Monday |
|
08:45 - 09:00 | Welcome Remarks/Awards |
09:00 - 10:30 | Software Security(Session Chair: Thorsten Holz) |
Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox Fuzzing
Jinghan Wang, University of California, Riverside Yue Duan, Cornell University Wei Song, Heng Yin, Chengyu Song, University of California, Riverside |
|
On Design Inference from Binaries Compiled using Modern C++ Defenses
Rukayat Ayomide Erinfolami, Anh T Quach, Aravind Prakash, Binghamton University |
|
DECAF++: Elastic Whole-System Dynamic Taint Analysis
Ali Davanian, Zhenxiao Qi, Yu Qu, Heng Yin, University of California, Riverside |
|
10:30 - 10:45 | BREAK |
10:45 - 12:15 | Understanding Attacks(Session Chair: Zhiqiang Lin) |
Towards a First Step to Understand the Cryptocurrency Stealing Attack on Ethereum
Zhen Cheng, Zhejiang University Xinrui Hou, Xidian University Runhuai Li, Yajin Zhou, Zhejiang University Xiapu Luo, The Hong Kong Polytechnic University Jinku Li, Xidian University Kui Ren, Zhejiang University |
|
Fingerprinting Tooling used for SSH Compromisation Attempts
Vincent Ghiette, Harm Griffioen, Christian Doerr, TU Delft |
|
Timing Patterns and Correlations in Spontaneous SCADA Traffic for Anomaly Detection
Chih-Yuan Lin, Simin Nadjm-Tehrani, Linköping Universitet |
|
12:15-13:30 | LUNCH |
13:30 - 15:00 | Defenses(Session Chair: Manuel Egele) |
USBESAFE: An End-Point Solution to Protect Against USB-Based Attacks
Amin Kharraz, University of Illinois at Urbana Champaign Brandon L. Daley, Graham Z. Baker, MIT Lincoln Laboratory William Robertson, Engin Kirda, Northeastern University |
|
Minimal Kernel: An Operating System Architecture for TEE to Resist Board Level Physical Attacks
Shijun Zhao, Institute of Software Chinese Academy of Sciences Qianying Zhang, Capital Normal University Information Engineering College Yu Qin, Wei Feng, Dengguo Feng, Institute of Software Chinese Academy of Sciences |
|
ScaRR: Scalable Runtime Remote Attestation for Complex Systems
Flavio Toffalini, Singapore University of Technology and Design Eleonora Losiouk, Andrea Biondo, University of Padua Jianying Zhou, Singapore University of Technology and Design Mauro Conti, University of Padua |
|
15:00 - 15:15 | BREAK |
15:15 - 17:15 | Embedded Security(Session Chair: Yinqian Zhang) |
Toward the Analysis of Embedded Firmware through Automated Re-hosting
Eric Gustafson, UC Santa Barbara Marius Muench, EURECOM Chad Spensky, Nilo Redini, Aravind Machiry, UC Santa Barbara Yanick Fratantonio, Davide Balzarotti, Aurelien Francillon, EURECOM Yung Ryn Choe, Sandia National Laboratories Christopher Kruegel, Giovanni Vigna, UC Santa Barbara |
|
CryptoREX: Large-scale Analysis of Cryptographic Misuse in IoT Devices
Li Zhang, Jinan University Jiongyi Chen, The Chinese University of Hong Kong Wenrui Diao, Shanqing Guo, Shandong University Jian Weng, Jinan University Kehuan Zhang, The Chinese University of Hong Kong |
|
PAtt: Physics-based Attestation of Control Systems
Hamid Reza Ghaeini, Singapore University of Technology and Design Matthew Chan, Rutgers University Raad Bahmani, Ferdinand Brasser, TU Darmstadt Luis Garcia, University of California, Los Angeles Jianying Zhou, Singapore University of Technology and Design Ahmad-Reza Sadeghi, TU Darmstadt Nils Ole Tippenhauer, CISPA, Helmholtz Center for Information Security Saman Zonouz, Rutgers University |
|
