IFIP SEC 2019 (Final Program)

Monday: 24 June, 2019

IFIP Sec Business Meeting (by invitation). Room 101 on the New Quelhas Building, ISEG, Universidade de Lisboa, from 08:00 to 18:00 

Tuesday: 25 June, 2019

8.00 - 9.00


9.00 - 9.15

Opening Remarks

Auditório CGD

Gurpreet Dhillon, Steven Furnell, Co-General Chair

Fredrik Karlsson, Karin Hedström, André Ventura Zúquete, Co-Program Chairs

9.15 - 10.15

Keynote 1: Access Control Evolution and Prospects (Chair: Steven Furnell)

Auditório CGD
Ravi Sandhu: Kristian Beckman Award Recipient

Professor and Lutcher Brown Endowed Chair in Cyber Security

University of Texas at San Antonio, USA

10.15 - 10.30

Coffee Break

10.30 - 12.00

Crypto and Encryption (Auditorio 4)

Chair: André Zúquete

Arcana: Enabling Private Posts on Public Microblog Platforms (#12)

Anirudh Narasimman, Qiaozhi Wang, Fengjun Li, Dongwon Lee, and Bo Luo

Fast Keyed-Verification Anonymous Credentials on Standard Smart Cards (#21)

Jan Camenisch, Manu Drijvers, Petr Dzurenda and Jan Hajny

BlockTag: Design and Applications of a Tagging System for Blockchain Analysis (#42)

Yazan Boshmaf, Husam Al Jawaheri, and Mashael Al Sabah

Organizational and Behavioral Security (Auditorio 5)

Chair: Lech Janczewski

Differentially Private Generative Adversarial Networks for Time Series, Continuous, and Discrete Open Data (#32)

Lorenzo Frigerio, Anderson Santana de Oliveira, Laurent Gomez, and Patrick Duverger

ESARA: A Framework for Enterprise Smartphone Apps Risk Assessment (#64)

Majid Hatamian, Sebastian Pape and Kai Rannenberg

SocialAuth: Designing Touch Behavioral Smartphone User Authentication based on Social Networking Applications (#81)

Weizhi Meng, Wenjuan Li, Lijun Jiang, and Jianying Zhou

12.00 - 13.30


13.30 - 15.00

User Data and Privacy Controls (Auditorio 4)

Chair: Bart De Decker

Predicting Students’ Security Behavior Using Information-Motivation-Behavioral Skills Model (#46)

Ali Farooq, Debora Jeske, and Jouni Isoaho

Why Do People Pay for Privacy-Enhancing Technologies? The Case of Tor and JonDonym (#50)

David Harborth, Xinyuan Cai, and  Sebastian Pape

Towards Contractual Agreements for Revocation of Online Data (#37)

Theodor Schnitzler, Markus Dürmuth, and Christina Pöpper

WIPER (Auditorio 5)

Chair: Kane Smith

Physical presence verification using TOTP and QR codes (#87)

Emin Huseynov and Jean-Marc Seigneur

An Authentication and Key Agreement Scheme using ECQV in IoT Environments (#90)

Dae-Hwi Lee and Im-Yeong Lee

Efficiently Vectorized Anonymization in Data Mining using Genetic Algorithms (#99)

Fatemeh Amiri, Gerald Quirchmayr, Peter Kieseberg, Alessio Bertone and Edgar Weippl

Access Control Models via Non-Standard Logics (#101)

Mikhail M. Kucherov and Bogulskaya Nina A.

