[Apologies if you receive multiple copies of this message] CALL FOR PARTICIPATION ** Early bird deadline: May 19, 2014 ** ****************************************************************************** 29th IFIP TC-11 SEC 2014 International Conference ICT Systems Security and Privacy Protection Marrakech, Morocco -- 2-4 June 2014 http://www.ensa.ac.ma/sec2014/ ****************************************************************************** ABOUT THE CONFERENCE This conference is the flagship event of the International Federation for Information Processing (IFIP) Technical Committee 11 on Security and Privacy Protection in Information Processing Systems (TC-11, www.ifiptc11.org). Previous SEC conferences were held in: Auckland (New Zealand) 2013, Heraklion (Greece) 2012, Lucerne (Switzerland) 2011, Brisbane (Australia) 2010. The conference will be a 3-days event featuring technical presentations of 28 full papers and 14 short papers. It also includes two keynote speeches and BKA Award session. The 29th IFIP TC-11 SEC 2014 International Conference, ICT Systems Security and Privacy Protection will be held in Marrakech, Morocco on 2-4 June 2014. REGISTRATION Registration information is available at: http://www.ensa.ac.ma/sec2014/registration.php Early registration fees apply until May 19, 2014. PROGRAM Monday, June 2, 2014 --------------------- 08:00 - 09:00 Registration 09:00 - 09:30 Welcome 09:30 - 10:30 Keynote speaker, Bill Caelli 10:30 - 11:00 Break 11:00 - 12:30 Session 1: Intrusion Detection - Mentor: Positive DNS Reputation to Skim-off Benign Domains in Botnet C&C Blacklists (Nizar Kheir, Frederic Tran, Pierre Caron, Nicolas Deschamps) - Game Theory Meets Information Security Management (Andrew Fielder, Emmanouil Panaousis, Pasquale Malacaria, Chris Hankin, Fabrizio Smeraldi) - Model-based Detection of CSRF (Marco Rocchetto, Martin Ochoa, Mohammad Torabi Dashti) - Lightweight Resource Management for DDoS Traffic Isolation in a Cloud Environment [short paper] (Ibnu Mubarok, Kiryong Lee, Sihyung Lee, Heejo Le) 12:30 - 14:00 Lunch 14:00 - 15:20 Session 2: Data Security - Multi-keyword Similarity Search Over Encrypted Cloud Data (Mikhail Strizhov, Indrajit Ray) - Authenticated dictionary based on frequency (Kevin Atighehchi, Alexis Bonnecaze, Traian Muntean) - Three New Fingerprint Recognition Methods Based On Vicinity Matching [short paper] (Thomas Bourgeat, Julien Bringer, Herve' Chabanne, Robin Champenois, Jeremie Clement, Houda Ferradi, Marc Heinrich, Paul Melotti, David Naccache, Antoine Voizard) - Protection Profile for PUF-based Devices [short paper] (Andrea Kolberger, Ingrid Schaumuller-Bichl, Verena Brunner, Martin Deutschmann) 15:20 - 15:50 Break 15:50 - 17:30 Session 3: Mobile Security - Text-Based Active Authentication for Mobile Devices (Hataichanok Saevanee, Nathan Clarke, Steven Furnell, Valerio Biscione) - Styx: Design and Evaluation of a New Privacy Risk Communication Method for Smartphones (Gokhan Bal, Kai Rannenberg, Jason Hong) - A Trusted UI for the Mobile Web (Bastian Braun, Martin Johns, Johannes Koestler, Joachim Posegga) - Detecting Code Reuse in Android Applications Using Component-Based Control Flow Graph (Xin Sun, Yibing Zhongyang, Zhi Xin, Bing Mao, Li Xie) 20:00 - 22:00 Welcome reception Tuesday, June 3, 2014 --------------------- 08:30 - 09:00 Registration 09:00 - 10:00 Keynote speaker, V.S. Subrahmanian 10:00 - 10:30 Break 10:30 - 11:25 Session 4: Identifiability & Decision Making - Hierarchical Authorship Attribution with Topic-sentiment Model (Yang Min, K.P. Chow) - Detection and Labeling of Personal Identifiable Information in E-Mails [short paper] (Christoph Bier, Jonas Prior) - The Factors Related to User's Decision Making towards Retweet Messages during Emergencies [short paper] (Nor Athiyah Abdullah, Dai Nishioka, Yuko Tanaka, Yuko Murayama) 11:25 - 12:30 Session 5: Malicious Behavior & Fraud - Behavior Analysis of Web Service Attacks (Abdallah Ghourabi, Tarek Abbes, Adel Bouhoula) - BankSealer: An