Conference Schedule

May 30, 2016 (Workshops)
  • Room 1
  • Room 2
  • Room 3
  • Room 4
  • 08:30-22:00
  • Registration
  • 09:00-12:00
  • CPSS 2016
  • SCC 2016
  • AsiaPKC 2016
  • 12:00-13:30
  • Lunch Buffet
  • 13:30-18:00
  • CPSS 2016
  • SCC 2016
  • WTMC 2016
  • IoTPTS 2016
  • 18:00
  • Dinner Buffet
    Level 1, 雨林咖啡厅
May 31, 2016
  • Main Conference Room
  • 08:30-09:00
  • Opening
  • 10:00-10:30
  • Coffee Break
  • 12:10-14:00
  • Lunch Buffet
  • 16:00-16:20
  • Coffee Break
  • 18:20
  • Dinner Buffet
June 1, 2016
  • Room 1
  • Room 2
  • 09:30-10:00
  • Coffee Break
  • 12:05-13:30
  • Lunch Buffet
  • 15:35-16:00
  • Coffee Break
  • 18:00
  • Conference Banquet
June 2, 2016
  • Room 1
  • Room 2
  • 09:30-10:00
  • Coffee Break
  • 12:05-13:30
  • Lunch Buffet
  • 15:35-16:00
  • Coffee Break
  • 18:05
  • Dinner Buffet
June 3, 2016
  • Level 2,Room 1
    Main Conference Room
  • Level 3, Room 2
  • 11:10
  • Closing
  • 12:00-13:30
  • Lunch Buffet
    Level 1, 雨林咖啡厅

Technical Program

Keynote Address 1
May 31 (Day 2) 09:00-10:00
Security and Privacy in Social Networks: Challenges and Opportunities
Professor Yang Xiang
Deakin University
Keynote Address 2
June 1 (Day 3) 08:30-09:30
Towards Assessing and Controlling Privacy in Large-Scale, Open Networks
Professor Michael Backes
CISPA, Saarland University & MPI-SWS
Keynote Address 3
June 2 (Day 4) 08:30-09:30
Binary Analysis for Autonomous Hacking
Professor Giovanni Vigna
University of California in Santa Barbara
United States
Invited Talk (Huawei)
May 31 (Day 2) 14:00-14:45
IoT Security: Challenges and Opportunities
Dr Feng Bao
Shield Lab
Invited Talk (CloverSec)
May 31 (Day 2) 16:20-17:05
Research and Applications of Distributed Risk-Award Model Based on Community
Mr Peiyuan Zhao
Session 1: Software Security
May 31 (Day 2) 10:30-12:10
ORIGEN: Automatic Extraction of Offset-Revealing Instructions for Cross-Version Memory Analysis
Qian Feng, Aravind Prakash, Minghua Wang, Curtis Carmony, and Heng Yin
Juggling the Gadgets: Binary-level Code Randomization using Instruction Displacement
Hyungjoon Koo and Michalis pcolychronakis
No-Execute-After-Read: Preventing Code Disclosure in Commodity Software
Jan Werner, George Baltas, Rob Dallara, Nathan Otternes, Kevin Snow, Fabian Monrose, and Michalis pcolychronakis
ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks
Mariano Graziano, Davide Balzarotti, and Alain Zidouemba
Session 2: Cloud Security I
May 31 (Day 2) 14:45-16:00
Enabling Ciphertext Deduplication for Secure Cloud Storage and Access Control
Heyi Tang, Yong Cui, Chaowen Guan, Jianping Wu, Jian Weng, and Kui Ren
Privacy-Preserving Spectral Analysis of Large Graphs in Public Clouds
Sagar Sharma, James Powers, and Keke Chen
Efficient Multi-Function Data Sharing and Searching Mechanism for Cloud-Based Encrypted Data
Kaitai Liang, Chunhua Su, Jiageng Chen, and Joseph K Liu
Session 3: Cloud Security II
May 31 (Day 2) 17:05-18:20
FSSR: Fine-Grained EHRs Sharing via Similarity-Based Recommendation in Cloud-Assisted eHealthcare System
Cheng Huang, Rongxing Lu, Hui Zhu, Jun Shao, and Xiaodong Lin
Publicly Verifiable Secure Cloud Storage for Dynamic Data Using Secure Network Coding
Binanda Sengupta and Sushmita Ruj
Efficient Techniques for Publicly Verifiable Delegation of Computation
Kaoutar Elkhiyaoui, Melek Önen, Monir Azraoui, and Refik Molva
Session 4: Password Authentication and Security
