2023 schedule - IEEE Secure Development Conference

IEEE Secure Development Conference

October 18 - 20, 2023
Georgia Tech Hotel and Conference Center
Atlanta, GA

Sponsored by the IEEE Computer Society Technical Committee on Security and Privacy

2023 schedule

Posted on: September 27th, 2023 by SecDev

Wednesday October 18

Tutorial Day

09:00-10:30	Invited Tutorial Counteracting Web Application Abuse in Malware (Conference Room A, 2nd Floor) Mingxuan Yao (Georgia Institute of Technology); Jonathan Fuller (United States Military Academy); Ranjita Pai Sridhar, Saumya Agarwal, Amit K. Sikder, Brendan Saltaformaggio (Georgia Institute of Technology);
10:30-11:00	Coffee Break
11:00-12:30	Crypto-Ransomware: Analysis, Defense, and Criminal Negotiation (Conference Room A, 2nd Floor) Wenjia Song and Arianna Schuler Scott (Virginia Tech)
12:30-14:00	Lunch
14:00-15:30	The End of Binary Protocol Parser Vulnerabilities (Part 1) (Conference Room A, 2nd Floor) Alexander Senier (AdaCore)
15:30-16:00	Coffee Break
16:00-17:30	The End of Binary Protocol Parser Vulnerabilities (Part 2) (Conference Room A, 2nd Floor) Alexander Senier (AdaCore)

Thursday October 19

09:00-09:30	Opening (Conference Room A, 2nd Floor)
09:30-10:30	Keynote I (Conference Room A, 2nd Floor) Session Chair: Na Meng Mega Chips, Mega Challenges: The Quest for Trustworthy Hardware. Dr. Jason Fung (Intel Corp.)
10:30-11:00	Coffee Break
11:00-12:30	Paper Session: Aiding Secure Development (Conference Room A, 2nd Floor) Session Chair: Charles Weir Characterizing Static Analysis Alerts for Terraform Manifests: An Experience Report Hanyang Hu, Yani Bu, Kristen Wong, Gaurav Sood, Karen Smiley (company A); Akond Rahman (Auburn University) Securing Your Crypto-API Usage Through Tool Support – A Usability Study Stefan Krüger; Michael Reif, Anna-Katharina Wickert (Technischen Universität Darmstadt); Sarah Nadi, Karim Ali (University of Alberta); Eric Bodden (University of Paderborn); Mira Mezini (Technischen Universität Darmstadt); Yasemin Acar (University of Paderborn); Sascha Fahl (CISPA Helmholtz-Center for Information Security) Grading on a Curve: How Rust can Facilitate New Contributors while Decreasing Vulnerabilities Justin Tracey, Ian Goldberg (University of Waterloo) Challenges with Passwordless FIDO2 in an Enterprise Setting: A Usability Study Michal Kepkowski (Macquarie University); Maciej Machulak; Ian Wood (Macquarie University); Dali Kaafar (Macquarie University) Misplaced Trust: The Security Flaw in Modern Code Signing Process Pranshu Bajpai (Motorola Solutions); Raghudeep Kannavara (Meta Platforms Inc) 11 things about Securing Microservices Yuvaraj Madheswaran (GM Financial)
12:30-14:00	Lunch (Conference Dining Room, 1st Floor)
14:00-15:30	Panel: Enabling real-world impact of security research via industry-academia collaboration (Conference Room A, 2nd Floor) Session Chair: Raghudeep Kannavara Panelists: Edward J Schwartz, Robert Denz, Jason Fung, Laurie Williams
15:30-16:00	Coffee Break
16:00-17:00	Paper Session: Defenses (Conference Room A, 2nd Floor) Session Chair: Long Cheng Friend or Foe Inside? Exploring In-Process Isolation to Maintain Memory Safety for Unsafe Rust Merve Gulmez (KU Leuven); Thomas Nyman, Christoph Baumann (Ericsson); Jan Tobias Muehlberg (ULB) Assessing the Impact of Efficiently Protecting Ten Million Stack Objects from Memory Errors Comprehensively Kaiming Huang, Jack Sampson, Trent Jaeger (The Pennsylvania State University) Blade: Scalable Source Code Debloating Framework Muaz Ali (University of Arizona); Rumaisa Habib (Lahore University of Management Sciences); Ashish Gehani (SRI International); Sazzadur Rahaman (University of Arizona); Zartash Uzmi (Lahore University of Management Sciences) BloatProfiler: Evaluating Container Debloaters Muhammad Hassan, Talha Tahir, Muhammad Farrukh, Abdullah Naveed, Anas Naeem (Lahore University of Management Sciences); Fahad Shaon (Data Security Technologies, LLC); Fareed Zaffar (Lahore University of Management Sciences); Ashish Gehani (SRI); Sazzadur Rahaman (University of Arizona)
17:00-19:00	Poster Session & Reception (In front of Conference Room A, 2nd Floor)

