IEEE Secure Development Conference

September 28 - 30, 2020
Virtual Conference

Sponsored by the IEEE Computer Society Technical Committee on Security and Privacy

  Register

2020 schedule

Posted on: August 11th, 2020 by Neil Gong

Note: The times listed below are in EDT.

Monday September 28
 Tutorial Track 1
11:30am-01:00pm Tutorial: LLVM for Security Practitioners
John Criswell (University of Rochester)
01:00pm-01:15pm Break
01:15pm-02:45pm Tutorial: Detecting Memory Vulnerabilities in the Components of System Code using PROMPT
Tuba Yavuz, Ken (Yihang) Bai (University of Florida)
02:45pm-03:00pm Break
03:00pm-04:30pm Tutorial: seL4 Overview and Tutorial (invited)
Nicholas Evancich (Trusted Science and Technology, Inc)

 Tutorial Track 2
11:30am-01:00pm Tutorial: Static Analysis at Scale with Muse
Stephen Magill, Tom DuBuisson (MuseDev, Inc.)
01:00pm-01:15pm Break
01:15pm-02:45pm Tutorial: Principles and Practices of Secure Crypto Coding in Java
Ya Xiao, Miles Frantz, Sharmin Afrose, Sazzadur Rahaman, Danfeng (Daphne) Yao (Department of Computer Science, Virginia Tech)
02:45pm-03:00pm Break
03:00pm-04:30pm Tutorial: Graphene: Confidential Computing for Unmodified Linux Applications (invited)
Anjo Vahldiek-Oberwagner (Intel), Chia-Che Tsai (Texas A&M University), Dmitrii Kuvaiskii (Intel), Don Porter (UNC Chapel Hill)
Tuesday September 29
10:30am-10:45am Welcome
10:45am-11:45am Keynote 1 (50m + 10m Q&A)

11:45am-12:00pm Break
12:00pm-01:30pm Session: Memory Safety
Session chair: Deian Stefan

  • Fast Execute-Only Memory for Embedded Systems (20m)
    Zhuojia Shen, Komail Dharsee, John Criswell (University of Rochester)
  • Refactoring the FreeBSD Kernel with Checked C (20m)
    Junhan Duan, Yudi Yang, Jie Zhou, John Criswell (University of Rochester)
  • Fuzzing Binaries for Memory Safety Errors with QASan (20m)
    Andrea Fioraldi, Daniele Cono D’Elia, Leonardo Querzoni (Sapienza University of Rome)
  • Session Q&A (20m)
  • Break (10m)
1:30pm-02:30pm Session: Security by Practitioners
Session chair: Yuan Tian

  • A Secure Code Review Retrospective (20m)
    Richard Piazza, Andrew Buttner, Rushi Purohit, Alec Summers (The MITRE Corporation)
  • Symbolic Testing for C and Rust (20m)
    Aaron Tomb, Stuart Pernsteiner, Mike Dodds (Galois, Inc.)
  • Session Q&A (10m)
  • Break (10m)
2:30pm-03:30pm Session: Deception Systems
Session chair: C├ędric Hebert

  • Cybersecurity Deception Experimentation System (20m)
    Jaime Acosta (CCDC Army Research Laboratory); Anjon Basak, Christopher Kiekintveld (University of Texas at El Paso); Nandi Leslie, Charles Kamhoua (CCDC Army Research Laboratory)
  • Active Deception Framework: An Extensible Development Environment for Adaptive Cyber Deception (20m)
    Md Mazharul Islam (UNCC); Ehab Al-Shaer (University of North Carolina Charlotte)
  • Session Q&A (10m)
  • Break (10m)
3:30pm-04:30pm Virtual BoF

Wednesday September 30
11:30am-12:30pm Keynote 2 (50m + 10m Q&A)

12:30pm-12:40pm Break
1:40pm-2:40pm Session: Security Practices
Session chair: Lotfi ben Othmane

  • Coding Practices and Recommendations with Spring Security for Enterprise Applications (20m)
    Mazharul Islam, Sazzadur Rahaman (Student, Virginia Tech); Na Meng (Virginia Tech, Dept of Computer Science); Behnaz Hassanshahi, Paddy Krishnan (Oracle Labs); Danfeng (Daphne) Yao (Virginia Tech, Dept of Computer Science)
  • XI Commandments of Kubernetes Security: A Systematization of Knowledge Related to Kubernetes Security Practices (20m)
    Md Shazibul Islam Shamim, Farzana Ahamed Bhuiyan, Akond Rahman (Tennessee Technological University)
  • Session Q&A (10m)
  • Break (10m)
2:40pm-03:40pm Session: Network and Distributed Systems
Session chair: Chia-Che Tsai

  • Analysis of Blockchain Smart Contracts: Techniques and Insights (20m)
    Shinhae Kim, Sukyoung Ryu (KAIST)
  • Network Attack Surface Simplification for Red and Blue Teams (20m)
    Douglas Everson, Long Cheng (Clemson University)
  • Session Q&A (10m)
  • Break (10m)
3:40pm-04:40pm Session: Automotive and Side-channel
Session chair: TBD

  • REMIND: A Framework for the Resilient Design of Automotive Systems (20m)
    Thomas Rosenstatter, Kim Strandberg (Chalmers University of Technology); Rodi Jolak, Riccardo Scandariato (Chalmers | Gothenburg University); Tomas Olovsson (Chalmers University of Technology)
  • ReViCe: Reusing Victim Cache to Prevent Speculative Cache Leakage (20m)
    Sungkeun Kim, Farabi Mahmud, Jiayi Huang, Pritam Majumder (Texas A&M University); Neophytos Christou (University of Cyprus); Abdullah Muzahid, Chia-Che Tsai, Eun Jung Kim (Texas A&M University)
  • Session Q&A (10m)
  • Break (10m)
4:40pm-05:30pm Virtual BoF