Annual Computer Security Applications Conference (ACSAC) 2021

Monday, 6 December 2021
03:45-11:30

One-Day Workshop (Note the non-standard time)

Program Chair: Bill Roscoe (University of Oxford and TBTL Oxford, UK)

10:00-16:00

CANCELLED

Tuesday, 7 December 2021
08:30-16:30

One-Day Workshop

General Co-Chairs: Harvey Rubinovitz (The MITRE Corporation), Adam Hahn (The MITRE Corporation)

Program Chair: Irfan Ahmed (Virginia Commonwealth University)

10:00-16:45

One-Day Workshop

Workshop Co-Organizers: David Balenson (SRI International), Laura Tinnel (SRI International), Terry Benzel (USC-ISI)

10:00-16:00

CANCELLED

Wednesday, 8 December 2021
10:00-10:30

ACSAC Conference Welcome: Kevin Butler, Conference Chair

PC Chair Opening Remarks and Distinguished Paper Awards: Heng Yin and Gabriela Ciocarlie, Program Chairs

SWSIS Scholarship Awards: Jeremy Epstein, ACSA


 

10:30-11:45
Session Chair: Kevin Butler

Michelle Mazurek, Associate Professor, University of Maryland

 

11:45-12:00
12:00-13:15
Session Chair: L. Jean Camp, Indiana University

Panelists:

  • Zachary Tudor, Idaho National Laboratory
  • Allan Friedman, CISA
  • Kevin Kane, Microsoft Research
  • Daniel Hein, Garmin International
Session Chair: S. Jay Yang, Rochester Institute of TechnologyStealing Machine Learning Models: Attacks and Countermeasures for Generative Adversarial NetworksHailong Hu; Jun PangThe Many-faced God: Attacking Face Verification System with Embedding and Image RecoveryMingtian Tan; Zhe Zhou; Zhou LiTwo Souls in an Adversarial Image: Towards Universal Adversarial Example Detection using Multi-view InconsistencySohaib Kiani; Sana Awan; Chao Lan; Fengjun Li; Bo LuoEfficient, Private and Robust Federated LearningMeng Hao; Hongwei Li; Guowen Xu; Hanxiao Chen; Tianwei ZhangMorphence: Moving Target Defense Against Adversarial ExamplesAbderrahmen Amich; Birhanu Eshete Session Chair: Thang Hoang, Virginia TechHeterogeneous-PAKE: Bridging the Gap between PAKE Protocols and Their Real-World DeploymentRong Wei; Fangyu Zheng; Lili Gao; Jiankuo Dong; Guang Fan; Lipeng Wan; Jingqiang Lin; Yuewu WangA formal analysis of IKEv2's post-quantum extensionStefan-Lukas Gazdag; Sophia Grundner-Culemann; Tobias Guggemos; Tobias Heider; Daniel LoebenbergerOptimized Paillier's Cryptosystem with Fast Encryption and DecryptionHuanyu Ma; Shuai Han; Hao LeiTowards Practical Post-quantum Signatures for Resource-Limited Internet of ThingsRouzbeh Behnia; Attilla Altay YavuzVASA: Vector AES Instructions for Security ApplicationsJean-Pierre Münch; Thomas Schneider; Hossein Yalame
13:15-14:00
14:00-15:15
Session Chair: Daniel Faigin, The Aerospace Corporation

Panelists:

  • Jeremy Epstein, National Science Foundation
  • Chester Maciag, U.S. Department of Defense, OUSD(R&E) Director for Cyber Technologies
  • Martin Stanley, U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency
  • Robinson Pino, U.S. Department of Energy
  • William Newhouse, National Institute of Standards and Technology
Session Chair: Sébastien Bardin and Behnaz Hassanshahi, CEA & OracleProgram Obfuscation via ABI DebiasingDavid Demicco; Rukayat Erinfolami; Aravind PrakashA Look Back on a Function Identification ProblemHyungjoon Koo; Soyeon Park; Taesoo KimSoftMark: Software Watermarking via a Binary Function RelocationHonggoo Kang; Yonghwi Kwon; Sangjin Lee; Hyungjoon KooDynamic Taint Analysis versus Obfuscated Self-CheckingSebastian Banescu; Samuel Valenzuela; Marius Guggenmos; Mohsen Ahmadvand; Alexander PretschnerDicos: Discovering Insecure Code Snippets from Stack Overflow Posts by Leveraging User DiscussionsHyunji Hong; Seunghoon Woo; Heejo Lee Session Chair: Bo Chen, Michigan TechARID: Anonymous Remote IDentification of Unmanned Aerial VehiclesPietro Tedeschi; Savio Sciancalepore; Roberto Di PietroSipster: Settling IOU Privately and Quickly with Smart MetersSherman S. M. Chow; Ming Li; Yongjun Zhao; Wenqiang JinTEEKAP: Self-Expiring Data Capsule using Trusted Execution EnvironmentMingyuan Gao; Hung Dang; Ee-Chien ChangBAPM: Block Attention Profiling Model for Multi-tab Website Fingerprinting Attacks on TorZhong Guan; Gang Xiong; Gaopeng Gou; Zhen Li; Mingxin Cui; Chang LiuTry before You Buy: Privacy-preserving Data Evaluation on Cloud-based Machine Learning Data MarketplaceQiyang Song; Jiahao Cao; Kun Sun; Qi Li; Ke Xu
15:15-15:30
15:30-16:30
Thursday, 9 December 2021
10:00-10:30
Session Chair: Jeremy Epstein, National Science Foundation
10:30-11:45
Session Chair: Saurabh Shintre, Splunk

Trustworthy Selection and Use of Commodity Products and Services, Prof. Ian Bryant

Differential Privacy in Practice, Dr. Aleatha Parker-Wood

The Technology Behind IATA Travel Pass:Ensuring Privacy With Verifiable Credentials, Drummond Reed

Session Chair: Brendan Saltaformaggio, Georgia TechVIA: Analyzing Device Interfaces of Protected Virtual MachinesFelicitas Hetzelt; Martin Radev; Robert Buhren; Mathias Morbitzer; Jean-Pierre SeifertRocky: Replicating Block Devices for Tamper and Failure Resistant Edge-based Virtualized Desktop InfrastructureBeom Heyn Kim; Hyoungshick KimOn Detecting Growing-Up Behaviors of Malicious Accounts in Privacy-Centric Mobile Social NetworksZijie Yang; Binghui Wang; Haoran Li; Dong Yuan; Zhuotao Liu; Neil Gong; Chang Liu; Qi Li; Xiao Liang; Shaofeng HuReCFA: Resilient Control-Flow AttestationYumei Zhang; Xinzhi Liu; Cong Sun; Dongrui Zeng; Gang Tan; Xiao Kan; Siqi MaPractical Attestation for Edge Devices Running Compute Heavy Machine Learning ApplicationsIsmi Abidi; Vireshwar Kumar; Rijurekha Sen Session Chair: Aiping Xiong, Penn StateIs Visualization Enough? Evaluating the Efficacy of MUD-Visualizer in Enabling Ease of Deployment for Manufacturer Usage Description (MUD)Vafa Andalibi; Jayati Dev; DongInn Kim; Eliot Lear; L. Jean CampA Cross-role and Bi-national Analysis on Security Efforts and Constraints of Software Development ProjectsFumihiro Kanei; Ayako Akiyama Hasegawa; Eitaro Shioji; Mitsuaki AkiyamaAn Efficient Man-Machine Recognition Method Based On Mouse Trajectory Feature De-redundancyXiaofeng Lu; Zhenhan Feng; Jupeng XiaOPay: an Orientation-based Contactless Payment Solution Against Passive AttacksMahshid Mehr Nezhd; Feng HaoWhat’s in a Cyber Threat Intelligence sharing platform? A mixed-methods user experience investigation of MISPBorce Stojkovski; Gabriele LENZINI; Vincent KOENIG; Salvador RIVAS
11:45-12:00
12:00-13:15
Session Chair: David Balenson, SRI International

