Tentative Schedule
Thursday, May 23:
CREDS: Cyber-security Research Ethics Dialog & Strategy
DUMA: 4th International Workshop on Data Usage Management
MoST: Mobile Security Technologies
Friday, May 24:
IWCC: International Workshop on Cyber Crime
WRIT: 2nd Workshop on Research for Insider Threat
W2SP: Web 2.0 Security and Privacy
Thursday, May 23:
CREDS: Cyber-security Research Ethics Dialog & Strategy
DUMA: 4th International Workshop on Data Usage Management
MoST: Mobile Security Technologies (MoST) 2013
| Time |
CREDS |
DUMA |
MoST |
| 8:00-9:00 |
Breakfast |
| 9:00-9:15 |
Welcome, Introductions, Opening Remarks
Michael Bailey and Erin Kenneally
|
Welcome
(9:00-9:10)
|
Opening Remarks
(9:00-9:10)
|
| 9:15-10:30 |
Henry Corrigan-Gibbs and Bryan Ford
Welcome to the World of Human Rights: Please Make Yourself Uncomfortable
Sebastian Schrittwieser, Martin Mulazzani and Edgar Weippl
Ethics in Security Research: Which lines should not be crossed?
John Aycock and John Sullins
Why "No Worse Off" is Worse Off
|
Keynote: Alan Davidson
(9:10-10:10)
|
Keynote: David Molnar: Security and Privacy Challenges in Mobile Augmented Reality
|
| 10:30-10:50 |
Morning Break |
Morning Break
(10:10-10:40)
|
Morning Break
(10:10-10:30)
|
| 10:50-12:20 |
Stefan Savage and Tadayoshi Kohno
Vulnerability Research in the CyberPhysical World
Mark Allman
Traffic Monitoring Considered Reasonable
Ty Bross and Jean Camp
I Just Want Your Anonymized Contacts! Benefits and Education in Security & Privacy Research
|
(10:40-12:10)
Research Paper Presentations (30 mins each)
Log Design for Accountability
An Integrated Formal Approach to Usage Control
How Usage Control and Provenance Tracking Get Together - A Data Protection Perspective
|
(10:30-12:15)
Kristopher Micinski, Philip Phelps and Jeffrey Foster
An Empirical Study of Location Truncation on Android
Kristen Kennedy, Eric Gustafson and Hao Chen
Quantifying the Effects of Removing Permissions from Android Applications
Theodore Book, Adam Pridgen and Dan Wallach
Longitudinal Analysis of Android Ad Library Permissions
Steffen Liebergeld, Matthias Lange and Collin Mulliner
Short Paper: Nomadic Honeypots: A Novel Concept for Smartphone Honeypots
|
| 12:20-1:20 |
Lunch |
(12:15-1:30)
Lunch
|
(12:15-1:30)
Lunch
|
| 1:20-2:35 |
Stuart Schechter, Cristian Bravo-Lillo, Cormac Herley, Serge Egelman and Janice Tsai
You Needn't Build That: Reusable Ethics-Compliance Infrastructure for Human Subjects Research
Ronen Margulies and Amir Herzberg
Conducting Ethical yet Realistic Usable Security Studies
Rula Sayaf, James B. Rule and Dave Clarke
Can Users Control their Data in Social Software? An Ethical Analysis of Control Systems
|
(1:30-3:00)
Position Paper Presentations (20 mins each)
The Cloud Needs Cross-Layer Data Handling Annotations
Privacy Preserving Data Analytics for Smart Homes
Toward Inference Control Mechanisms
The Probabilistic Provenance Graph
|
(1:30-3:15)
Tianhao Tong and David Evans
GuarDroid: A Trusted Path for Password Entry
Ugur Cil and Kemal Bicakci
gridWordX: Design, Implementation, and Usability Evaluation of an Authentication Scheme Supporting Both Desktops and Mobile Devices
Sarah Pidcock and Urs Hengartner
Zerosquare: A Privacy-Friendly Location Hub for Geosocial Applications
Jung-Sang Ahn and Seungryoul Maeng
Short Paper: Low-Overhead User Data Protection for Smartphones using Plaintext Cache
|
| 2:35-3:00 |
Discussions about the shifting roles, responsibilities, and relationships between Researchers, ERBs, Government, Professional Societies, and Program Committees in incentivizing and overseeing ethical research
|
| 3:00-3:15 |
Break
|
| 3:15-3:45 |
Discussions about the shifting roles, responsibilities, and relationships between Researchers, ERBs, Government, Professional Societies, and Program Committees in incentivizing and overseeing ethical research
|
Break
|
Break |
| 3:45-4:30 |
A group discussion exploring the ethical underpinnings of other recent and impactful issues that beckon for policy recommendations
|
(3:45-4:05)
Position paper:
``I hereby leave my email to...'': Data Usage Control and the Digital Estate
|
(3:45-4:45)
Lanier Watkins, Cherita Corbett, Benjamin Salazar, Kevin Fairbanks and William H. Robinson
Using Network Traffic to Remotely Identify the Type of Applications Executing on Mobile Devices
Salvador Mandujano
Privacy in the Mobile Hardware Space: Threats and Design Considerations
|
| 4:30-5:00 |
Wrap-up and Post-Op
|
(4:05 - 5:30)
Panel : Data Usage Control - Where, when, how, at all?
