Skip to main content
Annual Computer Security Applications Conference (ACSAC) 2017

Full Program

If you would like to create a personalized program, check the boxes next to the sessions you would like to attend, then click the Create My Program button at the bottom of the page. You may then save or print your personalized program through your browser.


Monday, 4 December 2017
7:30-8:30
(Rm. TBD)
8:30-12:00
Rm. TBDRm. TBDRm. TBDRm. TBDRm. TBDRm. TBD

Two-Day Workshop

Morning session consists of M3: Holistic Layered Assurance tutorial

Gabriela Ciocarlie and Peter G. Neumman, SRI International, and Rance DeLong, Santa Clara University, Workshop Co-Chairs

 

 

Two-Day Worshop

J. Todd McDonald, University of South Alabama, General Chair

Full Day Tutorial

Dr. Paolina Centonze, Iona College

Full Day Tutorial

Robert C. Seacord, NCC Group

Half Day Tutorial - Morning Only

Also offered as part of Layered Assurance Workshop (LAW)

Dr. Wolfgang Kampichler, FREQUENTIS AG

Two-Day Training Course

Instructors: Kevin Nauer and SeanMichael Galvin, Sandia National Laboratories

 

 

 

12:00-13:30
(Rm. TBD)
13:30-17:00
Rm. TBDRm. TBDRm. TBDRm. TBDRm. TBD

(workshop continues)

(workshop continues)

(tutorial continues)

(tutorial continues)

(training continues)

Tuesday, 5 December 2017
7:30-8:30
(Rm. TBD)
8:30-12:00
Rm. TBDRm. TBDRm. TBDRm. TBDRm. TBDRm. TBDRm. TBD

(workshop continues)

Morning session consists of T4: Practical Formal Methods for the Analysis of Executable Code tutorial

(workshop continues)

One-Day Workshop

Harvey Rubinovitz, The MITRE Corporation, and Adam Hahn, Washington State University, General Co-Chairs

Irfan Ahmed, The University of New Orleans, Program Chair

One-Day Workshop

Zinaida Benenson. University of Erlangen-Nuremberg, and Daniela Oliveira, University of Florida, Programme Chairs

Giampaolo Bella, University of Catania, and Gabriele Lenzini, University of Luxembourg, Workshop Organizers

Half Day Tutorial - Morning Only

Also offered as part of Layered Assurance Workshop (LAW)

Sébastien Bardin, CEA LIST

Full Day Tutorial

Craig Smith, Rapid 7, and Brendan Harris, Dept. of Transportation / Volpe Center

(training continues)

12:00-13:30
(Rm. TBD)
13:30-17:00
Rm. TBDRm. TBDRm. TBDRm. TBDRm. TBDRm. TBDRm. TBD

(workshop continues)

(workshop continues)

(workshop continues)

(workshop continues)

Half Day Tutorial - Afternoon

Atul Kumar, IBM Research

(tutorial continues)

(training continues)

Wednesday, 6 December 2017
7:30-8:30
(Rm. TBD)
8:30-9:00
(Rm. TBD)Session Chair: David Balenson

ACSAC Conference Welcome, David Balenson, Conference Chair

Distinguished Paper Awards, Dr. Davide Balzarotti, Program Chair and Dr. Juan Caballero, Program Co-Chair

SWSIS Scholarship Awards, Jeremy Epstein, ACSA

9:00-10:00
(Rm. TBD)Session Chair: David Balenson

Delivering Security Insights with Data Analytics and Visualization
Raffael Marty, VP Security Analytics, Sophos

