Accepted Workshop Papers

CUING 2017

A New Data-Hiding Approach for IP Telephony Applications with Silence Suppression
Sabine Schmidt (FernUniversitaet in Hagen, Germany), Wojciech Mazurczyk (Warsaw University of Technology, Poland), Joerg Keller (FernUniversitaet in Hagen, Germany) and Luca Caviglione (National Research Council of Italy, Italy)

Are Covert Timing Channels Statistical Anomalies?
Félix Iglesias Vázquez (TU Wien, Austria) and Tanja Zseby (TU Wien, Austria)

Machine Learning Approach for Detection of nonTor Traffic
Elike Hodo (University of Strathclyde, United Kingdom), Xavier Bellekens (University of Abertay, Dundee, United Kingdom, Ephraim Iorkyase (University of Strathclyde, United Kingdom), Andrew Hamilton (University of Strathclyde, United Kingdom), Christos Tachtatzis (University of Strathclyde, United Kingdom) and Robert Atkinson (University of Strathclyde, United Kingdom)

FROST – Anti-Forensics Digital-Dead-DROp Inofrmation Hiding RobuST to Detection & Data Loss with Fault-tolerance
Avinash Srinivasan (Temple University, USA), Hunter Dong (Temple University, USA) and Angelos Stavrou (George Mason University, USA)

REMI: A Reliable and Secure Multicast Routing Protocol for IoT Networks
Mauro Conti (University of Padova, Italy), Pallavi Kaliyar (University of Padova, Italy) and Chhagan Lal (University of Padova, Italy)

Investigating the darknet: Legal limitations
Anze Mihelic (Faculty of Criminal Justice and Security, University of Maribor, Slovenia), Blaž Markelj (Faculty of Criminal Justice and Security, University of Maribor, Slovenia), Igor Bernik (Faculty of Criminal Justice and Security, University of Maribor, Slovenia) and Sabina Zgaga (Constitutional Court of the Republic of Slovenia, Slovenia)

FARES 2017:

Adaptive Resource Management Enabling Deception (ARMED)
Partha Pal (Raytheon BBN Technologies, USA), Nate Soule, (Raytheon BBN Technologies, USA), Nate Lageman (Raytheon BBN Technologies, USA), Shane Clark (Raytheon BBN Technologies, USA), Marco Carvalho (Harris Institute for Assured Information, Florida Institute of Technology, USA), Adrian Granados (Harris Institute for Assured Information, Florida Institute of Technology, USA), Anthony Alves (Harris Institute for Assured Information, Florida Institute of Technology, USA)

Anomaly-Based Detection and Classification of Attacks in Cyber-Physical Systems
Philipp Kreimel (Fachhochschule St. Pölten, Austria), Oliver Eigner (Fachhochschule St. Pölten, Austria), Paul Tavolato (Fachhochschule St. Pölten, Austria)

Authentication Shutter: Proposal of Alternative Countermeasure Against a Password Reuse Attack by Availability Control
Tetsuji Takada (The University of Electro-Communications, Japan)

bin2llvm: Analysis of Binary Programs Using LLVM Intermediate Representation
Kevin Kirchner (University of Applied Sciences Upper Austria, Austria), Stefan Rosenthaler (University of Applied Sciences Upper Austria, Austria)

Efficient ID-based Designated Verifier Signature
Olivier Blazy (Université de Limoges, France), Emmanuel Conchon (XLIM, France), Paul Germouty (Université de Limoges, France), Amandine Jambert (CNIL, France)

Fully threshold broadcast encryption
Sigurd Eskeland (Norwegian Computing Center, Norway)

Insider Misuse Attribution using Biometrics
Abdulrahman Alruban (University of Plymouth, United Kingdom), Nathan Clarke (University of Plymouth, United Kingdom), Fudong Li (University of Plymouth, United Kingdom), Steven Furnell (University of Plymouth, United Kingdom)

Integrating Reactive Cloud Applications in SERECA
Luigi Romano (Uniparthenope, Italy), Giovanni Mazzeo (Uniparthenope, Italy) and Martijn Verburg (jClarity, Italy)

k-rAC – a Fine-Grained k-Resilient Access Control Scheme for Distributed Hash Tables
Olga Kieselmann (University of Kassel, Germany), Arno Wacker (University of Kassel, Germany), Gregor Schiele (University of Duisburg-Essen, Germany)