June 1 (Day 3) 10:00-12:05
Credential Wrapping: From Anonymous Password Authentication to Anonymous Biometric Authentication
Yanjiang Yang, Haibing Lu, Joseph Liu, Jian Weng, Youcheng Zhang, and Jianying Zhou
UC-secure Two-Server Password-Based Authentication Protocol and Its Applications
Lin Zhang, Zhenfeng Zhang, and Xuexian Hu
Client-CASH: Protecting Master Passwords against Offline Attacks
Jeremiah Blocki and Anirudh Sridhar
Device-Enhanced Password Protocols with Optimal Online-Offline Protection
Stanislaw Jarecki, Hugo Krawczyk, Maliheh Shirvanian, and Nitesh Saxena
Friend or Foe? Your Wearable Devices Reveal Your Personal PIN
Chen Wang, Xiaonan Guo, Yan Wang, Yingying Chen, and Bo Liu
Session 5: Identity-Based Encryption
June 1 (Day 3) 13:30-15:35
Recipient Revocable Identity-Based Broadcast Encryption: How to Revoke Some Recipients in IBBE without Knowledge of the Plaintext
Willy Susilo, Rongmao Chen, Fuchun Guo, Guomin Yang, Yi Mu, and Yang-Wai Chow
Dealerless Corporate Key Generation for Identity-Based Encryption Schemes
Zhen Liu, Duncan Wong, and Jack Poon
Anonymous Identity-Based Broadcast Encryption with Constant Decryption Complexity and Strong Security
Peng Xu, Jingnan Li, Wei Wang, and Hai Jin
Password-Controlled Encryption with Accountable Break-Glass Access
Tao Zhang, Sherman S. M. Chow, and Jinyuan Sun
Anonymous Identity-Based Broadcast Encryption with Chosen-Ciphertext Security
Kai He, Jian Weng, Jia-Nan Liu, Joseph Liu, Wei Liu, and Robert H. Deng
Session 6: Outsourcing
June 1 (Day 3) 16:00-17:40
SecHOG: Privacy-Preserving Outsourcing Computation of Histogram of Oriented Gradients in the Cloud
Qian Wang, Jingjun Wang, Shengshan Hu, Qin Zou, and Kui Ren
Practical and Efficient Attribute-Based Encryption with Constant-Size Ciphertexts in Outsourced Verifiable Computation
Kai Zhang, Junqing Gong, Shaohua Tang, Jie Chen, Xiangxue Li, Haifeng Qian, and Zhenfu Cao
Efficient Secure Outsourcing of Quadratic Programs
Sergio Salinas, Changqing Luo, Weixian Liao, and Pan Li
Verifiable Outsourcing Algorithms for Modular Exponentiations with Improved Checkability
Yanli Ren, Ning Ding, Xinpeng Zhang, Haining Lu, and Dawu Gu
Session 7: System Security
June 1 (Day 3) 10:00-12:05
NFPS: Adding Undetectable Secure Deletion to Flash Translation Layer
Shijie Jia, Luning Xia, Bo Chen, and Peng Liu
Preventing Page Faults from Telling your Secrets
Shweta Shinde, Zheng Leong Chua, Viswesh Narayanan, and Prateek Saxena
Identifying and Utilizing Dependencies Across Cloud Security Services
Ahmed Taha, Patrick Metzler, Ruben Trapero, Jesus Luna, and Neeraj Suri
Hardening OpenStack Cloud Platforms against Compute Node Compromises
Wai Kit Sze, Abhinav Srivastava, and R. Sekar
Cross Processor Cache Attacks
Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar
Session 8: Mobile Security I
June 1 (Day 3) 13:30-15:35
Mystique: Evolving Android Malware for Auditing Anti-Malware Tools
Guozhu Meng, Yinxing Xue, Chandramohan Mahinthan, Annamalai Narayanan, Yang Liu, Jie Zhang, and Tieming Chen
StormDroid: A Streaminglized Machine Learning-based System for Detecting Android Malware
Sen Chen, Minhui Xue, Zhushou Tang, Lihua Xu, and Haojin Zhu
FLEX: A Flexible Code Authentication Framework for Delegating Mobile App Customization
Gabriele Costa, Paolo Gasti, Alessio Merlo, and Shung-Hsi Yu
DroidDisintegrator: Intra-Application Information Flow Control in Android Apps
