7-12 July 2019

ACM AsiaCCS

FORWARD 1

ASIACCS 2019 CONFERENCE ORGANISATION 2

SPONSOR & SUPPORTERS 6

GENERAL INFORMATION 7

2019 PROGRAMME 10

CONTENTS

1

Since its inauguration in Taipei in 2006, ASIACCS, the ACM Asia Conference on Computer and Communications Security, has become an integral part of scientific community in the field of security and privacy. It has since been held in Singapore (2007), Tokyo (2008), Sydney (2009), Beijing (2010), Hong Kong (2011), Seoul (2012), Hangzhou (2013), Kyoto (2014), Singapore (2015), Xi’an (2016), Abu Dhabi (2017), and Songdo (2018). ASIACCS 2019 takes place in Auckland, New Zealand where it is organised by the University of Auckland. We received 258 submissions. This year’s Programme Committee, comprising 98 security researchers from 24 countries, evaluated submissions through a rigorous three-phase review process. In the end, 44 full papers and 14 short papers were accepted for presentation at the conference, giving an acceptance rate of about 17% (22% including short papers). We have a strong technical programme along with five specialized pre-conference workshops and three invited keynotes. Our three distinguished keynote speakers are Virgil Gligor (Carnegie Mellon University, USA), Heiko Mantel (TU Darmstadt, Germany), and Surya Nepal (CSIRO Data61, Australia). The pre-conference workshops are the Seventh International Workshop on Security in Cloud Computing (SCC), the Sixth ACM ASIA Public-Key Cryptography Workshop (APKC 2019), the Fifth ACM Cyber-Physical System Security Workshop (CPSS 2019), the Third ACM Workshop on Blockchains, Cryptocurrencies and Contracts (BCC 2019), and the ACM International Symposium on Blockchain and Secure Critical Infrastructure (BSCI 2019). Putting together ASIACCS 2019 was a team effort. We would first like to thank the authors of all submitted papers, and the attendees for their participation in the technical discussion during the conference. We are grateful to the Program Committee who worked very hard on reviewing papers and providing feedback to authors. On average, each PC member reviewed 8.0 papers, and some members generously volunteered to help shepherd conditionally accepted papers toward improved presentations. We are also indebted to the external reviewers whose focused expertise significantly helped authors improve their submissions and provided substantial value to the feedback for authors. We also want to extend our thanks to the organisation team: Giovanni Russello (University of Auckland, New Zealand), Steven Galbraith (University of Auckland, New Zealand), Willy Susilo (University of Wollongong, Australia); Publicity Chairs: Rizwan Asghar (University of Auckland, New Zealand), Nicola Zannone (Eindhoven University of Technology, The Netherlands), Joonsang Baek (University of Wollongong, Australia); Workshop Chair: Kim-Kwang Raymond Choo (University of Texas at San Antonio, USA); Poster Chair: Manuel Egele (Boston University, USA); Publication Chair: Min Suk Kang (National University of Singapore); Sponsorship Chair: Lech Jan Janczewski (University of Auckland, New Zealand); Web Chair: Manoranjan Mohanty (University of Auckland, New Zealand) Last but not least, we would like to thank our sponsors for the support: the Cyber Security Foundry, the STRATUS project,Baidu Inc., the Faculty of Science and the School of Computer Science at the University of Auckland We wish all the participants a pleasant experience at ASIACCS 2019 in Auckland!

Zhenkai Liang, PC co-chair

Engin Kirda, PC co-chair

Dieter Gollmann, PC co-chair

FORWARD

2

GENERAL CHAIRS: Steven Galbraith (University of Auckland, New Zealand)

Giovanni Russello (University of Auckland, New Zealand)

Willy Susilo (University of Wollongong, Australia)

PROGRAMME CHAIRS: Dieter Gollmann (Hamburg University of Technology, Germany/Nanyang Technological University, Singapore)

Engin Kirda (Northeastern University, USA)

Zhenkai Liang (National University of Singapore, Singapore)

WORKSHOP CHAIR: Kim-Kwang Raymond Choo (University of Texas at San Antonio, USA)

POSTER CHAIR: Manuel Egele (Boston University, USA)

PUBLICITY CHAIRS: Rizwan Asghar (University of Auckland, New Zealand)

Joonsang Baek (University of Wollongong, Australia)

Nicola Zannone (Eindhoven University of Technology, The Netherlands)

SPONSORSHIP CHAIR: Lech Jan Janczewski (University of Auckland, New Zealand)

WEB CHAIR: Manoranjan Mohanty (University of Auckland, New Zealand)

PUBLICATION CHAIR: Min Suk Kang (National University of Singapore, Singapore)

STEERING COMMITTEE CHAIR: Jianying Zhou (Singapore University of Technology and Design, Singapore)

STEERING COMMITTEE: Gail-Joon Ahn (Arizona State University, USA)

Robert Deng (Singapore Management University, Singapore)

Adrian Perrig (ETH Zürich, Switzerland)

Kui Ren (Zhejiang University, China)

Shiuhpyng Shieh (National Chiao Tung University, Taiwan)

Xiaofeng Wang (Indiana University Bloomington, USA)

ASIACCS 2019 CONFERENCE ORGANISATION

3

PROGRAMME COMMITTEE: Frederik Armknecht (University of Mannheim, Germany)

Tuomas Aura (Aalto University, Finland)

Guangdong Bai (Griffith University, Australia)

Davide Balzarotti (Eurecom, France)

Kevin Borgolte (Princeton University, USA)

Lorenzo Cavallaro (King’s College London, UK)

Berkay Çelik (Pennsylvania State University, USA)

Sang Kil Cha (KAIST, Korea)

Haibo Chen (Shanghai Jiao Tong University, China)

Kai Chen (Chinese Academy of Science, China)