Microblogging in a Privacy-Preserving way
Nikolaos Karvelas (TU Darmstadt, Germany), Marius Senftleben (TU Darmstadt, Germany), Stefan Katzenbeisser (TU Darmstadt, Germany)

Provisioning Software with Hardware-Software Binding
Robert Lee (Royal Holloway, University of London, United Kingdom), Konstantinos Markantonakis (Royal Holloway, University of London, United Kingdom), Raja Naeem Akram (Royal Holloway, University of London, United Kingdom)

Security Analysis of Cordova Applications in Google Play
Michiel Willocx (KU Leuven, TCG, Belgium), Jan Vossaert (KU Leuven, TCG, Belgium), Vincent Naessens (KU Leuven, TCG, Belgium)

Security and Privacy Implications of NFC-enabled Contactless Payment Systems
Nicholas Akinyokun (The University of Melbourne, Melbourne, Australia), Vanessa Teague (The University of Melbourne, Melbourne, Australia)

Victim Communication Stack: A flexible model to select the Human Attack Vector
Enrico Frumento (Cefriel, Italy), Angelo Consoli (SUPSI, Italy), Federica Freschi (Cefriel, Italy), Davide Andreoletti (SUPSI, Italy)

IWCC 2017:

Group Key Agreement Protocols, Dynamic Groups, Scalability Analysis, Performance Analysis
Orhan Ermis (Bogazici University, Turkey), Serif Bahtiyar (Bogazici University, Turkey), Emin Anarım (Bogazici University, Turkey) and Mehmet Ufuk Caglayan (Bogazici University, Turkey)

Resource Hints in HTML5: A New Pandora’s Box of Security Nightmares
Natalija Vlajic (York University, Canada)

Secure and efficient data sharing with a lightweight attribute-based proxy re-encryption scheme
Alberto Trombetta (Insubria University, Italy) and Masoomeh Sepheri (Università degli Studi di Milano, Italy)

Type Me the Truth! Detecting Deceitful Users via Keystroke Dynamics
Merylin Monaro (University of Padua, Italy), Riccardo Spolaor (University of Padua, Italy), Qianqian Li (University of Padua, Italy), Mauro Conti (University of Padua, Italy), Luciano Gamberini (University of Padua, Italy) and Giuseppe Sartori (University of Padua, Italy)

IWSMA 2017

The Demon is in the Configuration: Revisiting Hybrid Mobile Apps Configuration Model
Abeer Aljarrah (University of North Carolina at Charlotte, USA) and Mohamed Shehab (University of North Carolina at Charlotte, USA)

Learning Android Malware
Khanh-Huu-The Dam (University Paris Diderot & LIPN, France) and Tayssir Touili (LIPN, CNRS & University Paris 13, France)

Quantitave Dynamic Taint Analysis of Privacy Leakage in Android Arabic Apps
Ayman Youssef (Nile University, Egypt) and Ahmed F. Shosha (Nile University, Egypt)

SAW 2017

Towards Semi-automated Detection of Trigger-based Behavior for Software Security Assurance
Dorottya Papp (CrySyS Lab, Dept. of Networked Systems and Services, BME, Hungary), Levente Buttyán (CrySyS Lab, Dept. of Networked Systems and Services, BME, Hungary) and Zhendong Ma (Center of Digital Safety and Security, Austrian Institute of Technology, Austria)

Protection of personal data in security alert sharing platforms
Václav Stupka (Masaryk University, Czech Republic), Martin Horák (Masaryk University, Czech Republic) and Martin Husák (Masaryk University, Czech Republic)

SAFE and Secure: Deeply Integrating Security in a New Hazard Analysis
Sam Procter (Software Engineering Institute, Carnegie Mellon University, USA), Eugene Vasserman (Kansas State University, USA) and John Hatcliff (Kansas State University, USA)

