Loading…

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Sunday, August 11
 

8:00am

Continental Breakfast
Sunday August 11, 2019 8:00am - 9:00am
Mezzanine Level

8:00am

Badge Pickup
Sunday August 11, 2019 8:00am - 5:00pm
Lobby East

9:00am

9:00am

9:00am

1:30pm

1:30pm

6:00pm

SOUPS 2019 Poster Session
Sunday August 11, 2019 6:00pm - 7:00pm
Grand Ballroom Foyer
 
Monday, August 12
 

7:30am

Badge Pickup
Monday August 12, 2019 7:30am - 5:00pm
Lobby East

7:45am

Continental Breakfast
Monday August 12, 2019 7:45am - 8:45am
Grand Ballroom Foyer

8:00am

Continental Breakfast
Monday August 12, 2019 8:00am - 9:00am
Grand Ballroom Foyer

8:00am

Continental Breakfast
Monday August 12, 2019 8:00am - 9:00am
Grand Ballroom Foyer

8:00am

Continental Breakfast
Monday August 12, 2019 8:00am - 9:00am
Grand Ballroom Foyer

8:20am

Continental Breakfast
Monday August 12, 2019 8:20am - 9:20am
Grand Ballroom Foyer

8:45am

Opening Remarks
Program Co-Chairs: Lorrie Cranor, Carnegie Mellon University, and Lea Kissner, Humu

Monday August 12, 2019 8:45am - 9:00am
Magnolia Room

9:00am

Opening Remarks
Program Co-Chairs: Rob Jansen, U.S. Naval Research Laboratory, and Peter A. H. Peterson, University of Minnesota Duluth

Monday August 12, 2019 9:00am - 9:10am
Grand Ballroom D

9:00am

Opening Remarks and Awards
Program Co-Chairs: Alex Gantman, Qualcomm, and Clémentine Maurice, CNRS, IRISA

Monday August 12, 2019 9:00am - 9:15am
Grand Ballroom FGH

9:00am

The Privacy Engineering Mindset: From Design to Launch
Sha Sundaram, Snap

Monday August 12, 2019 9:00am - 9:22am
Magnolia Room

9:00am

Opening Remarks and Awards
SOUPS 2019 General Chair: Heather Richter Lipford, University of North Carolina at Charlotte

Monday August 12, 2019 9:00am - 9:30am
Grand Ballroom ABC

9:10am

Design and Implementation of a Cyber Physical Testbed for Security Training
Paul Pfister, Mathew L. Wymore, Doug Jacobson, and Daji Qiao, Iowa State University

Monday August 12, 2019 9:10am - 9:28am
Grand Ballroom D

9:15am

Trends and Challenges in the Vulnerability Mitigation Landscape
Matt Miller, Microsoft

Monday August 12, 2019 9:15am - 10:15am
Grand Ballroom FGH

9:20am

Opening Remarks
Program Co-Chairs: Rachel Greenstadt, New York University, and Aleatha Parker-Wood, Humu

Monday August 12, 2019 9:20am - 9:30am
Grand Ballroom E

9:22am

9:28am

Implementation of Programmable CPS Testbed for Anomaly Detection
Hyeok-Ki Shin, Woomyo Lee, Jeong-Han Yun, and HyoungChun Kim, The Affiliated Institute of ETRI

Monday August 12, 2019 9:28am - 9:47am
Grand Ballroom D

9:30am

Recent Advances in Adversarial Machine Learning
Nicolas Carlini, Research Scientist, Google Research

Monday August 12, 2019 9:30am - 10:30am
Grand Ballroom E

9:30am

Investigative Journalism in the Digital Age: Privacy, Security and the Media
Jennifer Valentino-DeVries, The New York Times

Monday August 12, 2019 9:30am - 10:30am
Grand Ballroom ABC

9:45am

Addressing Privacy Risks of Targeted Advertising
Stephen Weis, Aspen Institute Tech Policy Hub

Monday August 12, 2019 9:45am - 10:07am
Magnolia Room

9:47am

Triton: A Software-Reconfigurable Federated Avionics Testbed
Sam Crow and Brown Farinholt, UC San Diego; Brian Johannesmeyer, VU Amsterdam; Karl Koscher, University of Washington; Stephen Checkoway, Oberlin College; Stefan Savage, Aaron Schulman, and Alex C. Snoeren, UC San Diego; Kirill Levchenko, University of Illinois

Monday August 12, 2019 9:47am - 10:06am
Grand Ballroom D

10:06am

CAERUS: Chronoscopic Assessment Engine for Recovering Undocumented Specifications
Sam Crow and Brown Farinholt, UC San Diego; Brian Johannesmeyer, VU Amsterdam; Karl Koscher, University of Washington; Stephen Checkoway, Oberlin College; Stefan Savage, Aaron Schulman, and Alex C. Snoeren, UC San Diego; Kirill Levchenko, University of Illinois

Monday August 12, 2019 10:06am - 10:25am
Grand Ballroom D

10:07am

User-centric Privacy: Designing Effective Privacy Protections That Meet Users' Needs
Florian Schaub, University of Michigan

Monday August 12, 2019 10:07am - 10:30am
Magnolia Room

10:15am

Break with Refreshments
Monday August 12, 2019 10:15am - 10:45am
Grand Ballroom Foyer

10:25am

Break with Refreshments
Monday August 12, 2019 10:25am - 10:55am
Grand Ballroom Foyer

10:30am

Break with Refreshments
Monday August 12, 2019 10:30am - 11:00am
Grand Ballroom Foyer

10:30am

Break with Refreshments
Monday August 12, 2019 10:30am - 11:00am
Grand Ballroom Foyer

10:30am

Break with Refreshments
Monday August 12, 2019 10:30am - 11:00am
Grand Ballroom Foyer

10:45am

Taking a Look into Execute-Only Memory
Marc Schink and Johannes Obermaier, Fraunhofer Institute for Applied and Integrated Security (AISEC)

Monday August 12, 2019 10:45am - 11:15am
Grand Ballroom FGH

10:55am

Is Less Really More? Towards Better Metrics for Measuring Security Improvements Realized Through Software Debloating
Michael D. Brown and Santosh Pande, Georgia Institute of Technology

Monday August 12, 2019 10:55am - 11:13am
Grand Ballroom D

11:00am

Cooperative Privacy and Security: Learning from People with Visual Impairments and Their Allies
Jordan Hayes, Smirity Kaushik, Charlotte Emily Price, and Yang Wang, Syracuse University

