June 6-10, 2022 Genoa

7th IEEE European Symposium on Security and Privacy


Please refer to the workshop websites for the programs. Directions to the venue can be found here.

Welcome

09:30 - 09:45

Keynote: Michael Veale

09:45 - 10:45

Break

10:45 - 11:15

Session: ML for Security

11:15 - 12:30

Modelling Direct Messaging Networks with Multiple Recipients for Cyber Deception
Kristen Moore, Cody Christopher, David Liebowitz, Surya Nepal, Renee Selvey
SoK: The Impact of Unlabelled Data in Cyberthreat Detection
Giovanni Apruzzese, Pavel Laskov, and Aliya Tastemirova (University of Liechtenstein)
SIERRA: Ranking Anomalous Activities in Enterprise Networks
Jehyun Lee and Farren Tang (Trustwave); Phyo May Thet (Institute for Infocomm Research - A*STAR); Desmond Yeoh (Shopee); Mitch Rybczynski and Dinil Mon Divakaran (Trustwave)
Investigating Graph Embedding Methods for Cross-Platform Binary Code Similarity Detection
Victor Cochard and Damian Pfammatter (Cyber-Defence Campus); Chi Thang Duong (EPFL); Mathias Humbert (Cyber-Defence Campus)
ILLUMINATI: Towards Explaining Graph Neural Networks for Cybersecurity Analysis
Haoyu He (George Washington University); Yuede Ji (University of North Texas); H. Howie Huang (George Washington University)

Lunch

12:30 - 14:00

Keynote: Tamara Rezk

12:20 - 13:45

2022: Have Transient Execution Attacks Been Fully Solved?
Tamara Rezk

Break

15:00 - 15:20

Session: Encrypted Computation

15:20 - 16:20

SoK: Cryptanalysis of Encrypted Search with LEAKER - A framework for LEakage AttacK Evaluation on Real-world data
Seny Kamara (Brown University); Abdelkarim Kati (Mohammed-VI Polytechnic University); Tarik Moataz (Aroki Systems); Thomas Schneider, Amos Treiber, and Michael Yonli (TU Darmstadt)
EZEE: Epoch Parallel Zero Knowledge for ANSI C
Yibin Yang, David Heath, and Vladimir Kolesnikov (Georgia Tech); David Devecsery (Facebook)
SoK: Privacy-Preserving Computing in the Blockchain Era
Ghada Almashaqbeh (University of Connecticut); Ravital Solomon (Sunscreen)
CostCO: An automatic cost modeling framework for secure multi-party computation
Vivian Fang, Lloyd Brown, and William Lin (UC Berkeley); Wenting Zheng (UC Berkeley/CMU); Aurojit Panda (NYU); Raluca Popa (UC Berkeley)

Short Break

16:20 - 16:30

Mentoring

16:30 - 18:00

Welcome Cocktail + Poster Session

19:00 -

Session: Network and Web Security

09:45 - 11:00

HyperLogLog: Exponentially Bad in Adversarial Settings
Kenny Paterson (ETH Zurich); Mathilde Raynal (EPFL)
Trampoline Over the Air: Breaking in IoT Devices Through MQTT Brokers
Huikai Xu and Miao Yu (Institute for Network Science and Cyberspace, Tsinghua University); Yanhao Wang (NIO Inc.); Yue Liu (Southeast University/Qi An Xin Group Corp.); Qinsheng Hou (Shandong University/Qi An Xin Group Corp.); Zhenbang Ma (Qi An Xin Group Corp.); Haixin Duan (Institute for Network Science and Cyberspace, Tsinghua University/Qi An Xin Group Corp.); Jianwei Zhuge (Institute for Network Science and Cyberspace, Tsinghua University/Beijing National Research Center for Information Science and Technology); Baojun Liu (Tsinghua University)
Hide and Seek: Revisiting DNS-based User Tracking
Deliang Chang (Tsinghua University); Joann Qiongna Chen and Zhou Li (University of California, Irvine); Xing Li (Tsinghua University)
SoK: All or Nothing - A Postmortem of Solutions to the Third-Party Script Inclusion Permission Model and a Path Forward
Steven Sprecher (Northeastern University); Christoph Kerschbaumer (Mozilla Corporation); Engin Kirda (Northeastern University)
Lethe: Practical Data Breach Detection with Zero Persistent Secret State
Antreas Dionysiou and Elias Athanasopoulos (University of Cyprus)