10:00-10:30
(Rm. TBD)
10:30-12:00
Rm. TBDRm. TBDRm. TBD
N-auth: Mobile Authentication Done RightRoel Peeters, KU Leuven, COSIC; Jens Hermans, KU Leuven, COSIC; Pieter Maene, KU Leuven, COSIC; Kimmo Halunen, VTT; Katri Grenman, VTT; Juha Häikiö, VTTExploitation And Mitigation Of Authentication Schemes Based On Device-public InformationAntonio Bianchi, University of California, Santa Barbara; Eric Gustafson, University of California, Santa Barbara; Yanick Fratantonio, University of California, Santa Barbara; Christopher Kruegel, University of California, Santa Barbara; Giovanni Vigna, University of California, Santa BarbaraA Secure Mobile Authentication Alternative To BiometricsMozhgan Azimpourkivi, Florida International University; Umut Topkara, Bloomberg LP; Bogdan Carbunar, Florida International University Machine-learning-guided Typestate Analysis For Static Use-after-free DetectionHua Yan, University of New South Wales; Yulei Sui, University of New South Wales; Shiping Chen, Commonwealth Scientific and Industrial Research Organisation (CSIRO); Jingling Xue, University of New South WalesBreaking And Fixing Destructive Code Read DefensesJannik Pewny, HGI, Ruhr-University Bochum; Philipp Koppe, HGI, Ruhr-University Bochum; Lucas Davi, University Duisburg-Essen; Thorsten Holz, HGI, Ruhr-University BochumQuasar: Quantitative Attack Space Analysis And ReasoningRichard Skowyra, MIT Lincoln Laboratory; Steven Gomez, MIT Lincoln Laboratory; David Bigelow, MIT Lincoln Laboratory; James Landry, MIT Lincoln Laboratory; Hamed Okhravi, MIT Lincoln Laboratory
12:00-13:30
(Rm. TBD)
13:30-15:00
Rm. TBDRm. TBDRm. TBD
Session Chair: Vincent Sritapan
Moderator: Vincent Sritapan, DHS S&T Cyber Security Division
 
Panelists:
Robert Clemons, National Information Assurance Partnership (NIAP)
Orthers TBD
Kakute: A Precise, Unified Information Flow Analysis System For Big-data SecurityJinayu Jiang, The University of Hong Kong; Shixiong Zhao, The University of Hong Kong; Danish Alsayed, The University of Hong Kong; Yuexuan Wang, The University of Hong Kong; Heming Cui, The University of Hong Kong; Feng Liang, The University of Hong Kong; zhaoquan gu, The University of Hong KongMarmite: Spreading Malicious File Reputation Through Download GraphsGianluca Stringhini, UCL; Yun Shen, SRL; yufei han, SRL; xiangliang zhang, KAUSTTtpdrill: Automatic And Accurate Extraction Of Threat Actions From Unstructured Text Of Cti SourcesGhaith Husari, UNCC; Ehab Al-Shaer, UNCC; Mohiuddin Ahmed, UNCC; Bei-Tseng Chu, UNCC; Xi Niu, UNCC Supplementing Modern Software Defenses With Stack-pointer SanityAnh Quach, Binghamton University; Matthew Cole, Binghamton University; Aravind Prakash, Binghamton UniversityProtecting Cots Binaries From Disclosure-guided Code Reuse AttacksMingwei Zhang, Intel Labs; Michalis Polychronakis, Stony Brook University; R. Sekar, Stony Brook UniversityPiston: Uncooperative Remote Runtime PatchingChristopher Salls, UC Santa Barbara; Yan Shoshitaishvili, UC Santa Barbara; Nick Stephens, UC Santa Barbara; Christopher Kruegel, UC Santa Barbara; Giovanni Vigna, UC Santa Barbara
15:00-15:30
(Rm. TBD)
15:30-17:00
Rm. TBDRm. TBDRm. TBD
Session Chair: Tomas Vagoun

Moderator: Tomas Vagoun, PhD, Cybersecurity and Privacy R&D Technical Coordinator, Federal Networking and IT R&D Program (NITRD)

