The 2018 IEEE Conference on Dependable and Secure Computing

Kaohsiung • Taiwan | December 10—13, 2018

Conference Program

Overview

   
Mon (12/10)
8:00~9:00 Registration in Conference Hall: The Grand Hi Lai Hotel(漢來飯店) 9F Golden Phoenix Room(金鳳廳)
9:00~9:20 Opening
* Presentation time of each paper : DSC (25 min) , workshop (20 min)

Keynote Talks

Dr. Jeffrey Voas
Computer Scientist
National Institute of Standards and Technology
President of IEEE Reliability Society


Bio:Jeffrey Voas is an innovator. He is currently a computer scientist at the US National Institute of Standards and Technology (NIST). Before joining NIST, Voas was an entrepreneur and co-founded Cigital that is now part of Synopsys (Nasdaq: SNPS). He has served as the IEEE Reliability Society President (2003-2005, 2009-2010, 2017-2018), and served as an IEEE Director (2011-2012). Voas co-authored two John Wiley books (Software Assessment: Reliability, Safety, and Testability [1995] and Software Fault Injection: Inoculating Software Against Errors [1998]. Voas received his undergraduate degree in computer engineering from Tulane University (1985), and received his M.S. and Ph.D. in computer science from the College of William and Mary (1986, 1990 respectively). Voas is a Fellow of the IEEE, member of Eta Kappa Nu, Fellow of the Institution of Engineering and Technology (IET), Fellow of the American Association for the Advancement of Science (AAAS), and member of the Washington Academy of Sciences (WAS).


Title: IoT and Trust
System primitives allow formalisms, reasoning, simulations, and reliability and security risk-tradeoffs to be formulated and argued. In this talk, five core primitives belonging to most distributed systems are presented. These primitives apply well to systems with large amounts of data, scalability concerns, heterogeneity concerns, temporal concerns, and elements of unknown pedigree with possible nefarious intent. These primitives are the basic building blocks for a Network of ‘Things’ (NoT), including the Internet of Things (IoT). This talk offers an underlying and foundational understanding of IoT based on the realization that IoT involves sensing, computing, communication, and actuation. The talk ends by suggesting 25 trust issues, that involve everything from 3rd party certification of 3rd party black-box services and products, to defective ‘things’, and to deliberate intentions to slow the flow of data in a IoT-based system. The material presented here is generic to all distributed systems that employ IoT technologies (i.e., ‘things’ and networks). The expected audience is computer scientists, IT managers, networking specialists, and networking and cloud computing software engineers.


Prof. Koji Nakao
Distinguished Researcher, NICT
Yokohama National University, Guest Professor
CABINET SECRETARIAT(日本內閣官房), Security Advisor

Bio:Koji Nakao received the B.E. degree of Mathematics from Waseda University, in Japan, in 1979. Since joining KDDI in 1979, Koji has been engaged in the research on communication protocol, and information security technology for telecommunications in KDDI laboratory. He has started to additionally work for NICT (National Institute of Information and Communications Technology) in 2004 and for Yokohama National University as a guest professor in 2015. Since 2000, he has been conducted for governmental security research projects and involved in International Security Standardization activities. His present positions are "Distinguished Researcher" to manage research activities for network security technologies in NICT and “Guest Professor” of Yokohama National University. Koji has also been an Advisor of Cybersecurity for CABINET SECRETARIAT in Japanese government since April 2017.

The followings are the major awards received: Koji received the IPSJ Research Award in 1992, METI Ministry Award and KPMG Security Award in 2006, and Best Paper Award (JWIS) in 2007, the Commendation for Science and Technology award by the Minister of Education, Culture, Sports, Science and Technology (Prizes for Science and Technology: Research Category) in 2009, Lifetime Achievement Awards in ASIA-JCIS in 2012, Ministry Award (contributions for cyber security) from the Ministry of Internal Affairs and Communications in 2015, Fellow-ship of ISC2 in 2017, Fellow-ship of IEICE in 2018 and so on. He is a member of IPJS and IEICE.