On Using TLS to Secure In-Vehicle Networks
Daniel Zelle (Fraunhofer SIT, Germany), Christoph Krauß (Fraunhofer SIT, Germany), Hubert Strauß (Audi Electronics Venture GmbH, Germany) and Karsten Schmidt (Audi AG, Germany)

SECPID 2017:

Application of the holistic Data Privacy and Security Framework PaaSword
Sebastian Thomas Schork (CAS Software AG, Germany), Antonia Schwichtenberg (CAS Software AG, Germany), Spiros Alexakis (CAS Software AG, Germany) and George Moldovan (Siemens, Romania)

NEXTLEAP: Decentralizing Identity with Privacy for Secure Messaging
Harry Halpin (World Wide Web Consortium, United Kingdom)

Position Paper: The Past, Present, and Future of Sanitizable and Redactable Signatures
Arne Bilzhause (Uni Passau, Germany), Henrich C. Pöhls (Uni Passau, Germany) and Kai Samelin (TU Darmstadt & IBM Research, Switzerland)

Self-healing Multi-Cloud Application Modelling
Erkuden Rios (Tecnalia Research & Innovation, Spain), Maria Carmen Palacios (Tecnalia Research & Innovation, Spain) and Eider Iturbe (Tecnalia Research & Innovation, Spain)

The Archistar Secret-Sharing Backup Proxy
Andreas Happe (Austrian Institute of Technology, Austria), Florian Wohner (Austrian Institute of Technology, Austria) and Thomas Loruenser (Austrian Institute of Technology, Austria)

The WITDOM Data Protection Orchestrator
Nicolás Notario (Atos, Spain), Alberto Crespo (Atos, Spain), Eduardo González Real (Atos, Spain), Eleonora Ciceri (Fondazione Centro San Raffaele, Italy), Ilio Catallo (Fondazione Centro San Raffaele, Italy) and Sauro Vicini (Fondazione Centro San Raffaele, Italy)

Towards a Model of User-centered Privacy Preservation
Paul Grace (University of Southampton, United Kingdom) and Mike Surridge (University of Southampton, United Kingdom)

Towards the Adoption of Secure Cloud Identity Services
Alexandros Kostopoulos (Hellenic Telecommunications Organization R&D, Greece), Evangelos Sfakianakis (Hellenic Telecommunications Organization R&D, Greece), Ioannis Chochliouros (Hellenic Telecommunications Organization R&D, Greece), John-Sören Pettersson (Karlstad University, Sweden), Stephan Krenn (Austrian Institute of Technology, Austria), Welderufael Tesfay (Goethe University Frankfurt, Germany), Andrea Migliavacca (Lombardia Informatica S.p.A., Italy) and Felix Hörandner (Graz University of Technology, Austria)

S-CI 2017:

Anomaly Detection for Simulated IEC-60870-5-104 Traffic
Ersi Hodo (Fachhochschule St. Pölten, Austria), Stepan Grebeniuk (Fachhochschule St. Pölten, Austria), Henri Ruotsalainen (Fachhochschule St. Pölten, Austria), Paul Tavolato (Fachhochschule St. Pölten, Austria)

Protecting Future Maritime Communication
Karin Bernsmed (SINTEF, Norway), Christian Frøystad (SINTEF, Norway), Per Håkon Meland (SINTEF, Norway)

Rolling DICE – Lightweight Remote Attestation for COTS IoT Hardware
Lukas Jäger (Fraunhofer Institute for Secure Information Technology SIT, Germany), Richard Petri (Fraunhofer Institute for Secure Information Technology SIT, Germany), Andreas Fuchs (Fraunhofer Institute for Secure Information Technology SIT, Germany)

Towards DDoS Attack Resilient Wide Area Monitoring Systems
Kubilay Demir (TU Darmstadt, Germany), Neeraj Suri (TU Darmstadt, Germany)

Using Ciphers for Failure Recovery in ITS Systems
Mustafa Ayoob (TU-BS, Germany), Wael Adi (TU-BS, Germany), Vassilis Prevelakis (TU-BS, Germany)

ZONESEC: built-in cyber-security for wide area surveillance system
Aljosa Pasic (Atos, Spain), Jose-Ramon Martinez-Salio (Atos, Spain), Susana Gonzalez Zarzosa (Atos, Spain)

