RAID 2013



Tuesday, October 22, 2013

Pre-conference Activity
6:00AM - Hike to Cas en Bas Beach (4.5 miles) (photo) (photo):

Update (10/12): The hike is now at full capacity, and new reservations are not being accepted.

We will hike along the Atlantic coast, stopping to bathe at two scenic beaches. Sneakers required. Brunch (on your own dime) at the end of the hike.
Cas en Bas

Social Event
6:00PM - 8:00PM Welcome Reception (hors d'oeuvres provided)

Wednesday, October 23, 2013

8:30AM - 10:00AM Registration (photo)
Opening Remarks
10:00AM - 10:30AM Sal Stolfo & Angelos Stavrou
10:30AM - 11:30AM The Human Element of Information Security
Herbert (Hugh) Thompson
11:30AM - 1:00PM Lunch (provided)
Session I (Hardware-level Security)
Session Chair: Kapil Singh
1:00PM - 1:30PM A Primitive for Revealing Stealthy Peripheral-based Attacks on the Computing Platform's Main Memory
Patrick Stewin
1:30PM - 2:00PM Hypervisor Memory Forensics
Mariano Graziano, Andrea Lanzi and Davide Balzarotti
2:00PM - 2:30PM
Session II (Server-level and OS-level Security)
Session Chair: Wenke Lee
2:30PM - 3:00PM Server-side code injection attacks: a historical perspective
Jakob Fritz, Corrado Leita and Michalis Polychronakis
3:00PM - 3:30PM Check my profile: Leveraging static analysis for fast and accurate detection of ROP gadgets
Blaine Stancill, Kevin Snow, Nathan Otterness, Fabian Monrose, Lucas Davi and Ahmad-Reza Sadeghi
3:30PM - 4:00PM Systematic Analysis of Defenses Against Return-Oriented Programming
Richard Skowyra, Kelly Casteel, Hamed Okhravi, Nickolai Zeldovich and William Streilein
4:00PM - 4:30PM SILVER: Fine-grained and Transparent Protection Domain Primitives in Commodity OS Kernel
Xi Xiong and Peng Liu

Thursday, October 24, 2013

Session III (Malware)
Session Chair: Michalis Polychronakis
8:30AM - 9:00AM API Chaser: Anti-analysis Resistant Malware Analyzer
Yuhei Kawakoya, Makoto Iwamura, Eitaro Shioji and Takeo Hariu
9:00AM - 9:30AM FIRMA: Malware Clustering and Network Signature Generation with Mixed Network Behaviors
M. Zubair Rafique and Juan Caballero
9:30AM - 10:00AM Deobfuscating Embedded Malware using Probable-Plaintext Attacks
Christian Wressnegger, Frank Boldewin and Konrad Rieck
10:00AM - 10:30AM Detecting Traditional Packers, Decisively (photo)
Denis Bueno, Kevin Compton, Karem Sakallah and Michael Bailey
10:30AM - 11:00AM
Session IV (Authentication/Credential Attacks)
Session Chair: Andrea Lanzi
11:00AM - 11:30AM Side-Channel Attacks on the Yubikey 2 One-Time Password Generator
David Oswald, Bastian Richter and Christof Paar
11:30AM - 12:00PM Active Credential Leakage for Observing Web-based Attack Cycle
Mitsuaki Akiyama, Takeshi Yagi, Kazufumi Aoki, Takeo Hariu and Youki Kadobayashi
12:00PM - 1:30PM Lunch (provided)
Best Paper Award
Session V (Web and Network Privacy and Security)
Session Chair: Juan Caballero
1:30PM - 2:00PM Behavior Decomposition: Aspect-level Browser Extension Clustering and Its Security Implications
Bin Zhao and Peng Liu
2:00PM - 2:30PM Tamper-resistant LikeJacking
Martin Johns and Sebastian Lekies
2:30PM - 3:00PM Deconstructing the Assessment of Anomaly-based Intrusion Detectors for Critical Applications
Arun Viswanathan, Kymie Tan and Clifford Neuman
3:00PM - 3:30PM
Session VI (Posters & Five-minute Talks)
Session Chair: Kevin Z. Snow
3:30PM - 5:00PM
Note (10/7): Posters are to be printed at A0 size: 841mm × 1189mm (33.1” × 46.8”). Please bring the printed poster along with you to the conference.