Title:Proactive cyber security response by utilizing passive monitoring technologies


Full Program

IoT DSC#1 (12/10 10:40~12:20) [top]
    Session Chair:Prof. Morris Chang (University of South Florida)
  1. (34) An Over-the-Blockchain Firmware Update Framework for IoT Devices
    Alexander Yohan and Nai-Wei Lo
  2. (42) A Lightweight Compound Defense Framework Against Injection Attacks in IIoT
    Po-Wen Chi and Ming-Hung Wang
  3. (61) slimIoT: Scalable Lightweight Attestation Protocol For the Internet of Things
    Mahmoud Ammar, Mahdi Washha, Gowri Sankar Ramachandran and Bruno Crispo
  4. (73) PAST: Protocol-Adaptable Security Tool for Heterogeneous IoT Ecosystems
    Antonino Rullo, Elisa Bertino and Domenico Saccà
Data Security DSC #2 (12/10 13:40~15:20) [top]
    Session Chair:Prof. Hiroaki Kikuchi (Meiji University)
  1. (26) Secret Sharing Schemes Using Modulo-2^{m} Arithmetic Operations
    Hidenori Kuwakado
  2. (36) A Bandwidth-Efficient Middleware for Encrypted Deduplication
    Helei Cui, Cong Wang, Yu Hua, Yuefeng Du and Xingliang Yuan
  3. (37) Efficient Key-Aggregate Proxy Re-Encryption for Secure Data Sharing in Clouds
    Wei-Hao Chen, Chun-I Fan and Yi-Fan Tseng
  4. (56) Efficient Key Agreement Protocol for Smart Sensors
    Albert Guan and Chin-Laung Lei
Authentication and Privacy DSC #3 (12/10 15:40~17:45) [top]
    Session Chair:Prof. Nai-Wei Lo (National Taiwan University of Science and Technology)
  1. (23) PriBioAuth: Privacy-Preserving Biometric-Based Remote User Authentication
    Yangguang Tian, Yingjiu Li, Ximeng Liu, Robert Huijie Deng and Binanda Sengupta
  2. (54) Impact Assessment of Password Reset PRMitM attack with Two-factor Authentication
    Kota Sasa and Hiroaki Kikuchi
  3. (46) A Homomorphic LWE-Based Verifiable Electronic Voting System
    Chen Wu, Shaohua Tang and Xingfu Yan
  4. (43) CORE: Cooperative Encryption with Its Applications to Controllable Security Services
    Ruei-Hau Hsu, Jemin Lee, Tony Q.S. Quek and Chun-I Fan
  5. (20) Differentially Private Principal Component Analysis Over Horizontally Partitioned Data
    Sen Wang and J. Morris Chang
Software Security DSC #4 (12/11 10:40~12:20) [top]
    Session Chair:Prof. Toshihiro Yamauchi (Okayama University)
  1. (12) Dynamic Path Pruning in Symbolic Execution
    Ying-Shen Chen, Wei-Ning Chen, Che-Yu Wu, Hsu-Chun Hsiao and Shih-Kun Huang
  2. (15) Use-After-Free Mitigation via Protected Heap Allocation
    Mingbo Zhang and Saman Zonouz
  3. (18) Finder: Automatic ICC Data Reconstruction for Long-Term Runtime Semantics
    Chia-Wei Hsu, Sheng-Ru Wei and Shiuhpyng Shieh
  4. (24) Mitigating Over-Permissible Transfer for Control Flow Integrity
    Chung-Kuan Chen, Shang-Kuei Chen and Shiuhpyng Shieh
EP DSC #5 (12/11 13:40~14:55) [top]
    Session Chair:Prof. George Kesidis (Pennsylvania State University)
  1. (25) DeepMemIntrospect: Recognizing Data Structures in Memory with Neural Networks
    Chung-Kuan Chen, E-Lin Ho and Shiuhpyng Shieh
  2. (32) Network Security for IOT using SDN: TImely DDoS Detection
