Detailed NSS Program:

10:45 - 12:45 Client-side Vulnerabilities (chair: Roy Campbell)

Defeating Pharming Attacks at the Client-Side

Sophie Gastellier-Prevost and Maryline Laurent

Automated Extraction of Polymorphic Virus Signatures Using Abstract Interpretation

Serge Chaumette, Olivier Ly, and Renaud Tabary

Modeling Worms Propagation on Probability

Yini Wang, Sheng Wen, and Yang Xiang

Detecting Infection Onset With Behavior-Based Policies

Kui Xu, Danfeng Yao, Qiang Ma, and Alexander Crowell

10:45 - 12:45 Intrusion Detection (chair: David Zage)

A Misuse-Based Network Intrusion Detection System Using Temporal Logic and Stream Processing

Abdulbasit Ahmed, Alexei Lisitsa, and Clare Dixon

A Holistic Methodology for Evaluating Wireless Intrusion Detection Systems

Khalid Nasr, Anas Abou El Kalam, and Christian Fraboul

A Grid-Based Clustering for Low-Overhead Anomaly Intrusion Detection

Yang Zhong, Hirohumi Yamaki, and Hiroki Takakura

Towards Ground Truthing Observations in Gray-Box Anomaly Detection

Jiang Ming, Haibin Zhang, and Debin Gao

14:00 - 15:30 Web Security (chair: Debin Gao)

Privacy-enhanced Identity via Browser Extensions and Linking Services

Renato Accornero, Daniele Rispoli, and Francesco Bergadano

Reactive Non-Interference for a Browser Model

Nataliia Bielova, Dominique Devriese, Fabio Massacci, and Frank Piessens

Tracking End-Users in Web Databases

Boris Rozenberg, Yaron Gonen, Ehud Gudes, Erez Shmueli, and Nurit Gal-Oz

14:00 - 15:30 Authentication and Watermarking Systems (chair: Miodrag Potkonjak)

KL-F: Karhunen-Loève Based Fragile Watermarking

Marco Botta, Davide Cavagnino, and Victor Pomponiu

Designing Secure RFID Authentication Protocols is (still) a Non-Trivial Task

Panagiotis Rizomiliotis, Evangelos Rekleitis, and Stefanos Gritzalis

Make Mine a Quadruple: Strengthening the Security of Graphical One-Time PIN authentication

Ravi Jhawar, Philip Inglesant, Nicolas Courtois, and M. Angela Sasse

16:00 - 17:40 Key Management (chair: Xiaohui (Daniel) Tao)

A Trustful Authentication and Key Exchange Scheme (TAKES) for Ad Hoc Networks

Tony Cheneau, Andrei Vlad Sambra, and Maryline Laurent

Automatic Security Verification for 3-Party Authentication and Key Exchange Protocols

Haruki Ota, Shinsaku Kiyomoto, and Yutaka Miyake

On the Security of the ECKE-1N and EECKE-1N Elliptic-Curve Key Agreement Protocols

Maurizio Adriano Strangio

Channel State Information based Key Generation vs. Side-Channel Analysis Key Information Leakage

Huiyun Li, Qi Zhang, and Hai Yuan

A Microcontroller SRAM-PUF

Christoph Boehm, Maximilian Hofer, and Wolfgang Pribyl

16:00 - 17:40 Authentication (chair: Claudio A. Ardagna)

SMS Linguistic Profiling Authentication on Mobile Devices

Hataichanok Saevanee, Nathan L. Clarke, and Steven M. Furnell

User-Representative Feature Selection for Keystroke Dynamics

Eesa Al Soalmi, Colin Boyd, Andrew Clark, and Irfan Ahmed

STORK e-Privacy and Security

Vasilis Koulolias, Athanasios Kountzeris, Alberto Crespo, Herbert Leitold, Bernd Zwattendorfer, and Marc Stern

Towards a Metric for Recognition-Based Graphical Password Security

Rosanne English and Ron Poet

RCHB: A Light-weight, Provably-secure Variant of the HB Protocol Using Rotation and Complementation

Samia A. Ali, Refaat M. Mohamed, and Mahmoud H. Fahim

10:45 - 12:45 Security in Cloud and Peer to Peer Systems (chair: Christian Grothoff)

CloudSec: A Security Monitoring Appliance for Virtual Machines in the IaaS Cloud Model

Amani S. Ibrahim, James Hamlyn-Harris, John Grundy, and Mohamed Almorsy

An Efficient VM-based Software Protection

Amir Averbuch, Michael Kiperberg, and Nezer Jacob Zaidenberg

Removing the Blinders: Using Information to Mitigate Adversaries in Adaptive Overlays

David Zage, Charles Killian, and Cristina Nita-Rotaru

Improving P2P IPTV Random Peers Search Through User Similarity

Alessio Bonti, Ming Li, and Wen Shi

10:45 - 12:45 Network Security (chair: Anas Abou El Kalam)

A Distributed Client-Puzzle Mechanism to Mitigate Bandwidth Attacks

Mazdak Alimadadi and Mehran S. Fallah

Towards Safe and Optimal Filtering Rule Reordering for Complex Packet Filters

Nizar Ben Neji and Adel Bouhoula

DANAK: Finding the Odd!

