(PDF booklet version)
Monday, September 19, 2016
Tuesday, September 20, 2016
Wednesday, September 21, 2016


Monday, September 19, 2016

13:15 – 14:00 Registration & Welcome Coffee
14:00 – 14:30 Opening Remarks

Chair: Fabian Monrose

14:30 – 15:30 Everything You Code Can and Will be Re-used Against You: On the Challenges of Mitigating Code-Reuse Exploits (Abstract)
Ahmad-Reza Sadeghi (Technische Universität Darmstadt)
Coffee Break
15:30 – 16:00 Coffee Break
Session 1: Systems Security

Session Chair: Petros Efstathopoulos

16:00 – 16:30 GRIM: Leveraging GPUs for Kernel Integrity Monitoring (Abstract)
Lazaros Koromilas, Giorgos Vasiliadis (Qatar Computing Research Institute, HBKU), Elias Athanasopoulos (VU University Amsterdam), Sotiris Ioannidis (FORTH)
16:30 – 17:00 Taming Transactions: Towards Hardware-Assisted Control Flow Integrity using Transactional Memory (Abstract)
Marius Muench (Eurecom), Fabio Pagani (Eurecom), Yan Shoshitaishvili (University of California, Santa Barbara), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara), Davide Balzarotti (Eurecom)
17:00 – 17:30 Automatic Uncovering of Tap Points From Kernel Executions (Abstract)
Junyuan Zeng (University of Texas at Dallas), Yangchun Fu (University of Texas at Dallas), Zhiqiang Lin (University of Texas at Dallas)
17:30 – 18:00 Detecting Stack Layout Corruptions with Robust Stack Unwinding (Abstract)
Yangchun Fu (University of Texas at Dallas), Junghwan Rhee (NEC Laboratories America), Zhiqiang Lin (University of Texas at Dallas), Zhichun Li (NEC Laboratories America), Hui Zhang (NEC Laboratories America), Guofei Jiang (NEC Laboratories America)
Cocktail & Poster Session
18:00 – 20:00 Cocktail & Poster Session (list of posters)

Tuesday, September 20, 2016

Session 2: Low-level Attacks and Defenses

Session Chair: Hervé Debar

9:30 – 10:00 APDU-level attacks in PKCS#11 devices (Abstract)
Claudio Bozzato (Ca’ Foscari University, Venice), Riccardo Focardi (Ca’ Foscari University, Venice and Cryptosense, Paris), Francesco Palmarini (Ca’ Foscari University, Venice), Graham Steel (Cryptosense, Paris)
10:00 – 10:30 CloudRadar: A Real-Time Side-Channel Attack Detection System in Clouds (Abstract)
Tianwei Zhang (Princeton University), Yinqian Zhang (Ohio State University), Ruby B. Lee (Princeton University)
 Coffee Break
10:30 – 11:00 Coffee Break
Session 3: Measurement Studies

Session Chair: Roberto Perdisci

11:00 – 11:30 The Abuse Sharing Economy: Understanding the Limits of Threat Exchanges (Abstract)
Kurt Thomas (Google), Rony Amira (Google), Adi Ben-Yoash (Google), Ari Berger (Google), Ori Folger (Google), Amir Hardon (Google), Elie Bursztein (Google), Michael Bailey (University of Illinois at Urbana-Champaign)
11:30 – 12:00 SANDPRINT: Fingerprinting Malware Sandboxes to Provide Intelligence for Sandbox Evasion (Abstract)
Akira Yokoyama (Yokohama National University), Kou Ishii (Yokohama National University), Rui Tanabe (Yokohama National University), Yinmin Papa (Yokohama National University), Katsunari Yoshioka (Yokohama National University), Tsutomu Matsumoto (Yokohama National University), Takahiro Kasama (National Institute of Information and Communications Technology), Daisuke Inoue (National Institute of Information and Communications Technology), Michael Brengel (CISPA, Saarland University), Michael Backes (CISPA, Saarland University & MPI-SWS), Christian Rossow (CISPA, Saarland University)
12:00 – 12:30 Enabling Network Security Through Active DNS Datasets (Abstract)
Athanasios Kountouras (Georgia Institute of Technology), Panagiotis Kintis (Georgia Institute of Technology), Chaz Lever (Georgia Institute of Technology), Yizheng Chen (Georgia Institute of Technology), Yacin Nadji (Netrisk), David Dagon (Georgia Institute of Technology), Manos Antonakakis (Georgia Institute of Technology), Rodney Joffe (Neustar)
Lunch Break
12:30 – 14:00 Lunch Break
Session 4: Malware Analysis