Hao Chen (University of California, Davis, USA)

Liqun Chen (University of Surrey, UK)

Xiuzhen Cheng (The George Washington University, USA)

Mihai Christodorescu (Visa Research, USA)

Sherman S. M. Chow (The Chinese University of Hong Kong, Hong Kong)

Mauro Conti (University of Padua, Italy)

Cas Cremers (CISPA, Germany)

Marc Dacier (Eurecom, France)

Lucas Davi (University of Duisburg-Essen, Germany)

Josep Domingo-Ferrer (Universitat Rovira i Virgili, Spain)

Adam Doupé (Arizona State University, USA)

Wenliang Du (Syracuse University, USA)

Manuel Egele (Boston University, USA)

Vinod Ganapathy (Indian Institute of Science, India)

Debin Gao (Singapore Management University, Singapore)

Neil Gong (Iowa State University, USA)

Yong Guan (Iowa State University, USA)

Yao Guo (Peking University, China)

Gerhard Hancke (City University of Hong Kong, Hong Kong)

Hong Hu (Georgia Institute of Technology, USA)

Xinyi Huang (Fujian Normal University, China)

4

PROGRAMME COMMITTEE: Sotiris Ioannidis (FORTH, Greece)

Tibor Jager (Paderborn University, Germany)

Lech Janczewski (University of Auckland, New Zealand)

Yeongjin Jang (Oregon State University, USA)

Yaoqi Jia (Zilliqa Inc., Singapore)

Hai Jin (Huazhong University of Science and Technology, China)

Xiaoyu Ji (Zhejiang University, China)

Audun Jøsang (University of Oslo, Norway)

Min Suk Kang (National University of Singapore, Singapore)

Brent Byunghoon Kang (KAIST, Korea)

Alex Kapravelos (North Carolina State University, USA)

Amin Kharraz (University of Illinois, USA)

Hiroaki Kikuchi (Meiji University, Japan)

Yongdae Kim (KAIST, Korea)

Kwok-yan Lam (Nanyang Technological University, Singapore)

Tanja Lange (Technical University Eindhoven, Netherlands)

Peeter Laud (Cybernetica AS, Estonia)

Tobias Lauinger (Northeastern University, USA)

Martina Lindorfer (TU Wien, Austria)

Yang Liu (Nanyang Technological University, Singapore)

Ninghui Li (Purdue University, USA)

Joseph K. Liu (Monash University, Australia)

Long Lu (Northeastern University, USA)

Daniel Xiapu Luo (The Hong Kong Polytechnic University, Hong Kong)

Jian Mao (Beihang University, China)

Keith Martin (Royal Holloway, University of London, UK)

Vashek Matyas (Masaryk University, Czech Republic)

Tatsuya Mori (Waseda University, Japan)

Arsalan Mosenia (Princeton University, USA)

Collin Mulliner (Cruise Automation, USA)

David Naccache (ENS – Paris, France)

Kaan Onarlioglu (Akamai, USA)

(continued)

5

PROGRAMME COMMITTEE: Melek Onen (Eurecom, France)

Giancarlo Pellegrino (Stanford University, USA)

Roberto Perdisci (University of Georgia, USA)

Josef Pieprzyk (Queensland University of Technology, Australia)

Aravind Prakash (SUNY Binghamton, USA)

Christian Probst (Unitec Institute of Technology, New Zealand)

Kui Ren (Zhejiang University, China)

William Robertson (Northeastern University, USA)

Ahmad-Reza Sadeghi (TU Darmstadt, Germany)

Rei Safavi-Naini (University of Calgary, Canada)

R. Sekar (Stony Brook University, USA)

Reza Shroki (National University of Singapore, Singapore)

Chengyu Song (University of California, Riverside, USA)

Rainer Steinwandt (Florida Atlantic University, USA)

Gianluca Stringhini (Boston University, USA)

Purui Su (Chinese Academy of Science, China)

Yuan Tian (University of Virginia, USA)

Selcuk Uluagac (Florida International University, USA)

Xiaofeng Wang (Indiana University, USA)

Cong Wang (City University of Hong Kong, Hong Kong)

Guilin Wang (Huawei International Pte Ltd, Singapore)

Tao Wei (Baidu USA LLC, USA)

Jeff Yan (Linköping University, Sweden)

Heng Yin (University of California, Riverside, USA)

Siu-Ming Yiu (Hong Kong University, Hong Kong)

Ting Yu (Computing Research Institute, Qatar)

Fan Zhang (Zhejiang University, China)

Chao Zhang (Tsinghua University, China)

Kehuan Zhang (Chinese University of Hong Kong, Hong Kong)

Yinqian Zhang (Ohio State University, USA)

Jianying Zhou (Singapore University of Technology and Design, Singapore)

Yajin Zhou (Zhejiang University, China)

(continued)

6

SPONSOR & SUPPORTERS

SPONSOR:

IN COOPERATION WITH:

SUPPORTERS:

As per ACM, a sponsor is a non profit or not for profit that agrees to bear any financial or legal liability that a conference, symposium, or workshop might incur. The sponsor(s) are ACM SIGs ONLY. Other organisations that provide assistance are considered supporters or contributors.

7

Please join us for a light breakfast daily from 8.00am – 9.00am.

TRANSPORT

Taxi – 09 300 3000Multiple bus stops around the conference venue

EXCURSION - BOAT TRIP

Thursday 11th July Bus departs 2.00pm Conference Venue - 85 Park Road, GraftonBus returns 5.45pm University of Auckland, City Campus, Symonds StreetAs this is winter please be prepared for cool weather. You will be inside for the boat trip however there will be times you will be transitioning between the bus and the boat.

GENERAL INFORMATION

Boat will depart 2.30pm sharp from Z pier at Westhaven Marina.