Monday August 12, 2019 11:00am - 11:22am
Grand Ballroom ABC

11:00am

11:00am

11:13am

A Data-Driven Reflection on 36 Years of Security and Privacy Research
Aniqua Baset and Tamara Denning, University of Utah

Monday August 12, 2019 11:13am - 11:32am
Grand Ballroom D

11:15am

Cross-Router Covert Channels
Adar Ovadia, Rom Ogen, Yakov Mallah, Niv Gilboa, and Yossi Oren, Ben-Gurion University of the Negev

Monday August 12, 2019 11:15am - 11:45am
Grand Ballroom FGH

11:22am

Privacy and Security Threat Models and Mitigation Strategies of Older Adults
Alisa Frik, International Computer Science Institute (ICSI) and University of California, Berkeley; Leysan Nurgalieva, University of Trento; Julia Bernd, International Computer Science Institute (ICSI); Joyce Lee, University of California, Berkeley; Florian Schaub, University of Michigan; Serge Egelman, International Computer Science Institute (ICSI) and University of California, Berkeley

Monday August 12, 2019 11:22am - 11:45am
Grand Ballroom ABC

11:30am

Privacy as a Service: Building an End-to-End Consent Platform
Roche Janken, Uber

Monday August 12, 2019 11:30am - 12:00pm
Magnolia Room

11:30am

Verifiably Robust Machine Learning for Security
Yizheng Chen, Columbia University

Monday August 12, 2019 11:30am - 12:00pm
Grand Ballroom E

11:32am

Lessons from Using the I-Corps Methodology to Understand Cyber Threat Intelligence Sharing
Josiah Dykstra, Matt Fante, Paul Donahue, Dawn Varva, Linda Wilk, and Amanda Johnson, U.S. Department of Defense

Monday August 12, 2019 11:32am - 11:51am
Grand Ballroom D

11:45am

11:45am

Two methods for exploiting speculative control flow hijacks
Andrea Mambretti, Northeastern University; Alexandra Sandulescu, Matthias Neugschwandtner, Alessandro Sorniotti, and Anil Kurmus, IBM Research - Zurich

Monday August 12, 2019 11:45am - 12:15pm
Grand Ballroom FGH

11:51am

Percentages, Probabilities and Professions of Performance
Jim Alves-Foss, Center for Secure and Dependable Systems University of Idaho

Monday August 12, 2019 11:51am - 12:10pm
Grand Ballroom D

12:00pm

Secure Messaging? More Like Secure Mess
Gennie Gebhart and Erica Portnoy, Electronic Frontier Foundation

Monday August 12, 2019 12:00pm - 12:30pm
Magnolia Room

12:00pm

Automatically Learning How to Evade Censorship
Dave Levin, University of Maryland

Monday August 12, 2019 12:00pm - 12:30pm
Grand Ballroom E

12:07pm

A Self-Report Measure of End-User Security Attitudes (SA-6)
Cori Faklaris, Laura Dabbish, and Jason I. Hong, Carnegie Mellon University

Monday August 12, 2019 12:07pm - 12:30pm
Grand Ballroom ABC

12:10pm

Monday Luncheon
Monday August 12, 2019 12:10pm - 1:30pm
Terra Courtyard

12:15pm

How Sharp is SHARP?
Dixit Kumar, Chavhan Sujeet Yashavant, and Biswabandan Panda, IIT Kanpur; Vishal Gupta, Manipal University Jaipur and IIT Kanpur

Monday August 12, 2019 12:15pm - 12:45pm
Grand Ballroom FGH

12:30pm

Luncheon for SOUPS Attendees
Monday August 12, 2019 12:30pm - 1:45pm
Santa Clara Ballroom

12:30pm

Monday Luncheon
Monday August 12, 2019 12:30pm - 2:00pm
Santa Clara Ballroom

12:30pm

Monday Luncheon
Monday August 12, 2019 12:30pm - 2:00pm
Terra Courtyard

12:45pm

Monday Luncheon
Monday August 12, 2019 12:45pm - 2:00pm
Terra Courtyard

1:30pm

The Impact of Secure Transport Protocols on Phishing Efficacy
Zane Ma, Joshua Reynolds, Joseph Dickinson, Kaishen Wang, Taylor Judd, Joseph D. Barnes, Joshua Mason, and Michael Bailey, University of Illinois at Urbana-Champaign

Monday August 12, 2019 1:30pm - 1:48pm
Grand Ballroom D

1:45pm

The Effect of Entertainment Media on Mental Models of Computer Security
Kelsey R. Fulton, Rebecca Gelles, Alexandra McKay, Richard Roberts, Yasmin Abdi, and Michelle L. Mazurek, University of Maryland

Monday August 12, 2019 1:45pm - 2:09pm
Grand Ballroom ABC

1:48pm

Evaluating the Long-term Effects of Parameters on the Characteristics of the Tranco Top Sites Ranking
Victor Le Pochat, Tom Van Goethem, and Wouter Joosen, imec-DistriNet, KU Leuven

Monday August 12, 2019 1:48pm - 2:07pm
Grand Ballroom D

2:00pm

Now You See It, Now You Don't: Uber's Data Deletion Service
Yash Doshi and Harshal Shah, Uber

Monday August 12, 2019 2:00pm - 2:30pm
Magnolia Room

2:00pm

2:00pm

Behind CGC: A DARPA Cyber Grand Challenge White Team Retrospective
Paul Makowski, Narf Industries

Monday August 12, 2019 2:00pm - 3:00pm
Grand Ballroom FGH

2:07pm

Comparative Measurement of Cache Configurations’ Impacts on Cache Timing Side-Channel Attacks
Xiaodong Yu, Ya Xiao, Kirk Cameron, and Danfeng (Daphne) Yao, Department of Computer Science, Virginia Tech

Monday August 12, 2019 2:07pm - 2:26pm
Grand Ballroom D

2:09pm

A Typology of Perceived Triggers for End-User Security and Privacy Behaviors
Sauvik Das, Georgia Institute of Technology; Laura A. Dabbish and Jason I. Hong, Carnegie Mellon University

Monday August 12, 2019 2:09pm - 2:33pm
Grand Ballroom ABC

2:26pm

An Assessment of the Usability of Cybercrime Datasets
Ildiko Pete and Yi Ting Chua, University of Cambridge

Monday August 12, 2019 2:26pm - 2:45pm
Grand Ballroom D

2:30pm

Machine Learning at Scale with Differential Privacy in TensorFlow
Nicolas Papernot, Google Brain

