Program

This is a tentative program and may change.

Wednesday, June 19, 2019

08:00 – 08:45Registration
08:45 – 09:00DIMVA Welcome
09:00 – 10:00Keynote: Mathias Payer
Security Testing Hard-to-Reach-Code
10:00 – 10:30Coffee Break
10:30 – 12:10Session 1: Wild Wild Web
12:10 – 13:30Lunch Break
13:30 – 15:10Session 2: Cyber-Physical Systems
15:10 – 15:40Coffee Break
15:40 – 16:55Session 3: Attack Mitigation
18:00 –Social Activity and Conference Dinner

Thursday, June 20, 2019

08:30 – 09:00Registration
09:00 – 10:00Keynote: Frank Piessens
10:00 – 10:30Coffee Break
10:30 – 12:10Session 4: Malware
12:10 – 13:30Lunch Break
13:30 – 15:10Session 5: Network Security
15:10 – 15:40Coffee Break
15:40 – 17:05Session 6: Software Security and Binary Analysis
17:20 – 17:30Closing Remarks

Friday, June 21, 2019

The conference is over, but Midsummer is a major traditional holiday in Sweden. If you are interested in staying an additional day, mark the option in the registration to get more information later.

Sessions

Session 1: Wild Wild Web (June 19: 10:30 – 12:10)

  • Wild Extensions: Discovering and Analyzing Unlisted Chrome Extensions
    Aidan Beggs, Alexandros Kapravelos
  • New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild
    Marius Musch, Christian Wressnegger, Martin Johns, Konrad Rieck
  • Morellian Analysis for Browsers: Making Web Authentication Stronger With Canvas Fingerprinting
    Pierre Laperdrix, Gildas Avoine, Benoit Baudry, Nick Nikiforakis
  • On the Perils of Leaking Referrers in Online Collaboration Services
    Beliz Kaleli, Manuel Egele, Gianluca Stringhini

Session 2: Cyber-Physical Systems (June 19: 13:30 – 15:10)

  • Detecting, Fingerprinting and Tracking Reconnaissance Campaigns Targeting Industrial Control Systems
    Olivier Cabana, Amr M. Youssef, Mourad Debbabi, Bernard Lebel, Marthe Kassouf
  • Overshadow PLC to Detect Remote Control-Logic Injection Attacks
    Hyunguk Yoo, Sushma Kalle, Jared Smith, Irfan Ahmed
  • A Security Evaluation of Industrial Radio Remote Controllers
    Federico Maggi, Marco Balduzzi, Jonathan Andersson, Philippe Lin, Stephen Hilt, Urano Akira, Rainer Vosseler
  • Understanding the Security of Traffic Signal Infrastructure
    Zhenyu Ning, Fengwei Zhang, Stephen Remias

Session 3: Attack Mitigation (June 19: 15:40 – 16:55)

  • Practical Password Hardening based on TLS
    Constantinos Diomedous, Elias Athanasopoulos
  • Role Inference + Anomaly Detection = Situational Awareness in BACnet Networks
    Davide Fauri, Michail Kapsalakis, Daniel Ricardo dos Santos, Elisa Costante, Jerry den Hartog, Sandro Etalle
  • BinTrimmer: Towards Static Binary Debloating through Abstract Interpretation
    Nilo Redini, Ruoyu Wang, Aravind Machiry, Yan Shoshitaishvili, Giovanni Vigna, Christopher Kruegel

Session 4: Malware (June 20: 10:30 – 12:10)

  • Practical Enclave Malware with Intel SGX
    Michael Schwarz, Samuel Weiser, Daniel Gruss
  • How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement
    Yoshihiro Oyama
  • On Deception-Based Protection Against Cryptographic Ransomware
    Ziya Alper Genc, Gabriele Lenzini, Daniele Sgandurra
  • PowerDrive: Accurate De-Obfuscation and Analysis of PowerShell Malware
    Denis Ugarte, Davide Maiorca, Fabrizio Cara, Giorgio Giacinto

Session 5: Network Security (June 20: 13:30 – 15:10)

  • Large-scale Analysis of Infrastructure-leaking DNS Servers
    Dennis Tatang, Carl Richard Theodor Schneider, Thorsten Holz
  • Security In Plain TXT: Observing the Use of DNS TXT Records in the Wild
    Adam Portier, Henry Carter, Charles Lever
  • No Need to Marry to Change Your Name! – Attacking Profinet IO Automation Networks Using DCP
    Stefan Mehner, Hartmut König
  • DPX: Data-Plane eXtensions for SDN Security Service Instantiation
    Taejune Park, Yeonkeun Kim, Vinod Yegneswaran, Phillip Porras, Zhaoyan Xu, KyoungSoo Park, Seungwon Shin

Session 6: Software Security and Binary Analysis (June 20: 15:40 – 17:05)

  • Memory Categorization: Separating Attacker-Controlled Data
    Matthias Neugschwandtner, Alessandro Sorniotti, Anil Kurmus
  • TypeMiner: Recovering Types in Binary Programs using Machine Learning
    Alwin Maier, Hugo Gascon, Christian Wressnegger, Konrad Rieck
  • SAFE: Self-Attentive Function Embeddings for Binary Similarity
    Luca Massarelli, Giuseppe Antonio Di Luna, Fabio Petroni, Roberto Baldoni, Leonardo Querzoni
  • Triggerflow: Regression Testing by Advanced Execution Path Inspection
    Iaroslav Gridin, Cesar Pereida García, Nicola Tuveri, Billy Bob Brumley