2023 schedule
Posted on: September 27th, 2023 by SecDev
Wednesday October 18
Tutorial Day
09:00-10:30 |
Invited Tutorial
- Counteracting Web Application Abuse in Malware (Conference Room A, 2nd Floor)
Mingxuan Yao (Georgia Institute of Technology); Jonathan Fuller (United States Military Academy); Ranjita Pai Sridhar, Saumya Agarwal, Amit K. Sikder, Brendan Saltaformaggio (Georgia Institute of Technology);
|
10:30-11:00 |
Coffee Break |
11:00-12:30 |
- Crypto-Ransomware: Analysis, Defense, and Criminal Negotiation (Conference Room A, 2nd Floor)
Wenjia Song and Arianna Schuler Scott (Virginia Tech)
|
12:30-14:00 |
Lunch |
14:00-15:30 |
- The End of Binary Protocol Parser Vulnerabilities (Part 1) (Conference Room A, 2nd Floor)
Alexander Senier (AdaCore)
|
15:30-16:00 |
Coffee Break |
16:00-17:30 |
- The End of Binary Protocol Parser Vulnerabilities (Part 2) (Conference Room A, 2nd Floor)
Alexander Senier (AdaCore)
|
Thursday October 19
09:00-09:30 |
Opening (Conference Room A, 2nd Floor)
|
09:30-10:30 |
Keynote I (Conference Room A, 2nd Floor)
Session Chair: Na Meng
|
10:30-11:00 |
Coffee Break |
11:00-12:30 |
Paper Session: Aiding Secure Development (Conference Room A, 2nd Floor)
Session Chair: Charles Weir
- Characterizing Static Analysis Alerts for Terraform Manifests: An Experience Report
Hanyang Hu, Yani Bu, Kristen Wong, Gaurav Sood, Karen Smiley (company A); Akond Rahman (Auburn University)
- Securing Your Crypto-API Usage Through Tool Support – A Usability Study
Stefan Krüger; Michael Reif, Anna-Katharina Wickert (Technischen Universität Darmstadt); Sarah Nadi, Karim Ali (University of Alberta); Eric Bodden (University of Paderborn); Mira Mezini (Technischen Universität Darmstadt); Yasemin Acar (University of Paderborn); Sascha Fahl (CISPA Helmholtz-Center for Information Security)
- Grading on a Curve: How Rust can Facilitate New Contributors while Decreasing Vulnerabilities
Justin Tracey, Ian Goldberg (University of Waterloo)
- Challenges with Passwordless FIDO2 in an Enterprise Setting: A Usability Study
Michal Kepkowski (Macquarie University); Maciej Machulak; Ian Wood (Macquarie University); Dali Kaafar (Macquarie University)
- Misplaced Trust: The Security Flaw in Modern Code Signing Process
Pranshu Bajpai (Motorola Solutions); Raghudeep Kannavara (Meta Platforms Inc)
- 11 things about Securing Microservices
Yuvaraj Madheswaran (GM Financial)
|
12:30-14:00 |
Lunch (Conference Dining Room, 1st Floor) |
14:00-15:30 |
Panel: Enabling real-world impact of security research via industry-academia collaboration (Conference Room A, 2nd Floor)
Session Chair: Raghudeep Kannavara
Panelists: Edward J Schwartz, Robert Denz, Jason Fung, Laurie Williams
|
15:30-16:00 |
Coffee Break |
16:00-17:00 |
Paper Session: Defenses (Conference Room A, 2nd Floor)
Session Chair: Long Cheng
- Friend or Foe Inside? Exploring In-Process Isolation to Maintain Memory Safety for Unsafe Rust
Merve Gulmez (KU Leuven); Thomas Nyman, Christoph Baumann (Ericsson); Jan Tobias Muehlberg (ULB)
- Assessing the Impact of Efficiently Protecting Ten Million Stack Objects from Memory Errors Comprehensively
Kaiming Huang, Jack Sampson, Trent Jaeger (The Pennsylvania State University)
- Blade: Scalable Source Code Debloating Framework
Muaz Ali (University of Arizona); Rumaisa Habib (Lahore University of Management Sciences); Ashish Gehani (SRI International); Sazzadur Rahaman (University of Arizona); Zartash Uzmi (Lahore University of Management Sciences)