Cynthia Wagner, Jérôme François, Radu State, and Thomas Engel

A Novel Semi-Supervised Approach for Network Traffic Clustering

Yu Wang, Yang Xiang, Jun Zhang, and Shunzheng Yu

14:00 - 15:30 Access Control (chair: Philip Inglesant)

A Secure, Constraint-Aware Role-Based Access Control Interoperation Framework

Nathalie Baracaldo, Amirreza Masoumzadeh, and James Joshi

Model-based Safety Analysis of SELinux Security Policies

Peter Amthor, Winfried E. Kühnhauser, and Anja Pölck

Exploring Twisted Paths: Analyzing Authorization Processes in Organizations

Steffen Bartsch

14:00 - 15:30 Hardware-based Security (chair: Florian Kerschbaum)

Scalable Consistency-based Hardware Trojan Detection and Diagnosis

Sheng Wei and Miodrag Potkonjak

FORTUNA - A Probabilistic Framework for Early Design Stages of Hardware-Based Secure Systems

Roberto Gallo, Henrique Kawakami, and Ricardo Dahab

Attack-resilient Compliance Monitoring for Large Distributed Infrastructure Systems

Mirko Montanari and Roy Campbell

16:00 - 17:40 Wi-Fi and Network Security (chair: Hiroki Takakura)

Enhancement of ZigBee and Wi-Fi Decurity by a Robust and Fast Chaotic Algorithm

Bassem Bakhache, Joseph Ghazal, and Safwan El-Assad

Flooding Attacks Against Network Coding and Countermeasures

Yuanyuan Zhang, Wassim Znaidi, Cédric Lauradoux, and Marine Minier

Avoiding DDoS with Active Management of Backlog Queues

Martine Bellaiche, and Jean-Charles Grégoire

R⁵N : Randomized Recursive Routing for Restricted-Route Networks

Nathan S. Evans and Christian Grothoff

Analysis of Prefix Hijacking Based on AS Hierarchical Model

Bo-Feng Zhang, Yuan Li, Yu-Jing Liu, and Jin-Shu Su

16:00 - 17:40 Emerging Scenarios and e-Services (chair: James Joshi)

Data Control in Social Networks

Robert Koch, Dominik Holzapfel, and Gabi Dreo Rodosek

Trustable Outsourcing of Business Processes to Cloud Computing Environments

Sami Alsouri, Stefan Katzenbeisser, and Sebastian Biedermann

Secure Conjunctive Keyword Searches for Unstructured Text

Florian Kerschbaum

The Power of Credit Card Numbers and Long CVVs

Valentim Oliveira and Tito Silva

A Privacy-Preserving eID Based Single Sign-On Solution

Thomas Zefferer, Arne Tauber, and Bernd Zwattendorfer

9:15 - 10:15 Risk Assessment and Usability (chair: Giovanni Livraga)

Modelling Self-protected Networks and Dynamic Systems

Marta Fernández-Diego and Julián Marcelo-Cocho

A Conceptual Framework for Evaluating Usable Security in Authentication Mechanisms - Usability Perspectives

Martin Mihajlov, Borka Jerman-Blazic, and Saso Josimovski

Usability of Internet Security Software: Have They Got it Right?

Patryk Szewczyk

10:45 - 12:45 Malicious Code and Security Analysis (chair: Sara Foresti)

Semi-supervised Learning for Packed Executable Detection

Xabier Ugarte-Pedrero, Igor Santos, Pablo G. Bringas, Mikel Gastesi, and José Miguel Esparza

A Propagation Model of A Vulnerability Mitigation Computer Worm - Seawave

Ziyad Al-Salloum and Stephen Wolthusen

Towards Improving Security Testability of AADL Architecture Models

Ayda Saidane and Nicolas Guelfi

Reconstructing Security Types for Automated Policy Enforcement in FABLE

Arash Afshar, and Mehran S. Fallah

Measuring the Revised Guessability of Graphical Passwords

Rosanne English and Ron Poet