Roei Schuster and Eran Tromer
Why MAC Address Randomization is not Enough: An Analysis of Wi-Fi Network Discovery Mechanisms
Mathy Vanhoef, Célestin Matte, Mathieu Cunche, Leonardo Cardoso, and Frank Piessens
Session 9: IoT and CPS
June 1 (Day 3) 16:00-17:40
Vehicle Self-Surveillance: Sensor-Enabled Automatic Driver Recognition
Ian Markwood and Yao Liu
Automatic Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces
Andrei Costin, Apostolis Zarras, and Aurélien Francillon
Distributed Detection of Single-Stage Multipoint Cyber Attacks in a Water Treatment Plant
Aditya Mathur and Sridhar Adepu
Smart Locks: Lessons for Securing Commodity Internet of Things Devices
Grant Ho, Derek Leung, Pratyush Mishra, Ashkan Hosseini, Dawn Song, and David Wagner
Session 10: Authentication
June 2 (Day 4) 10:00-12:05
The Request for Better Measurement: A Comparative Evaluation of Two-Factor Authentication Schemes
Ding Wang, Qianchen Gu, Haibo Cheng, and Ping Wang
A General Construction of Homomorphic Linear Authentication Schemes from \epsilon-Authentication Codes
Shuai Han, Shengli Liu, Fangguo Zhang, and Kefei Chen
Forgery-Resistant Touch-based Authentication on Mobile Devices
Neil Zhenqiang Gong, Mathias Payer, Reza Moazzezi, and Mario Frank
Practical "Signatures with Efficient Protocols" from Simple Assumptions
Benoît Libert, Fabrice Mouhartem, Thomas Peters, and Moti Yung
Bilateral-secure Signature by Key Evolving
Tao Xiang, Xiaoguo Li, Fei Chen, and Yi Mu
Session 11: Security Protocols I
June 2 (Day 4) 13:30-15:35
Secure Dynamic SSE via Access Indistinguishable Storage
Tianhao Wang and Yunlei Zhao
Building an Encrypted, Distributed, and Searchable Key-value Store
Xingliang Yuan, Xinyu Wang, Cong Wang, Chen Qian, and Jianxiong Lin
Anonymous Role-Based Access Control on E-Health Records
Xingguang Zhou, Jianwei Liu, Weiran Liu, and Qianhong Wu
Gait-Based Wi-Fi Signatures for Privacy-Preserving
Yan Li and Ting Zhu
Anonymous Identification for Ad Hoc Group
Xingye Lu and Man Ho Au
Session 12: Security Protocols II
June 2 (Day 4) 16:00-18:05
Efficient Authenticated Multi-Pattern Matching
Zhe Zhou, Tao Zhang, Sherman S.M. Chow, Yupeng Zhang, and Kehuan Zhang
Efficient Verifiable Computation of Linear and Quadratic Functions over Encrypted Data
Ngoc Hieu Tran, Hwee Hwa Pang, and Robert H. Deng
Efficient Privacy-Preserving Matrix Factorization via Fully Homomorphic Encryption
Sungwook Kim, Jinsu Kim, Dongyoung Koo, Yuna Kim, Hyunsoo Yoon, and Junbum Shin
Privacy Breach by Exploiting postMessage in HTML5: Identification, Evaluation, and Countermeasure
Chong Guan, Kun Sun, Zhan Wang, and Wen Tao Zhu
Fault Attacks on Efficient Pairing Implementation
Chen Qian and Pierre-Alain Fouque
Session 13: Web and Network Security
June 2 (Day 4) 10:00-12:05
Model-based Security Testing: an Empirical Study on OAuth 2.0 Implementations
Ronghai Yang, Guanchen Li, Wing Cheong Lau, Kehuan Zhang, and Pili Hu
Discovering Malicious Domains through Passive DNS Data Graph Analysis
Issa M. Khalil, Ting Yu, and Bei Guan
Half-Baked Cookies Hardening Cookie-Based Authentication for the Modern Web
Yogesh Mundada, Nick Feamster, and Balachander Krishnamurthy
Attestation Transparency: Building secure Internet services for legacy clients
Jethro Beekman, John Manferdelli, and David Wagner
Congesting the Internet with Coordinated And Decentralized Pulsating Attacks
Yu-Ming Ke, Chih-Wei Chen, Hsu-Chun Hsiao, Adrian Perrig, and Vyas Sekar
