The final proceedings are published by Springer. The full series of DIMVA proceedings are also available online.
Wednesday, June 19, 2019
08:00 – 08:45 | Registration |
08:45 – 09:00 | DIMVA Welcome and Awards |
09:00 – 10:00 | Keynote: Mathias Payer Security Testing Hard-to-Reach Code |
10:00 – 10:30 | Coffee Break |
10:30 – 12:10 | Session 1: Wild Wild Web |
12:10 – 13:30 | Lunch Break |
13:30 – 15:10 | Session 2: Cyber-Physical Systems |
15:10 – 15:40 | Coffee Break |
15:40 – 16:55 | Session 3: Attack Mitigation |
17:45 – | Social Activity and Conference Dinner |
Thursday, June 20, 2019
08:30 – 09:00 | Registration |
09:00 – 10:00 | Keynote: Frank Piessens Defending against transient execution attacks |
10:00 – 10:30 | Coffee Break |
10:30 – 12:10 | Session 4: Malware |
12:10 – 13:30 | Lunch Break |
13:30 – 15:10 | Session 5: Network Security |
15:10 – 15:40 | Coffee Break |
15:40 – 17:20 | Session 6: Software Security and Binary Analysis |
17:20 – 17:30 | Closing Remarks |
Friday, June 21, 2019
The conference is over, but Midsummer is a major traditional holiday in Sweden. If you are interested in staying an additional day, mark the option in the registration to get more information later.
Sessions
Session 1: Wild Wild Web (June 19: 10:30 – 12:10)
Session chair: Federico Maggi
- Wild Extensions: Discovering and Analyzing Unlisted Chrome Extensions
Aidan Beggs, Alexandros Kapravelos - New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild
Marius Musch, Christian Wressnegger, Martin Johns, Konrad Rieck (best paper runner-up) - Morellian Analysis for Browsers: Making Web Authentication Stronger With Canvas Fingerprinting
Pierre Laperdrix, Gildas Avoine, Benoit Baudry, Nick Nikiforakis - On the Perils of Leaking Referrers in Online Collaboration Services
Beliz Kaleli, Manuel Egele, Gianluca Stringhini (winner of best paper award)
Session 2: Cyber-Physical Systems (June 19: 13:30 – 15:10)
Session chair: Sven Dietrich
- Detecting, Fingerprinting and Tracking Reconnaissance Campaigns Targeting Industrial Control Systems
Olivier Cabana, Amr M. Youssef, Mourad Debbabi, Bernard Lebel, Marthe Kassouf, Basile L. Agba - Overshadow PLC to Detect Remote Control-Logic Injection Attacks
Hyunguk Yoo, Sushma Kalle, Jared Smith, Irfan Ahmed - A Security Evaluation of Industrial Radio Remote Controllers
Federico Maggi, Marco Balduzzi, Jonathan Andersson, Philippe Lin, Stephen Hilt, Urano Akira, Rainer Vosseler - Understanding the Security of Traffic Signal Infrastructure
Zhenyu Ning, Fengwei Zhang, Stephen Remias
Session 3: Attack Mitigation (June 19: 15:40 – 16:55)
Session chair: Marco Balduzzi
- Practical Password Hardening based on TLS
Constantinos Diomedous, Elias Athanasopoulos - Role Inference + Anomaly Detection = Situational Awareness in BACnet Networks
Davide Fauri, Michail Kapsalakis, Daniel Ricardo dos Santos, Elisa Costante, Jerry den Hartog, Sandro Etalle - BinTrimmer: Towards Static Binary Debloating Through Abstract Interpretation
Nilo Redini, Ruoyu Wang, Aravind Machiry, Yan Shoshitaishvili, Giovanni Vigna, Christopher Kruegel
Session 4: Malware (June 20: 10:30 – 12:10)
Session chair: Gianluca Stringhini
- Practical Enclave Malware with Intel SGX
Michael Schwarz, Samuel Weiser, Daniel Gruss - How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement
Yoshihiro Oyama - On Deception-Based Protection Against Cryptographic Ransomware
Ziya Alper Genc, Gabriele Lenzini, Daniele Sgandurra - PowerDrive: Accurate De-obfuscation and Analysis of PowerShell Malware
Denis Ugarte, Davide Maiorca, Fabrizio Cara, Giorgio Giacinto
Session 5: Network Security (June 20: 13:30 – 15:10)
Session chair: Giorgio Giacinto
- Large-Scale Analysis of Infrastructure-Leaking DNS Servers
Dennis Tatang, Carl Schneider, Thorsten Holz - Security In Plain TXT: Observing the Use of DNS TXT Records in the Wild
Adam Portier, Henry Carter, Charles Lever - No Need to Marry to Change Your Name! – Attacking Profinet IO Automation Networks Using DCP
Stefan Mehner, Hartmut König - DPX: Data-Plane eXtensions for SDN Security Service Instantiation
Taejune Park, Yeonkeun Kim, Vinod Yegneswaran, Phillip Porras, Zhaoyan Xu, KyoungSoo Park, Seungwon Shin
Session 6: Software Security and Binary Analysis (June 20: 15:40 – 17:20)
Session chair: Georgios Portokalidis
- Memory Categorization: Separating Attacker-Controlled Data
Matthias Neugschwandtner, Alessandro Sorniotti, Anil Kurmus - TypeMiner: Recovering Types in Binary Programs using Machine Learning
Alwin Maier, Hugo Gascon, Christian Wressnegger, Konrad Rieck - SAFE: Self-Attentive Function Embeddings for Binary Similarity
Luca Massarelli, Giuseppe Antonio Di Luna, Fabio Petroni, Roberto Baldoni, Leonardo Querzoni (best paper runner-up) - Triggerflow: Regression Testing by Advanced Execution Path Inspection
Iaroslav Gridin, Cesar Pereida García, Nicola Tuveri, Billy Bob Brumley