIT, ATHENE, Germany) and Ronald Heddergott (CARIAD SE, Germany)

    Multi-Account Dashboard for Authentication Dependency Analysis

    Daniela Pöhn (Universität der Bundeswehr München, FI CODE, Germany), Nils Gruschka (University of Oslo, Norway) and Leonhard Ziegler (Universität der Bundeswehr München, Germany)

    IOSec II
    Session Chair:
    Stylianos Karagiannis (PDM FC S.A, Portugal)

    Multi-label Classification of Cybersecurity Text with Distant Supervision

    Masahiro Ishii, Kento Mori, Ryoichi Kuwana and Satoshi Matsuura (Tokyo Institute of Technology, Japan)

    Risk Assessments Considering Safety, Security, and Their Interdependencies in OT Environments

    Siegfried Hollerer (TU Wien, Austria), Thilo Sauter (TU Wien, Danube Univ., Austria), Wolfgang Kastner (TU Wien, Austria)

    Improving Network, Data and Application Security for SMEs

    Christos Tselios (University of Patras, Greece), Ilias Politis (University of Piraeus, Greece), Christos Xenakis (University of Piraeus, Greece)

    SSE II
    Managing Security On Applications
    Session Chair:
    Hasan Yasar (Carnegie Mellon University, USA)

    Android Permission Manager, Visual Cues, and their Effect on Privacy Awareness and Privacy Literacy

    Vera Schmitt (Technische Universität Berlin, Germany), Maija Poikela (Fraunhofer Institute for Applied and Integrated Security, Germany), Sebastian Möller (Technische Universität Berlin, Germany)

    Design Space Exploration of DICE

    Dominik Lorych and Lukas Jäger (Fraunhofer Institute SIT | ATHENE, Germany)

    DevSecOps In Embedded Systems An Empirical Study Of Past Literature

    Hasan Yasar and Sam E Teplov (Carnegie Mellon University, United States)

    MetaSEnD A Security Enabled Development Life Cycle Meta-Model

    Daniele Granata, Massimiliano Rak and Giovanni Salzillo (Università della Campania Luigi Vanvitelli, Italy)

    Safety and Security Analysis using LDA based on Case Reports Case Study and Trust Evaluation Method

    Katsuyuki Umezawa (Shonan Institute of Technology, National Institute of AIST), Hiroki Koyanagi (Internet Initiative Japan Inc.), Sven Wohlgemuth (SECOM Co., Ltd.), Yusuke Mishina (National Institute of AIST), Kazuo Takaragi (National Institute of AIST)