    Narmadha Sambandam, Mourad Hussein and Noor Siddiqi
  3. (75) Design and Implement Binary Fuzzing based on libFuzzer
    Wei-Chieh Chao, Si-Chen Lin, Yi-Hsien Chen, Chin-Wei Tien and Chun-Ying Huang
Attack and Defenses DSC #6 (12/11 15:40~17:45) [top]
    Session Chair:Prof. Po-Wen Chi (National Taiwan Normal University)
  1. (11) Skipping Sleeps in Dynamic Analysis of Multithreaded Malware
    Yoshihiro Oyama
  2. (35) Additional Kernel Observer to Prevent Privilege Escalation Attacks by Focusing on System Call Privilege Changes
    Toshihiro Yamauchi, Yohei Akao, Ryota Yoshitani, Yuichi Nakamura and Masaki Hashimoto
  3. (38) Resilient and Scalable Cloned App Detection using Forced Execution and Compression Trees
    Mohamed Elsabagh, Ryan Johnson and Angelos Stavrou
  4. (47) MOSQUITO: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication
    Mordechai Guri, Yosef Solewicz and Yuval Elovici
  5. (74) Moving-target Defense against Botnet Reconnaissance and an Adversarial Coupon-Collection Model
    George Kesidis, Yuquan Shan, Neda Nasiriani, Takis Konstantopoulos, Daniel Fleck and Angelos Stavrou
Networking DSC #7 (12/12 11:00~12:40) [top]
    Session Chair:Dr. Koichiro Amemiya (Fujitsu Laboratories Ltd.)
  1. (29) Setting Malicious Flow Entries Against SDN Operations: Attacks and Countermeasures
    Cheng-Hsu Lin, Chi-Yu Li and Kuochen Wang
  2. (33) Segment Routing Green Spine Switch Management Systems for Data Center Networks
    Ose Osamudiamen and Chung-Horng Lung
  3. (21) Differentiating and Predicting Cyberattack Behaviors using LSTM
    Ian Perry, Lutzu Li, Christopher Sweet, Shao-Hsuan Su, Fu-Yuan Cheng, Shanchieh Jay Yang and Ahmet Okutan
  4. (81) Vague Set based FMEA Method for Risk Evaluation of Safety Related Systems
    Kuo-Sui Lin and Chih-Chung Chiu
IoT Workshop #1 (12/12 9:00~10:40) [top]
    Session Chair:Prof. Chia-Mei Chen (National Sun Yat-sen University)
  1. (65) Enforcing Policy-Based Security Models for Embedded SoCs within the Internet of Things
    Matthew Hagan, Fahad Manzoor Siddiqui, Sakir Sezer, Kieran McLaughlin and Boojoong Kang
  2. (87) Blockchain-based Authentication in IoT Networks
    Chi Ho Lau, Alan K H Yeung and Fan Yan
  3. (90) AnchorCAN: Anchor-based Secure CAN Communications System
    Hsiao-Ying Lin, Zhuo Wei, Yanjiang Yang, Yadong Wei, Kang Tang and Qingdi Sha
  4. (67) Stochastic Processors on FPGAs to Compute Sensor Data Towards Fault-Tolerant IoT Systems
    Rui Policarpo Duarte
  5. (59) The Method of Capturing the Encrypted Password Packets of WPA & WPA2, Automatic, Semi-Automatic or Manual?
    Tien-Ho Chang, Chia-Mei Chen, Gu-Hsin Lai and Jiunn-Wu Lin
Networking Workshop #2 (12/13 9:00~10:20) [top]
    Session Chair:Prof. Ruei-Hau Hsu (National Sun Yat-sen University)
  1. (13) OTMEN: Offloading Traffic Monitoring to Edge Nodes in Software-Defined Datacenter Networks
    Amer Aljaedi, C. Edward Chow, Ehab Ashary and Francisco Torres-Reyes
  2. (16) ANN Mechanism for Network Traffic Anomaly Detection in the Concept Drifting Environment
