Program in alternative formats:

  • Interactive mobile version with the option to provide feedback for talks.
  • Experimental apps for Android and iOS. Search the corresponding app store for "IEEE SP".
  • PDF for printing

All sessions are in the Grand Ballroom. All breaks including lunches and breakfast will be in Italian, Colonial, Borgia, and Georgian room.
Sunday, 19 May 2013
Afternoon Registration and Welcome Reception
Serving canapés. Registration will be open
Location: Italian Foyer and Colonial Ballroom
Monday, 20 May 2013
Registration and Hot Breakfast
Registration Location: Italian Foyer
Opening Remarks
Session 1: Programming Language Security
Chair: Ben Livshits
All Your IFCException Are Belong To Us
Catalin Hritcu (University of Pennsylvania), Michael Greenberg (University of Pennsylvania), Ben Karel (University of Pennsylvania), Benjamin C. Pierce (University of Pennsylvania), and Greg Morrisett (Harvard University)
Declarative, Temporal, and Practical Programming with Capabilities
William R. Harris (University of Wisconsin, Madison), Somesh Jha (University of Wisconsin, Madison), Thomas Reps (University of Wisconsin, Madison), Jonathan Anderson (University of Cambridge), and Robert N. M. Watson (University of Cambridge)
Towards Practical Reactive Security Audit Using Extended Static Checkers
Julien Vanegue (Bloomberg LP) and Shuvendu K. Lahiri (Microsoft Research)
SoK: Eternal War in Memory
Laszlo Szekeres (Stony Brook University and UC Berkeley), Mathias Payer (UC Berkeley), Tao Wei (UC Berkeley and Peking University), and Dawn Song (UC Berkeley)
Session 2: Anonymous Network Communication
Chair: Srdjan Capkun
The Parrot is Dead: Observing Unobservable Network Communications
Amir Houmansadr (The University of Texas at Austin), Chad Brubaker (The University of Texas at Austin), and Vitaly Shmatikov (The University of Texas at Austin)
Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization
Alex Biryukov (University of Luxembourg), Ivan Pustogarov (University of Luxembourg), and Ralf-Philipp Weinmann (University of Luxembourg)
Buffet Lunch
Session 3: Botnets and Other Underground Activities
Chair: Thorsten Holz
SoK: P2PWNED — Modeling and Evaluating the Resilience of Peer-to-Peer Botnets
Christian Rossow (Institute for Internet Security), Dennis Andriesse (VU University Amsterdam), Tillmann Werner (The Honeynet Project), Brett Stone-Gross (Dell SecureWorks), Daniel Plohmann (Fraunhofer FKIE), Christian J. Dietrich (Institute for Internet Security), and Herbert Bos (VU University Amsterdam)
Finding the Linchpins of the Dark Web: a Study on Topologically Dedicated Hosts on Malicious Web Infrastructures
Zhou Li (Indiana University at Bloomington), Sumayah Alrwais (Indiana University at Bloomington), Yinglian Xie (Microsoft Research), Fang Yu (Microsoft Research), and XiaoFeng Wang (Indiana University at Bloomington)
The Crossfire Attack
Min Suk Kang (Carnegie Mellon University), Soo Bum Lee (Carnegie Mellon University), and Virgil D. Gligor (Carnegie Mellon University)
Session 4: Jamming Uses and Defenses
Chair: Yinglian Xie
Ghost Talk: Mitigating EMI Signal Injection Attacks against Analog Sensors
Denis Foo Kune (University of Michigan), John Backes (University of Minnesota), Shane Clark (University of Massachusetts Amherst), Dan Kramer, MD (Beth Israel Deaconess Medical Center), Matthew Reynolds, MD (Harvard Clinical Research Institute), Kevin Fu (University of Michigan), Yongdae Kim (KAIST), Wenyuan Xu (University of South Carolina)
On Limitations of Friendly Jamming for Confidentiality
Nils Ole Tippenhauer (ETH Zurich), Luka Malisa (ETH Zurich), Aanjhan Ranganathan (ETH Zurich), and Srdjan Capkun (ETH Zurich)
Ally Friendly Jamming: How to Jam Your Enemy and Maintain Your Own Wireless Connectivity at the Same Time
Wenbo Shen (North Carolina State University), Peng Ning (North Carolina State University), Xiaofan He (North Carolina State University), Huaiyu Dai (North Carolina State University)
Session 5: Secure Operating Systems (I)
Chair: Ahmad-Reza Sadeghi
Practical Timing Side Channel Attacks Against Kernel Space ASLR
Ralf Hund (Ruhr-University Bochum), Carsten Willems (Ruhr-University Bochum), and Thorsten Holz (Ruhr-University Bochum)
PrivExec: Private Execution as an Operating System Service
Kaan Onarlioglu (Northeastern University), Collin Mulliner (Northeastern University), William Robertson (Northeastern University), Engin Kirda (Northeastern University)
Poster Session And Reception
Location: California Room
Serving hot and cold hors d'oeuvres.

