[fg-arc] [ESSoS'16] Call for Participation

Raoul Strackx raoul.strackx at cs.kuleuven.be
Wed Feb 24 14:43:08 CET 2016


         International Symposium on Engineering Secure
                 Software and Systems (ESSoS)


Date:       April 6 - 8, 2016
Venue:      Royal Holloway, University of London, London, UK
Website:    https://distrinet.cs.kuleuven.be/events/essos/2016/
Early Registration Deadline:  March 10, 2016

In cooperation with: ACM SIGSAC and SIGSOFT

== Context and Motivation ==

Trustworthy, secure software is a core ingredient of the modern world.
Hostile, networked environments, like the Internet, can allow
vulnerabilities in software to be exploited from anywhere. To address
this, high-quality security building blocks (e.g., cryptographic
components) are necessary, but insufficient. Indeed, the construction of
secure software is challenging because of the complexity of modern
applications, the growing sophistication of security requirements, the
multitude of available software technologies and the progress of attack
vectors. Clearly, a strong need exists for engineering techniques that
scale well and that demonstrably improve the software's security properties.

The goal of this symposium, which will be the 8th in the series, is to
bring together researchers and practitioners to advance the states of
the art and practice in secure software engineering. Being one of the
few conference-level events dedicated to this topic, it explicitly aims
to bridge the software engineering and security engineering communities,
and promote cross-fertilization.

== Venue ==

ESSoS 2016 will take place at Royal Holloway, University of London, a
135-acre campus located in Egham, UK, just 40 minutes London city centre
and a handful of minutes from London Heathrow Airport. Royal Holloway's
campus is one of the most beautiful in the world with everything you
need right on your doorstep whether it's teaching spaces, bars and
cafes, high-quality accommodation, a sports centre, or our illustrious
Picture Gallery. All this is surrounded by stunning parkland that you
can explore at your own leisure. The Egham campus features a number of
sightseeing options and attractions, sporting and entertainment venues
within easy reach.

Hotels conveniently located around Royal Holloway have been reserved at
preferential rates. Details on the venue are posted to the ESSoS 2016
website.

== Program ==

The symposium will feature one day of workshops, a doctoral symposium,
and two days of technical program including 2 invited talks by David
Basin (ETH Zurich) and Karsten Nohl (Security Research Labs), 13 full
research papers, and 3 idea papers that describe promising approaches.

The accepted workshops on April 6th are:
  ESTImATe: Effective Security risk management in Air Traffic management
and Other Critical Infrastructures
  SERECIN: SEcurity and REsilience of Cyber-Physical INfrastructures
  IMPS: Innovations in Mobile Privacy and Security
  STANCE: A Source code analysis Toolbox for software security AssuraNCE

Complete overview of the program can be found at:
https://distrinet.cs.kuleuven.be/events/essos/2016/programme.html

= Keynotes =

*How much security is too much?*
  Karsten Nohl (Security Research Labs)

*David Basin (ETH Zurich)*
  Security Testing beyond Functional Tests

= Papers =

*On the Static Analyse of Hybrid Mobile Apps*
  Achim D. Brucker and Michael Herzberg.

*POODLEs, More POODLEs, FREAK Attacks too: How Server Administrators
Responded to Three Serious Web Vulnerabilities*
  Benjamin Fogel, Shane Farmer, Hamza Alkofahi, Anthony Skjellum and
Munawar Hafiz.

*AppPAL for Android: Capturing and Checking Mobile App Policies*
  Joseph Hallett and David Aspinall.

*Progress-Sensitive Security for SPARK*
  Willard Rafnsson, Deepak Garg and Andrei Sabelfeld.

*Sound and Precise Cross-Layer Data Flow Tracking*
  Enrico Lovat, Martin Ochoa and Alexander Pretschner.

*On the Security Cost of Using a Free and Open Source Component in a
Proprietary Product*
  Achim D. Brucker, Stanislav Dashevskyi and Fabio Massacci.

*Automatically Extracting Threats from Extended Data Flow Diagrams*
  Bernhard J. Berger, Karsten Sohr and Rainer Koschke.

*Empirical Analysis and Modeling of Black-Box Mutational Fuzzing*
  Mingyi Zhao and Peng Liu.

*PADS: a platform to detect stealth attacks*
  Mathias Payer.

*Semantics-based Repackaging Detection for Mobile Apps*
  Quanlong Guan, Heqing Huang, Weiqi Luo and Sencun Zhu.

*Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality*
  Andreas Follner, Eric Bodden and Alexandre Bartel.

*Accelerometer-based Device Fingerprinting for Multi-factor Mobile
Authentication*
  Wout Scheepers, Tom Van Goethem, Davy Preuveneers, and Wouter Joosen.

*Inferring Semantic Mapping Between Policies and Code: The Clue is in
the Language*
  Pauline Anthonysamy, Matthew Edwards, Christian Weichel and Awais Rashid.

*Idea: Enforcing Security Properties by Solving Behavioural Equations*
  Eric Rothstein Morris and Joachim Posegga.

*Idea: Usable Platforms for Secure Programming -- Mining Unix for
Insight and Guidelines*
  Sven Türpe.

*Idea: Supporting Policy-Based Access Control on Database Systems*
  Jasper Bogaerts, Bert Lagaisse and Wouter Joosen.

= Doctoral Symposium =

TBA

Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm



More information about the fg-arc mailing list