Monday August 12, 2019 2:30pm - 3:00pm
Magnolia Room

2:33pm

Replication: No One Can Hack My Mind Revisiting a Study on Expert and Non-Expert Security Practices and Advice
Karoline Busse and Julia Schäfer, University of Bonn; Matthew Smith, University of Bonn/Fraunhofer FKIE

Monday August 12, 2019 2:33pm - 2:57pm
Grand Ballroom ABC

2:45pm

Short Break
Monday August 12, 2019 2:45pm - 2:55pm
N/A

2:55pm

Automated Attack Discovery in Data Plane Systems
Qiao Kang, Jiarong Xing, and Ang Chen, Rice University

Monday August 12, 2019 2:55pm - 3:11pm
Grand Ballroom D

2:57pm

"Something isn't secure, but I'm not sure how that translates into a problem": Promoting autonomy by designing for understanding in Signal
Justin Wu, Cyrus Gattrell, Devon Howard, and Jake Tyler, Brigham Young University; Elham Vaziripour, Utah Valley University; Kent Seamons and Daniel Zappala, Brigham Young University

Monday August 12, 2019 2:57pm - 3:21pm
Grand Ballroom ABC

3:00pm

Differentially Private Data Release under Partial Information
David Zeber, Mozilla Corporation

Monday August 12, 2019 3:00pm - 3:30pm
Magnolia Room

3:00pm

3:00pm

Break with Refreshments
Monday August 12, 2019 3:00pm - 3:30pm
Grand Ballroom Foyer

3:11pm

Applications and Challenges in Securing Time
Fatima M. Anwar and Mani Srivastava, UCLA

Monday August 12, 2019 3:11pm - 3:27pm
Grand Ballroom D

3:21pm

"I was told to buy a software or lose my computer. I ignored it": A study of ransomware
Camelia Simoiu, Stanford University; Christopher Gates, Symantec; Joseph Bonneau, New York University; Sharad Goel, Stanford University

Monday August 12, 2019 3:21pm - 3:45pm
Grand Ballroom ABC

3:27pm

IDAPro for IoT Malware analysis?
Sri Shaila G, Ahmad Darki, and Michalis Faloutsos, University of California Riverside; Nael Abu-Ghazaleh and Manu Sridharan, University of California, Riverside

Monday August 12, 2019 3:27pm - 3:43pm
Grand Ballroom D

3:30pm

Break with Refreshments
Monday August 12, 2019 3:30pm - 4:00pm
Grand Ballroom Foyer

3:30pm

Break with Refreshments
Monday August 12, 2019 3:30pm - 4:00pm
Grand Ballroom Foyer

3:30pm

Defeating Cisco Trust Anchor: A Case-Study of Recent Advancements in Direct FPGA Bitstream Manipulation
Jatin Kataria, Red Balloon Security; Richard Housely, Independent Researcher; Joseph Pantoga and Ang Cui, Red Balloon Security

Monday August 12, 2019 3:30pm - 4:00pm
Grand Ballroom FGH

3:43pm

Lessons Learned from 10k Experiments to Compare Virtual and Physical Testbeds
Jonathan Crussell, Thomas M. Kroeger, David Kavaler, Aaron Brown, and Cynthia Phillips, Sandia National Laboratories

Monday August 12, 2019 3:43pm - 4:00pm
Grand Ballroom D

3:45pm

Break with Refreshments
Monday August 12, 2019 3:45pm - 4:15pm
Grand Ballroom Foyer

4:00pm

Break with Refreshments
Monday August 12, 2019 4:00pm - 4:30pm
Grand Ballroom Foyer

4:00pm

Making Ethical Decisions for the Immersive Web
Diane Hosfelt, Mozilla

Monday August 12, 2019 4:00pm - 4:30pm
Magnolia Room

4:00pm

Dns2Vec: Exploring Internet Domain Names through Deep Learning
Amit Arora, Hughes Network Systems

Monday August 12, 2019 4:00pm - 4:30pm
Grand Ballroom E

4:00pm

RISC-V: #AlphanumericShellcoding
Hadrien Barral, Rémi Géraud-Stewart, Georges-Axel Jaloyan, and David Naccache, ENS - Paris

Monday August 12, 2019 4:00pm - 4:30pm
Grand Ballroom FGH

4:15pm

Enhancing Privacy through an Interactive On-demand Incremental Information Disclosure Interface: Applying Privacy-by-Design to Record Linkage
Hye-Chung Kum, Population Informatics Lab, Texas A&M University; Eric D. Ragan, INDIE Lab, University of Florida; Gurudev Ilangovan, Mahin Ramezani, Qinbo Li, and Cason Schmit, Population Informatics Lab, Texas A&M University

Monday August 12, 2019 4:15pm - 4:37pm
Grand Ballroom ABC

4:30pm

A Multi-level Fidelity Microgrid Testbed Model for Cybersecurity Experimentation
Aditya Ashok, Siddharth Sridhar, Tamara Becejac, Theora Rice, Matt Engels, Scott Harpool, Mark Rice, and Thomas Edgar, Pacific Northwest National Laboratory

Monday August 12, 2019 4:30pm - 4:50pm
Grand Ballroom D

4:30pm

Privacy Engineering in the Automotive Domain
Frank Kargl, Ulm University

Monday August 12, 2019 4:30pm - 5:00pm
Magnolia Room

4:30pm

DNS Homographs Detection in the Wild
Femi Olumofin and Chhaya Choudhary, Infoblox

Monday August 12, 2019 4:30pm - 5:00pm
Grand Ballroom E

4:30pm

Vacuums in the Cloud: Analyzing Security in a Hardened IoT Ecosystem
Fabian Ullrich, Jiska Classen, Johannes Eger, and Matthias Hollick, Technische Universität Darmstadt, Germany

Monday August 12, 2019 4:30pm - 5:00pm
Grand Ballroom FGH

4:37pm

From Usability to Secure Computing and Back Again
Lucy Qin, Andrei Lapets, Frederick Jansen, Peter Flockhart, Kinan Dak Albab, and Ira Globus-Harris, Boston University; Shannon Roberts, University of Massachusetts Amherst; Mayank Varia, Boston University

Monday August 12, 2019 4:37pm - 5:00pm
Grand Ballroom ABC

4:50pm

Proteus: A DLT-Agnostic Emulation and Analysis Framework
Russell Van Dam, Thien-Nam Dinh, Christopher Cordi, Gregory Jacobus, Nicholas Pattengale, and Steven Elliott, Sandia National Laboratories

Monday August 12, 2019 4:50pm - 5:10pm
Grand Ballroom D

5:00pm

Certified Phishing: Taking a Look at Public Key Certificates of Phishing Websites
Vincent Drury and Ulrike Meyer, Department of Computer Science, RWTH Aachen University

