Wednesday February 3rd Technical Programme

View program for Thursday February 4th or Friday February 5th


9:00 - Keynote Andy Gordon (Microsoft Research)


10:00 Coffee Break


10:30 - Policy verification and enforcement I

  • Formally-Based Black-Box Monitoring of Security Protocols
    Alfredo Pironti and Jan Jürjens
  • Secure Code Generation for Web Applications
    Martin Johns, Christian Beyerlein and Joachim Posegga
  • Reusability of threat models - an experimental evaluation (Idea)
    Per Håkon Meland, Inger Anne Tøndel and Jostein Jensen

12:00 Lunch


13:30 - Secure system and software development I

  • Formal Verification of Application-Specific Security Properties in a Model-Driven Approach
    Nina Moebius, Kurt Stenzel and Wolfgang Reif
  • Enforcing consumer-specified security properties for modular software (Idea)
    Giacomo A. Galilei and
  • On the Use of Grey Box Testing for Revealing SQL Injection-Related Error Message Information Leaks (Idea)
    Ben Smith, Laurie Williams and Andrew Austin

15:00 Coffee Break


15:30 - Attack analysis and prevention I

  • BuBBle: a Javascript engine level countermeasure against heap-spraying attacks
    Francesco Gadaleta, Yves Younan and Wouter Joosen
  • Transparent client-side mitigation of malicious cross-domain requests
    Philippe De Ryck, Lieven Desmet, Thomas Heyman, Frank Piessens and Wouter Joosen
  • Opcode-sequence-based Malware Detection (Idea)
    Igor Santos, Felix Brezo, Javier Nieves, Yoseba Penya, Borja Sanz, Carlos Laorden and Pablo Bringas


The abstracts of the papers can be found on the papers page.