Workshop Schedule
Thursday, May 24:

W2SP: Web 2.0 Security and Privacy [2012 website]
MoST: Mobile Security Technologies [2012 website]
WSCS: Workshop on Semantic Computing and Security [2012 website]

Friday, May 25:

WRIT: Workshop on Research for Insider Threat [2012 website]
TrustED: Workshop on Special Aspects of Cyber Physical Systems: Trustworthy Embedded Systems [2012 website]

Thursday, May 24:

W2SP: Web 2.0 Security and Privacy (Elizabethan C)
MoST: Mobile Security Technologies (Tower Salon A)
WSCS: Workshop on Semantic Computing and Security (Elizabethan D)
7:30-8:30 Breakfast (California West)
8:30-8:45     Welcome and Keynote Address: Jeannette Wing
8:45-9:00 Opening Remarks
9:00-9:15 Opening Remarks
Keynote: Peter Eckersley
9:15-10:00 Joseph Bonneau and Rubin Xu (University of Cambridge)
Character Encoding Issues of Web Passwords

Harry Halpin (W3C)
Web Authentication: The next step in the evolving identity eco-system?

Matthew Burkholder and Rachel Greenstadt
Privacy in Online Review Sites

Sharon Paradesi, Oshani Seneviratne and Lalana Kagal
Policy Aware Social Miner
10:00-10:30 Morning Break (Tower Salon Foyer)
10:30-12:00 Joint session with MoST Michael Hackett and Kirstie Hawkey (Dalhousie University)
Security, Privacy and Usability Requirements for Federated Identity

Kapil Singh (IBM T.J. Watson Research Center)
Can Mobile learn from the Web? (Short Paper)

Jenna Kallaher, Amal Krishnan, Paul Makowski, Eric Yawei Chen, and Collin Jackson (Carnegie Mellon University)
Cruel Intentions: A Security Analysis of Web Intents

Markus Jakobsson (PayPal Inc)
The Case for Replacing Passwords with Biometrics (Short Paper)
Mathieu Jaume
Semantic comparison of security policies: from access control policies to flow properties

Christopher Griffin and Kathleen Moore
A Framework for Modeling Decision Making and Deception with Semantic Information

Sumit More, Mary Mathews, Anupam Joshi and Tim Finin
A Knowledge-Based Approach To Intrusion Detection Modeling

Dibyajyoti Ghosh, Anupam Joshi, Tim Finin and Pramod Jagtap
Privacy control in smart phones using semantically rich reasoning and context modeling
12:00-1:00 Lunch (Victor's)
1:00-1:30 Nick Doty (UC Berkeley)
Keynote: Do Not Track: The Future of Web Privacy
Ryan Stevens, Clint Gibler, Jon Crussell, Jeremy Erickson, Hao Chen (UC Davis)
Investigating User Privacy in Android Ad Libraries

Jinyung Kim, Yongho Yoon, Kwangkeun Yi (Seoul National University)
ScanDal: Static Analyzer for Detecting Privacy Leaks in Android Applications

Gokhan Bal(Goethe University)
Revealing Privacy-Impacting Behavior Patterns of Smartphone Applications (Short Paper)

Karim O. Elish, Danfeng Yao, Barbara G. Ryder (Virginia Tech)
User-Centric Dependence Analysis For Identifying Malicious Mobile Apps (Short Paper)

Benjamin Davis, Ben Sanders, Armen Khodaverdian, Hao Chen (UC Davis)
I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications (Short Paper)

Gary Kenworthy, Pankaj Rohatgi (Cryptography Research Inc)
Mobile Device Security: The case for side channel resistance (Short Paper)
1:30-2:00 Hilarie Orman
Towards a Semantics of Phish.