Friday October 20

08:45-09:45	Keynote II (Conference Room A, 2nd Floor) Session Chair: Robert Denz How are We Doing with Adopting Tasks to Reduce Software Supply Chain Security Risk? Prof. Laurie Williams (North Carolina State University)
09:45-10:30	IEEE Cybersecurity Award for Practice (Conference Room A, 2nd Floor) Session Chair: Na Meng
10:30-11:00	Coffee Break
11:00-12:30	Paper Session: Attack and Vulnerability Detection (Conference Room A, 2nd Floor) Session Chair: Shangqing Zhao Model-Agnostic Federated Learning for Privacy-Preserving Systems Hussain Almohri (Kuwait University); Layne T. Watson (Virginia Tech) Fortifying IoT Devices: AI-Driven Intrusion Detection via Memory-Encoded Audio Signals Ramyapandian Vijayakanthan (Towson University); Karley M Waguespack (Louisiana State University); Irfan Ahmed (Virginia Commonwealth University); Aisha Ali-Gombe (Louisiana State University) Parser Weakness Enumeration Denley Lam, Letitia Li, Anthony Gabrielson (BAE Systems) Curbing the Vulnerable Parser: Graded Modal Guardrails for Secure Input Handling Eric Bond, Matthew Heimerdinger (Two Six Technologies) An In-Depth Analysis of Android’s Java Class Library: its Evolution and Security Impact Timothée Riom, Alexandre Bartel (Umeå University) A randomization-based, zero-trust cyberattack detection method for hierarchical systems Sinnott Murphy, Richard Macwan, Vivek Kumar Singh, Chin-Yao Chang (National Renewable Energy Laboratory)
12:30-14:00	Lunch (Conference Dining Room, 1st Floor)
14:00-15:30	Paper Session: Security Analysis and Design (Conference Room A, 2nd Floor) Session Chair: Akond Rahman A Lot Less Likely Than I Thought: Introducing Evidence-Based Security Risk Assessment for Healthcare Software Charles Weir, Anna Dyson, Daniel Prince (Lancaster University) Triaging Android Systems Using Bayesian Attack Graphs Yu-Tsung Lee, Rahul George (Penn State University); Haining Chen (Google); Kevin Chan (Army Research Lab); Tina Eliassi-Rad (Northeastern University); Trent Jaeger (Penn State University) PRICAR: Privacy Framework for Vehicular Data Sharing with Third Parties Mert D. Pesé (Clemson University); Jay W. Schauer, Murali Mohan, Cassandra Joseph, Kang G. Shin (University of Michigan); John Moore (Ford Motor Company) Security and Privacy Threat Analysis for Solid Omid Mirzamohammadi (imec-COSIC, KU Leuven); Kristof Jannes, Laurens Sion, Dimitri Van Landuyt (imec-DistriNet, KU Leuven); Aysajan Abidin, Dave Singelee (imec-COSIC, KU Leuven) Bridging the Bubbles: Connecting Academia and Industry in Cybersecurity Research Rasha Kashef, Monika Freunek (Toronto Metropolitan University); Jeff Schwartzentruber (eSentire Inc.); Reza Samavi, Burcu Bulgurcu (Toronto Metropolitan University); AJ Khan (Vehiqilla Inc.); Marcus Santos (Toronto Metropolitan University) Adaptive Security: Certificate and Key Rotation for Firmware Integrity Sunil Joshi, Kenneth Crowther, Jarvis Robinson (Xylem Inc.)
15:30-16:00	Coffee Break
16:00-16:30	SecDev 2023 Business Meeting and Closing Remarks (Conference Room A, 2nd Floor)
16:30-17:00	Organization Committee Private Meeting (for OC members only) (Conference Room C, 2nd Floor)