Online Banking Fraud Analysis and Decision Support System (Michele Carminati, Roberto Caron, Federico Maggi, Ilenia Epifani, Stefano Zanero) - Security Assessment of Payment Systems Under PCI DSS Incompatibilities [short paper] (Gurkan Gur, Levent Altay, Serif Bahtiyar) 12:30 - 14:00 Lunch 14:00 - 15:20 Session 6: Metrics & Risk Assessment - Evaluating the Security of a DNS Query Obfuscation Scheme for Private Web Surfing (Dominik Herrmann, Max Maass, Hannes Federrath) - A Novel Metric for the Evaluation of IDSs Effectivenes (Khalid Nasr, Anas Abou El Kalam) - How to assess confidentiality requirements of corporate assets? [short paper] (Gabriela Varona Cervantes, Stefan Fenz) - Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks [short paper] (Suhaila Ismail, Elena Sitnikova, Jill Slay) 15:20 - 15:45 Break 15:45 - 17:00 Session 7: Information Flow Control - Compatibility of Safety Properties and Possibilistic Information Flow Security in MAKS (Thomas Bauereiss, Dieter Hutter) - Ghostrail: Ad Hoc Control-Flow Integrity for Web Applications (Bastian Braun, Caspar Gries, Benedikt Petschkuhn, Joachim Posegga) - An Information Flow Monitor-Inlining Compiler for Securing a Core of JavaScript (Jose' Fragoso Santos, Tamara Rezk) 17:00 - 18:20 Session 8: Identity Management - Security of the Multiple-Key Blom's Key Agreement Scheme for Sensor Networks (Mee Loong Yang Yang, Adnan Al Anbuky, William Liu) - Geant-TrustBroker: Dynamic, scalable management of SAML-based inter-federation authentication and authorization infrastructures (Daniela Pohn, Stefan Metzger, Wolfgang Hommel) - (short paper): Identity-based signature from lattice: Efficient construction and an extension (Miaomiao Tian, Liusheng Huang) - Context-aware multifactor authentication scheme based on a dynamic PIN [short paper] (Yair H. Diaz-Tellez, Eliane L.Bodanese, Theo Dimitrakos, Michael Turner) 20:00 Social Event Wednesday, June 4, 2014 ----------------------- 09:00 - 09:30 Award session 09:30 - 10:30 BKA Award speaker Louise Yngstrom 10:30 - 11:00 Break 11:00 - 12:30 Session 9: Privacy I - Privacy Risks from Public Data Sources (Zacharias Tzermias, Vassilis Prevelakis, Sotiris Ioannidis) - Security and Privacy in Video Surveillance: Requirements and Challenges (Qasim Mahmood Rajpoot, Christian Damsgaard Jensen) - Playing Hide and Seek with Mobile Dating Applications (Guojun Qin, Constantinos Patsakis, Melanie Bouroche) - Benchmarking Criteria for Privacy-ABC Technologies [short paper] (Fatbardh Veseli, Tsvetoslava Vateva-Gurova, Ioannis Krontiris, Kai Rannenberg, Neeraj Suri) 12:30 - 14:00 Lunch 14:00 - 15:20 Session 10: Organizational Security - PriMan: Facilitating the Development of Secure and Privacy-Preserving Applications (Andreas Put, Italo Dacosta, Milica Milutinovic, Bart De Decker) - Managing Employee Security Behaviour in Organisations: The Role of Cultural Factors and Individual Values (Lena Connolly, Michael Lang) - Organizational Transformation and Emergent Information Security Culture: a telecom case study [short paper] (Gurpreet Dhillon, Romilla Chowdhuri, Cristiane Pedron) - A holistic approach for Cyber Assurance of Critical Infrastructure through Viable System Modelling [short paper] (Theodoros Spyridopoulos, Ioanna-Aikaterini Topa, Theo Tryfonas, Maria Karyda) 15:20 - 15:50 Break 15:50 - 17:20 Session 11: Privacy II - Privacy Design Strategies (Jaap-Henk Hoepman) - Distance Computation between Two Private Preference Functions (Alberto Blanco, Josep Domingo-Ferrer, Oriol Farras, David Sanchez) - Privacy-Preserving Implicit Authentication (Nashad Safa, Rei Safavi-Naini, Siamak Shahandashti) - Trusted Computing to Increase Security and Privacy in eID Authentication [short paper] (Jan Vossaert, Jorn Lapon, Bart De Decker, Vincent Naessens) Thursday, June 5, 2014 ---------------------- 09:00 - 13:00 Guided sightseeing tour of the monuments of Marrakesh MORE INFORMATION Additional information about the conference can be found at: http://www.ensa.ac.ma/sec2014/