Session 14: Mobile Security II
June 2 (Day 4) 13:30-15:35
CDRep: Automatic Repair of Cryptographic-Misuses in Android Applications
Siqi Ma, David Lo, Teng Li, and Robert H. Deng
MobiPot: Understanding Mobile Telephony Threats with Honeycards
Marco Balduzzi, Payas Gupta, Lion Gu, Debin Gao, and Mustaque Ahamad
Checking Intent-based Communication in Android with Intent Space Analysis
Yiming Jing, Gail-Joon Ahn, Adam Doupé, and Jeong Hyun Yi
revDroid: Code Analysis of the Side Effects after Dynamic Permission Revocation of Android Apps
Zheran Fang, Weili Han, Dong Li, Zeqing Guo, Danhao Guo, Xiaoyang Sean Wang, Zhiyun Qian, and Hao Chen
Attacks and Defence on Android Free Floating Windows
Lingyun Ying, Yao Cheng, Yemian Lu, Yacong Gu, Purui Su, and Dengguo Feng
Session 15: Malware and Attacks
June 2 (Day 4) 16:00-18:05
MAXS: Scaling Malware Execution with Sequential Multi-Hypothesis Testing
Phani Vadrevu and Roberto Perdisci
Real-Time Detection of Malware Downloads via Large-Scale URL->File->Machine Graph Mining
Babak Rahbarinia, Marco Balduzzi, and Roberto Perdisci
Smartwatch-Based Keystroke Inference Attacks and Context-Aware Protection Mechanisms
Anindya Maiti, Oscar Armbruster, Murtuza Jadliwala, and Jibo He
Leakage Fingerprints — A Non-negligible Vulnerability in Side-Channel Analysis
Zeyi Liu, Neng Gao, Chenyang Tu, Jian Zhou, Yuan Ma, and Yuan Zhao
Error Tolerance based Single Interesting Point Side Channel CPA Distinguisher
Changhai Ou, Zhu Wang, Juan Ai, Xinping Zhou, Degang Sun, and Victor Debrunner
Session 16: Privacy
June 3 (Day 5) 09:00-11:05
Privacy and Utility of Inference Control Mechanisms for Social Computing Applications
Seyed Hossein Ahmadinejad, Philip W. L. Fong, and Rei Safavi-Naini
Privacy Preserving Disease Treatment & Complication Prediction System (PDTCPS)
Qinghan Xue, Mooi Choo Chuah, and Yingying Chen
Data Exfiltration in the Face of CSP
Steven Van Acker, Daniel Hausknecht, and Andrei Sabelfeld
StemJail: Dynamic Role Compartmentalization
Mickaël Salaün, Marion Daubignard, and Hervé Debar
SkypeLine Robust Hidden Data Transmission for VoIP
Katharina Kohls, Thorsten Holz, Dorothea Kolossa, and Christina Pöpper
Session 17: Short Papers
June 3 (Day 5) 09:00-11:05
Generic Construction of Publicly Veriable Predicate Encryption
Chuting Tan, Zoe L Jiang, S.M Yiu, Junbin Fang, Xuan Wang, Ye Li, Zechao Liu, Xiaoyan Liu, Lei Cui, Yabin Jin, and Jin Li
Novel Constructions of Cramer-Shoup Like Cryptosystems Based on Index Exchangeable Family
Jing Li, Licheng Wang, Zonghua Zhang, and Xinxin Niu
Efficient Construction of Completely Non-Malleable CCA Secure Public Key Encryption
Shi-Feng Sun, Dawu Gu, Joseph Liu, Udaya Parampalli, and Tsz Hon Yuen
(Deterministic) Hierarchical Identity-based Encryption from Learning with Rounding over Small Modulus
Fuyang Fang, Bao Li, Xianhui Lu, Yamin Liu, Dingding Jia, and Haiyang Xue
Generally Hybrid Proxy Re-Encryption: A Secure Data Sharing among Cryptographic Clouds
Peng Xu, Jun Xu, Wei Wang, Hai Jin, Willy Susilo, and Deqing Zou
RamCrypt: Kernel-based Address Space Encryption for User-mode Processes
Johannes Götzfried, Tilo Müller, Gabor Drescher, Stefan Nürnberger, and Michael Backes
Your Credentials Are Compromised, Do Not Panic: You Can Be Well Protected
Issa Khalil, Zuochao Dou, and Abdallah Khreishah
Inside Attack Filtering for Robust Sensor Localization
Jongho Won and Elisa Bertino