8

WELCOME RECEPTION

Welcome Reception 7th July 2019

You are welcome to register prior to the Welcome Reception

20-26 Wynyard Street, City Campus, University of Auckland

From 4.30pm – 7.00pm

9

CONFERENCE VENUE University of Auckland

Faculty of Medical and Health Sciences

85 Park Road, Grafton

GALA DINNER Wednesday 10th July

Maritime Room, Princes Wharf, Viaduct Harbour

6.00pm - Bus departs conference venue

10

PRE-REGISTRATION & WELCOME

PRE-CONFERENCE WORKSHOPS

SUNDAY 7 JULY 201916:30 - 19:00 Registration and Welcome at Fale Pasifika

MONDAY 8 JULY 201908:00 - 09:00 BREAKFAST

CYBER-PHYSICAL SYSTEM SECURITY (CPSS) WORKSHOPRoom: AMRF Auditorium (505-011)

09:15 – 09:30 Workshop Opening

09:30 - 10.30 KEYNOTE 1Session Chair: Aditya Mathur

From Control Model to Control Program: A Cross-Layer Approach to Robotic Vehicle Security Prof. Dongyan Xu (Purdue University, USA)

10:30 - 11:00 BREAK

11:00-12.30 SESSION 1: ATTACK DETECTION IN CPSSession Chair: Xiapu Luo

Exploiting Correlations to Detect False Data Injections in Low-Density Wireless Sensor NetworksZhongyuan Hau and Emil Lupu.

Comparing Intrusion Detection Methodologies for Industrial Control SystemsAleksei Kharitonov and Axel Zimmermann.

Towards a Cyber-physical RangeGeorgios Kavallieratos, Sokratis Katsikas, and Vasileios Gkioulos.

12:30 - 14:00 LUNCH

14:00 – 15:00 KEYNOTE 2Session Chair: Dieter Gollmann

Access Control for Internet of Things ApplicationsProf. Indrakshi Ray (Colorado State University, USA)

15:00 – 15:30 BREAK

15:30 – 16:30 SESSION 2: RISK MANAGEMENT AND ATTESTATIONSession Chair: Jianying Zhou

Deriving Impact-driven Security Requirements and Monitoring Measures for Industrial IoTGerhard Hansch, Peter Schneider, and Gerd Brost.

Decentralized Firmware Attestation for In-Vehicle NetworksMohammed Khodari, Abhimanyu Rawat, Mikael Asplund, and Andrei Gurtov.

16:30 -16:35 Closing Remark

11

MONDAY 8 JULY 2019

BLOCKCHAIN AND SECURE CRITICAL INFRASTRUCTURE (BSCI 2019) WORKSHOPRoom: Lecture Theatre 2 (505-007)

09:00 – 09:15 Workshop Opening

09:15 – 10:15 KEYNOTE SPEECHSession Chair: Zijian Zhang

Talk Title: A Blockchain-Enabled Society Prof. Joseph Liu (Monash University)

10:15 – 10:45 BREAK

10:45 – 12:15 SESSION 1: BLOCKCHAIN CONSENSUS, FRAMEWORK, AND ARCHITECTURESession Chair: Keke Gai

Distributed Community Detection over Blockchain Networks Based on Structure Entropy Yang Chen (The University of Auckland, New Zealand); Jiamou Liu (The University of Auckland, New Zealand)

A New Complex Network Robustness Attack AlgorithmXinyi Li (Beijing Institute of Technology, China); Zijian Zhang (Beijing Institute of Technology, China; University of Auckland, New Zealand); Jiamou Liu (The University of Auckland, New Zealand); Keke Gai (Beijing Institute of Technology, China)

Proof-of-Play: A Novel Consensus Model for Blockchain-based Peer-to-Peer Gaming SystemHo Yin Yuen (The Hong Kong Polytechnic University, China); Feijie Wu (The Hong Kong Polytechnic University, China); Wei Cai (The Chinese University of Hong Kong, Shenzhen, China); Henry C.B. Chan (The Hong Kong Polytechnic University, China); Qiao Yan (Shenzhen University, China); Victor C.M. Leung (Shenzhen University, China)

A Framework for Maintaining Citizenship Record on BlockchainAmrit Jha (Assam Engineering College, India); Rajat Kanti Bhattacharjee (Assam Engineering College, India); Meghali Nandi (Assam Engineering College, India); Ferdous A. Barbhuiya (Indian Institute of Information Technology Guwahati, Assam, India)

12:15 – 13:50 LUNCH

14:00 – 15:30 SESSION 2: BLOCKCHAIN-BASED TECHNICAL INTEGRATIONSSession Chair: Wei Cai

Access Control Management for Plant Phenotyping Using Integrated BlockchainMayra Samaniego (University of Saskatchewan, Canada); Cristian Espana (University of Saskatchewan, Canada); Ralph Deters (University of Saskatchewan, Canada)

Blockchain-enabled Data Provenance in Cloud Datacenter ReengineeringHaochen Li (Beijing Institute of Technology, China); Keke Gai (Beijing Institute of Technology, China); Zhengkang Fang (Beijing Institute of Technology, China); Liehuang Zhu (Beijing Institute of Technology, China); Lei Xu (Beijing Institute of Technology, China); Peng Jiang (Beijing Institute of Technology, China)

Decentralized Ensemble Learning Based on Sample Exchange among Multiple Agents Yong Yu (Southwest University, China); Jia Deng (The University of Auckland, New Zealand); Yanni Tang (Southwest University, China); Jiamou Liu (The University of Auckland, New Zealand); Wu Chen (Southwest University, China)

Eclipse-based Stake-Bleeding Attack in PoS Blockchain SystemsShijie Zhang (Sangmyung University, South Korea); Jong-Hyouk Lee (Sangmyung University, South Korea)