Panelists:

  • W. Douglas Maughan, Office Head, NSF Convergence Accelerator Program
  • Mike Pozmantier, Program Director, Trust & Authenticity in Communications Systems and AI Innovation Tracks, NSF Convergence Accelerator Program
  • Giulia Fanti, Assistant Professor of Electrical and Computer Engineering, Carnegie Mellon University
  • Dan Massey, Program Lead, OUSD(R&E) 5G-to-NextG Operate Through Program
Session Chair: Mu Zhang, University of UtahThey See Me Rollin': Inherent Vulnerability of the Rolling Shutter in CMOS Image SensorsSebastian Köhler; Giulio Lovisotto; Simon Birnbach; Richard Baker; Ivan MartinovicEvaluating the Effectiveness of Protection Jamming Devices in Mitigating Smart Speaker Eavesdropping Attacks Using Gaussian White NoisePayton Walker; Nitesh SaxenaS2-CAN: Sufficiently Secure Controller Area NetworkMert D. Pesé; Jay W. Schauer; Junhui Li; Kang G. ShinCrypto-Chain: A Relay Resilience Framework for Smart VehiclesAbubakar Sadiq Sani; Dong Yuan; Elisa Bertino; Zhao Yang DongAdvanced System Resiliency Based on Virtualization Techniques for IoT DevicesJonas Röckl; Mykolai Protsenko; Monika Huber; Tilo Müller; Felix C. Freiling Session Chair: Ding Wang, Nankai UniversityGlobal Feature Analysis and Comparative Evaluation of Freestyle In-Air-Handwriting Passcode for User AuthenticationDuo Lu; Yuli Deng; Dijiang Huang2D-2FA: A New Dimension in Two-Factor AuthenticationMaliheh Shirvanian; Shashank AgrawalGroup Time-based One-time Passwords and its Application to Efficient Privacy-Preserving Proof of LocationZheng Yang; Chenglu Jin; Jianting Ning; Zengpeng Li; Anh Dinh; Jianying ZhouDigit Semantics based Optimization for Practical Password Cracking ToolsHaodong Zhang; Chuanwang Wang; Wenqiang Ruan; Junjie Zhang; Ming Xu; Weili HanSystematization of Password Manager Use Cases and Design ParadigmsJames Simmons; Oumar Diallo; Sean Oesch; Scott Ruoti
13:15-14:00
13:30-14:00
Andrea Mambretti, IBM Research
14:00-15:15
Session Chair: Elizabeth Scruggs, The Aerospace Corporation

Panelists:

  • Keyaan Williams, CLASS-LLC
  • Gary Hayslip, Softbank Investment Advisers (SBIA)
  • Jandria Alexander, BAH
  • Jessica Gulick, Katzcy/US Cyber Games
Session Chair: Andrew Paverd, Microsoft ResearchEluding ML-based Adblockers With Actionable Adversarial ExamplesShitong Zhu; Zhongjie Wang; Xun Chen; Shasha Li; Keyu Man; Umar Iqbal; Zhiyun Qian; Kevin Chan; Srikanth Krishnamurthy; Zubair ShafiqBadNL: Backdoor Attacks against NLP models with Semantic-preserving ImprovementsXiaoyi Chen; Ahmed Salem; Dingfan Chen; Michael Backes; Shiqing Ma; Qingni Shen; Zhonghai Wu; Yang ZhangMISA: Online Defense of Trojaned Models using MisattributionsPanagiota Kiourti; Wenchao Li; Karan Sikka; Anirban Roy; Susmit JhaDetecting Audio Adversarial Examples with Logit NoisingNamgyu Park; Sangwoo Ji; Jong KimCan We Leverage Predictive Uncertainty to Detect Dataset Shift and Adversarial Examples in Android Malware Detection?Deqiang Li; Tian Qiu; Shuo Chen; Qianmu Li; Shouhuai Xu Session Chair: Aravind Prakash, Binghamton UniveresityTLB Poisoning Attacks on AMD Secure Encrypted VirtualizationMengyuan Li; Yinqian Zhang; Huibo Wang; Kang Li; Yueqiang ChengReinhardt: Real-time Reconfigurable Hardware Architecture for Regular Expression Matching in DPITaejune Park; Jaehyun Nam; Seung Ho Na; Jaewoong Chung; Seungwon ShinUnderstanding the Threats of Trojaned Quantized Neural Network in Model Supply ChainsXudong Pan; Mi Zhang; Yifan Yan; Min YangFlexFilt: Towards Flexible Instruction Filtering for SecurityLeila Delshadtehrani; Sadullah Canakci; William Blair; Manuel Egele; Ajay JoshiRingRAM: A Unified Hardware Security Primitive for IoT Devices that Gets Better with AgeMichael Moukarzel; Matthew Hicks
Friday, 10 December 2021
10:00-11:15
Session Chair: Greg Shannon, CyManII

