CRiSIS 2012 Provisional Program

Wednesday, October 10, 2012

8:15 - 9:00 Registration


9:00 - 12:30 T1:  Stephen Farrell. Understanding the IETF/W3C security working groups
9:00 - 12:30 T2 : Jean-Louis Lanet. Attacks against Smart Cards: Hands On Session

12:30-13:30 Lunch

13:30 - 17:00 T3  Stefano Bistarelli and Francesco Santini Semiring-based Constraint Models and Frameworks for Security-related Scenarios.

Thursday, October 11, 2012

9:00 - 9:15 Welcome from the program chairs

9:15-10:15 Invited talk : Pierangela Samarati, Managing and Accessing Data in the Cloud: Privacy Risks and Approaches.

10:15-10:35 Coffee break

10:35-12:00 Session 1 Trust management

10:35-11h05 Ryma Abassi and Sihem Guemara El Fatmi. Trust-based Delegation for Ad Hoc QoS Enhancing
11h05-11:35 Khalifa Toumi, César Andrés, Ana Cavalli and Mazen El Maarabani. A Vector Based Model Approach for Defining Trust in Multi-Organization Environments
11h35-12:00 Estanislao Mercadal, Guillermo Navarro-Arribas, Simon Foley and Joan Borrell. Towards efficient access control in a mobile agent based wireless sensor network

12:00-13:00 Lunch

13:00-15:00 Session 2 Security models

13:00-13:30 Jesus Luna Garcia, Neeraj Suri and Ioannis Krontiris. Privacy-by-Design Based on Quantitative Threat Modeling
13h30-14:00 Siwar Kriaa, Marc Bouissou and Ludovic Piètre-Cambacédès. Modeling the Stuxnet Attack with BDMP: Towards More Formal Risk Assessments
14:00-14:30 Romaric Ludinard, Eric Totel, Frederic Tronel, Vincent Nicomette, Mohamed Kaaniche, Eric Alata, Rim Akrout and Yann Bachy. Detecting Attacks against Data in Web Applications
14:30-15:00Matthias Wachs, Christian Grothoff and Ramakrishna Thurimella. Partitioning the Internet

15:00-15:30 Coffe break

15:30-17:00 Session 3 Attack data acquisition and network monitoring

15:30-16:00 Yousra Chabchoub, Christine Fricker, Philippe Robert. Improving the detection of On-line Vertical Port Scan in IP Traffic
16:00-16:30 R. Josh Tobin and David Malone. Hash Pile Ups: Using Collisions to Identify Unknown Hash Functions
16:30-17:00 Claude Fachkha, Elias Bou-Harb, Amine Boukhetouta, Son Dinh, Farkhund Iqbal and Mourad Debbabi. Investigating the Dark Cyberspace: Profiling, Threat-Based Analysis and Correlation

19.00 Conference Dinner

Friday, October 12

9:00-10:30 Session 4  Intrusion detection and  Prevention systems

9:00-9:30 Sebastian Poeplau, Jan Gassen and Elmar Gerhards-Padilla. A Honeypot for Arbitrary Malware on USB Storage Devices
9:30-10:00 Ahmed F.Shosha, Chen-Ching Liu, Marcus Matten and Pavel Gladyshev. Evasion-Resistant Malware Signature Based on Profiling Kernel Data Structure Objects 
10:00-10:30 Manuel Garcia-Cervigon and Manel Medina Llinàs. Browser Function Calls Modeling For Banking Malware Detection

10:30-11:00 Coffee break

11:00-12:00 Session 5   Risk-aware access and usage control

11:00-11:30 Kat Krol, Matthew Moroz and M. Angela Sasse. Don't Work. Can't Work? Why It's Time to Rethink Security Warnings
11:30-12:00 Lazaros Kyrillidis, Sheila Cobourne, Keith Mayes, Song Dong and Konstantinos Markantonakis. Distributed e-Voting using the Smart Card Web Server

12:00-13:00 Lunch

13:00-14:30 Session 6 Analysis and management of risk

13:00-13:30 William Fitzgerald, Fatih Turkman, Simon Foley and Barry O'Sullivan. Anomaly Analysis for Physical Access Control Security Configuration
13:30-14:00 Geraldine Vache Marconato, Vincent Nicomette and Mohammed Kaâniche. Security-related vulnerability life cycle analysis
14:00-14:30 Monia Ben Brahim, Tarak Chaari, Maher Ben Jemaa, and Mohamed Jmaiel. Semantic matching of Web services security policies

14:30-14:45 Closing remarks