Panelists:
Carl Gunter
Günter Karjoth
Fabio Martinelli
Ravi Sandhu
|
|
| 5:30-5:45 |
|
Thanks and wrap-up
|
|
Friday, May 24:
IWCC: International Workshop on Cyber Crime
WRIT: 2nd Workshop on Research for Insider Threat
W2SP: Web 2.0 Security and Privacy
| Time |
IWCC: |
WRIT |
W2SP |
| 8:00-9:00 |
Breakfast |
| 9:00-9:15 |
Welcome and Opening Remarks
|
(9:00-10:10)
Keynote Speaker: Bob Hutchinson
|
(9:00-9:10)
Opening Remarks
|
| 9:15-10:00 |
Invited paper: Nicolas Courtois, Daniel Hulme, Jerzy Gawinecki, Kumail Hussain and Marek Grajek - On Bad Randomness And Cloning of Contactless Payment and Building Smart Cards
|
|
(9:10-10:10)
Keynote: Neil Daswani
|
| 10:00-10:35 |
Coffee Break
|
(10:10-10:40)
Coffee Break
|
| 10:35-12:15 |
E. Raftopoulos, X. Dimitropoulos
Understanding Network Forensics Analysis in an Operational Environment
A. F.Shosha, L. Tobin, P. Gladyshev
Digital Forensic Reconstruction of A Program Actions
V. Garg and S. Nilizadeh
Craigslist Scams and Community Composition: Investigating Online Fraud Victimization
V. A. Foroushani, N. Zincir-Heywood
On Evaluating IP Traceback Schemes: A Practical Perspective
|
(10:40-12:15)
Hoda Eldardiry, Evgeniy Bart, Juan Liu, John Hanley, Bob Price, and Oliver Brdiczka
Multi-Domain Information Fusion for Insider Threat Detection
Yingbo Song, Malek Ben Salem, Shlomo Hershkop, and Salvatore Stolfo
System Level User Behavior Biometrics Using Fisher Features and Gaussian Mixture Models
William Young, Henry Goldberg, Alex Memory, James Sartain, and Ted Senator
Use of Domain Knowledge to Detect Insider Threats in Computer Activities
|
(10:40-12:15)
Apurva Kumar (IBM India)
Security analysis of the identity federation transaction
Monica Chew and Sid Stamm (Mozilla)
Short paper: Contextual Identity: Freedom to be All Your Selves
Joseph Bonneau (Google Inc.)
Short paper: S-links: Why distributed security policy requires secure introduction
Discussion
|
| 12:15-1:30 |
Lunch
|
| 1:30-3:15 |
D. Ohana, N. Shashidhar
Do Private and Portable Web Browsers Leave Incriminating Evidence?
J. Isacenkova, O. Thonnard, A. Costin, D. Balzarotti, A. Francillon
Inside the SCAM Jungle: A Closer Look at 419 Scam Email Operation
P. Kopiczko, W. Mazurczyk, K. Szczypiorski
StegTorrent: a Steganographic Method for P2P Files Sharing Service
S. Grabski, K. Szczypiorski
Steganography in OFDM Symbols of Fast IEEE 802.11n Networks
|
David Muchene, Klevis Luli, and Craig Shue
Reporting Insider Threats via Covert Channels
Alexander Kent and Lorie Liebrock
Differentiating User Authentication Graphs
Florian Kammueller and Christian W. Probst
Invalidating Policies using Structural Information
|
Martin Mulazzani, Philipp Reschl, Markus Huber, Manuel Leithner, Sebastian Schrittwieser and Edgar Weippl
Fast and Reliable Browser Identification with JavaScript Engine Fingerprinting
Christian Eubank, Marcela Melara, Diego Perez-Botero and Arvind Narayanan
Shining the Floodlights on Mobile Web Tracking — A Privacy Survey
Jason Bau, Jonathan Mayer, Hristo Paskov and John C. Mitchell
Short paper: A Promising Direction for Web Tracking Countermeasures
Discussion
|
| 3:15-3:45 |
Coffee Break
|
| 3:45-4:45 |
L. Allodi, W. Shim, F. Massacci
Quantitative assessment of risk reduction with cybercrime black market monitoring
D. Ohana, L. Phillips, L. Chen
Preventing Cell Phone Intrusion and Theft using Biometrics
|
(3:45-5:00)
Elise Axelrad, Paul Sticha, Oliver Brdiczka, and Jianqiang Shen
Bayesian Network Model for Predicting Insider Threats
Frank Greitzer and Thomas Ferryman
Methods and Metrics for Evaluating Analytic Insider Threat Tools
Brian Lindauer and Joshua Glasser
Bridging the Gap: A Pragmatic Approach to Generating Insider Threat Data
|
(3:45-5:00)
Yuqing Zhang, Xiali Wang, Qihan Luo and Qixu Liu
Cross-Site Scripting Attacks in Social APIs
Aseem Rastogi, Jun Yuan and Rob Johnson
Short paper: Gone, But Not Forgotten: The Current State of Private Computing
Discussion
|
| 4:45-5:00 |
Closing and Best Paper Award
|
Our Supporters
|
Workshop News
Registration is open!
Feb 22, 2013
To register visit here.
Workshops are color-coded
October 31, 2012
Each workshop is assigned a specific color to facilitate better organization.
The color codes will be maintained in the flyers, handouts, etc. during the event.
See Workshops page for details.
Workshops Accepted
September 28, 2012
6 workshops are accepted this year.
See Workshops page for details.
First call for workshops
July 18, 2012
Workshop submission deadline is September 7.
See Call for Workshops page for details.
Sponsored by
IEEE Computer Society Technical Committee on Security and Privacy: website
|