15:30 – 15:45 BREAK

12

PRE-CONFERENCE WORKSHOPS

MONDAY 8 JULY 201915:45 – 17:15 SESSION 3: BLOCKCHAIN-ENABLED APPLICATIONS

Session Chair: Zijian Zhang

Can we add value to EV certificates? Pawel Szalachowski (SUTD, Singapore)

An Efficient Supply Chain Architecture Based on Blockchain for High-value CommoditiesZhiyu Xu (Swinburne University, Australia); Tengyun Jiao (Swinburne University, Australia); Qin Wang (Swinburne University, Australia); Cuong Bui Van (Swinburne University, Australia); Sheng Wen (Swinburne University, Australia); Yang Xiang (Swinburne University, Australia)

Blockchain in Smart Power Grid InfrastructureMohit Vashistha (Indian Institute of Information Technology Guwahati, Assam, India); Ferdous Ahmed (Indian Institute of Information Technology Guwahati, Assam, India)

A Novel Architecture for Tamper Proof Electronic Health Record Management System using Blockchain WrapperMohammad Saidur Rahman (RMIT University, Australia), Ibrahim Khalil (RMIT University, Australia), Pathum Chamikara Mahawaga Arachchige (RMIT University, Australia), Abdelaziz Bouras (Qatar University, Qatar), Xun Yi (RMIT University, Australia)

17:15 – 17:55 SESSION 4: SHORT PAPER SESSIONSession Chair: Jong-Hyouk Lee

Challenges of Cyber Security and the Emerging TrendsMd Ali (Rider University, USA); Kutub Thakur (New Jersey City University, USA); Graig Klein (New Jersey City University, USA)

Blockchain as a value enabler: Bridging financial assets and intangiblesMaryam Taghiyeva - Zeynalova (CCEG, UK); Yonghao Wang (Birmingham City University, UK); Olinga Ta'Eed (Birmingham City University, UK)

New loan system based on smart contractQi Yang (Wuhan University of Science and Technology, China); Xiao Zeng (Wuhan University of Science and Technology, China); Yu Zhang (Huazhong University of Science and Technology, China); Wei Hu (Wuhan University of Science and Technology, China)

17:55 -18:00 Closing Remark

BLOCKCHAINS, CRYPTOCURRENCIES AND CONTRACTS (BCC) WORKSHOPRoom: Seminar Room 503-028

9:15 - 9:30 Opening Remarks

09:30 – 10:00 Mayflies, Breeders, and Busy Bees in Ethereum: Smart Contracts Over TimeMonika di Angelo and Gernot Salzer

10:00 – 10:30 Push and Pull: Manipulating a production schedule and maximizing rewards on an EOSIO blockchainDongsoo Lee and Dong Hoon Lee

10:30 – 11:00 BREAK

11:00 – 11:30 Colosseum: A Scalable Permissioned Blockchain over Structured NetworkHimanshu Gupta and Dharanipragada Janakiram

13

MONDAY 8 JULY 2019

PUBLIC-KEY CRYPTOGRAPHY (APKC 2019) WORKSHOPRoom: Seminar Room 503-020

09:25 – 09:30 Welcome from Chairs : Keita Emura (NICT)Invited Talk Chair: Keita Emura (NICT)

09:30 – 10:30 Recent Advances in Attribute-Based SignatureYusuke Sakai (AIST, Japan)

10:30 – 11:00 BREAK

MAIN SESSION Chair: Takaaki Mizuki (Tohoku University)

11:00 – 11:30 Efficient Estimation of Number of Short Lattice Vectors in Search Space under Randomness AssumptionYoshitatsu Matsuda (Seikei University, Japan), Tadanori Teruya (National Institute of Advanced Industrial Science and Technology, Japan) and Kenji Kashiwabara (The University of Tokyo, Japan)

11:30 – 12:00 Rank-metric encryption on Arm-Cortex M0Ameera Al Abdouli (DarkMatter LLC, Abu Dhabi, UAE), Emanuele Bellini (DarkMatter LLC, Abu Dhabi, UAE), Florian Caullery (DarkMatter LLC, Abu Dhabi, UAE), Marc Manzano (DarkMatter LLC, Abu Dhabi, UAE) and Victor Mateu (DarkMatter LLC, Abu Dhabi, UAE)

12:00 – 12:30 A Tightly-Secure Lattice-Based MultisignatureMasayuki Fukumitsu (Hokkaido Information University, Japan) and Shingo Hasegawa (Tohoku University, Japan)

12:30 – 12:35 Closing from Chairs : Keita Emura (NICT)

12:35 – 14:00 LUNCH

SECURITY IN CLOUD COMPUTING (SCC) WORKSHOPRoom: Seminar Room 503-024

9:15 - 9:30 Opening Welcome. Speaker: Qiang Tang & Bingsheng Zhang

9:30 -10:30 KEYNOTE 1Title: A new paradigm for high-performant proof-of-stake blockchain. Speaker: Hong-sheng Zhou

10:30 – 11:00 BREAK

11:00 - 12:30 PAPER SESSION Session Chair: Cong Wang

Selecting Secret Sharing Instantiations for Distributed Storage SystemsGiulia Traverso, Paul Moritz Ranly, Denis Butin and Johannes Buchmann.

Defending Adversarial Attacks on Cloud-aided Automatic Speech Recognition Systems Jiajie Zhang, Bingsheng Zhang and Bingcheng Zhang.

Cloud data Provenance using IPFS and Blockchain TechnologySyed Saud Hasan, Nazatul Haque Sultan and Ferdous Ahmed Barbhuiya.