SSE 2017:

Busting a Myth: Review of Agile Security Engineering Methods
Kalle Rindell (University of Turku, Finland), Sami Hyrynsalmi (Tampere University of Technology, Finland), Ville Leppänen (University of Turku, Finland)

DevOps for Better Software Security in the Cloud
Martin Gilje Jaatun (SINTEF Digital, Norway), Daniela Soares Cruzes (SINTEF Digital, Norway), Jesus Luna (TU Darmstadt, Germany)

DoS Attacks on Controller Area Networks by Fault Injections from the Software Layer
Pal-Stefan Murvay (Politehnica University of Timisoara, Romania), Bogdan Groza (Politehnica University of Timisoara, Romania)

Implementing Secure DevOps assessment for highly regulated environments.
Hasan Yasar (CMU, USA)

Source Code Patterns of SQL Injection Vulnerabilities
Felix Schuckert (HTWG Konstanz, Germany) Basel Katt (Norwegian Information Security laboratory, Norway), Hanno Langweg (HTWG Konstanz, Germany)

Towards a Secure SCRUM Process for Agile Web Application Development
Patrik Maier (Graz University of Technology,Austria), Zhendong Ma (Austrian Institute of Technology, Austria), Roderick Bloem (Graz University of Technology, Austria)

WMA 2017:

End-node Fingerprinting for Malware Detection on HTTPS Data
Tomáš Komárek (Czech Technical University in Prague, Czech Republic) and Petr Somol (Cisco Systems, Inc., Czech Republic)

Assumption-less Detection of Domain Generation Algorithms
Jasper Abbink (TU Delft, Netherlands) and Christian Doerr (TU Delft, Netherlands)

JSDES – An Automated De-Obfuscation System for Malicious JavaScript
Moataz Abdel Khalek (Nile University, Egypt)  and Ahmed Shosha (Nile University, Egypt)

An Approach to Botnet Malware Detection Using Nonparametric Bayesian Methods
Joseph Divita (US Department of Defense, SPAWAR Systems Center Pacific, USA) and Roger Hallman (US Department of Defense, SPAWAR Systems Center Pacific, USA)

How to Ensure Bad Quality in Metal Additive Manufacturing: In-Situ Infrared Thermography from the Security Perspective
Andrew Slaughter (University of South Alabama, USA), Mark Yampolskiy (University of South Alabama, USA), Manyalibo Matthews (Lawrence Livermore National Laboratory, USA), Wayne E. King (Lawrence Livermore National Laboratory, USA), Gabe Guss (Lawrence Livermore National Laboratory, USA) and Yuval Elovici (Ben-Gurion University, Israel)

Malware and Formal Methods
Fabio Martinelli (Institute for Informatics and Telematics, CNR, Italy), Francesco Mercaldo (Institute for Informatics and Telematics, CNR, Italy), Vittoria Nardone (University of Sannio, Italy) and Antonella Santone (University of Sannio, Italy)

Application-Specific Digital Forensics Investigative Model in Internet of Things (IoT)WSDF 2017:

Tanveer Zia (Charles Sturt University, Australia), Peng Liu (Pennsylvania State University, USA) and Weili Han (Fudan University, China)

Forensic Image Inspection Assisted by Deep Learning
Felix Mayer (Fraunhofer Institute for Secure Information Technology SIT, Germany) and Martin Steinebach (Fraunhofer Institute for Secure Information Technology SIT, Germany)

Forensic State Acquisition from Internet of Things (FSAIoT): A general framework and practical approach for IoT forensics through IoT device state acquisition
Christopher Meffert (University of New Haven, USA), Devon Clark (University of New Haven, USA), Ibrahim Baggili (University of New Haven, USA) and Frank Breitinger (University of New Haven, USA)

On the Usefulness of Compression-Models for Authorship Verification
Oren Halvani (Fraunhofer Institute for Secure Information Technology SIT, Germany), Christian Winter (Fraunhofer Institute for Secure Information Technology SIT, Germany) and Lukas Graner (Fraunhofer Institute for Secure Information Technology SIT, Germany)