08:45 - 09:00 Welcome Remarks/Awards
09:00 - 10:30 Software Security
Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox Fuzzing
Jinghan Wang, University of California, Riverside
Yue Duan, Cornell University
Wei Song, Heng Yin, Chengyu Song, University of California, Riverside
On Design Inference from Binaries Compiled using Modern C++ Defenses
Rukayat Ayomide Erinfolami, Anh T Quach, Aravind Prakash, Binghamton University
DECAF++: Elastic Whole-System Dynamic Taint Analysis
Ali Davanian, Zhenxiao Qi, Yu Qu, Heng Yin, University of California, Riverside
10:30 - 11:00 BREAK
11:00 - 12:30 Understanding Attacks
Towards a First Step to Understand the Cryptocurrency Stealing Attack on Ethereum
Zhen Cheng, Zhejiang University
Xinrui Hou, Xidian University
Runhuai Li, Yajin Zhou, Zhejiang University
Xiapu Luo, The Hong Kong Polytechnic University
Jinku Li, Xidian University
Kui Ren, Zhejiang University
Fingerprinting Tooling used for SSH Compromisation Attempts
Vincent Ghiette, Harm Griffioen, Christian Doerr, TU Delft
Timing Patterns and Correlations in Spontaneous SCADA Traffic for Anomaly Detection
Chih-Yuan Lin, Simin Nadjm-Tehrani, Linköping Universitet
12:30-13:30 LUNCH
13:30 - 15:00 Defenses
USBESAFE: An End-Point Solution to Protect Against USB-Based Attacks
Amin Kharraz, Univeristy of Illinois at Urbana Champaign
Brandon L. Daley, Graham Z. Baker, MIT Lincoln Laboratory
William Robertson, Engin Kirda, Northeastern University
Minimal Kernel: An Operating System Architecture for TEE to Resist Board Level Physical Attacks
Shijun Zhao, Institute of Software Chinese Academy of Sciences
Qianying Zhang, Capital Normal University Information Engineering College
Yu Qin, Wei Feng, Dengguo Feng, Institute of Software Chinese Academy of Sciences
ScaRR: Scalable Runtime Remote Attestation for Complex Systems
Flavio Toffalini, Singapore University of Technology and Design
Eleonora Losiouk, Andrea Biondo, University of Padua
Jianying Zhou, Singapore University of Technology and Design
Mauro Conti, University of Padua
15:00 - 15:30 BREAK
15:30 - 17:30 Embedded Security
Toward the Analysis of Embedded Firmware through Automated Re-hosting
Eric Gustafson, UC Santa Barbara
Marius Muench, EURECOM
Chad Spensky, Nilo Redini, Aravind Machiry, UC Santa Barbara
Yanick Fratantonio, Davide Balzarotti, Aurelien Francillon, EURECOM
Yung Ryn Choe, Sandia National Laborartores
Christopher Kruegel, Giovanni Vigna, UC Santa Barbara
CryptoREX: Large-scale Analysis of Cryptographic Misuse in IoT Devices
Li Zhang, Jinan University
Jiongyi Chen, The Chinese University of Hong Kong
Wenrui Diao, Shanqing Guo, Shandong University
Jian Weng, Jinan University
Kehuan Zhang, The Chinese University of Hong Kong
PAtt: Physics-based Attestation of Control Systems
Hamid Reza Ghaeini, Singapore University of Technology and Design
Matthew Chan, Rutgers University
Raad Bahmani, Ferdinand Brasser, TU Darmstadt
Luis Garcia, University of California, Los Angeles
Jianying Zhou, Singapore University of Technology and Design
Ahmad-Reza Sadeghi, TU Darmstadt
Nils Ole Tippenhauer, CISPA, Helmholtz Center for Information Security
Saman Zonouz, Rutgers University
COMA: Communication and Obfuscation Management Architecture
Kimia Zamiri Azar, Farnoud Farahmand, Hadi Mardani Kamali, Shervin Roshanisefat, Houman Homayoun, George Mason University
William Diehl, Virginia Tech
Kris Gaj, Avesta Sasan, George Mason University
17:30 - 20:00 Reception


09:00 - 10:30 Privacy Enhancing Techniques
PRO-ORAM: Practical Read-Only Oblivious RAM
Shruti Tople, Microsoft
Yaoqi Jia, Ziliqa Research
Prateek Saxena, NUS
The Duster Attack: Tor Onion Service Attribution Based on Flow Watermarking with Track Hiding
Alfonso Iacovazzi, ST Engineering-SUTD Cyber Security Laboratory, Singapore University of Technology and Design
Daniel Frassinelli, CISPA, Helmholtz Center for Information Security, Germany
Yuval Elovici, Department of Software and Information Systems Engineering and Cyber Security Research Center, Ben-Gurion University of the Negev, Israel; and iTrust--Centre for Research in Cyber Security, Singapore University of Technology and Design, Singapore
TALON: An Automated Framework for Cross-Device Tracking Detection
Konstantinos Solomos, FORTH
Panagiotis Ilia, University of Illinois at Chicago
Sotiris Ioannidis, FORTH
Nicolas Kourtellis, Telefonica Research
10:30 - 11:00 BREAK
11:00 - 12:30 Android Security I
Analysis of Location Data Leakage in the Internet Traffic of Android-based Mobile Devices
Nir Sivan, Ron Bitton, Asaf Shabtai, Ben Gurion University of the Negev
Kindness is a Risky Business: On the Usage of the Accessibility APIs in Android
Wenrui Diao, Shandong University
Yue Zhang, Li Zhang, Jinan University
Zhou Li, University of California, Irvine
Fenghao Xu, The Chinese University of Hong Kong
Xiaorui Pan, Indiana University Bloomington
Xiangyu Liu, Alibaba Inc.