Proxy Re-encryption Based On Homomorphic EncryptionReda Bellafqira, IMT Atlantique; Gouenou Coatrieux, IMT Atlantique; Dalel Bouslimi, IMT Atlantique; Gwénolé Quellec, Inserm; Michel Cozic, MedecomMeasuring Popularity Of Cryptographic Libraries In Internet-wide ScansMatus Nemec, Masaryk University, Ca' Foscari University of Venice; Dusan Klinec, Masaryk University, EnigmaBridge; Petr Svenda, Masaryk University; Peter Sekan, Masaryk University; Vashek Matyas, Masaryk UniversitySpinner: Semi-automatic Detection Of Pinning Without Hostname Verification (or Why 10m Bank Users Were Vulnerable)Chris McMahon Stone, University of Birmingham; Tom Chothia, University of Birmingham; Flavio Garcia, University of Birmingham Predicting Cyber Threats With Virtual Security ProductsShang-Tse Chen, Georgia Tech; Yufei Han, Symantec Research Labs; Duen Horng Chau, Georgia Tech; Christopher Gates , Symantec Research Labs; Michael Hart , Symantec Research Labs; Kevin Roundy, Symantec Research LabsSmoke Detector: Cross-product Intrusion Detection With Weak IndicatorsKevin Roundy, Symantec Research Labs; Acar Tamersoy, Symantec Research Labs; Michael Hart, Symantec Research Labs; Daniel Kats, Symantec Research Labs; Robert Scott, Symantec; Michael Spertus, SymantecI Like It, But I Hate It: Employee Perceptions Towards An Institutional Transition To Byod Second-factor AuthenticationJake Weidman, The Pennsylvania State University; Jens Grossklags, Technical University of Munich
18:30-21:30
(Rm. TBD)
Thursday, 7 December 2017
7:30-8:30
(Rm. TBD)
9:00-10:00
(Rm. TBD)Session Chair: David Balenson

Dare to Share: Risks and Rewards of Artifact Sharing in Computer Science
Christian Collberg, Professor of Computer Science, University of Arizona

10:00-10:30
10:30-12:00
Rm. TBDRm. TBDRm. TBD
Session Chair: Jeremy Epstein

Moderator: Jeremy Epstein, National Science Foundation

Panelists:
Thomas Hicks, Vice-Chairman, US Election Assistance Commission
Matthew Masterson, Chairman, US Election Assistance Commission (tentative)
Robert Gatlin, Department of Homeland Security
 

Vulcan: Efficient Component Authentication And Software Isolation For Automotive Control NetworksJo Van Bulck, imec-DistriNet, KU Leuven; Jan Tobias Muehlberg, imec-DistriNet, KU Leuven; Frank Piessens, imec-DistriNet, KU LeuvenAutomated Analysis Of Secure Internet Of Things ProtocolsJun Young Kim, The University of New South Wales and Data61 CSIRO; Ralph Holz, The University of Sydney; Wen Hu, The University of New South Wales and Data61 CSIRO; Sanjay Jha, The University of New South Wales and Data61 CSIROHolopair: Securing Shared Augmented Reality Using Microsoft HololensIvo Sluganovic, University of Oxford; Matej Serbec, University of Zagreb; Ante Derek, University of Zagreb; Ivan Martinovic, University of Oxford Objective Metrics And Gradient Descent Algorithms For Adversarial Examples In Machine LearningUyeong Jang, University of Wisconsin; Xi Wu, Google; Somesh Jha, University of WisconsinMitigating Evasion Attacks To Deep Neural Networks Via Region-based ClassificationXiaoyu Cao, Iowa state university; Neil Zhenqiang Gong, Iowa state universityMalware Detection In Adversarial Setting: Exploiting Feature Evolutions And Confusions In Android AppsWei Yang, University of Illinois Urbana-Champaign; Deguang Kong, Yahoo Research; Tao Xie, University of Illinois Urbana-Champaign; Carl Gunter, University of Illinois Urbana-Champaign; Hongxia Jing, Samsung Research America
12:00-13:30
(Rm. TBD)
13:30-15:00
Rm. TBDRm. TBDRm. TBD
Session Chair: Jeremy Epstein
Moderator: Jeremy Epstein, National Science Foundation
 