- BloatProfiler: Evaluating Container Debloaters
Muhammad Hassan, Talha Tahir, Muhammad Farrukh, Abdullah Naveed, Anas Naeem (Lahore University of Management Sciences); Fahad Shaon (Data Security Technologies, LLC); Fareed Zaffar (Lahore University of Management Sciences); Ashish Gehani (SRI); Sazzadur Rahaman (University of Arizona)
|
17:00-19:00 |
Poster Session & Reception (In front of Conference Room A, 2nd Floor) |
Friday October 20
08:45-09:45 |
Keynote II (Conference Room A, 2nd Floor)
Session Chair: Robert Denz
|
09:45-10:30 |
IEEE Cybersecurity Award for Practice (Conference Room A, 2nd Floor)
Session Chair: Na Meng
|
10:30-11:00 |
Coffee Break |
11:00-12:30 |
Paper Session: Attack and Vulnerability Detection (Conference Room A, 2nd Floor)
Session Chair: Shangqing Zhao
- Model-Agnostic Federated Learning for Privacy-Preserving Systems
Hussain Almohri (Kuwait University); Layne T. Watson (Virginia Tech)
- Fortifying IoT Devices: AI-Driven Intrusion Detection via Memory-Encoded Audio Signals
Ramyapandian Vijayakanthan (Towson University); Karley M Waguespack (Louisiana State University); Irfan Ahmed (Virginia Commonwealth University); Aisha Ali-Gombe (Louisiana State University)
- Parser Weakness Enumeration
Denley Lam, Letitia Li, Anthony Gabrielson (BAE Systems)
- Curbing the Vulnerable Parser: Graded Modal Guardrails for Secure Input Handling
Eric Bond, Matthew Heimerdinger (Two Six Technologies)
- An In-Depth Analysis of Android’s Java Class Library: its Evolution and Security Impact
Timothée Riom, Alexandre Bartel (Umeå University)
- A randomization-based, zero-trust cyberattack detection method for hierarchical systems
Sinnott Murphy, Richard Macwan, Vivek Kumar Singh, Chin-Yao Chang (National Renewable Energy Laboratory)
|
12:30-14:00 |
Lunch (Conference Dining Room, 1st Floor) |
14:00-15:30 |
Paper Session: Security Analysis and Design (Conference Room A, 2nd Floor)
Session Chair: Akond Rahman
- A Lot Less Likely Than I Thought: Introducing Evidence-Based Security Risk Assessment for Healthcare Software
Charles Weir, Anna Dyson, Daniel Prince (Lancaster University)
- Triaging Android Systems Using Bayesian Attack Graphs
Yu-Tsung Lee, Rahul George (Penn State University); Haining Chen (Google); Kevin Chan (Army Research Lab); Tina Eliassi-Rad (Northeastern University); Trent Jaeger (Penn State University)
- PRICAR: Privacy Framework for Vehicular Data Sharing with Third Parties
Mert D. Pesé (Clemson University); Jay W. Schauer, Murali Mohan, Cassandra Joseph, Kang G. Shin (University of Michigan); John Moore (Ford Motor Company)
- Security and Privacy Threat Analysis for Solid
Omid Mirzamohammadi (imec-COSIC, KU Leuven); Kristof Jannes, Laurens Sion, Dimitri Van Landuyt (imec-DistriNet, KU Leuven); Aysajan Abidin, Dave Singelee (imec-COSIC, KU Leuven)
- Bridging the Bubbles: Connecting Academia and Industry in Cybersecurity Research
Rasha Kashef, Monika Freunek (Toronto Metropolitan University); Jeff Schwartzentruber (eSentire Inc.); Reza Samavi, Burcu Bulgurcu (Toronto Metropolitan University); AJ Khan (Vehiqilla Inc.); Marcus Santos (Toronto Metropolitan University)
- Adaptive Security: Certificate and Key Rotation for Firmware Integrity
Sunil Joshi, Kenneth Crowther, Jarvis Robinson (Xylem Inc.)
|
15:30-16:00 |
Coffee Break |
16:00-16:30 |
SecDev 2023 Business Meeting and Closing Remarks (Conference Room A, 2nd Floor) |
16:30-17:00 |
Organization Committee Private Meeting (for OC members only) (Conference Room C, 2nd Floor) |