12:30 – 14:00 LUNCH

14:00 - 15:00 KEYNOTE 2 Title: Can we securely outsource big data analytics with lightweight cryptography? Speaker: Sherman Chow

15:00 – 15:30 BREAK

15:30 - 16:30 Panel: Secure Cloud Computing in the Blockchain Era

14

2019 PROGRAMME

TUESDAY 9 JULY 201908:00 – 09:00 BREAKFAST

9:00 – 9:30 Welcome Message (Room AMRF Auditorium 505-011)

09:30 – 10.30 KEYNOTE 1: Virgil D. Gligor; Carnegie Mellon University Session Chair: Dieter Gollman (Room AMRF Auditorium 505-011)

Establishing and Maintaining Root of Trust on Commodity Computer Systems

10:30 – 11:00 BREAK (Atrium)

11:00 – 12:15 SESSION #1A: BINARY ANALYSIS AND HARDENING Session Chair: Zheng Leong Chua (Room AMRF Auditorium 505-011)

Control-Flow Carrying CodeYan Lin:School of Information Systems, Singapore Management University;Debin Gao:School of Information Systems, Singapore Management University;Xiaoyang Cheng:College of Cyber Science , Nankai University

SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)Daniele Cono D’Elia:Sapienza University of Rome;Emilio Coppa:Sapienza University of Rome;Simone Nicchi:Sapienza University of Rome;Federico Palmaro:Prisma;Lorenzo Cavallaro:King’s College London

DeClassifier: Class-Inheritance Inference Engine for Optimized C++ BinariesRukayat Ayomide Erinfolami:Binghamton University;Aravind Prakash:Binghamton University

11:00 – 12:15 SESSION #1B: CLOUD SECURITY Session Chair: Debin Gao (Lecture Theatre 2 505-007)

GraphSE^2: An Encrypted Graph Database for Privacy-Preserving Social SearchShangqi Lai:Monash University;Xingliang Yuan:Monash University;Shi-Feng Sun:Monash University;Joseph K. Liu:Monash University;Yuhong Liu:Santa Clara University;Dongxi Liu:Data61, CSIRO

Identity-Based Broadcast Encryption with Outsourced Partial Decryption for Hybrid Security Models in Edge ComputingJongkil kim:University of Wollongong, Australia;Seyit Camtepe:CSIRO, Australia;Willy Susilo:University of Wollongong, Australia;Surya Nepal:CSIRO, Australia;Joonsang Baek:University of Wollongong, Australia

(Short paper) Unveiling Systematic Biases in Decisional Processes. An Application to Discrimination DiscoveryLaura Genga:Eindhoven University of Technology;Luca Allodi:Eindhoven University of Technology;Nicola Zannone:Eindhoven University of Technology

12:15 – 13:50 LUNCH (Atrium)

13:50 – 15:20 SESSION #2A: SGX-BASED SECURITY Session Chair: Sherman S. M. Chow (Room AMRF Auditorium 505-011)

The SEVerESt Of Them All: Inference Attacks Against Secure Virtual EnclavesJan Werner:University of North Carolina at Chapel Hill;Joshua Mason:University of Illinois Urbana-Champaign;Manos Antonakakis:Georgia Institute of Technology;Michalis Polychronakis:Stony Brook University;Fabian Monrose:University of North Carolina at Chapel Hill

ObliDC: An SGX-based Oblivious Distributed Computing Framework with Formal ProofPengfei WU:School of Software and Microelectronics, Peking University;Qingni SHEN:School of Software and Microelectronics, Peking University;Robert. H. DENG:School of Information System, Singapore Management University;Ximeng LIU:College of Mathematics and Computer Science, Fuzhou University;Yinghui ZHANG:National Engineering Laboratory for Wireless Security, Xi’an University of Posts and Telecommunications;Zhonghai WU:School of Software and Microelectronics, Peking University

15

TUESDAY 9 JULY 2019A Hybrid Approach to Secure Function Evaluation using SGXJoseph I. Choi:University of Florida;Dave (Jing) Tian:University of Florida;Grant Hernandez:University of Florida;Christopher Patton:University of Florida;Benjamin Mood:Point Loma Nazarene University;Thomas Shrimpton:University of Florida;Kevin R. B. Butler:University of Florida;Patrick Traynor:University of Florida

(Short paper) Running Language Interpreters Inside SGX: A Lightweight, Legacy-Compatible Script Code Hardening ApproachHuibo Wang:University of Texas at Dallas;Erick Bauman:University of Texas at Dallas;Vishal Karande:University of Texas at Dallas;Yueqiang Cheng:Baidu USA Xlab;Zhiqiang Lin:The Ohio State University;Yinqian Zhang:The Ohio State University

13:50 – 15:20 SESSION #2B: ADVANCED ENCRYPTION ALGORITHMS Session Chair: Joseph Liu (Lecture Theatre 2 505-007)

Multi-Writer Searchable Encryption: An LWE-based Realization and ImplementationLei Xu:Nanjing University of Science and Technology;Xingliang Yuan:Monash University;Ron Steinfeld:Monash University;Cong Wang:City University of Hong Kong;Chungen Xu:Nanjing University of Science and Technology

Delegable Order-Revealing EncryptionYuan Li:Fudan University;Hongbing Wang:Singapore Management University;Yunlei Zhao:Fudan University

MPC Joins the Dark SideJohn Cartlidge:University of Bristol;Nigel P. Smart:KU Leuven and University of Bristol;Younes Talibi Alaoui:KU Leuven

(Short paper) Flexibly and Securely Shape Your Data Disclosed to OthersQingqing Xie:Jiangsu University;Yantian Hou:Boise State University;Ke Cheng:Xidian University;Gaby G. Dagher:Boise State University;Liangmin Wang:Jiangsu University;Shucheng Yu:Stevens Institute of Technology

15:20 – 15:50 BREAK (Atrium)

15:50 – 17:40 SESSION #3A: WEB ATTACK MEASUREMENTS Session Chair: Jian Mao (Room AMRF Auditorium 505-011)