COMA: Communication and Obfuscation Management Architecture
Kimia Zamiri Azar, Farnoud Farahmand, Hadi Mardani Kamali, Shervin Roshanisefat, Houman Homayoun, George Mason University William Diehl, Virginia Tech Kris Gaj, Avesta Sasan, George Mason University |
|
17:30 - 20:00 | Reception |
Tuesday |
|
08:45 - 10:15 | Privacy Enhancing Techniques |
PRO-ORAM: Practical Read-Only Oblivious RAM
Shruti Tople, Microsoft Yaoqi Jia, Ziliqa Research Prateek Saxena, NUS |
|
The Duster Attack: Tor Onion Service Attribution Based on Flow Watermarking with Track Hiding
Alfonso Iacovazzi, ST Engineering-SUTD Cyber Security Laboratory, Singapore University of Technology and Design Daniel Frassinelli, CISPA, Helmholtz Center for Information Security, Germany Yuval Elovici, Department of Software and Information Systems Engineering and Cyber Security Research Center, Ben-Gurion University of the Negev, Israel; and iTrust--Centre for Research in Cyber Security, Singapore University of Technology and Design, Singapore |
|
TALON: An Automated Framework for Cross-Device Tracking Detection
Konstantinos Solomos, FORTH Panagiotis Ilia, University of Illinois at Chicago Sotiris Ioannidis, FORTH Nicolas Kourtellis, Telefonica Research |
|
10:15 - 10:30 | BREAK |
10:30 - 12:00 | Android Security I(Session Chair: Aravind Prakash) |
Analysis of Location Data Leakage in the Internet Traffic of Android-based Mobile Devices
Nir Sivan, Ron Bitton, Asaf Shabtai, Ben Gurion University of the Negev |
|
Kindness is a Risky Business: On the Usage of the Accessibility APIs in Android
Wenrui Diao, Shandong University Yue Zhang, Li Zhang, Jinan University Zhou Li, University of California, Irvine Fenghao Xu, The Chinese University of Hong Kong Xiaorui Pan, Indiana University Bloomington Xiangyu Liu, Alibaba Inc. Jian Weng, Jinan University Kehuan Zhang, The Chinese University of Hong Kong XiaoFeng Wang, Indiana University Bloomington |
|
Automatic Generation of Non-intrusive Updates for Third-Party Libraries in Android Applications
Yue Duan, Cornell University Lian Gao, Jie Hu, Heng Yin, University of California Riverside |
|
12:00-13:30 | LUNCH |
13:30 - 15:00 | Machine Learning & Watermarking(Session Chair: Amin Kharraz) |
Exploiting the Inherent Limitation of L0 Adversarial Examples
Fei Zuo, Bokai Yang, Xiaopeng Li, Lannan Luo, Qiang Zeng, University of South Carolina |
|
NLP-EYE: Detecting Memory Corruptions via Semantic-Aware Memory Operation Function Identification
Jianqiang Wang, Shanghai Jiao Tong University Siqi Ma, CSIRO DATA61 Yuanyuan Zhang, Juanru Li, Shanghai Jiao Tong University Zheyu Ma, Northwestern Polytechnical University Long Mai, Tiancheng Chen, Dawu Gu, Shanghai Jiao Tong University |
|
Robust Optimization-Based Watermarking Scheme for Sequential Data
Erman Ayday, Case Western Reserve University, Bilkent University Emre Yilmaz, Case Western Reserve University Arif Yilmaz, Bilkent University |
|
15:00 - 15:15 | BREAK |
15:15 - 16:45 | Malware |
Smart Malware that Uses Leaked Control Data of Robotic Applications: The Case of Raven-II Surgical Robots
Keywhan Chung, Xiao Li, University of Illinois at Urbana-Champaign Peicheng Tang, Rose-Hulman Institute of Technology Zeran Zhu, Zbigniew T. Kalbarczyk, Ravishankar K. Iyer, Thenkurussi Kesavadas, University of Illinois at Urbana-Champaign |
|
SGXJail: Defeating Enclave Malware via Confinement