Monday August 12, 2019 5:00pm - 5:22pm
Grand Ballroom ABC

5:00pm

Privacy in Unusual Contexts: A Case Study of A Theater Company
Maggie Oates, Carnegie Mellon University

Monday August 12, 2019 5:00pm - 5:30pm
Magnolia Room

5:00pm

Panel: Adversarial AI: Perspectives from Academia and Industry
Moderator: Sadia Afroz, International Computer Science Institute (ICSI)
Panelists: Rajarshi Gupta, Avast Software; Carmela Troncoso, EPFL

Monday August 12, 2019 5:00pm - 5:30pm
Grand Ballroom E

5:00pm

Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing
Dominik Maier, Benedikt Radtke, and Bastian Harren, TU Berlin

Monday August 12, 2019 5:00pm - 5:30pm
Grand Ballroom FGH

5:10pm

The DComp Testbed
Ryan Goodfellow, Stephen Schwab, Erik Kline, Lincoln Thurlow, and Geoff Lawler, Information Sciences Institute

Monday August 12, 2019 5:10pm - 5:30pm
Grand Ballroom D

5:22pm

Lightning Talks
* Everything You Need to Know About Secured Usable Design can be explained with Star Wars
Ann-Marie Horcher, Central Michigan University
* Preliminary Findings on Behavioral Aspects of Socially Engineered Payment Diversion Fraud
Alana Maurushat, Western Sydney University, Australia
* On the Road to Digital Inclusion: Designing Inclusive Security and Privacy Alerts
Pavithren V.S. Pakianathan, Singapore University of Technology and Design
* An Early UDS Evaluation of the Android Security Key Scheme
Robbie MacGregor, Dalhousie University

Monday August 12, 2019 5:22pm - 5:45pm
Grand Ballroom ABC

5:30pm

Closing Remarks
Program Co-Chairs: Rachel Greenstadt, New York University, and Aleatha Parker-Wood, Humu

Monday August 12, 2019 5:30pm - 5:35pm
Grand Ballroom E

5:45pm

Monday Happy Hour
Sponsored by Carnegie Mellon University Privacy Engineering
Mingle with other attendees while ­enjoying snacks and beverages. Attendees of all co-located events taking place on Monday are welcome.

Monday August 12, 2019 5:45pm - 6:45pm
Terra Courtyard
 
Tuesday, August 13
 

7:55am

Continental Breakfast
Tuesday August 13, 2019 7:55am - 8:55am
Grand Ballroom Foyer

8:00am

Continental Breakfast
Tuesday August 13, 2019 8:00am - 9:00am
Grand Ballroom Foyer

8:00am

Continental Breakfast
Tuesday August 13, 2019 8:00am - 9:00am
Grand Ballroom Foyer

8:00am

Continental Breakfast
Tuesday August 13, 2019 8:00am - 9:00am
Grand Ballroom Foyer

8:00am

Continental Breakfast
Tuesday August 13, 2019 8:00am - 9:00am
Grand Ballroom Foyer

8:00am

Badge Pickup
Tuesday August 13, 2019 8:00am - 7:00pm
Lobby East

8:55am

Opening Remarks
Program Co-Chairs: Lorrie Cranor, Carnegie Mellon University, and Lea Kissner, Humu

Tuesday August 13, 2019 8:55am - 9:00am
Magnolia Room

9:00am

Greetings
Program Co-Chairs: Susan McGregor, Columbia University, and Michael Carl Tschantz, International Computer Science Institute (ICSI)

Tuesday August 13, 2019 9:00am - 9:10am
Grand Ballroom D

9:00am

"We Can't Live Without Them!" App Developers' Adoption of Ad Networks and Their Considerations of Consumer Risks
Abraham H. Mhaidli, Yixin Zou, and Florian Schaub, University of Michigan School of Information

Tuesday August 13, 2019 9:00am - 9:22am
Grand Ballroom ABC

9:00am

Opening Remarks
Tuesday August 13, 2019 9:00am - 9:30am
Grand Ballroom E

9:00am

Computer Security for Victims of Intimate Partner Violence
Thomas Ristenpart, Cornell Tech

Tuesday August 13, 2019 9:00am - 10:00am
Grand Ballroom FGH

9:00am

Panel on Privacy Engineering Career Paths
Moderator: Divya Sharma, Google
Panelists: Giles Douglas; Alison Huml, Facebook; Lea Kissner, Humu; Sha Sundaram, Snap

Tuesday August 13, 2019 9:00am - 10:15am
Magnolia Room

9:10am

Misinformation, Russian Propaganda and Elections
Gireeja Ranade, UC Berkeley

Tuesday August 13, 2019 9:10am - 10:00am
Grand Ballroom D

9:22am

Usability Smells: An Analysis of Developers’ Struggle With Crypto Libraries
Nikhil Patnaik, Joseph Hallett, and Awais Rashid, University of Bristol

Tuesday August 13, 2019 9:22am - 9:45am
Grand Ballroom ABC

9:30am

Session 1

Talk 2
Vasudevan Nagendra, Stony Brook University

Talk 3
Razvan Beuran, Japan Advanced Institute of Science and Technology (JAIST)

Talk 4
Matthew Elder, JHU/APL

Tuesday August 13, 2019 9:30am - 10:00am
Grand Ballroom E

9:45am

System Administrators Prefer Command Line Interfaces, Don't They? An Exploratory Study of Firewall Interfaces
Artem Voronkov, Leonardo A. Martucci, and Stefan Lindskog, Karlstad University

Tuesday August 13, 2019 9:45am - 10:07am
Grand Ballroom ABC

10:00am

Break with Refreshments
Tuesday August 13, 2019 10:00am - 10:30am
Grand Ballroom Foyer

10:00am

Break with Refreshments
Tuesday August 13, 2019 10:00am - 10:30am
Grand Ballroom Foyer

10:00am

Break with Refreshments
Tuesday August 13, 2019 10:00am - 10:30am
Grand Ballroom Foyer

10:07am

Keepers of the Machines: Examining How System Administrators Manage Software Updates
Frank Li, University of California, Berkeley; Lisa Rogers, University of Maryland; Arunesh Mathur, Princeton University; Nathan Malkin, University of California, Berkeley; Marshini Chetty, Princeton University

Tuesday August 13, 2019 10:07am - 10:30am
Grand Ballroom ABC

10:15am

Explore NIST's Privacy Engineering Collaboration Space
Kaitlin Boeckl, NIST

Tuesday August 13, 2019 10:15am - 10:30am
Magnolia Room

10:30am

Measuring I2P Censorship at a Global Scale
Nguyen Phong Hoang, Stony Brook University; Sadie Doreen, The Invisible Internet Project; Michalis Polychronakis, Stony Brook University