Waves of Malice: A Longitudinal Measurement of the Malicious File Delivery Ecosystem on the WebColin Ife:University College London;Yun Shen:Symantec Research Labs;Steven Murdoch:University College London;Gianluca Stringhini:Boston University

What Happens After You Leak Your Password: Understanding Credential Sharing on Phishing SitesPeng Peng:Virginia Tech;Chao Xu:Virginia Tech;Luke Quinn:Virginia Tech;Hang Hu:Virginia Tech;Bimal Viswanath:Virginia Tech;Gang Wang:Virginia Tech

A Decade of Mal-Activity Reporting: A Retrospective Analysis of Internet Malicious Activity BlacklistsBenjamin Zi Hao Zhao:Data61, UNSW;Muhammad Ikram:Macquarie University, University of Michigan;Hassan Jameel Asghar:Data61, Macquarie University;Mohamed Ali Kaafar:Data61, Macquarie University;Abdelberi Chaabane:Nokia Bell Labs;Kanchana Thilakarathna:The University of Sydney

(Short paper) Mobile Friendly or Attacker Friendly? A Large-scale Security Evaluation of Mobile-first WebsitesTom Van Goethem:imec-DistriNet, KU Leuven;Victor Le Pochat:imec-DistriNet, KU Leuven;Wouter Joosen:imec-DistriNet, KU Leuven

16

TUESDAY 9 JULY 201915:50 – 17:40 SESSION #3B: LEARNING AND AUTHENTICATION

Session Chair: Jianying Zhou (Lecture Theatre 2 505-007)

Undermining User Privacy on Mobile Devices Using AIBerk Gulmezoglu:WPI;Andreas Zankl:Fraunhofer AISEC;Caner Tol:METU;Saad Islam:WPI;Thomas Eisenbarth:University of Lübeck;Berk Sunar:WPI

Robust Watermarking of Neural Network with Exponential WeightingRyota Namba:University of Tsukuba;Jun Sakuma:University of Tsukuba, RIKEN AIP

(Short paper) A Closer Look Tells More: A Facial Distortion Based Liveness Detection for Face AuthenticationYan Li:Advanced Digital Science Center;Zilong Wang:Xidian University;Yingjiu Li:Singapore Management University;Robert Deng:Singapore Management University;Binbin Chen:Advanced Digital Science Center;Weizhi Meng:Technical University of Denmark;Hui Li:Xidian University

(Short paper) R2Q: A Risk Quantification Framework to Authorize Requests in Web-based CollaborationsNirnay Ghosh:iTrust Centre for Research in Cyber Security, Singapore University of Technology and Design (SUTD);Rishabh Singhal:JP Morgan & Chase Co., Mumbai, India;Sajal K Das:Department of Computer Science, Missouri University of Science and Technology

18:00 – 19:30 Poster Session (Atrium)

WEDNESDAY 10 JULY 2019 - CONFERENCE08:00 – 09:00 BREAKFAST

9:00 – 10:00 KEYNOTE2: Surya Nepal; CSIRO Data61. Session Chair: Zhenkai Liang (Room AMRF Auditorium 505-011)

Security is the Weakest Link: Prevalent Culture of Victim Blaming in Cyberattacks

10:00 – 10:30 BREAK (Atrium)

10:30 – 12:20 SESSION #4A: MOBILE SECURITY Session Chair: Manuel Egele (Room AMRF Auditorium 505-011)

Exploiting Sound Masking for Audio Privacy in SmartphonesYu-Chih Tung:University of Michigan;Kang G. Shin:University of Michigan

MoSSOT: An Automated Blackbox Tester for Single Sign-On Vulnerabilities in Mobile ApplicationsShangcheng Shi:The Chinese University of Hong Kong;Xianbo Wang:The Chinese University of Hong Kong;Wing Cheong Lau:The Chinese University of Hong Kong

MagAttack: Guessing Application Launching and Operation via SmartphoneYushi Cheng:Zhejiang University;Xiaoyu Ji:Zhejiang University;Wenyuan Xu:Zhejiang University;Hao Pan:Shanghai Jiao Tong University;Zhuangdi Zhu:Michigan State University;Chuang-Wen You:National Taiwan University;Yi-Chao Chen:University of Texas at Austin;Lili Qiu:University of Texas at Austin

Towards Understanding Android System Vulnerabilities: Techniques and InsightsDaoyuan Wu:Singapore Management University;Debin Gao:Singapore Management University;Eric K. T. Cheng:The Hong Kong Polytechnic University;Yichen Cao:SOBUG, ShenZhen, China;Jintao Jiang:SOBUG, ShenZhen, China;Robert H. Deng:Singapore Management University

(Short paper) AndrEnsemble: Leveraging API Ensembles to Characterize Android Malware FamiliesOmid Mirzaei:Universidad Carlos III de Madrid;Guillermo Suarez-Tangil:King’s College London;Jose M. de Fuentes:Universidad Carlos III de Madrid;Juan Tapiador:Universidad Carlos III de Madrid;Gianluca Stringhini:Boston University

2019 PROGRAMME

17

WEDNESDAY 10 JULY 2019 - CONFERENCE10:30 – 12:20 SESSION #4B: PRIVACY

Session Chair: Lech Janczewski (Lecture Theatre 2 505-007)

EPISODE: Efficient Privacy-PreservIng Similar Sequence Queries on Outsourced Genomic DatabasEsThomas Schneider:TU Darmstadt;Oleksandr Tkachenko:TU Darmstadt

Revisiting Assumptions for Website Fingerprinting AttacksWeiqi Cui:Oklahoma State University;Tao Chen:Oklahoma State University;Christian Fields:Oklahoma State University;Julianna Chen:Oklahoma State University;Anthony Sierra:Oklahoma State University;Eric Chan-Tin:Loyola University Chicago