List of posters available here.

Tuesday, 21 May 2013
Session 6: Cryptographic Tools for Building Verifiable Cloud Computing
Chair: XiaoFeng Wang
A Hybrid Architecture for Interactive Verifiable Computation
Victor Vu (University of Texas, Austin), Srinath Setty (University of Texas, Austin), Andrew J. Blumberg (University of Texas, Austin), and Michael Walfish (University of Texas, Austin)
Pinocchio: Nearly Practical Verifiable Computation
Bryan Parno (Microsoft Research), Craig Gentry (IBM Research), Jon Howell (Microsoft Research), and Mariana Raykova (IBM Research)
ObliviStore: High Performance Oblivious Cloud Storage
Emil Stefanov (UC Berkeley) and Elaine Shi (University of Maryland)
Session 7: Hardware Security
Chair: Jon McCune
Hiding Information in Flash Memory
Yinglei Wang (Cornell University), Wing-kei Yu (Cornell University), Sarah Q. Xu (Cornell University), Edwin Kan (Cornell University), and G. Edward Suh (Cornell University)
PUFs in Security Protocols: Attack Models and Security Evaluations
Ulrich Rührmair (Technische Universität München) and Marten van Dijk (MIT)
SoK: Secure Data Deletion
Joel Reardon (ETH Zurich), David Basin (ETH Zurich), and Srdjan Capkun (ETH Zurich)
Buffet Lunch
Session 8: Privacy
Chair: Anupam Datta
Anon-Pass: Practical Anonymous Subscriptions
Michael Z. Lee (The University of Texas at Austin), Alan M. Dunn (The University of Texas at Austin), Brent Waters (The University of Texas at Austin), Emmett Witchel (The University of Texas at Austin), and Jonathan Katz (University of Maryland)
Privacy-Preserving Ridge Regression on Hundreds of Millions of Records
Valeria Nikolaenko (Stanford University), Udi Weinsberg (Technicolor), Stratis Ioannidis (Technicolor), Marc Joye (Technicolor), Dan Boneh (Stanford University), Nina Taft (Technicolor)
A Scanner Darkly: Protecting User Privacy From Perceptual Applications
Suman Jana (The University of Texas at Austin), Arvind Narayanan (Princeton University), Vitaly Shmatikov (University of Texas at Austin)
Session 9: Application Security (Voting, Sybil, Bitcoin)
Chair: Michael Backes
Caveat Coercitor: Coercion-Evidence in Electronic Voting
Gurchetan S. Grewal (University of Birmingham), Mark D. Ryan (University of Birmingham), Sergiu Bursuc (Queen's University Belfast), and Peter Y. A. Ryan (University of Luxembourg)
SoK: The Evolution of Sybil Defense via Social Networks
Lorenzo Alvisi (University of Texas Austin), Allen Clement (MPI-SWS), Alessandro Epasto (Sapienza University of Rome), Silvio Lattanzi (Google, Inc), and Alessandro Panconesi (Sapienza University of Rome)
Zerocoin: Anonymous Distributed E-Cash from Bitcoin
Ian Miers (The Johns Hopkins University), Christina Garman (The Johns Hopkins University), Matthew Green (The Johns Hopkins University), and Aviel D. Rubin (The Johns Hopkins University)
Short Talks
Business Meeting
Location: Grand Ballroom
Wednesday, 22 May 2013
Session 10: Formal Methods for Building Secure Systems
Chair: Lujo Bauer
seL4: from General Purpose to a Proof of Information Flow Enforcement
Toby Murray (NICTA and University of New South Wales), Daniel Matichuk (NICTA), Matthew Brassil (NICTA), Peter Gammie (NICTA), Timothy Bourke (NICTA), Sean Seefried (NICTA), Corey Lewis (NICTA), Xin Gao (NICTA), and Gerwin Klein (NICTA and University of New South Wales)
Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework
Amit Vasudevan (CyLab, Carnegie Mellon University), Sagar Chaki (SEI, Carnegie Mellon University), Limin Jia (CyLab, Carnegie Mellon University), Jonathan M. McCune (Google Inc.), James Newsome, and Anupam Datta (CyLab, Carnegie Mellon University)
Implementing TLS with Verified Cryptographic Security
Karthikeyan Bhargavan (INRIA), Cedric Fournet (Microsoft Research), Markulf Kohlweiss (Microsoft Research), Alfredo Pironti (INRIA), and Pierre-Yves Strub (IMDEA)
