IEEE Secure Development Conference

September 25 - 27, 2019
Hilton McLean Tysons Corner
McLean, VA

Sponsored by the IEEE Computer Society Technical Committee on Security and Privacy


2019 Schedule

Posted on: August 8th, 2019 by Yousef Iskander

Note: Online proceedings are now available!

Wednesday September 25
12:30pm-5pm Registration desk open
Location: Continental Foyer
1:30pm-3pm Tutorial Session 1

3pm-3:30pm Break
Location: Continental A
3:30pm-5pm Tutorial Session 2
Online proceedings

6pm Optional: meet up with other attendees to go out and socialize!
Meet in hotel lobby, in seating area to side of revolving door
Thursday September 26
7am-5pm Registration desk open
Location: Continental Foyer
7:30am-8:30am Breakfast
Location: Atrium
8:30am-8:45am Welcome
Lee Lerner and Yousef Iskander
Location: Intl’ Ballroom A
8:45am-9:45am Keynote Talk: June Andronick
Session chair: Nikhil Swamy
Location: Intl’ Ballroom A

9:45am-10am Break
Location: Atrium
10am-12pm Research Papers: Cryptography and Understanding Insecure Code
Online proceedings
Session chair: John Criswell
Location: Intl’ Ballroom A

  • Start your ENGINEs: Dynamically Loadable Contemporary Crypto
    Nicola Tuveri, Billy Bob Brumley (Tampere University)
  • On the Universally Composable Security of OpenStack
    Hoda Maleki (University of Connecticut); Kyle Hogan (MIT); Reza Rahaeimehr (University of Connecticut); Ran Canetti, Mayank Varia, Jason Hennessey (Boston University); Marten van Dijk (University of Connecticut); Haibin Zhang (UMBC)
  • A Qualitative Investigation of Insecure Code Propagation from Online Forums
    Michelle Mazurek, Wei Bai, Omer Akgul (University of Maryland)
  • CryptoAPI-Bench: A Comprehensive Benchmark on Java Cryptographic API Misuses
    Sharmin Afrose, Sazzadur Rahaman, Danfeng (Daphne) Yao (Virginia Tech)
12pm-1pm Lunch
Location: Atrium
1pm-2:30pm Research Papers: Security in Lower-Levels of Abstraction
Online proceedings
Session chair: David Tarditi
Location: Intl’ Ballroom A

  • Detecting Callback Related Deep Vulnerabilities in Linux Device Drivers
    Tuba Yavuz (University of Florida)
  • Downright: A Framework and Toolchain For Privilege Handling
    Remo Schweizer, Stephan Neuhaus (Zurich University of Applied Sciences)
  • System-Level Framework for Logic Obfuscation with Quantified Metrics for Evaluation
    Vivek Venugopalan, Gaurav Kolhe, Andrew Schmidt, Joshua Monson, Matthew French (USC-Information Sciences Institute); Yinghua Hu, Peter A Beerel, Pierluigi Nuzzo (University of Southern California)
2:30pm-3:30pm Posters and Tool Demos
Location: Atrium
Concurrent with Break
3:30pm-5pm Research Papers: Data and Information
Online proceedings
Session chair: Michael Hicks
Location: Intl’ Ballroom A

  • Polymorphic Relaxed Noninterference
    Raimil Cruz (University of Chile); Éric Tanter (University of Chile & Inria)
  • Exploitation Techniques and Defenses for Data-Oriented Attacks
    Long Cheng (Clemson University); Hans Liljestrand (Aalto University, Finland); Md Salman Ahmed (Virginia Tech); Thomas Nyman (Aalto University, Finland); Danfeng (Daphne) Yao (Virginia Tech); Trent Jaeger (Pennsylvania State University); N. Asokan (Aalto University, Finland)
  • Role-Based Ecosystem for the Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications
    Andrei Lapets, Kinan Dak Albab, Rawane Issa, Lucy Qin, Mayank Varia, Azer Bestavros, Frederick Jansen (Boston University)
6pm-8pm Reception
Location: Atrium
8:15pm Optional: meet up with other attendees to go out and socialize!
Meet in hotel lobby, in seating area to side of revolving door
Friday September 27
7:30am-8:30am Breakfast
Location: Atrium
8:30am-9:30am Keynote Talk: Colm MacCárthaigh
Session chair: Stephen Chong
Location: Intl’ Ballroom A

9:30am-10am Break
Location: Atrium
10am-11:30am Practitioner Session
Online proceedings
Session chair: Yousef Iskander
Location: Intl’ Ballroom A

  • Effective Static Analysis Enforcement in Complex Cloud Native Dockerized Systems
    Abhishek Pathak, Kaarthik Sivakumar, Jin Sheng, Anlu Yan, Mazhar Haque (Cisco Systems)
  • Using Rules Engine in the Automation of System Security Review
    Abdulrahman Alnaim (Saudi Aramco)
  • OpenOSC: Open Source Object Size Checking Library With Built-in Metrics
    Yongkui Han, Pankil Shah, Richard Livingston (Cisco Systems)
  • With Great Abstraction Comes Great Responsibility: Sealing the Microservices Attack Surface
    Chien An Chen (Palo Alto Networks)
  • Multi-Cluster Visualization and Live Reporting of Static Analysis Security Testing (SAST) Warnings
    Abhishek Pathak, Kaarthik Sivakumar, Mazhar Haque, Prasanna Ganesan (Cisco Systems)
  • Development Cycle Estimation Modeling
    Samuel Denard, Susan Mengel, Atila Ertas, Stephen Ekwaro-Osire (Texas Tech University)
11:30am-12:30pm Lunch
Location: Atrium
12:30pm-1:30pm Research Papers: Networking
Online proceedings
Session chair: Laurie Williams
Location: Intl’ Ballroom A

  • Self-Authenticating Traditional Domain Names
    Paul Syverson, Matthew Traudt (U.S. Naval Research Laboratory)
  • Compositional Testing of Network Protocols
    Kenneth L. McMillan (Microsoft Research); Lenore D. Zuck (University of Illinois at Chicago)
1:30pm-1:45pm Closing Remarks
Location: Intl’ Ballroom A
2pm-3:30pm Birds of a Feather Sessions

  • Diversity and Inclusion in Cybersecurity
    Tuba Yavuz, UF
    Location: Continental B
  • Transitioning Research into Practice
    Paul Syverson, NRL
    Matthew French, USC ISI
    Abhishek Pathak, Cisco
    Location: Continental C
3:30pm-4:30pm Organizing SecDev
Location: Continental B