Session Chair: Zhiqiang Lin

14:00 – 14:30 A Formal Framework for Environmentally Sensitive Malware (Abstract)
Jeremy Blackthorne (Rensselaer Polytechnic Institute), Benjamin Kaiser (Rensselaer Polytechnic Institute), Bülent Yener (Rensselaer Polytechnic Institute)
14:30 – 15:00 AVClass: A Tool for Massive Malware Labeling (Abstract)
Marcos Sebastián (IMDEA Software Institute), Richard Rivera (IMDEA Software Institute & Universidad Politécnica de Madrid), Platon Kotzias (IMDEA Software Institute & Universidad, Politécnica de Madrid), Juan Caballero (IMDEA Software Institute)
15:00 – 15:30 Semantics-Preserving Dissection of JavaScript Exploits via Dynamic JS-Binary Analysis (Abstract)
Xunchao Hu (Syracuse University), Aravind Prakash (Binghamton University), Jinghan Wang (Syracuse University), Rundong Zhou (Syracuse University), Yao Cheng (Syracuse University), Heng Yin (Syracuse University)
Coffee Break
15:30 – 16:30 Coffee Break
Social Event
16:30 Departure to Vaux-le-Vicomte (shuttle from Evry to Vaux-le-Vicomte, visit of the castle and conference dinner)

Wednesday, September 21, 2016

Session 5: Network Security

Session Chair: Marc Dacier

9:30 – 10:00 The Messenger Shoots Back: Network Operator Based IMSI Catcher Detection (Abstract)
Adrian Dabrowski (SBA Research), Georg Petzl (T-Mobile Austria), Edgar R. Weippl (SBA Research)
10:00 – 10:30 On the Feasibility of TTL-based Filtering for DRDoS Mitigation (Abstract)
Michael Backes (CISPA, Saarland University & MPI-SWS), Thorsten Holz (Horst Görtz Institute for IT-Security, Ruhr University Bochum), Christian Rossow (CISPA, Saarland University), Teemu Rytilahti (Horst Görtz Institute for IT-Security, Ruhr University Bochum), Milivoj Simeonovski (CISPA, Saarland University), Ben Stock (CISPA, Saarland University)
Coffee Break
10:30 – 11:00 Coffee Break
Session 6: Systematization of Knowledge and Experience Reports

Session Chair: Giancarlo Pellegrino

11:00 – 11:30 A Look into 30 Years of Malware Development from a Software Metrics Perspective (Abstract)
Alejandro Calleja (Universidad Carlos III de Madrid), Juan Tapiador (Universidad Carlos III de Madrid), Juan Caballero (IMDEA Software Institute)
11:30 – 12:00 Small Changes, Big Changes: An Updated View on the Android Permission System (Abstract)
Yury Zhauniarovich (Qatar Computing Research Institute, HBKU), Olga Gadyatskaya (SnT, University of Luxembourg)
12:00 – 12:30 Who Gets the Boot? Analyzing Victimization by DDoS-as-a-Service (Abstract)
Arman Noroozian (Delft University of Technology, The Netherlands), Maciej Korczyński (Delft University of Technology, The Netherlands), Carlos Hernandez Gañan (Delft University of Technology, The Netherlands), Daisuke Makita (Yokohama National University, National Institute of Information and Communications Technology, Japan), Katsunari Yoshioka (Yokohama National University, Japan), Michel van Eeten (Delft University of Technology, The Netherlands)
Lunch Break
12:30 – 13:30 Lunch Break
Session 7: Web & Mobile Security

Session Chair: Michael Bailey

13:30 – 14:00 Uses and Abuses of Server-Side Requests (Abstract)
Giancarlo Pellegrino (Saarland University), Onur Catakoglu (Eurecom), Davide Balzarotti (Eurecom), Christian Rossow (Saarland University)
14:00 – 14:30 Identifying Extension-based Ad Injection via Fine-grained Web Content Provenance (Abstract)
Sajjad Arshad (Northeastern University), Amin Kharraz (Northeastern University), William Robertson (Northeastern University)
14:30 – 15:00 Trellis: Privilege Separation for Multi-User Applications Made Easy (Abstract)
Andrea Mambretti (Northeastern University), Kaan Onarlioglu (Northeastern University), Collin Mulliner (Northeastern University), William Robertson (Northeastern University), Engin Kirda (Northeastern University), Federico Maggi (Politecnico di Milano), Stefano Zanero (Politecnico di Milano)
15:00 – 15:30 Blender: Self-randomizing Address Space Layout for Android Apps (Abstract)
Mingshen Sun (The Chinese University of Hong Kong), John C.S. Lui (The Chinese University of Hong Kong), Yajin Zhou (Qihoo 360 Technology Co. Ltd.)
Closing Remarks
15:30 Closing Remarks & Farewell Coffee