Tuesday August 13, 2019 10:30am - 11:00am
Grand Ballroom D

10:30am

Session 1 Discussion
Tuesday August 13, 2019 10:30am - 11:00am
Grand Ballroom E

10:30am

Break with Refreshments
Tuesday August 13, 2019 10:30am - 11:00am
Grand Ballroom Foyer

10:30am

Break with Refreshments
Tuesday August 13, 2019 10:30am - 11:00am
Grand Ballroom Foyer

10:30am

A better zip bomb
David Fifield

Tuesday August 13, 2019 10:30am - 11:00am
Grand Ballroom FGH

11:00am

Communicating Device Confidence Level and Upcoming Re-Authentications in Continuous Authentication Systems on Mobile Devices
Lukas Mecke, University of Applied Sciences Munich, Munich, Germany and LMU Munich, Munich, Germany; Sarah Delgado Rodriguez and Daniel Buschek, LMU Munich, Munich, Germany; Sarah Prange, University of Applied Sciences Munich, Munich, Germany and Bundeswehr University Munich, Munich, Germany and LMU Munich, Munich, Germany; Florian Alt, Bundeswehr University Munich, Munich, Germany

Tuesday August 13, 2019 11:00am - 11:24am
Grand Ballroom ABC

11:00am

An Efficient Method to Determine which Combination of Keywords Triggered Automatic Filtering of a Message
Ruohan Xiong and Jeffrey Knockel, Citizen Lab, University of Toronto

Tuesday August 13, 2019 11:00am - 11:30am
Grand Ballroom D

11:00am

How to Run an Engineering-Focused Privacy Program
Giles Douglas

Tuesday August 13, 2019 11:00am - 11:30am
Magnolia Room

11:00am

D-TIME: Distributed Threadless Independent Malware Execution for Runtime Obfuscation
Jithin Pavithran, Milan Patnaik, and Chester Rebeiro, IIT MADRAS

Tuesday August 13, 2019 11:00am - 11:30am
Grand Ballroom FGH

11:00am

Session 2
Talk 1
Qi Alfred Chen, University of California, Irvine

Talk 2
Arun Raghuramu, Forescout

Talk 3
Anil Kurmus, IBM Research – Zurich

Talk 4
Xinyu Xing, The Pennsylvania State University

Talk 5
Ariana Mirian, University of California, San Diego

Tuesday August 13, 2019 11:00am - 11:40am
Grand Ballroom E

11:24am

Exploring Intentional Behaviour Modifications for Password Typing on Mobile Touchscreen Devices
Lukas Mecke, University of Applied Sciences Munich, Munich, Germany and LMU Munich, Munich, Germany; Daniel Buschek and Mathias Kiermeier, LMU Munich, Munich, Germany; Sarah Prange, University of Applied Sciences Munich, Munich, Germany and Bundeswehr University Munich, Munich, Germany and LMU Munich, Munich, Germany; Florian Alt, Bundeswehr University Munich, Munich, Germany

Tuesday August 13, 2019 11:24am - 11:48am
Grand Ballroom ABC

11:30am

On the Importance of Encrypted-SNI (ESNI) to Censorship Circumvention
Zimo Chai, Amirhossein Ghafari, and Amir Houmansadr, University of Massachusetts Amherst

Tuesday August 13, 2019 11:30am - 12:00pm
Grand Ballroom D

11:30am

Privacy, Triage, and Risk
Yonatan Zunger, Humu

Tuesday August 13, 2019 11:30am - 12:00pm
Magnolia Room

11:30am

Breaking Turtles All the Way Down: An Exploitation Chain to Break out of VMware ESXi
Hanqing Zhao, Chaitin Security Research Lab; Georgia Institute of Technology; Yanyu Zhang, Chaitin Security Research Lab; Kun Yang, Tsinghua University; Taesoo Kim, Georgia Institute of Technology

Tuesday August 13, 2019 11:30am - 12:00pm
Grand Ballroom FGH

11:40am

Sessions 2 Discussion
Tuesday August 13, 2019 11:40am - 12:30pm
Grand Ballroom E

11:48am

Why people (don’t) use password managers effectively
Sarah Pearman, Shikun Aerin Zhang, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor, Carnegie Mellon University

Tuesday August 13, 2019 11:48am - 12:12pm
Grand Ballroom ABC

12:00pm

12:00pm

Alternative (ab)uses for HTTP Alternative Services
Trishita Tiwari and Ari Trachtenberg, Boston University

Tuesday August 13, 2019 12:00pm - 12:30pm
Grand Ballroom FGH

12:00pm

Tuesday Luncheon
Tuesday August 13, 2019 12:00pm - 1:30pm
Terra Courtyard

12:12pm

Of Two Minds about Two-Factor: Understanding Everyday FIDO U2F Usability through Device Comparison and Experience Sampling
Stéphane Ciolino, OneSpan Innovation Centre & University College London; Simon Parkin, University College London; Paul Dunphy, OneSpan Innovation Centre

Tuesday August 13, 2019 12:12pm - 12:36pm
Grand Ballroom ABC

12:30pm

Closing Remarks
Program Co-Chairs: Lorrie Cranor, Carnegie Mellon University, and Lea Kissner, Humu

Tuesday August 13, 2019 12:30pm - 12:40pm
Magnolia Room

12:30pm

Rode0day: A Year of Bug-Finding Evaluations
Andrew Fasano, Northeastern University

Tuesday August 13, 2019 12:30pm - 12:45pm
Grand Ballroom FGH

12:30pm

Tuesday Luncheon
Tuesday August 13, 2019 12:30pm - 2:00pm
Terra Courtyard

12:36pm

A Usability Study of Five Two-Factor Authentication Methods
Ken Reese, Trevor Smith, Jonathan Dutson, Jonathan Armknecht, Jacob Cameron, and Kent Seamons, Brigham Young University

Tuesday August 13, 2019 12:36pm - 1:00pm
Grand Ballroom ABC

12:40pm

Tuesday Luncheon
Tuesday August 13, 2019 12:40pm - 2:15pm
Santa Clara Ballroom

12:45pm

Tuesday Luncheon
Tuesday August 13, 2019 12:45pm - 2:00pm
Terra Courtyard

1:00pm

Luncheon for SOUPS Attendees
Tuesday August 13, 2019 1:00pm - 2:15pm
Santa Clara Ballroom