Detecting Code Reuse Attacks with a Model of Conformant Program Execution (Poster Abstract)
Emily R. Jacobson, Andrew R. Bernat, William R. Williams and Barton P. Miller
Improving Data Quality of Proxy Logs for Intrusion Detection (Poster Abstract)
Hongzhou Sha, Tingwen Liu, Peng Qin, Yong Sun and Qingyun Liu
An Identification Method Based on SSL Extension (Poster Abstract)
Peipei Fu, Gang Xiong, Yong Zhao, Ming Song and Peng Zhang
Shingled Graph Disassembly: Finding the Undecideable Path (Poster Abstract)
Richard Wartell, Yan Zhou, Kevin Hamlen and Murat Kantarcioglu
Protocol Level Attack Replay (Poster Abstract)
Dan Li, Chaoge Liu, Ke Li and Xiang Cui
Cloud Synchronization Increase Cross-application Scripting Threats on Smartphone (Poster Abstract)
Qixu Liu, Yuqing Zhang, Chen Cao and Guanxing Wen
NFC-based Two-Pass Mobile Authentication (Poster Abstract)
Jagannadh Vempati, Garima Bajwa and Ram Dantu
Android Sensor Data Anonymization (Poster Abstract)
Cynthia Claiborne, Mohamed Fazeen Mohamed Issadeen and Ram Dantu
Detect IAP Flaws in iOS Applications (Poster Abstract)
Cheng Luo, Yuqing Zhang, Qixu Liu and Chen Cao
Social Event
6:30PM - 8:30PM Beach BBQ (food provided) (photo) (photo) (photo) (photo)

Friday, October 25, 2013

Session VII (Mobile Security)
Session Chair: Malek Ben Salem
9:00AM - 9:30AM Practical Context-Aware Permission Control for Hybrid Mobile Applications
Kapil Singh
9:30AM - 10:00AM Understanding SMS Spam in a Large Cellular Network: Characteristics, Strategies and Defenses
(Best Paper Award!)
Nan Jiang, Yu Jin, Ann Skudlark and Zhi-Li Zhang
10:00AM - 10:30AM Mobile Malware Detection Based on Energy Fingerprints - A Dead End?
Johannes Hoffmann, Stephan Neumann and Thorsten Holz
10:30AM - 11:00AM
Session VIII (Cloud and Anonymity Networks I)
Session Chair: Corrado Leita
11:00AM - 11:30AM Holiday Pictures or Blockbuster Movies? Insights into Copyright Infringement in User Uploads to One-Click File Hosters
Tobias Lauinger, Kaan Onarlioglu, Abdelberi Chaabane, Engin Kirda, William Robertson and Mohamed Ali Kaafar
11:30AM - 12:00PM Connected Colors: Unveiling the Structure of Criminal Networks
Yacin Nadji, Manos Antonakakis, Roberto Perdisci and Wenke Lee
12:00PM - 1:30PM Lunch (provided)
Session IX (Cloud and Anonymity Networks II)
Session Chair: Charles Wright
1:30PM - 2:00PM CloudFence: Data Flow Tracking as a Cloud Service
Vasilis Pappas, Vasileios P. Kemerlis, Angeliki Zavou, Michalis Polychronakis and Angelos D. Keromytis
2:00PM - 2:30PM Practical attacks against the I2P network
Christoph Egger, Johannes Schlumberger, Christopher Kruegel and Giovanni Vigna
Closing Remarks
2:30PM - 3:00PM Sal Stolfo & Angelos Stavrou
Social Event
6:00PM - Seafood Fishfry Outing

This event is not covered by registration costs, but we will be organizing a group tour to a promenade in the fishing village (of Gros Islet) to eat fresh-caught fish prepared just for our group. Estimated cost is approximately 35 USD per person, including transportation (10-minute drive).

Saturday, October 26, 2013

Social Event
Time TBD Catamaran Tour!
(Cox & Company tour company will be on site to sign up those persons interested in participating):

Capture on film the famous Pitons as they rise majestically out of the sea. Relive the tradition and culture of a working plantation. See how cocoa and coffee are made and enjoy a delicious buffet lunch. Top it all off with a swim or relax in the sun at one of St. Lucia’s protected bays. Don't miss this chance to see and do "Tout Bagay"--- a little bit of everything!
RAID 2012 Credit - Stefano Ortolani    |    Adapted for RAID 2013 - David Tagatac, Jill Jermyn, Nathaniel Boggs