Panelists:

  • Gabriela F. Ciocarlie, VP for Securing Automation and Secure Manufacturing Architecture, CyManII
  • Paul Forney, Director, Digital Grid Cybersecurity, Schneider Electric
  • Michael Mylrea, Senior Distinguished Engineer at Resilience
  • Virignia Wright, Idaho National Laboratory
Session Chair: Yonghwi Kwon, University of VirginiaSODA: A System for Cyber Deception Orchestration and AutomationMd Sajidul Islam Sajid; Jinpeng Wei; Basel Abdeen; Ehab Al-Shaer; Md Mazharul Islam; Walter Diong; Latifur KhanReproducible and Adaptable Log Data Generation for Sound Cybersecurity ExperimentsRafael Uetz; Christian Hemminghaus; Louis Hackländer; Philipp Schlipper; Martin HenzeObfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware ClassificationDuy-Phuc Pham; Damien Marion; Matthieu Mastio; Annelie HeuserCommanderGabble: A Universal Attack Against ASR Systems Leveraging Fast SpeechZhaohe (John) Zhang; Edwin Yang; Song FangPhysical Logic Bombs in 3D Printers via Emerging 4D TechniquesTuan Le; Sriharsha Etigowni; Sizhuang Liang; Xirui Peng; Jerry Qi; Mehdi Javanmard; Saman Zonouz; Raheem Beyah Session Chair: Mu Zhang, University of UtahSolSaviour: A Defending Framework for Deployed Defective Smart ContractsLi Zecheng; Zhou Yu; Songtao Guo; Xiao BinImproving Streaming Cryptocurrency Transaction Classification via Biased Sampling and Graph FeedbackShaltiel Eloul; Sean J Moran; Jacob MendelMITOSIS: Practically Scaling Permissioned BlockchainsGiorgia Azzurra Marson; Sebastien Andreina; Lorenzo Alluminio; Konstantin Munichev; Ghassan KarameAn Exploration of ARM System-Level Cache and GPU Side ChannelsPatrick Cronin; Xing Gao; Haining Wang; Chase CottonLaserShark: Establishing Fast, Bidirectional Communication into Air-Gapped SystemsNiclas Kühnapfel; Stefan Preußler; Maximilian Noppel; Thomas Schneider; Konrad Rieck; Christian Wressnegger
11:15-11:30
11:30-12:45
Session Chair: Tomas Vagoun, NITRD
  • Sara Kiesler, Program Director, National Science Foundation
  • Bob Lawton, Chief of Mission Capabilities, Science and Technology Group, Office of the Director of National Intelligence
  • Suresh Venkatasubramanian, Assistant Director for Science and Justice, White House Office of Science and Technology Policy
Session Chair: Aravind Prakash, Binghamton UniversityRUPAIR: Towards Automatic Buffer Overflow Detection and Rectification for RustBaojian Hua; Wanrong Ouyang; Chengman Jiang; Qiliang Fan; Zhizhong PanKeeping Safe Rust Safe with GaleedElijah Rivera; Samuel Mergendahl; Howard Shrobe; Hamed Okhravi; Nathan BurowDistAppGaurd: Distributed Application Behaviour Profiling in Cloud-Based Environmentmohammadmahdi ghorbani; Fereydoun Farrahi