1:30pm

Artifice: A Deniable Steganographic File System
Austen Barker, Staunton Sample, Yash Gupta, Anastasia McTaggart, Ethan L. Miller, and Darrell D. E. Long, University of California Santa Cruz

Tuesday August 13, 2019 1:30pm - 2:00pm
Grand Ballroom D

2:00pm

SPINE: Surveillance Protection in the Network Elements
Trisha Datta, Nick Feamster, Jennifer Rexford, and Liang Wang, Princeton University

Tuesday August 13, 2019 2:00pm - 2:30pm
Grand Ballroom D

2:00pm

Session 3
Talk 1
Marco Slaviero, Thinkst Applied Research

Talk 2
Jack Britton, Virtru

Talk 3
Alana Maurushat, Professor of Cybersecurity and Behaviour, Western Sydney University

Talk 4
Josh Payne, Stanford University and IBM Research

Talk 5
Coralie Busse-Grawitz, ETH Zurich

Tuesday August 13, 2019 2:00pm - 2:40pm
Grand Ballroom E

2:00pm

Shooting Cryptographic Fish in a Barrel
Nadia Heninger, University of California, San Diego

Tuesday August 13, 2019 2:00pm - 3:00pm
Grand Ballroom FGH

2:15pm

Personal Information Leakage by Abusing the GDPR "Right of Access"
Mariano Di Martino and Pieter Robyns, Hasselt University/tUL, Expertise Centre For Digital Media; Winnie Weyts, Hasselt University - Law Faculty; Peter Quax, Hasselt University/tUL, Expertise Centre For Digital Media, Flanders Make; Wim Lamotte, Hasselt University/tUL, Expertise Centre For Digital Media; Ken Andries, Hasselt University - Law Faculty, Attorney at the Brussels Bar

Tuesday August 13, 2019 2:15pm - 2:37pm
Grand Ballroom ABC

2:15pm

SOUPS 2019 Tuesday Afternoon Sessions
Please join us in the final sessions of the Fifteenth Symposium on Usable Privacy and Security, the subject matter of which is aligned with the interests of the PEPR community.

Tuesday August 13, 2019 2:15pm - 5:45pm
Grand Ballroom ABC

2:30pm

Improving Meek With Adversarial Techniques
Steven Sheffey and Ferrol Aderholdt, Middle Tennessee State University

Tuesday August 13, 2019 2:30pm - 3:00pm
Grand Ballroom D

2:37pm

An Empirical Analysis of Data Deletion and Opt-Out Choices on 150 Websites
Hana Habib, Carnegie Mellon University; Yixin Zou, University of Michigan; Aditi Jannu, Neha Sridhar, Chelse Swoopes, Alessandro Acquisti, Lorrie Faith Cranor, and Norman Sadeh, Carnegie Mellon University; Florian Schaub, University of Michigan

Tuesday August 13, 2019 2:37pm - 3:00pm
Grand Ballroom ABC

2:40pm

Session 3 Discussion
Tuesday August 13, 2019 2:40pm - 3:30pm
Grand Ballroom E

3:00pm

The Fog of Warnings: How Non-essential Notifications Blur with Security Warnings
Anthony Vance, Temple University; David Eargle, University of Colorado Boulder; Jeffrey L. Jenkins, C. Brock Kirwan, and Bonnie Brinton Anderson, Brigham Young University

Tuesday August 13, 2019 3:00pm - 3:22pm
Grand Ballroom ABC

3:00pm

Break with Refreshments
Tuesday August 13, 2019 3:00pm - 3:30pm
Grand Ballroom Foyer

3:00pm

Who Spent My EOS? On the (In)Security of Resource Management on EOS
Sangsup Lee, Daejun Kim, Dongkwan Kim, Sooel Son, and Yongdae Kim, KAIST

Tuesday August 13, 2019 3:00pm - 3:30pm
Grand Ballroom FGH

3:22pm

Lightning Talks
* Warrants are the new black: location data and the Fourth Amendment
Naomi Shiffman, Mozilla Corporation/University of California, Berkeley
* A privacy- and security-focused notification system
Jim Fenton, Altmode Networks
* Growing a UX Team in a Privacy & Security Organization
Jim Lane, Virtru
* Social interventions to reduce the privacy paradox
Isha Ghosh, Rutgers University

Tuesday August 13, 2019 3:22pm - 3:45pm
Grand Ballroom ABC

3:30pm

Break with Refreshments
Tuesday August 13, 2019 3:30pm - 4:00pm
Grand Ballroom Foyer

3:30pm

Distributed Password Hash Computation on Commodity Heterogeneous Programmable Platforms
Branimir Pervan and Josip Knezovic, University of Zagreb Faculty of Electrical Engineering and Computing; Katja Pericin, ReversingLabs Ltd.

Tuesday August 13, 2019 3:30pm - 4:00pm
Grand Ballroom FGH

3:30pm

Invited Talk: Content Moderation Remedies
Eric Goldman, Santa Clara University School of Law

Tuesday August 13, 2019 3:30pm - 4:20pm
Grand Ballroom D

3:45pm

Break with Refreshments
Tuesday August 13, 2019 3:45pm - 4:15pm
Grand Ballroom Foyer

4:00pm

Session 4
Talk 1
Jacob Erickson and Jewel Yuzon, Northeastern University, Khoury College of Computer Sciences

Talk 2
Smriti Bhatt, Texas A&M University

Talk 3
Yizheng Chen, Columbia University

Talk 4
Roland Meier, ETH Zurich

Tuesday August 13, 2019 4:00pm - 4:30pm
Grand Ballroom E

4:00pm

Break with Refreshments
Tuesday August 13, 2019 4:00pm - 4:30pm
Grand Ballroom Foyer

4:15pm

“There is nothing that I need to keep secret”: Sharing Practices and Concerns of Wearable Fitness Data
Abdulmajeed Alqhatani and Heather Richter Lipford, University of North Carolina at Charlotte

Tuesday August 13, 2019 4:15pm - 4:37pm
Grand Ballroom ABC

4:20pm

Entanglements and Exploits: Sociotechnical Security as an Analytic Framework
Matt Goerzen, Data & Society Research Institute; ​Elizabeth Anne Watkins, Columbia University; Gabrielle Lim, Data & Society Research Institute

Tuesday August 13, 2019 4:20pm - 4:50pm
Grand Ballroom D

4:30pm

Session 4 Discussion
Tuesday August 13, 2019 4:30pm - 5:00pm
Grand Ballroom E

4:30pm

MIN()imum Failure: EMFI Attacks against USB Stacks
Colin O'Flynn, Dalhousie University