15.00 - 15.30

Coffee Break

15.30 - 17.00

Data Integrity and Security (Auditorio 4)

Chair: Carlos Rieder

On the Effectiveness of Control-Flow Integrity Against Modern Attack Techniques (#44)

Sarwar Sayeed and Hector Marco-Gisbert

Automatically Proving Purpose Limitation in Software Architectures(#67)

Kai Bavendiek, Tobias Mueller, Florian Wittner, Thea Schwaneberg, Christian-Alexander Behrendt, Wolfgang Schulz, Hannes Federrath, and Sibylle Schupp

Commit Signatures for Centralized Version Control Systems (Extended Abstract) (#70)

Sangat Vaidya, Santiago Torres-Arias, Reza Curtmola, and Justin Cappos

WISE12 (Auditorio 5)

Chair: Matt Bishop

A Short-cycle Framework Approach to Integrating Psychometric Feedback and Data Analytics to Rapid Cyber Defense (#22)

Erik Moore, Steve Fulton, Roberta Mancuso, Tristen Amador and Daniel Likarish

Identifying Security Requirements Body of Knowledge for the Security Systems Engineer (#12) 

Sune von Solms and Annlize Marnewick

Introducing Research into the Undergraduate Curriculum in Cybersecurity (#17) 

Susanne Wetzel and Dimitrios Damopoulos

18.00 - 20.00

Opening Reception: Wine & Cheese

Rooftop: New Quelhas building, ISEG, University de Lisboa

Wednesday: 26 June, 2019

8.30 - 9.15


9.15 - 10.15

Keynote 1: Compliance vs. Risk Management - Two Perspectives on Supply Chain Risk Management (Chair: Gurpreet Dhillon)

Auditório CGD
Rob Arnold

CEO, ThreatSketch, USA

10.15 - 10.30

Coffee Break

10.30 - 12.00

Intrusion Detection & Access Control (Auditorio 4)

Chair: Abbas Shahim

Towards an Automated Extraction of ABAC Constraints from Natural Language Policies (#59)

Manar Alohaly, Hassan Takabi, and Eduardo Blanco

An Efficient and Scalable Intrusion Detection System on Logs of Distributed Applications (#48)

David Lanoë, Michel Hurfin, Eric Totel, and Carlos Maziero

Hunting Brand Domain Forgery: A Scalable Classification for Homograph Attack (#17)

Tran Phuong Thao, Yukiko Sawaya, Hoang-Quoc Nguyen-Son, Akira Yamada, Kazumasa Omote, and Ayumu Kubota

Organizational and Behavioral Security (Auditorio 5)

Chair: Nora Cuppens

The Influence of Organizational, Social and Personal Factors on Cybersecurity Awareness and Behavior of Home Computer Users (#19)

Joëlle Simonet and Stephanie Teufel

To Be, or Not to Be Notified Eliciting Privacy Notification Preferences for Online mHealth Services (#47)

Patrick Murmann, Delphine Reinhardt, and Simone Fischer-Hübner

A Structured Comparison of the Corporate Information Security Maturity Level (#49)

Michael Schmid and Sebastian Pape

12.00 - 13.30


13.30 - 15.00

WIPER (Auditorio 4)

Chair: Onyi Nwafor

Privacy by Design using Agents and Sovereign Identities (#91)

Kalman Toth and Alan Anderson-Priddy

ID-Based Proxy Re-encryption for Collusion Resistance in Cloud Storage (#92)

Won-Bin Kim and Im-Yeong Lee

A Machine Learning Framework for Studying User Behaviors in Phishing Email Processing (#97)

Yi Li, Kaiqi Xiong and Xiangyang Li

On the Administrative Information Security: definition and impact on Security Governance

Gurpreet Dhillon and Winnie Picoto

WISE12 (Auditorio 5)

Chair: Erik Moore

Learning Principles and the Secure Programming Clinic (#26) 

Matt Bishop, Melissa Dark, Lynn Futcher and Johan van Niekerk

Light Cryptography (#14)

Pascal Lafourcade, Takaaki Mizuki, Atsuki Nagao and Kazumasa Shinagawa

An Educational Intervention for Teaching Secure Coding Practices (#10)

Vuyolwethu Mdunyelwa, Lynn Futcher and Johan van Niekerk

15.00 - 15.30

Coffee Break

15.30 - 17.00

Access Control (Auditorio 4)

Chair: Kai Rannenberg

Performance of Password Guessing Enumerators Under Cracking Conditions (#35)