Jian Weng, Jinan University
Kehuan Zhang, The Chinese University of Hong Kong
XiaoFeng Wang, Indiana University Bloomington
Automatic Generation of Non-intrusive Updates for Third-Party Libraries in Android Applications
Yue Duan, Cornell University
Lian Gao, Jie Hu, Heng Yin, University of California Riverside
12:30-13:30 LUNCH
13:30 - 15:00 Machine Learning & Watermarking
Exploiting the Inherent Limitation of L0 Adversarial Examples
Fei Zuo, Bokai Yang, Xiaopeng Li, Lannan Luo, Qiang Zeng, University of South Carolina
NLP-EYE: Detecting Memory Corruptions via Semantic-Aware Memory Operation Function Identification
Jianqiang Wang, Shanghai Jiao Tong University
Yuanyuan Zhang, Juanru Li, Shanghai Jiao Tong University
Zheyu Ma, Northwestern Polytechnical University
Long Mai, Tiancheng Chen, Dawu Gu, Shanghai Jiao Tong University
Robust Optimization-Based Watermarking Scheme for Sequential Data
Erman Ayday, Case Western Reserve University, Bilkent University
Emre Yilmaz, Case Western Reserve University
Arif Yilmaz, Bilkent University
15:00 - 15:30 BREAK
15:30 - 17:00 Malware
Smart Malware that Uses Leaked Control Data of Robotic Applications: The Case of Raven-II Surgical Robots
Keywhan Chung, Xiao Li, University of Illinois at Urbana-Champaign
Peicheng Tang, Rose-Hulman Institute of Technology
Zeran Zhu, Zbigniew T. Kalbarczyk, Ravishankar K. Iyer, Thenkurussi Kesavadas, University of Illinois at Urbana-Champaign
SGXJail: Defeating Enclave Malware via Confinement
Samuel Weiser, Luca Mayr, Michael Schwarz, Daniel Gruss, Samuel Weiser, Graz University of Technology
Fluorescence: Detecting Kernel-Resident Malware in Clouds
Richard Li, University of Utah
Min Du, University of California Berkeley
David Johnson, Robert Ricci, Jacobus Van der Merwe, Eric Eide, University of Utah
18:00 - 21:00 Banquet


09:00 - 10:30 DNS Security
Now You See It, Now You Don't: A Large-scale Analysis of Early Domain Deletions
Timothy Barron, Najmeh Miramirkhani, Nick Nikiforakis, Stony Brook University
HinDom: A Robust Malicious Domain Detection System based on Heterogeneous Information Network with Transductive Classification
Xiaoqing Sun, Mingkai Tong, Jiahai Yang, Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China
Liu Xinran, National Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing, China
Liu Heng, China Electronics Cyberspace Great Wall Co., Ltd, Beijing, China
DomainScouter: Understanding the Risks of Deceptive IDNs
Daiki Chiba, Ayako Akiyama Hasegawa, Takashi Koide, NTT Secure Platform Laboratories
Yuta Sawabe, Shigeki Goto, Waseda University
Mitsuaki Akiyama, NTT Secure Platform Laboratories
10:30 - 11:00 BREAK
11:00 - 12:30 Attacks
Dynamically Finding Minimal Eviction Sets Can Be Quicker Than You Think for Side-Channel Attacks against the LLC
Wei Song, Institute of Information Engineering, CAS
Peng Liu, Pennsylvania State University
Time and Order: Towards Automatically Identifying Side-Channel Vulnerabilities in Enclave Binaries
Wubing Wang, Yinqian Zhang, Zhiqiang Lin, The Ohio State University
Application level attacks on Connected Vehicle Protocols
Ahmed Abdo, Sakib Md Bin Malek, Zhiyun Qian, University of California, Riverside
Qi Zhu, Northwestern University
Matthew Barth, Nael Abu-Ghazaleh, University of California, Riverside
12:30-13:30 LUNCH
13:30 - 15:00 Security in Data Centers and the Cloud
S3: A DFW-based Scalable Security State Analysis Framework for Large-Scale Data Center Networks
Abdulhakim Sabur, Ankur Chowdhary, Dijiang Huang, Arizona State University
Myong Kang, Anya Kim, Alexander Velazquez, Naval Research Lab
Container-IMA: A privacy-preserving Integrity Measurement Architecture for Containers
Wu Luo, Qingni Shen, Yutang Xia, Zhonghai Wu, Peking University, BeiJing, China
Fingerprinting SDN Applications via Encrypted Control Traffic
Jiahao Cao, Tsinghua University; George Mason University
Zijie Yang, Tsinghua University
Kun Sun, George Mason University
Qi Li, Mingwei Xu, Tsinghua University
Peiyi Han, Beijing University of Posts and Telecommunications
15:00 - 15:30 BREAK
15:30 - 17:00 Android Security II
Exploring Syscall-Based Semantics Reconstruction of Android Applications
Dario Nisi, EURECOM
Antonio Bianchi, University of Iowa
Yanick Fratantonio, EURECOM
Towards Large-Scale Hunting for Android Negative-Day Malware
Lun-Pin Yuan, Penn State University
Wenjun Hu, Palo Alto Networks Inc.
Ting Yu, Qatar Computing Research Institute
Peng Liu, Sencun Zhu, Lun-Pin Yuan, Penn State University
DroidScraper: A Tool for Android In-Memory Object Recovery and Reconstruction
Aisha Ali-Gombe, Towson University
Sneha Sudhakaran, Louisiana State University
Andrew Case, Volatility Foundation
Golden G. Richard III, Louisiana State University
17:00 - 17:15 CLOSING REMARKS