Tuesday August 13, 2019 4:30pm - 5:00pm
Grand Ballroom FGH

4:37pm

"I don't own the data": End User Perceptions of Smart Home Device Data Practices and Risks
Madiha Tabassum, University of North Carolina at Charlotte; Tomasz Kosinski, Chalmers University of Technology; Heather Lipford, University of North Carolina at Charlotte

Tuesday August 13, 2019 4:37pm - 5:00pm
Grand Ballroom ABC

4:50pm

Short Break
Tuesday August 13, 2019 4:50pm - 5:00pm
N/A

5:00pm

More than Smart Speakers: Security and Privacy Perceptions of Smart Home Personal Assistants
Noura Abdi, King's College London; Kopo M. Ramokapane, University of Bristol; Jose M. Such, King's College London

Tuesday August 13, 2019 5:00pm - 5:22pm
Grand Ballroom ABC

5:00pm

Short Talks
Tuesday August 13, 2019 5:00pm - 5:30pm
Grand Ballroom D

5:00pm

Awards and Closing Remarks
Tuesday August 13, 2019 5:00pm - 5:30pm
Grand Ballroom E

5:00pm

Automatic Wireless Protocol Reverse Engineering
Johannes Pohl and Andreas Noack, University of Applied Sciences Stralsund

Tuesday August 13, 2019 5:00pm - 5:30pm
Grand Ballroom FGH

5:22pm

Lightning Talks
* Respect for Norms and Expectations: A Privacy Paradigm for IT Businesses
Amin Rabinia, University of Maine
* Wait, that site supports 2FA?! Helping average internet users enable 2FA on sites they visit
Conor Gilsenan, University of California, Berkeley
* Improving usability of password authentication using keystroke dynamics
Walter Berggren, Aalto University
* Against Trust (in Technology)
Maggie Oates, Carnegie Mellon University

Tuesday August 13, 2019 5:22pm - 5:45pm
Grand Ballroom ABC

6:00pm

Tuesday Happy Hour
Sponsored by Intel
Mingle with other attendees while ­enjoying snacks and beverages. Attendees of USENIX Security '19 and all co-located events are welcome.

Tuesday August 13, 2019 6:00pm - 7:00pm
Terra Courtyard

7:00pm

7:00pm

USENIX Women in Advanced Computing (WiAC) BoF
Let’s talk about women in advanced computing. All registered attendees—of all genders—are welcome to attend this BoF.

Tuesday August 13, 2019 7:00pm - 8:00pm
Alameda Room

7:00pm

SOUPS Town Hall Meeting
The SOUPS Town Hall Meeting is a time for the organizing and steering committees to interact with attendees, listen to concerns, and gather feedback regarding the future of the SOUPS conference and community. Everyone is welcome to attend and participate.

Tuesday August 13, 2019 7:00pm - 8:00pm
Grand Ballroom ABC

8:00pm

Students and Young Professionals Meetup
Come for the refreshments, stay for the opportunity to meet and network with other students and young professionals.

Tuesday August 13, 2019 8:00pm - 9:00pm
Alameda Room

9:00pm

Board Game Night
Join us for some good old-fashioned board games. We’ll have some on hand, but bring your own games, too!

Tuesday August 13, 2019 9:00pm - 11:00pm
Alameda Room
 
Wednesday, August 14
 

7:30am

Badge Pickup
Wednesday August 14, 2019 7:30am - 5:00pm
Lobby East

7:45am

Continental Breakfast
Wednesday August 14, 2019 7:45am - 8:45am
Grand Ballroom Foyer

8:45am

Opening Remarks and Awards
Program Co-Chairs: Nadia Heninger, University of California, San Diego, and Patrick Traynor, University of Florida

Wednesday August 14, 2019 8:45am - 9:00am
*Grand Ballroom

9:00am

Tackling the Trust and Safety Crisis
Alex Stamos, Adjunct Professor, Stanford University; William J. Perry Fellow, Center for International Security and Cooperation; Fellow, Hoover Institution

Wednesday August 14, 2019 9:00am - 10:00am
*Grand Ballroom

10:00am

Break with Refreshments
Wednesday August 14, 2019 10:00am - 10:30am
Grand Ballroom Foyer

10:30am

10:30am

Computer Security and Privacy in the Interactions Between Victim Service Providers and Human Trafficking Survivors
Christine Chen, University of Washington; Nicola Dell, Cornell Tech; Franziska Roesner, University of Washington

Wednesday August 14, 2019 10:30am - 10:50am
*USENIX Security '19 Track 2: Grand Ballroom FGH

10:30am

10:50am

The CrossPath Attack: Disrupting the SDN Control Channel via Shared Links
Jiahao Cao, Qi Li, and Renjie Xie, Tsinghua University; Kun Sun, George Mason University; Guofei Gu, Texas A&M University; Mingwei Xu and Yuan Yang, Tsinghua University

Wednesday August 14, 2019 10:50am - 11:10am
*USENIX Security '19 Track 1: Grand Ballroom ABC

10:50am

Clinical Computer Security for Victims of Intimate Partner Violence
Sam Havron, Diana Freed, and Rahul Chatterjee, Cornell Tech; Damon McCoy, New York University; Nicola Dell and Thomas Ristenpart, Cornell Tech

Wednesday August 14, 2019 10:50am - 11:10am
*USENIX Security '19 Track 2: Grand Ballroom FGH

11:10am

A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link
Milan Stute, Technische Universität Darmstadt; Sashank Narain, Northeastern University; Alex Mariotto, Alexander Heinrich, and David Kreitschmann, Technische Universität Darmstadt; Guevara Noubir, Northeastern University; Matthias Hollick, Technische Universität Darmstadt

Wednesday August 14, 2019 11:10am - 11:30am
*USENIX Security '19 Track 1: Grand Ballroom ABC

11:10am

11:20am

11:30am

Hiding in Plain Signal: Physical Signal Overshadowing Attack on LTE
Hojoon Yang, Sangwook Bae, Mincheol Son, Hongil Kim, Song Min Kim, and Yongdae Kim, KAIST

Wednesday August 14, 2019 11:30am - 11:50am
*USENIX Security '19 Track 1: Grand Ballroom ABC

11:30am

Secure Multi-User Content Sharing for Augmented Reality Applications
Kimberly Ruth, Tadayoshi Kohno, and Franziska Roesner, University of Washington

Wednesday August 14, 2019 11:30am - 11:50am
*USENIX Security '19 Track 2: Grand Ballroom FGH