Panelists:
Dean Logan, Registrar-Recorder/County Clerk, Los Angeles County (tentative)
Dwight Shellman, Manager, County Regulation and Support, State of Colorado
Grid Shock: Coordinated Load-change Attacks On Power GridsAdrian Dabrowski, SBA Research; Johanna Ullrich, SBA Research; Edgar Weippl, SBA ResearchEnforcing Cyber-physical Execution Semantics To Defend Against Data-oriented AttacksLong Cheng, Virginia Tech; Ke Tian, Virginia Tech; Danfeng (Daphne) Yao, Virginia TechTraks: A Universal Key Management Scheme For ErtmsRichard Thomas, University of Birmingham; Tom Chothia, University of Birmingham; Mihai Ordean, University of Birmingham; Joeri de Ruiter, Radboud University Supporting Transparent Snapshot For Bare-metal Malware Analysis On Mobile DevicesLe Guan, Penn State University; Shijie Jia, Institute of Information Engineering, Chinese Academy of Sciences; Bo Chen, Michigan Technological university; Fengwei Zhang, Wayne State University; Bo Luo, The University of Kansas; Jingqiang Lin, Institute of Information Engineering, Chinese Academy of Sciences; Peng Liu, Penn State University; Xinyu Xing, Penn State University; Luning Xia, Institute of Information Engineering, Chinese Academy of SciencesDroid-antirm: Taming Control Flow Anti-analysis To Support Automated Dynamic Analysis Of Android MalwareXiaolei Wang, College of Computer, National University of Defense Technology; Sencun Zhu, Department of Computer Science and Engineering & College of Information Sciences and Technology, The Pennsylvania State University; Dehua Zhou, Jinan University; Yuexiang Yang, College of Computer,National University of Defense TechnologySecuredroid: Enhancing Security Of Machine Learning-based Detection Against Adversarial Android Malware AttacksLingwei Chen, West Virginia University; Shifu Hou, West Virginia University; Yanfang Ye, West Virginia University
15:00-15:30
(Rm. TBD)
15:30-17:00
Rm. TBDRm. TBDRm. TBD
Session Chair: Sven Dietrich

Moderator: Sven Dietrich, City University of New York

Panelists:
Jean Camp, Indiana University at Bloomington
Jeroen van der Ham, University of Amsterdam (Proposed)
David Dittrich, University of Washington (Proposed)
Michael Bailey, University of Illinois Urbana Champaign (Proposed)
Douglas Maughan, Department of Homeland Security (Proposed)
 

Decanter: Detection Of Anomalous Outbound Http Traffic By Passive Application FingerprintingRiccardo Bortolameotti, University of Twente; Thijs van Ede, University of Twente; Marco Caselli, Siemens; Rick Hofstede, RedSocks; Maarten H. Eveerts, TNO & University of Twente; Willem Jonker, University of Twente; Pieter Hartel, University of Twente; Andreas Peter, University of TwentePicky Attackers: Quantifying The Role Of System Properties On Intruder BehaviorTimothy Barron, Stony Brook University; Nick Nikiforakis, Stony Brook UniversityCo-processor-based Behavior Monitoring: Application To The Detection Of Attacks Against The System Management ModeRonny Chevalier, HP Labs; Maugan Villatel, HP Labs; David Plaquin, HP Labs; Guillaume Hiet, CentraleSupélec Revarm: A Platform-agnostic Arm Binary Rewriter For Security ApplicationsTaegyu Kim, Purdue University; Chung Hwan Kim, NEC Laboratories America; Hongjun Choi, Purdue University; Yonghwi Kwon, Purdue University; Brendan Saltaformaggio, Georgia Institute of Technology; Xiangyu Zhang, Purdue University; Dongyan Xu, Purdue UniversitySecure And Efficient Software-based Attestation For Industrial Control Devices With Arm ProcessorsBinbin Chen, Advanced Digital Sciences Center; Xinshu Dong, Advanced Digital Sciences Center; Guangdong Bai, Singapore Institute of Technology; Sumeet Jauhar, Advanced Digital Sciences Center; Yueqiang Cheng, APL SoftwareEcfi: Asynchronous Control Flow Integrity For Programmable Logic ControllersAli Abbasi, University of Twente; Thorsten Holz, Ruhr University Bochum; Emmanuele Zambon, SecurityMatters B.V; Sandro Etalle, Eindhoven University of Techology
17:15-18:15
(Rm. TBD)Session Chair: Thomas Moyer and Paolina Centonze

Co-Chairs:
Dr. Thomas Moyer, University of North Carolina at Charlotte
Dr. Paolina Centonze, Iona College

18:30-21:00
(Rm. TBD)Session Chair: Thomas Moyer and Paolina Centonze

Co-Chairs:
Dr. Thomas Moyer, University of North Carolina at Charlotte
Dr. Paolina Centonze, Iona College

 

Friday, 8 December 2017
7:30-8:30
(Rm. TBD)
8:30-10:00
Rm. TBDRm. TBDRm. TBD
Session Chair: Larry Wagoner and Randy Smith

