Workshop Programme
Following is the EuroSec 2014 programme. Follow @syssecproject or @EuroSecWorkshop on Twitter to stay up to date with the workshop news.
Time | Title |
---|---|
8:00-9:00 | Registration |
9:00-10:30 | Welcome and Keynote I |
Welcome and introduction Davide Balzarotti, (Workshop Chair) |
|
Keynote: Smash & Stitch the Gadget: A Journey through Return-Oriented Programming Attack Space and Defenses Ahmad-Reza Sadeghi (Technische Universität Darmstadt)
Abstract: Code reuse attacks such as return-oriented programming (ROP) offer a robust attack technique that is extensively used to exploit bugs in modern software programs (e.g., web browsers and PDF readers). ROP requires no code injection, and only induces malicious program actions by executing a chain of instruction sequences (gadgets) residing in shared libraries or the executable itself. In this talk, we give a brief overview of ROP attacks evolution and mitigation proposals in the last years. In particular, we elaborate on recently proposed (coarse-grained) control-flow integrity (CFI) solutions such as kBouncer, ROPecker, CFI for COTS binaries, ROPGuard, and Microsoft\222s Windows EMET tool. We discuss the (in)effectiveness of these techniques and how they can be undermined even under weak adversarial assumptions. Finally we discuss some open problems and new directions. |
|
10:30-11:00 | Coffee Break |
11:00-12:00 | Session 1 - System Security |
A Practical Approach for Generic Bootkit Detection and Prevention
Bernhard Grill, Christian Platzer (Vienna University of Technology), Jurgen Eckel (IKARUS Security Software GmbH) pdf slides |
|
Improving Mac OS X Security Through Gray Box Fuzzing Technique Stefano Bianchi Mazzone, Mattia Pagnozzi, Aristide Fattori, Andrea Lanzi, Danilo Bruschi (Universita` degli studi di Milano) pdf | |
12:00-12:30 | Session 2 - Network Security (Part A) |
On Measuring the Impact of DDoS Botnets Arne Welzel, Christian Rossow, Herbert Bos (VU University Amsterdam) pdf | |
12:30-14:00 | Lunch |
14:00-15:00 | Keynote II |
Keynote:An introduction to honeyclient technologies Angelo Dell'Aera (Honeynet Project)
Abstract: The number of client-side attacks has grown significantly in the past few years shifting focus on poorly protected vulnerable clients. Just as the most known honeypot technologies enable research into server-side attacks, honeyclients allow the study of client-side attacks. A complement to honeypots, a honeyclient is a tool designed to mimic the behavior of a user-driven network client application, such as a web browser, and be exploited by an attacker's content. The talk will briefly introduce honeyclient technologies and describe the low-interaction honeyclient "Thug" and how to effectively use it in order to analyze malicious websites and detect potential exploit kits. |
|
15:00-15:30 | Session 2 - Network Security (Part B) |
A Connection Pattern-based Approach to Detect Network Traffic Anomalies in Critical Infrastructures
Bela Genge, Piroska Haller (Petru Maior University of Tg. Mures, Romania), Dorin Adrian Rusu (VU University Amsterdam) pdf slides |
|
15:30-16:30 | Coffee Break + Joint Poster Session |
16:30-17:30 | Session 3 - Mobile Security |
Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android MalwareThanasis Petsas, Giannis Voyatzis, Elias Athanasopoulos, Sotiris Ioannidis (Foundation for Research and Technology-Hellas (FORTH), Greece), Michalis Polychronakis (Columbia University, USA) pdf slides |
|
The Best of Both Worlds. A Framework for the Synergistic Operation of Host and Cloud Anomaly-based IDS for Smartphones
Dimitrios Damopoulos, Georgios Portokalidis (Stevens Institute of Technology), Georgios Kambourakis (University of the Aegean pdf |
|
17:30-19:00 | Welcome Reception |