Mathieu Valois, Patrick Lacharme, and Jean-Marie Le Bars

An Offline Dictionary Attack against zkPAKE Protocol (#23)

José Becerra, Peter Y. A. Ryan, Petra Sala, and Marjan Skrobot

Fine-Grained Access Control in Industrial Internet of Things: Evaluating Outsourced Attribute-Based Encryption (#56)

Dominik Ziegler, Josef Sabongui, and Gerald Palfinger

WISE12 (Auditorio 5)

Chair: Lynette Drevin

Lessons Learned from an Organizational Information Security Awareness Campaign (#20)

 Jacques Ophoff and Juan-Marc Scrimgeour

A Comprehensive Framework for Understanding Security Culture in Organizations (#9) 

Alaa Tolah, Steven Furnell and Maria Papadaki

Using Gamification to Improve Information Security Behavior: A Password Strength Experiment (#25) 

Jacques Ophoff and Frauke Dietz

20.00 -

Conference Dinner: Hotel Mundial – Varanda Restaurant located in Praça Martim Moniz

  • 20.00: Welcome cocktail: Dry and sweet port, moscatel and Petit fours
  • 20.30: Dinner (Traditional Bacalhau main course) and Fado music (Fado music will begin after the last dish)

The hotel is walking distance from the Rossio and Martim Moniz metro stations.

Street Address: Praça Martim Moniz 2, 1100-341 Lisboa, Portugal

Google Maps: https://goo.gl/maps/GvZbBJiypNJjG6pS6

Thursday: 27 June, 2019

8.30 - 9.00


9.00 - 10.30

Identity & Access Control (Auditorio 4)

Chair: Fredrik Karlsson

Forward Secure Identity-based Signature Scheme with RSA (#80)

Hankyung Ko, Gweonho Jeong, Jongho Kim, Jihye Kim and Hyunok Oh

Removing Problems in Rule-Based Policies (#63)

Zheng Cheng , Jean-Claude Royer, and Massimo Tisi

Is This Really You? An Empirical Study on Risk-Based Authentication Applied in the Wild (#11)

Stephan Wiefling, Luigi Lo Iacono, and Markus Dürmuth

WISE12 (Auditorio 5)

Jacques Ophoff

Andragogy as a Scientific Basis for Training Professionals in Information Security (#5) Alexander Tolstoy and Natalia Miloslavskaya

Identifying Information Security Risks in a Social Network using Self-organising Map (#11) 

Rudi Serfontein, Hennie Kruger and Lynette Drevin

Blockchain and its Security: Ignore or Insert into Academic Training? (#1) 

Natalia Miloslavskaya and Alexander Tolstoy

10.30 - 11.00

Coffee Break

11.00 - 12.00

Intrusion Detection (Auditorio 4)

Chair: Yuko Murayama

Control Logic Injection Attacks on Industrial Control Systems (#45)

Hyunguk Yoo and Irfan Ahmed

GanDef: A GAN based Adversarial Training Defense for Neural Network Classifier (#6)

Guanxiong Liu, Issa Khalil, and Abdallah Khreishah

WISE Working Group (Auditorio 5)

Chair: Natalia Miloslavskaya

Addressing the Graduate Student Pipeline Problem in Cybersecurity

Susanne Wetzel

12.00 - 13.30


13.30 - 15.00

WIPER (Auditorio 5)

Chair: Ella Kolkowska

Integrating Blockchain into Security Curricula

Kane Smith

App Users Privacy and Personal Data Protection

Solomon Negash and Peter Meso

A theoretical study and review on Blockchain's Privacy Mechanisms (98)

Adam Mihai Gergely and Bogdan Crainicu

WHOIS and the GDPR - A (never) ending story in cyberspace? (85)

Matthias Hudobnik

Soter: Trust Discovery Framework for Internet of Medical Things (IoMT) (#93)

Maha Allouzi and Javed Khan

IFIP WG11.8 AGM (Auditorio 5)

Chair: Lynn Futcher

15.00 - 15.30

Coffee Break

15.30 - 17.00

Concluding remarks & IFIP 2020