Break

11:00 - 11:30

Session: Software Security

11:30 - 12:30

Hand Sanitizers in the Wild: A Large-scale Study of Custom JavaScript Sanitizer Functions
David Klein (Technische Universität Braunschweig); Thomas Barber and Souphiane Bensalim (SAP Security Research); Ben Stock (CISPA Helmholtz Center for Information Security); Martin Johns (TU Braunschweig)
Lightweight, Multi-Stage, Compiler-Assisted Application Specialization
Mohannad Alhanahnah, Rithik Jain, Vaibhav Rastogi, Somesh Jha, and Thomas Reps (University of Wisconsin)
LockedDown: Exploiting Contention on Host-GPU PCIe Bus for Fun and Profit
Mert Side (Texas Tech University); Fan Yao (University of Central Florida); Zhengkai Zhang (Clemson University)
Fuzzing with Data Dependency Information
Alessandro Mantovani, Andrea Fioraldi, and Davide Balzarotti (EURECOM)

Lunch

12:30 - 14:00

Session: Adversarial Machine Learning

14:00 - 15:00

Unrolling SGD: Understanding Factors Influencing Machine Unlearning
Anvith Thudi and Gabriel Deza (University of Toronto & Vector Institute); Varun Chandrasekaran (University of Wisconsin); Nicolas Papernot (University of Toronto & Vector Institute)
Transformer-based Extraction of Deep Image Models
Verena Battis (Fraunhofer SIT); Alexander Penner (Technical University of Darmstadt)
DNN Model Architecture Fingerprinting Attack on CPU-GPU Edge Devices
Kartik Patwari, Syed Mahbub Hafiz, Han Wang, Houman Homayoun, Zubair Shafiq, and Chen-Nee Chuah (University of California, Davis)
Towards Fair and Robust Classification
Haipei Sun and Kun Wu (Stevens Institute of Technology); Ting Wang (Pennsylvania State); Hui Wendy Wang (Stevens Institute of Technology)

Break

15:00 - 15:30

Session: Users and Security

15:30 - 16:30

WatchAuth: User Authentication and Intent Recognition in Mobile Payments using a Smartwatch
Jack Sturgess, Simon Eberz, and Ivo Sluganovic (University of Oxford); Ivan Martinovic (University of Oxford)
Difficult for Thee, But Not for Me: Measuring the Difficulty and User Experience of Remediating Persistent IoT Malware
Elsa Rodríguez, Max Fukkink, Simon Parkin, Michel van Eeten, and Carlos Hernandez Ganan (Delft University of Technology)
KGP Meter: Communicating Kin Genomic Privacy to the Masses
Mathias Humbert (Cyber-Defence Campus, armasuisse S+T); Didier Dupertuis (EPFL); Mauro Cherubini and Kévin Huguenin (University of Lausanne)
aaeCAPTCHA: The Design and Implementation of Audio Adversarial CAPTCHA
Md Imran Hossen and Xiali Hei (University of Louisiana at Lafayette)

Break

16:30 - 17:00

Rump Session

17:00 - 19:30

Social Dinner

20:00 -

Awards

9:45 - 10:00

Session: Information Flow

10:00 - 11:00

Dynamic Policies Revisited
Amir M. Ahmadian and Musard Balliu (KTH Royal Institute of Technology)
Compositional Information Flow Monitoring for Reactive Programs
McKenna McCall (Carnegie Mellon University); Abhishek Bichhawat (Indian Institute of Technology Gandhinagar); Limin Jia (Carnegie Mellon University)
Transparent DIFC: Harnessing Innate Application Event Logging for Fine-Grained Decentralized Information Flow Control
Jason Liu, Anant Kandikuppa, and Adam Bates (University of Illinois at Urbana-Champaign)
xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64
Lukas Bernhard (Ruhr-University Bochum); Michael Rodler (University of Duisburg-Essen); Thorsten Holz (Ruhr-University Bochum); Lucas Davi (University of Duisburg-Essen)

