To authors: A regular paper presentation would be 25 mins in total (including 5 mins Q&A) and a tool/dataset paper presentation would be 15 mins in total (including 5 mins Q&A).

April 24 - April 25 - April 26


April 24 (Room: Lucas Room)


Keynote I

09:00AM - 10:00AM

Tackling Credential Abuse Together
Michael Reiter (Duke University)

Break (30 Minutes)

10:00AM - 10:30AM

Session 1: Privacy Analysis

10:30AM - 12:15PM

Comparative Privacy Analysis of Mobile Web Browsers
Ahsan Zafar and Anupam Das.
IdDecoder: A Face Embedding Inversion Tool and its Privacy and Security Implications on Facial Recognition Systems
Minh-Ha Le and Niklas Carlsson.
Attribute Inference Attacks in Online Multiplayer Video Games: a Case Study on Dota2
Pier Paolo Tricomi, Lisa Facciolo, Giovanni Apruzzese and Mauro Conti.
AutoSpill: Credential Leakage from Mobile Password Managers
Ankit Gangwal, Shubham Singh and Abhijeet Srivastava.

Lunch (75 Minutes)

12:15PM - 01:30PM

Session 2: Human Factors and Cloud

01:30PM - 03:30PM

Users Really Do Respond To Smishing
Md Lutfor Rahman, Daniel Timko, Hamid Wali and Ajaya Neupane.
A User Study of Keystroke Dynamics as Second Factor in Web MFA
Ahmed Wahab, Daqing Hou and Stephanie Schuckers.
(Dataset/Tool) Multi-Modality Mobile Datasets for Behavioral Biometrics Research
Aratrika Ray-Dowling, Ahmed Anu Wahab, Daqing Hou and Stephanie Schuckers.
A Tenant-based Two-stage Approach to Auditing the Integrity of Virtual Network Function Chains Hosted on Third-Party Clouds
Momen Oqaily, Suryadipta Majumdar, Lingyu Wang, Mohammad Ekramul Kabir, Yosr Jarraya, A S M Asadujjaman, Makan Pourzandi and Mourad Debbabi.
CloudShield: Real-time Anomaly Detection in the Cloud
Zecheng He, Guangyuan Hu and Ruby Lee.

Break (30 Minutes)

03:30PM - 04:00PM

Panel I: TBA

04:00PM - 05:20PM

Panelists
TBA
Moderators
TBA
Abstract

TBA

Break (10 Minutes)

05:20PM - 05:30PM

Reception and Poster Session I (Room: TBA)

05:30PM - 08:30PM

April 25 (Room: SAC Salons)


Keynote II

09:00AM - 10:00AM

Local Methods for Privacy Protection and Impact on Fairness
Catuscia Palamidessi (Inria)

Break (30 Minutes)

10:00AM - 10:30AM

Session 3: Privacy Enhancing Techniques

10:30AM - 12:15PM

Privacy Preserving Fully Online Matching with Deadlines
Andreas Klinger and Ulrike Meyer.
Grote: Group Testing for Privacy-Preserving Face Identification
Alberto Ibarrondo, Hervé Chabanne, Vincent Despiegel and Melek Önen.
Anonymous System for Fully Distributed and Robust Secure Multi-Party Computation
Andreas Klinger, Felix Battermann and Ulrike Meyer.
Velocity-Aware Geo-Indistinguishability
Ricardo Mendes, Mariana Cunha and Joao P. Vilela.

Lunch (75 Minutes)

12:15PM - 01:30PM

Session 4: Software and Systems Security

01:30PM - 03:15PM

Confidential Execution of Deep Learning Inference at the Untrusted Edge with ARM TrustZone
Md Shihabul Islam, Mahmoud Zamani, Chung Hwan Kim, Latifur Khan and Kevin Hamlen.
Protecting Encrypted Virtual Machines from Nested Page Fault Controlled Channel
Haoxiang Qin, Zhenyu Song, Weijuan Zhang, Sicong Huang, Wentao Yao, Ge Liu, Xiaoqi Jia and Haichao Du.
Overcoming the Pitfalls of HPC-based Cryptojacking Detection in Presence of GPUs
Claudius Pott, Berk Gulmezoglu and Thomas Eisenbarth.
Detecting Backdoors in Collaboration Graphs of Software Repositories
Tom Ganz, Inaam Ashraf, Martin Härterich and Konrad Rieck.

Break (30 Minutes)

03:15PM - 03:45PM

Panel II: TBA

03:45PM - 05:05PM

Panelists
TBA
Moderators
TBA
Abstract

TBA

Break (30 Minutes)

05:05PM - 05:30PM

Conference Dinner (Room: TBA)

05:30PM - 08:30PM

April 26 (Room: Lucas Room)


Session 5: IoT and Embedded Systesms Security

09:00AM - 10:50AM

Infotainment System Matters: Understanding the Impact and Implications of In-Vehicle Infotainment System Hacking with Automotive Grade Linux
Seonghoon Jeong, Minsoo Ryu, Hyunjae Kang and Huy Kang Kim.
HAT: Secure and Practical Key Establishment for Implantable Medical Devices
Sayon Duttagupta, Eduard Marin, Dave Singelee and Bart Preneel.
SCAtt-man: Side-Channel-Based Remote Attestation for Embedded Devices that Users Understand
Sebastian Surminski, Christian Niesler, Sebastian Linsner, Lucas Davi and Christian Reuter.
(Dataset/Tool) Risk-Based Authentication for OpenStack: A Fully Functional Implementation and Guiding Example
Vincent Unsel, Stephan Wiefling, Nils Gruschka and Luigi Lo Iacono.
(Dataset/Tool) All Your IoT Devices Are Belong to Us: Security Weaknesses in IoT Management Platforms
Bhaskar Tejaswi, Mohammad Mannan and Amr Youssef.

Break (30 Minutes)

10:50AM - 11:20AM

Session 6: Access Control

11:20AM - 12:30PM

Role Models: Role-based Debloating for Web Applications
Babak Amin Azad and Nick Nikiforakis.
FLAP - A Federated Learning Framework for Attribute-based Access Control Policies
Amani Abu Jabal, Elisa Bertino, Jorge Lobo, Dinesh Verma, Seraphin Calo and Alessandra Russo.
(Dataset/Tool) Realistic ABAC Data Generation using Conditional Tabular GAN
Ritwik Rai and Shamik Sural.

End Conference

12:30PM