A security researcher, a safety engineer, and a regulator walk into a bar: Lessons learned from 9 months of institutional anthropology at the FDA, Dr. Eugene Vasserman, Kansas State University

Semi-supervised Classification for Dynamic Android Malware Detection, Li Chen, Intel Labs

Impact of the Physical Web and BLE Beacons, Dr. Debasis Bhattacharya, University of Hawaii Maui College
 

Lean On Me: Mining Internet Service Dependencies From Large-scale Dns DataMatteo Dell'Amico, Symantec Research Labs; Leyla Bilge, Symantec Research Labs; K. Ashwin Kumar, Symantec Research Labs; Petros Efstathopoulos, Symantec Research Labs; Pierre-Antoine Vervier, Symantec Research LabsA Security-mode For Carrier-grade Sdn ControllersChanghoon Yoon, KAIST; Seungwon Shin, KAIST; Phillip Porras, SRI International; Vinod Yegneswaran, SRI International; Heedo Kang, KAIST; Martin Fong, SRI International; Brian O'Connor, Open Networking Laboratory; Thomas Vachuska, Open Networking LaboratoryResect: Self-learning Traffic Filters For Ip Spoofing DefenseJelena Mirkovic, USC; Erik Kline, USC/ISI; Peter Reiher, UCLA Towards Baselines For Shoulder Surfing On Mobile AuthenticationAdam Aviv, United States Naval Academy; John Davin, United States Naval Academy; Ravi Kuber, University of Maryland, Baltimore County; Flynn Wolf, University of Maryland, Baltimore CountyOn The Pitfalls Of End-to-end Encrypted Communications: A Study Of Remote Key-fingerprint VerificationMaliheh Shirvanian, University of Alabama at Birmingham; Nitesh Saxena, University of Alabama at Birmingham; Jesvin James George, University of Alabama at BirminghamHere Is Your Fingerprint! Actual Risk Versus User Perception Of Latent Fingerprints And Smudges Remaining On SmartphonesHoyeon Lee, Yonsei University; Seungyeon Kim, Yonsei University; Taekyoung Kwon, Yonsei University
10:00-10:30
(Rm. TBD)
10:30-12:00
Rm. TBDRm. TBDRm. TBD
Session Chair: Mark Chadason

Moderator: Mark Chadason

Panelists:
Dr. Michael Clifford, Noblis NSP
Dr. Michael Collins, RedJack
Dr. Tasneem Brutch, Stanley Black & Decker

 

Protecting Against Malicious Bits On The Wire: Automatically Generating A Usb Protocol Parser For A Production KernelPeter Johnson, Middlebury College; Sergey Bratus, Dartmouth College; Sean Smith, Dartmouth CollegeNioh : Hardening The Hypervisor By Filtering Illegal I/o Requests To Virtual DevicesJunya Ogasawara, Keio University; Kenji Kono, Keio UniversityAnalysis Of Seandroid Policies: Combining Mac And Dac In AndroidHaining Chen, Purdue University; Ninghui Li, Purdue University; William Enck, North Carolina State University; Yousra Aafer, Purdue University; Xiangyu Zhang, Purdue University Commoner Privacy And A Study On Network TracesXiyue Deng, USC/ISI; Jelena Mirkovic, USC/ISIThe Devil’s In The Details: Placing Decoy Routers In The InternetDevashish Gosain, Indraprastha Institute of Information Technology Delhi; Anshika Aggarwal, Indraprastha Institute of Information Technology Delhi; Sambuddho Chakravarty, Indraprastha Institute of Information Technology Delhi; Hrishikesh Bhattacharya, Rochester Institute of TechnologyEx-ray: Detection Of History-leaking Browser ExtensionsMichael Weissbacher, Northeastern University; Enrico Mariconti, University College London; Guillermo Suarez De Tangil, University College London; Gianluca Stringhini, University College London; William Robertson, Northeastern University; Engin Kirda, Northeastern University
12:00-12:15
(Rm. TBD)

Don't leave early -- attend our closing plenary to learn about next year's conference and participate in our prize giveaway!


 

Powered by OpenConf®
Copyright ©2002-2017 Zakon Group LLC