SEC 2016
31st International Conference on
ICT Systems Security and Privacy Protection - IFIP SEC 2016
May 30th till June 1st, 2016, Ghent, Belgium
Katholieke Universiteit Leuven

Program Committee
Call for Papers
Important Dates
Paper Submission
Conference Program
Co-Located Events
Social Program
Travel Information
Conference Venue
Keynote Speakers
Kristian Beckman Award
Student Travel Grants

Conference Program

The proceedings are freely accessible between May 23rd and June 23rd. The conference program can be downloaded here.

Monday May 30th 2016

08:00 - 09:00 Registration
09:00 - 10:15

IFIP SEC 2016 Opening

Invited Talk: Crazy Time - Exploiting Software Without Bugs - Herbert Bos

10:15 - 10:45 Coffee Break
10:45 - 12:15 Session 1a: IFIP SEC - Cryptographic Protocols (session chair: Frédéric Cuppens)

Coercion-resistant Proxy Voting
Oksana Kulyk, Stephan Neumann, Karola Marky, Jurlind Budurushi and Melanie Volkamer

A Posteriori Openable Public Key Encryption
Xavier Bultel and Pascal Lafourcade

Multicast Delayed Authentication For Streaming Synchrophasor Data in the Smart Grid
Sérgio Câmara, Dhananjay Anand, Victoria Pillitteri and Luiz Carmo
10:45 - 12:15 Session 1b: IFIP SEC - Human Aspects of Security I (session chair: Rossouw Von Solms)

Developing a Human Activity Model for Insider IS Security Breaches Using Action Design Research
Gurpreet Dhillon, Spyridon Samonas and Ugo Etudo

Evaluating CVSS Base Score Using Vulnerability Rewards Programs
Awad Younis, Yashwant Malaiya and Indrajit Ray

Defining Objectives For Preventing Cyberstalking
Gurpreet Dhillon, Chandrashekar Challa and Kane Smith
12:15 - 13:30 Lunch Break
13:30 - 15:00 Session 2a: IFIP SEC - Cyber Infrastructure (session chair: Indrajit Ray)

Using Process Invariants to Detect Cyber Attacks on a Water Treatment System
Sridhar Adepu and Aditya Mathur

Expression and Enforcement of Security Policy for Virtual Resource Allocation in IaaS Cloud
Yanhuang Li, Nora Cuppens-Boulahia, Jean-Michel Crom, Frédéric Cuppens and Vincent Frey

Software Defined Networking Reactive Stateful Firewall
Salaheddine Zerkane, Fréderic Cuppens, David Espes and Philippe Le Parc
13:30 - 15:00 Session 2b: IFIP SEC - Human Aspects of Security II (session chair: Gurpreet Dhillon)

Teaching Phishing-Security: Which Way is Best?
Simon Stockhardt, Benjamin Reinheimer, Melanie Volkamer, Peter Mayer, Alexandra Kunz, Philipp Rack and Daniel Lehmann

On Gender Specific Perception of Data Sharing in Japan
Markus Tschersich, Shinsaku Kiyomoto, Sebastian Pape, Toru Nakamura, Gökhan Bal, Haruo Takasaki and Kai Rannenberg

TORPEDO: TOoltip-poweRed Phishing Email DetectiOn
Melanie Volkamer, Karen Renaud and Benjamin Reinheimer
15:00 - 15:30 Coffee Break
15:30 - 16:30 Session 3a: IFIP SEC - Social Networks (session chair: Carlos Rieder)

SybilRadar: A Graph-Structure Based Framework for Sybil Detection in On-line Social Networks
Dieudonne Mulamba, Indrajit Ray and Indrakshi Ray

Collateral Damage in Online Social Networks: Apps, Friends and Privacy Interdependence
Iraklis Symeonidis, Fateme Shirazi, Gergely Biczók, Cristina Perez-Sola and Bart Preneel

15:30 - 17:00 Session 3b: Industrial Track (session chair: Bart De Decker)

Security Strategy of a Hyperscale Cloud Provider
Bruno Schroder, Microsoft

Detecting Crypto Currency Mining in Corporate Environments
Jan D'Herdt, IBM

Building a Powerful Capturing and Analysis System based on ELK, Docker and Netflow
Pieter Van Goethem, Cronos Security
18:00 - 20:30 Welcome Reception at Town Hall Ghent