Samuel Weiser, Luca Mayr, Michael Schwarz, Daniel Gruss, Graz University of Technology |
|
Fluorescence: Detecting Kernel-Resident Malware in Clouds
Richard Li, University of Utah Min Du, University of California Berkeley David Johnson, Robert Ricci, Jacobus Van der Merwe, Eric Eide, University of Utah |
|
18:00 - 21:00 | Banquet |
Wednesday |
|
08:45 - 10:15 | DNS Security |
Now You See It, Now You Don't: A Large-scale Analysis of Early Domain Deletions
Timothy Barron, Najmeh Miramirkhani, Nick Nikiforakis, Stony Brook University |
|
HinDom: A Robust Malicious Domain Detection System based on Heterogeneous Information Network with Transductive Classification
Xiaoqing Sun, Mingkai Tong, Jiahai Yang, Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China Liu Xinran, National Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing, China Liu Heng, China Electronics Cyberspace Great Wall Co., Ltd, Beijing, China |
|
DomainScouter: Understanding the Risks of Deceptive IDNs
Daiki Chiba, Ayako Akiyama Hasegawa, Takashi Koide, NTT Secure Platform Laboratories Yuta Sawabe, Shigeki Goto, Waseda University Mitsuaki Akiyama, NTT Secure Platform Laboratories |
|
10:15 - 10:30 | BREAK |
10:30 - 12:00 | Attacks(Session Chair: Chao Zhang) |
Dynamically Finding Minimal Eviction Sets Can Be Quicker Than You Think for Side-Channel Attacks against the LLC
Wei Song, Institute of Information Engineering, CAS Peng Liu, Pennsylvania State University |
|
Time and Order: Towards Automatically Identifying Side-Channel Vulnerabilities in Enclave Binaries
Wubing Wang, Yinqian Zhang, Zhiqiang Lin, The Ohio State University |
|
Application level attacks on Connected Vehicle Protocols
Ahmed Abdo, Sakib Md Bin Malek, Zhiyun Qian, University of California, Riverside Qi Zhu, Northwestern University Matthew Barth, Nael Abu-Ghazaleh, University of California, Riverside |
|
12:00-13:30 | LUNCH |
13:30 - 15:00 | Security in Data Centers and the Cloud(Session Chair: Nicolas Kourtellis) |
S3: A DFW-based Scalable Security State Analysis Framework for Large-Scale Data Center Networks
Abdulhakim Sabur, Ankur Chowdhary, Dijiang Huang, Arizona State University Myong Kang, Anya Kim, Alexander Velazquez, Naval Research Lab |
|
Container-IMA: A privacy-preserving Integrity Measurement Architecture for Containers
Wu Luo, Qingni Shen, Yutang Xia, Zhonghai Wu, Peking University, Beijing, China |
|
Fingerprinting SDN Applications via Encrypted Control Traffic
Jiahao Cao, Tsinghua University; George Mason University Zijie Yang, Tsinghua University Kun Sun, George Mason University Qi Li, Mingwei Xu, Tsinghua University Peiyi Han, Beijing University of Posts and Telecommunications |
|
15:00 - 15:15 | BREAK |
15:15 - 16:45 | Android Security II |
Exploring Syscall-Based Semantics Reconstruction of Android Applications
Dario Nisi, EURECOM Antonio Bianchi, University of Iowa Yanick Fratantonio, EURECOM |
|
Towards Large-Scale Hunting for Android Negative-Day Malware
Lun-Pin Yuan, Penn State University Wenjun Hu, Palo Alto Networks Inc. Ting Yu, Qatar Computing Research Institute Peng Liu, Sencun Zhu, Penn State University |
|
DroidScraper: A Tool for Android In-Memory Object Recovery and Reconstruction
Aisha Ali-Gombe, Towson University Sneha Sudhakaran, Louisiana State University Andrew Case, Volatility Foundation Golden G. Richard III, Louisiana State University |
|
17:00 - 17:15 | CLOSING REMARKS |