Can I Opt Out Yet? GDPR and the Global Illusion of Cookie ControlIskander Sanchez-Rola:DeustoTech, University of Deusto, Symantec Research Labs;Matteo Dell’Amico:Symantec Research Labs;Platon Kotzias:IMDEA Software Institute, Universidad Politecnica de Madrid;Davide Balzarotti:Eurecom;Leyla Bilge:Symantec Research Labs;Pierre-Antoine Vervier:Symantec Research Labs;Igor Santos:DeustoTech, University of Deusto

“I Don’t Think I Can Share My Health Information …” : Understanding Users’ Risk Perceptions about Personal Health Records Shared on Social Networking ServicesYuri Son:Samsung Electronics Co., Ltd.;Geumhwan Cho:Sungkyunkwan University;Hyoungshick Kim:Sungkyunkwan University;Simon Woo:SUNY Korea

12:20 – 14:00 LUNCH (Atrium)

14:00 – 15:20 SESSION #5A: WEB SECURITY Session Chair: Gianluca Stringhini (Room AMRF Auditorium 505-011)

Purchased Fame: Exploring the Ecosystem of Private Blog NetworksTom Van Goethem:imec-DistriNet, KU Leuven;Najmeh Miramirkhani:Stony Brook University;Wouter Joosen:imec-DistriNet, KU Leuven;Nick Nikiforakis:Stony Brook University

TweetScore: Scoring Tweets via Social Attribute Relationships for Twitter Spammer DetectionYihe Zhang:Unaffiliated;Hao Zhang:Unaffiliated;Xu Yuan:Unaffiliated;Nian-Feng Tzeng:Unaffiliated

ScriptProtect: Mitigating Unsafe Third-Party JavaScript PracticesMarius Musch:TU Braunschweig;Marius Steffens:CISPA Helmholtz Center for Information Security;Ben Stock:CISPA Helmholtz Center for Information Security;Martin Johns:TU Braunschweig

14:00 – 15:20 SESSION #5B: FAULT ATTACKS AND SIDE CHANNEL ANALYSISSession Chair: Virgil Gligor, CMU (Lecture Theatre 2 505-007)

SoK: On DFA Vulnerabilities of Substitution-Permutation NetworksMustafa Khairallah:Nanyang Technological University, Singapore;Xiaolu Hou:Acronis, Singapore;Zakaria Najm:Nanyang Technological University, Singapore;Jakub Breier:Underwriters Laboratories, Singapore;Shivam Bhasin:Nanyang Technological University, Singapore;Thomas Peyrin:Nanyang Technological University, Singapore

Practical Side-Channel Attacks against WPA-TKIPDomien Schepers:Northeastern University;Aanjhan Ranganathan:Northeastern University;Mathy Vanhoef:New York University Abu Dhabi

Exploiting Determinism in lattice-based signatures – Practical Fault Attacks on pqm4 implementations of NIST candidatesPrasanna Ravi:Nanyang Technological University, Singapore;Mahabir Prasad Jhanwar:Nanyang Technological University, Singapore;James Howe:Nanyang Technological University, Singapore;Anupam Chattopadhyay:Nanyang Technological University, Singapore;Shivam Bhasin:Nanyang Technological University, Singapore

15:20 – 15:50 BREAK (Atrium)

18

WEDNESDAY 10 JULY 2019 - CONFERENCE15:50 – 17:40 SESSION #6A: IOT SECURITY

Session Chair: Xiaoyu Ji (Room AMRF Auditorium 505-011)

Process-Aware Cyberattacks for Thermal Desalination PlantsPrashant Hari Narayan Rajput:New York University Abu Dhabi;Pankaj Rajput:New York University Abu Dhabi;Marios Sazos:New York University Abu Dhabi;Michail Maniatakos:New York University Abu Dhabi

Study of Misbinding Attacks on Secure Device PairingMohit Sethi:NomadicLab, Ericsson Research, Finland;Aleksi Peltonen:Aalto University, Finland;Tuomas Aura:Aalto University, Finland

Alexa lied to me: Skill-based Man-in-the-Middle Attacks on Virtual AssistantsRichard Mitev:Technische Universität Darmstadt;Markus Miettinen:Technische Universität Darmstadt;Ahmad-Reza Sadeghi:Technische Universität Darmstadt

(Short paper) HADES-IoT: A Practical Host-Based Anomaly Detection System for IoT DevicesDominik Breitenbacher:Singapore University of Technology and Design;Ivan Homoliak:Singapore University of Technology and Design;Yan Lin Aung:Singapore University of Technology and Design;Nils Ole Tippenhauer:CISPA Helmholtz Center for Information Security;Yuval Elovici:Singapore University of Technology and Design

(Short paper) A Pilot Study on Consumer IoT Device Vulnerability Disclosure and Patch Release in Japan and the United StatesAsuka Nakajima:NTT Secure Platform Laboratories;Takuya Watanabe:NTT Secure Platform Laboratories;Eitaro Shioji:NTT Secure Platform Laboratories;Mitsuaki Akiyama:NTT Secure Platform Laboratories;Maverick Woo:Carnegie Mellon University

(Short paper) E-Spion: A System-Level Intrusion Detection System for IoT DevicesAnand Mudgerikar:Purdue University;Puneet Sharma:HPE;Elisa Bertino:Purdue University

15:50 – 17:20 SESSION #6B: APPLIED CRYPTOGRAPHY Session Chair: Robert Deng, SMU (Lecture Theatre 2 505-007)

K2SN-MSS: An Efficient Post-Quantum SignatureSabyasachi Karati:University of Calgary;Reihaneh Safavi-Naini:University of Calgary