Jim Blythe and Jean Camp
Implementing Mental Models

Hao Zhang, William Banick, Danfeng Yao and Naren Ramakrishnan
User Intention-Based Traffic Dependence Analysis For Anomaly Detection

Christopher Griffin and Anna Squicciarini
Toward a Game Theoretic Model of Information Release in Social Media with Experimental Results
2:00-2:30 Keaton Mowery and Hovav Shacham (UC San Diego)
Pixel Perfect: Fingerprinting Canvas in HTML5

Rebecca Balebako, Pedro Leon, Richard Shay, Blase Ur, and Lorrie Faith Cranor (Carnegie Mellon University)
Measuring the Effectiveness of Privacy Tools for Limiting Behavioral Advertising
3:00-3:30 Afternoon Break (Tower Salon Foyer)
3:30-4:30 Emin Topalovic and Brennan Saeta (Stanford University), Lin-Shung Huang and Collin Jackson (Carnegie Mellon University), and Dan Boneh (Stanford University)
Towards Short-Lived Certificates

Sebastian Lekies and Martin Johns (SAP Research Karlsruhe)
Lightweight Integrity Protection for Web Storage-driven Content Caching

Eric Yawei Chen, Sergey Gorbaty, Astha Singhal, and Collin Jackson (Carnegie Mellon University)
Self-Exfiltration: The Dangers of Browser-Enforced Information Flow Control
David Barrera, William Enck, Paul C. van Oorschot (Carleton University, NC State University)
Meteor: Distributed Security for Platforms with Multiple App Markets (Short Paper)

Devdatta Akhawe, Matthew Finifter (UC Berkeley)
Product Labels for Mobile Application Markets (Short Paper)

David Weinstein (MITRE Corp)
A Security Hygienic Smart Charger for Mobile Devices (Short Paper)

Markus Jakobsson, Ruj Akavipat (PayPal, Mahidol University)
Rethinking Passwords to Adapt to Constrained Keyboards (Short Paper)
Jesus Navarro, Enrique Naudon and Daniela Oliveira
Bridging the Semantic Gap to Mitigate Kernel-level Keyloggers

Daniela Oliveira (chair, Rachel Greenstadt, Jedidiah Crandall, Felix Wu
Embedding Social Trust Policies in Operating Systems or Browsers
4:30-5:00 Open discussions and future directions

Friday, May 25:

WRIT: Workshop on Insider Threat (Elizabethan C)
TrustED: Workshop on Special Aspects of Cyber Physical Systems: Trustworthy Embedded Systems (Elizabethan D)
Time WRIT TrustED
7:30-8:30 Breakfast (California West)
8:30-8:45 Opening Remarks and Introductions  
8:45-9:00 Welcome Remarks
F. Armknecht (University of Mannheim, Germany)
9:00-9:30 Presentation and Discussion led by organizers (Cybenko and Moore)
Unique Aspects of the Insider Threat (IT) Problem
P. Rohatgi (Cryptographic Research, USA)
Tamper-resistance challenges for real world embedded systems
9:30-10:00 Alexander Liu and Dung Lam
Using Consensus Clustering for Multi-view Anomaly Detection
10:00-10:30 Morning Break (Outside Elizabethan C & D)
10:30-11:00 Sal Stolfo, Malek Ben Salem and Angelos Keormytis
Fog Computing: Mitigating Insider Data Theft Attacks in the Cloud

Jonathan Voris, Nathaniel Boggs and Salvatore Stolfo
Lost in Translation: Improving Decoy Documents via Automated Translation