Moghaddam; Mengyuan Zhang; Makan Pourzandi; Kim Khoa Nguyen; Mohamed CherietICS3Fuzzer: A Framework for Discovering Protocol Implementation Bugs in ICS Supervisory Software by FuzzingDongliang Fang; Zhanwei Song; Le Guan; Puzhuo Liu; Anni Peng; Kai Cheng; Yaowen Zheng; Peng Liu; Hongsong Zhu; Limin SunargXtract: Deriving IoT Security Configurations via Automated Static Analysis of Stripped ARM Cortex-M BinariesPallavi Sivakumaran; Jorge Blasco Session Chair: Arup Bhuyan, Idaho National LaboratoryOn Key Reinstallation Attacks over 4G LTE Network: Feasibility and Negative ImpactMuhammad Taqi Raza; Yunqi Guo; Songwu Lu; Fatima Muhammad AnwarSecurity of Multicarrier Time-of-Flight RangingPatrick Leu; Martin Kotuliak; Marc Roeschlin; Srdjan CapkunDon’t hand it Over: Vulnerabilities in the Handover Procedure of Cellular TelecommunicationsEvangelos Bitsikas; Christina PöpperTime to Rethink the Design of Qi Standard? Security and Privacy Vulnerability Analysis of Qi Wireless ChargingYi Wu; Zhuohang Li; Nicholas Van Nostrand; Jian LiuDetecting and Characterizing SMS Spearphising AttacksMingxuan Liu; Yiming Zhang; Baojun Liu; Zhou Li; Haixin Duan; Donghong Sun
12:45-13:00
13:00-14:15
Session Chair: Yousra Aafer, Universeity of WaterlooCharacterizing Improper Input Validation Vulnerabilities of Mobile Crowdsourcing ServicesSojhal Ismail Khan; Dominika C Woszczyk; Chengzeng You; Soteris Demetriou; Muhammad NaveedTowards Stalkerware Detection with Precise WarningsYufei Han; Kevin Alejandro Roundy; Acar TamersoyRepack Me If You Can: An Anti-Repackaging Solution based on Android VirtualizationAntonio Ruggia; Eleonora Losiouk; Luca Verderame; Mauro Conti; Alessio MerloWestworld: Fuzzing-Assisted Remote Dynamic Symbolic Execution of Smart Apps on IoT Cloud PlatformsLannan Luo; Qiang Zeng; Bokai Yang; Fei Zuo; Junzhe WangThe Emperor's New Autofill Framework: A Security Analysis of Autofill on iOS and AndroidSean Oesch; Anuj Gautam; Scott Ruoti Session Chair: Bo Chen, Michigan TechFINN: Fingerprinting Network Flows using Neural NetworksFatemeh Rezaei; Amir HoumansadrMAppGraph: Mobile-App Classification on Encrypted Network Traffic using Deep Graph Convolution Neural NetworksThai-Dien Pham; Thien-Lac Ho; Tram Truong-Huu; Tien-Dung Cao; Hong-Linh TruongSMap: Internet-Wide Scanning for SpoofingTianxiang Dai; Haya ShulmanMineHunter: A Practical Cryptomining Traffic Detection Algorithm Based on Time Series TrackingShize Zhang; Zhiliang Wang; Jiahai Yang; Xin Cheng; XiaoQian Ma; Hui Zhang; Bo Wang; Zimu Li; Jianping WuPlatform-Oblivious Anti-Spam GatewayYihe Zhang; Xu Yuan; Nianfeng Tzeng
14:15-14:30
14:45-16:00

 



Powered by OpenConf®
Copyright©2002-2021 Zakon Group LLC