Session 11: Crypto
Chair: Bryan Parno
An Ideal-Security Protocol for Order-Preserving Encoding
Raluca Ada Popa (MIT CSAIL), Frank Li (MIT CSAIL), and Nickolai Zeldovich (MIT CSAIL)
Efficient Garbling from a FixedKey Blockcipher
Mihir Bellare (University of California, San Diego), Viet Tung Hoang (University of California, Davis), Sriram Keelveedhi (University of California, San Diego), and Phillip Rogaway (University of California, Davis)
Circuit Structures for Improving Efficiency of Security and Privacy Tools
Samee Zahur (University of Virginia) and David Evans (University of Virginia)
Boxed Lunch
Session 12: SSL / TLS, Web Security
Chair: Kapil Singh
SoK: SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements
Jeremy Clark (Carleton University) and Paul C. van Oorschot (Carleton University)
Lucky Thirteen: Breaking the TLS and DTLS Record Protocols
Nadhem J. AlFardan (Royal Holloway, University of London) and Kenneth G. Paterson (Royal Holloway, University of London)
Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting
Nick Nikiforakis (KU Leuven), Alexandros Kapravelos (University of California, Santa Barbara), Wouter Joosen (KU Leuven), Christopher Kruegel (University of California, Santa Barbara), Frank Piessens (KU Leuven), Giovanni Vigna (University of California, Santa Barbara)
Session 13: Secure Operating Systems (II)
Chair: Herbert Bos
Practical Control Flow Integrity & Randomization for Binary Executables
Chao Zhang (Peking University), Tao Wei (Peking University and UC Berkeley), Zhaofeng Chen (Peking University), Lei Duan (Peking University), László Szekeres (Stony Brook University), Stephen McCamant (University of Minnesota), Dawn Song (UC Berkeley), and Wei Zou (Peking University)
Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization
Kevin Z. Snow (The University of North Carolina at Chapel Hill), Fabian Monrose (The University of North Carolina at Chapel Hill), Lucas Davi (Technische Universität Darmstadt), Alexandra Dmitrienko (Fraunhofer SIT, Darmstadt), Christopher Liebchen (Technische Universität Darmstadt), and Ahmad-Reza Sadeghi (Technische Universität Darmstadt)
Welcome to the Entropics: Boot-Time Entropy in Embedded Devices
Keaton Mowery (UC San Diego), Michael Wei (UC San Diego), David Kohlbrenner (UC San Diego), Hovav Shacham (UC San Diego), and Steven Swanson (UC San Diego)
Panel Discussion: Privacy Research (Video)

The control of one's privacy in the digital age is an important individual and societal concern. Protection of privacy is a priority in our democracy. At the same time, many important public priorities depend on the ability to collect, analyze and use large amounts of personal information, everything from medical research to social sciences and innovative new commercial services, to law enforcement and national security applications. Current technical and legal approaches to privacy protection have proven inadequate to the task in many of these applications. Can we envision scientific and engineering foundations to support various privacy requirements in cyberspace? Are there unique objectives for research in privacy? Is privacy research different from research in security? Furthermore, the need for privacy research arises in Federal initiatives such as Health IT, Smart Grid, or the National Strategy for Trusted Identities in Cyberspace (NSTIC), and has been called for by the President's Council of Advisors on Science and Technology (PCAST) in their 2010 and 2013 review of Federal IT R&D. This panel, jointly organized with the US Government's Senior Steering Group for cybersecurity R&D will take an interdisciplinary approach to exploring questions, opportunities, and challenges in privacy research.