Tuesday May 31st 2016

08:30 - 09:15 Registration
09:15 - 10:15

IFIP SEC Kristian Beckman Award

The Post-Snowden Threat Landscape - Bart Preneel

10:15 - 10:45 Coffee Break
10:45 - 12:15 Session 4a: IFIP SEC - Software Vulnerabilities (session chair: Philippos Peleties)

Automated Source Code Instrumentation for Vulnerability Discovery
Hongzhe Li, Jaesang Oh, Hakjoo Oh and Heejo Lee

An Information Flow-based Taxonomy to Understand the Nature of Software Vulnerabilities
Daniela Oliveira, Jedidiah Crandall, Harry Kalodner, Nicole Morin, Megan Maher, Jesus Navarro and Felix Emiliano

Dissecting the XSS Exploitation Techniques and Fuzzing Mechanisms of Blackbox Scanners
Enrico Bazzoli, Claudio Criscione, Federico Maggi and Stefano Zanero
10:45 - 12:15 Session 4b: IFIP WG11.5 Workshop - IT Assurance & Audit

Vision on the Future of IT Assurance
Abbas Shahim, chairman

The Soft Side of IT Project Management
René Hombergen

Controls for Digital Payment Services
Arne de Boer
12:15 - 13:30 Lunch Break
13:30 - 15:00 Session 5a: IFIP SEC - TPM and Internet of Things (session chair: Yuko Murayama)

A Utility-based Reputation Model for the Internet of Things
Benjamin Aziz, Paul Fremantle, Rui Wei and Alvaro Arenas

Advanced Remote Firmware Upgrades Using TPM 2.0
Andreas Fuchs, Christoph Krauß and Jürgen Repp
13:30 - 15:00 Session 5b: IFIP WG11.5 Workshop - IT Assurance & Audit

A View on Assurance within Digital Information Chains
René Matthijsse

Information Assurance in the Modern Age
Stef Schinagl

IT Assurance Trends 2016
Barry Derksen
15:00 - 15:30 Coffee Break
15:30 - 16:30 Session 6a: IFIP SEC - Sidechannel Analysis (session chair: Jerzy Nawrocki)

RegRSA: Using Registers as Buffers to Resist Memory Disclosure Attacks
Yuan Zhao, Jingqiang Lin, Wuqiong Pan, Cong Xue, Fangyu Zheng and Ziqiang Ma

Uncertainly? No, it's very certainly! Recovering the Key from Guessing Entropy enhanced side channel distinguishers
Changhai Ou, Wang Zhu, Degang Sun, Xinping Zhou and Juan Ai

15:30 - 17:00 Session 6b: IFIP WG11.5 Workshop - IT Assurance & Audit

The CIO in the Boardroom versus the Three Lines of Defense
Aart van der Vlist

Assessing the Security of Cyber-Physical Systems - a Logic-Based Approach
Laurens Lemaire

How to avoid fraudulent IT products violating Ethical Principles; Code of Conduct should order IT Audits
Sebastian Paans
18:30 - 19:30 Boat Trip through City Centre
20:00 Gala Dinner @ Salons Carlos Quinto

Wednesday June 1st 2016

08:30 - 09:00 Registration
09:00 - 10:30 Session 7a: IFIP SEC - Software Security (session chair: Nora Cuppens)

Advanced or not? A comparative study of the use of anti-debugging and anti-VM techniques in generic and targeted malware
Ping Chen, Lieven Desmet, Christophe Huygens and Wouter Joosen

NativeProtector: Protecting Android Applications by Isolating and Intercepting Third-Party Native Libraries
Yu-Yang Hong, Yu-Ping Wang and Jie Yin

A progress-sensitive flow-sensitive inlined information-flow control monitor
Andrew Bedford, Stephen Chong, Josee Desharnais and Nadia Tawbi
09:00 - 10:30 Session 7b: IFIP SEC - Privacy (session chair: Kai Rannenberg)

Deducing User Presence From Inter-Message Intervals in Home Automation Systems
Frederik Möllers and Christoph Sorge

Privacy by design principles in design of new generation cognitive assistive technologies
Ella Kolkowska and Annica Kristoffersson

A trustless privacy-preserving reputation system
Alexander Schaub, Omar Hasan, Rémi Bazin and Lionel Brunie
10:30 - 11:00 Coffee Break
11:00 - 12:00

Invited Talk: The risk-based approach to privacy: prospects and challenges - Daniel Le Métayer

12:00 - 12:30 OSA Award
IFIP SEC Best Student Paper Award and Closing
14:00 - 16:30 Optional Social Event - Ghent Clip Walk


Cronos Security


Microsoft Corporation