Break

11:00 - 11:30

Session: Systems & Hardware Security

11:30 - 12:30

HARM: Hardware-assisted Continuous Re-randomization for Microcontrollers
Jiameng Shi and Le Guan (University of Georgia); Wenqiang Li (Institute of Information Engineering, Chinese Academy of Sciences/University of Georgia); Dayou Zhang (University of Georgia); Ping Chen (Institute for Big Data, Fudan University); Ning Zhang (Washington University in St. Louis)
Laser Meager Listener: A Scientific Exploration of Laser-based Speech Eavesdropping in Commercial User Space
Payton Walker and Nitesh Saxena (Texas A&M University, College Station)
SoK: Workerounds - Categorizing Service Worker Attacks and Mitigations
Karthika Subramani (University of Georgia); Jordan Jueckstock and Alexandros Kapravelos (North Carolina State University); Roberto Perdisci (University of Georgia/Georgia Tech)
SAUSAGE: Security Analysis of Unix domain Socket Usage in Android
Mounir Elgharabawy (Concordia University); Blas Kojusner (University of Florida); Mohammad Mannan (Concordia University); Kevin R. B. Butler and Byron Williams (University of Florida); Amr Youssef (Concordia University)

Lunch

12:30 - 14:00

Session: Applied Cryptography

14:00 - 15:00

We Can Make Mistakes: Fault-tolerant Forward Private Verifiable Dynamic Searchable Symmetric Encryption
Dandan Yuan and Giovanni Russello (The University of Auckland); Shujie Cui (Monash University)
Cross Chain Atomic Swaps in the Absence of Time via Attribute Verifiable Timed Commitments
Yacov Manevich and Adi Akavia (Haifa University)
SoK: Oblivious Pseudorandom Functions
Sílvia Casacuberta (Harvard University); Julia Hesse (IBM Research Europe - Zurich); Anja Lehmann (Hasso-Plattner-Institute, University of Potsdam)
Signature Correction Attack on Dilithium Signature Scheme
Saad Islam, Koksal Mus, Richa Singh, Patrick Schaumont, and Berk Sunar (Worcester Polytechnic Institute)

Break

15:00 - 15:30

Session: Attacks on Machine Learning

15:30 - 16:30

GRAPHITE: Generating Automatic Physical Examples for Machine-Learning Attacks on Computer Vision Systems
Ryan Feng and Neal Mangaokar (University of Michigan); Jiefeng Chen (University of Wisconsin); Earlence Fernandes (University of Wisconsin); Somesh Jha (University of Wisconsin); Atul Prakash (University of Michigan)
TrojanZoo: Towards Unified, Holistic, and Practical Evaluation of Neural Backdoors
Ren Pang (Pennsylvania State University); Zheng Zhang (Northwestern Univeristy); Xiangshan Gao (Zhejiang University); Zhaohan Xi (Pennsylvania State University); Shouling Ji and Peng Cheng (Zhejiang University); Xiapu Luo (The Hong Kong Polytechnic University); Ting Wang (Pennsylvania State University)
Dynamic Backdoor Attacks Against Machine Learning Models
Ahmed Salem, Rui Wen, and Michael Backes (CISPA Helmholtz Center for Information Security); Shiqing Ma (Rutgers University); Yang Zhang (CISPA Helmholtz Center for Information Security)
Captcha me if you can: Imitation Games with Reinforcement Learning
Ilias Tsingenopoulos (imec-DistriNet, KU Leuven); Davy Preuveneers, Lieven Desmet, and Wouter Joosen (imec-DistriNet, KU Leuven)

Closing

16:30 - 16:40

Please refer to the workshop websites for the programs. Directions to the venue can be found here.