Youngho Cho and Gang Qu
Insider Threats against Trust Mechanism with Watchdog and Defending Approaches in Wireless Sensor Networks
Rishab Nithyanand (Stony Brook University, USA) and John Solis (Sandia National Labs, USA)
A Theoretical Analysis: Physical Unclonable Functions and The Software Protection Problem
11:00-11:30 Marc Joye (Technicolor Security & Content Protection Labs, France)
A Method for Preventing "Skipping" Attacks
11:30-12:00 Christina Boura (INRIA-Rocquencourt, France, and Gemalto,France), Sylvain Leveque (Gemalto,France) and David Vigilant (Gemalto,France)
Side-channel Analysis of Grostl and Skein
12:00-1:00 Lunch (Victor's)
1:00-1:30 Oliver Brdiczka, Juan Liu, Bob Price, Jianqiang Shen, Akshay Patil, Richard Chow, Eugene Bart and Nicolas Ducheneaut
Proactive Insider Threat Detection through Graph Learning a Psychological Context
Markku-Juhani Olavi Saarinen (Revere Security, USA)
The BLUEJAY Ultra-Lightweight Cryptosystem
1:30-2:00 Fred Cohen
Forensic Methods for Detecting Insider Turning Behaviors
Mehrdad Majzoobi (Rice University, USA), Masoud Rostami (Rice University, USA), Farinaz Koushanfar (Rice University, USA), Srinivas Devadas (Rice University, USA)and Dan Wallach (Rice University, USA)
SlenderPUF: a lightweight, robust, and secure Strong PUF by substring matching
2:00-2:30 John Murphy, Vincent Berk and Ian Gregorio-De Souza
Decision Support Procedure in the Insider Threat Domain
H. Meyn (NXP Semiconductors, Germany)
Smart Grid Data Security and Privacy
2:30-3:00 Discussion and carry over time
3:00-3:30 Afternoon Break (Outside Elizabethan C & D)
3:30-4:30 Panel discussion X. Jiang (North Carolina State University/NQ Mobile, USA)
Capability Leak Challenges for Mobile Devices and Their Apps
4:30-5:00 Workshop summary Closing Remarks
F. Armknecht (University of Mannheim, Germany)

The deadline of early registration has been extended to April 20. Click here for registration.

A room block has been set aside for Symposium attendees at the Westin St. Francis (reservation SOLD OUT) and at the Westin San Francisco Airport. Rooms are on limited availability, on a first-come, first-served basis. For more information about hotels see the hotel page.

Our Supporters




Workshop News
Shuttle Schedule
May 18, 2012
There is a complimentary shuttle between the Westin San Francisco Airport and the conference hotel. The schedule is posted on travel and hotel page.
Workshop Schedule
April 19, 2012
The workshop schedule has been posted! Click here to view the schedule.
Hotel Reservations
April 16, 2012
Only the Westin Airport hotel is available now at $179 per night if booked by April 27. Click here for more information. Visit this page for reservations.
Early Registration Deadline
April 10, 2012
The deadline of early registration has been extended to April 20. Click here for registration.
Student Travel Grants
April 3, 2012
Application for student travel grants is now open. Applications are due by April 13. Click here to find more about student travel grants.
Early Registration Deadline
April 3, 2012
The deadline of early registration is April 13. Click here for registration.
WRIT: Schedule
April 2, 2012
The schedule of WRIT'12 workshop has been posted! Click here to view the program.
WSCS: List of Accepted Papers
March 28, 2012
Click here to view the list of accepted papers for WSCS'12 workshop. The workshop program will follow soon.
Registration for Workshops
March 10, 2012
Registration for the 5 workshops is now open. Click here for registration.
January 31, 2012
The Workshop on Research for Insider Threat submission deadline has been extended: WRIT page.
January 30, 2012
The Workshop on Research for Insider Threat submission link is up: WRIT page.
November 22, 2011
The Workshop on Research for Insider Threat webpage is up: WRIT page.
Travel and Hotel Info
November 19, 2011
The Workshops Travel and Hotel information page is up based on the co-located IEEE SP website.
October 28, 2011
Workshop on Semantic Computing and Security webpage: WSCS page
Accepted Workshops
October 12, 2011
WRIT, WSCS and TrustED workshops accepted from second round.
Accepted Workshops
August 10, 2011
W2SP and MoST workshops accepted from first round.
Workshop Call
June 3, 2011
Redesigned Security and Privacy Workshops page.
Sponsored by
IEEE Computer Society Technical Committee on Security and Privacy: website