    Rua-Huan Tsaih, Shin-Ying Huang, Mao-Ci Lian and Yennun Huang
  3. (45) Closed-Loop DDoS Mitigation System in Software Defined Networks
    Henan Kottayil Hyder and Chung-Horng Lung
  4. (64) Load Balancing using ECMP in Multi-Stage Clos Topology in a Datacenter
    Harpreet Kaur Dhaliwal and Chung-Horng Lung
Cryptography and Applications Workshop #3 (12/13 13:40~15:20) [top]
    Session Chair:Dr. Arijit Karati (National Sun Yat-sen University)
  1. (76) An Identity-based Fair Contract Signing Protocol Constructed by the Confirmation Signature
    Chih Hung Wang
  2. (84) Secure Hierarchical Bitcoin Wallet Scheme Against Privilege Escalation Attacks
    Chun-I Fan, Yi-Fan Tseng, Hui-Po Su, Ruei-Hau Hsu and Hiroaki Kikuchi
  3. (9) Bipolar Dual-LFSR Reseeding for Low-Power Testing
    Jen Cheng Ying, Wang Dauh Tseng and Wen Jiin Tsai
  4. (71) CC-Tracker: Interaction Profiling Bipartite Graph Mining for Malicious Network Activity Detection
    Tzung-Han Jeng, Yi-Ming Chen, Chien-Chih Chen, Chuan-Chiang Huang and Kuo-Sen Chou
  5. (93) Empirical Analysis of Japanese Passwords
    Nonoko Ai and Akira Kanaoka
Privacy Workshop #4 (12/13 15:40~17:20) [top]
    Session Chair:Prof. Jia-Ning Luo (Ming Chuan University)
  1. (27) Forged seal imprint identification based on regression analysis on imprint borders and metrics comparisons
    Wei-Ho Chung, Mu-En Wu, Yeong-Luh Ueng and Yu-Hsuan Su
  2. (48) A Privacy-Preserving Metro Passenger Flow Acquisition and Query System based on Crowd-Sensing
    Caiqin Nong, Shaohua Tang and Yuanyuan Zhang
  3. (53) Risk of Bitcoin Addresses to be Identified from Features of Output Addresses
    Kodai Nagata, Hiroaki Kikuchi and Fan Chun-I
  4. (30) A Thin Client Model to Querying Encrypted Databases in Cloud
    Brajendra Panda and Victor Fuentes Tello
  5. (63) Improving Tor Hidden Service Crawler Performance
    Jonghyeon Park, Hyunsu Mun and Youngseok Lee
Poster (12/13 10:40~12:20) [top]
  1. (41) Offline Transferable E-Cash mechanism
    Jia-Ning Luo and Ming Hour Yang
  2. (44) Counterfeit Fingerprint Detection of Outbound HTTP Traffic with Graph Edit Distance
    Chi-Kuan Chiu, Te-En Wei, Hsiao-Hsien Chang and Ching-Hao Mao
  3. (58) Detection of DNS Tunneling by Feature-free Mechanism
    Chia-Min Lai, Bo-Ching Huang, Shin-Ying Huang, Ching-Hao Mao and Hahn-Ming Lee
  4. (60) On the Authentication of Certificateless RSA Public Key
    Wu-Chuan Yang, Lien-Yuan Ting and Tzu-Chun Kuo
  5. (85) Low-Power Command Protection using SHA-CRC Inversion-based Scrambling Technique for CAN-Integrated Automotive Controllers
    Daejin Park and Jihun Kim
  6. (86) OWASP Risk Analysis Driven Security Requirements Specification for Secure Android Mobile Software Development
    Kai Qian, Reza Parizi and Dan Lo
  7. (88) Optimizing the Sequence of Vulnerability Scanning Injections
    Koichi Funaya, Samir Bajaj, Kumar Sharad and Alok Srivastava
  8. (91) Proactive Approach to Secure Android Mobile Applications
    Quyen Nguyen and Arun Sood

© 2018 IEEE Conference on Dependable and Secure Computing