Proper Usage of the Group Signature Scheme in ISO/IEC 20008-2Ai Ishida:National Institute of Advanced Industrial Science and Technology;Yusuke Sakai:National Institute of Advanced Industrial Science and Technology;Keita Emura:National Institute of Information and Communications Technology;Goichiro Hanaoka:National Institute of Advanced Industrial Science and Technology;Keisuke Tanaka:Tokyo Institute of Technology

Practical Aggregate Signature from General Elliptic Curves, and Applications to BlockchainYunlei Zhao:Software School, Fudan University, Shanghai, China

(Short paper) Examining DES-based Cipher Suite Support within the TLS EcosystemVanessa Frost:University of Florida;Dave Tian:University of Florida;Christie Ruales:University of Florida;Vijay Prakash:University of Florida;Kevin Butler:University of Florida;Patrick Traynor:University of Florida

18:00 Gala Dinner - Bus departs Conference Venue - 85 Park Road to Maritime Room, Princes Wharf

22:00 Bus departs Maritime Room to Cordis bus stop, Symond Street

2019 PROGRAMME

19

THURSDAY 11 JULY 2019 - CONFERENCE08:00 – 09:00 BREAKFAST

9:00 – 10:00 KEYNOTE3: Heiko Mantel; TU Darmstadt Session Chair: Engin Kirda (Room AMRF Auditorium 505-011)

From Attacker Models to Reliable SecuritySecurity is the Weakest Link: Prevalent Culture of Victim Blaming in Cyberattacks

10:00 – 10:30 BREAK (Atrium)

10:30 – 12:20 SESSION #7: HARDWARE AND SYSTEMS Session Chair: Yusung Wu (Room AMRF Auditorium 505-011)

Pinpoint Rowhammer: Suppressing Unwanted Bit Flips on Rowhammer AttacksSangwoo Ji:POSTECH;Youngjoo Ko:POSTECH;Saeyoung Oh:POSTECH;Jong Kim:POSTECH

RIP-RH: Preventing Rowhammer-based Inter-Process AttacksCarsten Bock:TU Darmstadt;Ferdinand Brasser:TU Darmstadt;David Gens:TU Darmstadt;Ahmad-Reza Sadeghi:TU Darmstadt

eHIFS: An Efficient History Independent File SystemBiao Gao:Institute of Information Engineering;Bo Chen:Department of Computer Science, Michigan Technological University;Shijie Jia:Institute of Information Engineering, CAS;Luning Xia:Institute of Information Engineering

(Short paper) Thermanator: Thermal Residue-Based Post Factum Attacks On Keyboard Data EntryTyler Kaczmarek:University of California, Irvine;Ercan Ozturk:University of California, Irvine;Gene Tsudik:University of California, Irvine

(Short paper) Design procedure of knowledge base for practical attack graph generationMasaki Inokuchi:Security Research Laboratories, NEC Corporation;Yoshinobu Ohta:Security Research Laboratories, NEC Corporation;Shunichi Kinoshita:Security Research Laboratories, NEC Corporation;Tomohiko Yagyu:Security Research Laboratories, NEC Corporation;Orly Stan:Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev;Ron Bitton:Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev;Yuval Elovici:Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev;Asaf Shabtai:Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev

12:20 – 14:00 LUNCH (Atrium)

14:00 Bus departs Conference Venue - 85 Park Road, Grafton

17:45 Bus returns to Cordis bus stop, Symond Street

20

FRIDAY 12 JULY 2019 - CONFERENCE08:00 – 09:00 BREAKFAST

9:00 – 10:15 SESSION 8 BLOCKCHAIN SECURITY Session Chair: Aravind Prakash (Room AMRF Auditorium 505-011)

On the Difficulty of Hiding the Balance of Lightning Network ChannelsJordi Herrera-Joancomarti:Universitat Autònoma de Barcelona;Guilllermo Navarro-Arribas:Universitat Autònoma de Barcelona;Alejandro Ranchal-Pedrosa:Telecom SudParis;Joaquin Garcia-Alfaro:Telecom SudParis, CNRS SAMOVAR;Cristina Perez-Sola:Universitat Rovira i Virgili

A New Blind ECDSA Scheme for Bitcoin Transaction AnonymityXun Yi:RMIT University, Australia;Kwok-Yan Lam:Nanyang Technological University, Singapore

On The Unforkability of MoneroDimaz Ankaa Wijaya:Monash University;Joseph Liu:Monash University;Ron Steinfeld:Monash University;Dongxi Liu:Data61, CSIRO, Australia;Jiangshan Yu:Monash University

10:15 – 10:45 BREAK (Atrium)

10:45 – 11:50 SESSION 9: FUZZING Session Chair: William Robertson (Room AMRF Auditorium 505-011)

Ptrix: Efficient Hardware-Assisted Fuzzing for COTS BinaryYaohui Chen:Northeastern University;Dongliang Mu:Penn State University;Zhichuang Sun:Northeastern University;Jun Xu:Stevens Institute of Technology;Wenguo Shen:Samsung Research American;Xinyu Xing:Penn State University;Long Lu:Northeastern University;Bing Mao:Nanjing University

An Empirical Study of Prioritizing JavaScript Engine Crashes via Machine LearningSunnyeo Park:KAIST;Dohyeok Kim:KAIST;Sooel Son:KAIST

(Short paper) A Feature-Oriented Corpus for understanding, Evaluating and Improving Fuzz TestingXiaogang Zhu:Swinburne University of Technology;Xiaotao Feng:Swinburne University of Technology;Tengyun Jiao:Swinburne University of Technology;Sheng Wen:Swinburne University of Technology;Jingling Xue:The University of New South Wales;Seyit Camtepe:CSIRO Data61;Yang Xiang:Swinburne University of Technology

11:50 – 12:00 Closing Remarks (Room AMRF Auditorium 505-011)

2019 PROGRAMME

21