Moderator: Daniel Weitzner, Director, Decentralized Information Group, MIT Computer Science and Artificial Intelligence Lab


  • Vijayalakshmi (Vijay) Atluri, NSF/SaTC Progam Director (privacy research)
  • Joan Feigenbaum, professor of computer science, Yale University
  • Karyn Higa-Smith, IdM/privacy R&D Program Manager, DHS S&T Cyber Security Division
  • Deirdre Mulligan, professor of law, UC Berkeley School of Information and Berkeley Center for Law and Technology
  • Betsy Masiello, Senior Manager, Global Public Policy, Google
  • Jeannette Wing, VP, Head of Microsoft Research International

S&P/SPW Bridging Reception
Location: California Room
Serving canapés.
Birds-of-a-Feather Sessions
Location: Elizabethan 1-4

  • Challenges and Visions for a More Secure Internet (Robert Broberg, Cisco)
  • Working with Operations to Access Data (Scott Campbell, NERSC)
  • Launching University Startups - What's Important and What's Not (Sudip Chakrabarti, Osage University Partners)
  • Human-Centered Privacy and Security (Apu Kapadia, Indiana University)

Conference News
Panel Video Available
July 3, 2013
A video of the Privacy Research Panel is now online.
Shuttle Schedule Up!
May 17, 2013
Please see the travel page for the shuttle schedule between the two hotels.
Mobile Access
May 17, 2013
We have an interactive mobile website with the option of providing feedback to speakers. Experimental mobile applications for Android and iOS are also available. Search the relevant app store for "IEEE SP."
BoF Details Available
May 15, 2013
Details of the BoFs are now online.
Wednesday Night Reception and BoFs
May 9, 2013
This year we'll be having a Wednesday night reception with BoFs, bridging S&P with the workshops. Don't miss it.
Privacy Panel Finalized
May 9, 2013
The Wednesday panel on privacy research has been finalized.
List of Accepted Posters posted
May 2, 2013
The list of accepted posters has been posted.
Panel Discussion on Privacy Research
April 18, 2013
Details on Wednesday's panel discussion on privacy research have been posted.
Birds of a Feathers
April 15, 2013
We'll have space for a small number of BoFs on Wednesday night. Let us know if you are interested in leading one.
Call for Short Talks Posted
April 10, 2013
The call for short talks has been posted.
Tentative Program Posted
March 18, 2013
The tentative program has been posted.
Call for Posters Posted
March 4, 2013
The call for posters has been posted.
Accepted Papers Posted
March 3, 2013
The list of accepted papers has been posted.
Registration Open
February 21, 2013
Registration for the the 2013 symposium is now open.
Hotel Booking Available
February 11, 2013
Hotel details have been posted. There are room blocks available at two San Francisco area hotels. Conference registration information will follow shortly.
Student Travel Grants
February 11, 2013
Information for students who wish to apply for travel grants is now posted here.
November 13, 2012
The Symposium will again include a poster session. We'll start accepting submissions in March.
Deadline Extended
November 5, 2012
We have extended the deadline to 11/16 due to Hurricane Sandy, which left many in the northeastern region of the US without power.
Paper Submission
October 25, 2012
The submissions site is now open.
Call for Papers
August 15, 2012
The Call for Papers is out. Submissions are due on November 14.
Call for Donors
July 26, 2012
We are looking for organizations to support the symposium. See the donor information page for more.
Call for Workshops Posted
July 18, 2012
SPW is now accepting proposals for workshops to be co-located with the symposium.
Website Up!
June 14, 2012
The conference website is now up.

Found an error? Email the webmaster.