Monday, September 21, 2015

8.45 - 9.00 Welcome and opening
9.00 - 10.30 Session 1: Security metrics and classification (Chair: Riccardo De Masellis)

Digital Waste Sorting: A Goal-Based, Self-Learning Approach to Label Spam Email Campaigns
Mina Sheikhalishai, Andrea Saracino, Mohamed Mejri, Nadia Tawbi and Fabio Martinelli

Integrating Privacy and Safety Criteria into Planning Tasks
Anna Lavygina, Alessandra Russo and Naranker Dulay

Security Metrics, Secure Elements, and Operational Measurement Trust in Cloud Environments
Teemu Kanstrén and Antti Evesti
10.30 - 11.00 Coffee Break
11.00 - 12.30 Session 2: Data protection (Chair: Giovanni Livraga)

A Declarative Framework for Specifying and Enforcing Purpose-aware Policies
Riccardo De Masellis, Chiara Ghidini and Silvio Ranise

How to Trust the Re-Use of Data
Erisa Karafili, Hanne Riis Nielson and Flemming Nielson

Towards Balancing Privacy and Efficiency: A Principal-Agent Model of Data-Centric Business
Christian Zimmermann and Claus-Georg Nolte
12.30 - 14.00 Lunch Break
14.00 - 15.30 Session 3: Intrusion detection and software vulnerabilities (Chair: Andrea Saracino)

The AC-Index: Fast Online Detection of Correlated Alerts
Andrea Pugliese, Antonino Rullo and Antonio Piccolo

Intrusion Detection System for Applications using Linux Containers
Amr Abed, Charles Clancy and David Levy

SUDUTA: Script UAF Detection Using Taint Analysis
John Galea and Mark Vella
15.30 - 16.00 Coffee Break
16.00 - 17.00 Session 4: PhD award talk
Giovanni Livraga
Preserving Privacy in Data Release

Tuesday, September 22, 2015

9.00 - 10.30 Session 5: Cryptographic protocols (Chair: Naranker Dulay)

Two-Factor Authentication for the Bitcoin Protocol
Christopher Mann and Daniel Loebenberger

Private Proximity Testing on Steroids: An NTRU-based protocol
Constantinos Patsakis, Panayiotis Kotzanikolaou and Mélanie Bouroche

Selecting a New Key Derivation Function for Disk Encryption
Milan Broz and Vashek Matyas
10.30 - 11.00 Coffee Break
11.00 - 12.30 Session 6: Controlling data release (Chair: Ken Barker)

It's My Privilege: Controlling Downgrading in DC-Labels
Pablo Buiras, Daniel King, Lucas Waye, Stephen Chong and Alejandro Russo

Obligations in PTaCL
Conrad Williams and Jason Crampton

Content and Key Management to Trace Traitors in Broadcasting Services
Kazuto Ogawa, Goichiro Hanaoka and Hideki Imai
12.30 - 14.00 Lunch Break
14.00 - 15.30 Session 7: Security Analysis, Risk Management, and Usability (Chair: Erisa Karafili)

In Cyber-Space, no one can hear you S.CREAM: A Root Cause Analysis technique for Socio-Technical Security
Ana Ferreira, Jean-Louis Huynen, Vincent Koenig and Gabriele Lenzini

A Socio-Technical Investigation into Smartphone Security
Melanie Volkamer, Karen Renaud, Oksana Kulyk, and Sinem Emeroz

A Game Theoretic Framework for Modeling Adversarial Cyber Security Game among Attackers, Defenders, and Users
Tatyana Ryutov, Michael Orosz, Detlof von Winterfeldt and Jim Blythe

Design, Demonstration, and Evaluation of An Information Security Contract and Trading Mechanism to Hedge Information Security Risks
Pankaj Pandey and Steven De Haes