11:50am

UWB-ED: Distance Enlargement Attack Detection in Ultra-Wideband
Mridula Singh, Patrick Leu, AbdelRahman Abdou, and Srdjan Capkun, ETH Zurich

Wednesday August 14, 2019 11:50am - 12:10pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

11:50am

12:10pm

Lunch (on your own)
Wednesday August 14, 2019 12:10pm - 1:40pm
N/A

1:40pm

PAC it up: Towards Pointer Integrity using ARM Pointer Authentication
Hans Liljestrand, Aalto University, Huawei Technologies Oy; Thomas Nyman, Aalto University; Kui Wang, Huawei Technologies Oy, Tampere University of Technology; Carlos Chinea Perez, Huawei Technologies Oy; Jan-Erik Ekberg, Huawei Technologies Oy, Aalto University; N. Asokan, Aalto University

Wednesday August 14, 2019 1:40pm - 2:00pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

1:40pm

The Secret Sharer: Evaluating and Testing Unintended Memorization in Neural Networks
Nicholas Carlini, Google Brain; Chang Liu, University of California, Berkeley; Úlfar Erlingsson, Google Brain; Jernej Kos, National University of Singapore; Dawn Song, University of California, Berkeley

Wednesday August 14, 2019 1:40pm - 2:00pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

1:40pm

Security Research and Public Policy
Chris Jay Hoofnagle, Adjunct Professor of Information and Law, UC Berkeley

Wednesday August 14, 2019 1:40pm - 2:30pm
*USENIX Security '19 Track 3: Grand Ballroom DE

2:00pm

Origin-sensitive Control Flow Integrity
Mustakimur Rahman Khandaker, Wenqing Liu, Abu Naser, Zhi Wang, and Jie Yang, Florida State University

Wednesday August 14, 2019 2:00pm - 2:20pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

2:00pm

Improving Robustness of ML Classifiers against Realizable Evasion Attacks Using Conserved Features
Liang Tong, Washington University in St. Louis; Bo Li, UIUC; Chen Hajaj, Ariel University; Chaowei Xiao, University of Michigan; Ning Zhang and Yevgeniy Vorobeychik, Washington University in St. Louis

Wednesday August 14, 2019 2:00pm - 2:20pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

2:20pm

HardFails: Insights into Software-Exploitable Hardware Bugs
Ghada Dessouky and David Gens, Technische Universität Darmstadt; Patrick Haney and Garrett Persyn, Texas A&M University; Arun Kanuparthi, Hareesh Khattri, and Jason M. Fung, Intel Corporation; Ahmad-Reza Sadeghi, Technische Universität Darmstadt; Jeyavijayan Rajendran, Texas A&M University

Wednesday August 14, 2019 2:20pm - 2:40pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

2:20pm

ALOHA: Auxiliary Loss Optimization for Hypothesis Augmentation
Ethan M. Rudd, Felipe N. Ducau, Cody Wild, Konstantin Berlin, and Richard Harang, Sophos

Wednesday August 14, 2019 2:20pm - 2:40pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

2:30pm

From Privacy by Design to Data Protection by Design: The Challenges of Turning Good Practice into a Legal Obligation
Achim Klabunde, Adviser on Technology and Data Protection to the European Data Protection Supervisor EDPS

Wednesday August 14, 2019 2:30pm - 3:20pm
*USENIX Security '19 Track 3: Grand Ballroom DE

2:40pm

uXOM: Efficient eXecute-Only Memory on ARM Cortex-M
Donghyun Kwon, Jangseop Shin, and Giyeol Kim, Seoul National University; Byoungyoung Lee, Seoul National University, Purdue University; Yeongpil Cho, Soongsil University; Yunheung Paek, Seoul National University

Wednesday August 14, 2019 2:40pm - 3:00pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

2:40pm

Why Do Adversarial Attacks Transfer? Explaining Transferability of Evasion and Poisoning Attacks
Ambra Demontis, Marco Melis, and Maura Pintor, University of Cagliari, Italy; Matthew Jagielski, Northeastern University; Battista Biggio, University of Cagliari, Italy, and Pluribus One; Alina Oprea and Cristina Nita-Rotaru, Northeastern University; Fabio Roli, University of Cagliari, Italy, and Pluribus One

Wednesday August 14, 2019 2:40pm - 3:00pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

3:00pm

A Systematic Evaluation of Transient Execution Attacks and Defenses
Claudio Canella, Graz University of Technology; Jo Van Bulck, imec-DistriNet, KU Leuven; Michael Schwarz, Moritz Lipp, Benjamin von Berg, and Philipp Ortner, Graz University of Technology; Frank Piessens, imec-DistriNet, KU Leuven; Dmitry Evtyushkin, College of William and Mary; Daniel Gruss, Graz University of Technology

Wednesday August 14, 2019 3:00pm - 3:20pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

3:00pm

Stack Overflow Considered Helpful! Deep Learning Security Nudges Towards Stronger Cryptography
Felix Fischer, Technical University of Munich; Huang Xiao, Bosch Center for Artificial Intelligence; Ching-Yu Kao, Fraunhofer AISEC; Yannick Stachelscheid, Benjamin Johnson, and Danial Raza, Technical University of Munich; Paul Fawkesley and Nat Buckley, Projects by IF; Konstantin Böttinger, Fraunhofer AISEC; Paul Muntean and Jens Grossklags, Technical University of Munich

Wednesday August 14, 2019 3:00pm - 3:20pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

3:20pm

3:50pm

Wireless Attacks on Aircraft Instrument Landing Systems
Harshad Sathaye, Domien Schepers, Aanjhan Ranganathan, and Guevara Noubir, Northeastern University

Wednesday August 14, 2019 3:50pm - 4:10pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

3:50pm

Seeing is Not Believing: Camouflage Attacks on Image Scaling Algorithms
Qixue Xiao, Department of Computer Science and Technology, Tsinghua University and 360 Security Research Labs; Yufei Chen, School of Electronic and Information Engineering, Xi’an Jiaotong University and 360 Security Research Labs; Chao Shen, School of Electronic and Information Engineering, Xi’an Jiaotong University; Yu Chen, Department of Computer Science and Technology, Tsinghua University and Peng Cheng Laboratory; Kang Li, Department of Computer Science, University of Georgia

Wednesday August 14, 2019 3:50pm - 4:10pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

3:50pm

4:10pm

Please Pay Inside: Evaluating Bluetooth-based Detection of Gas Pump Skimmers
Nishant Bhaskar and Maxwell Bland, University of California San Diego; Kirill Levchenko, University of Illinois at Urbana-Champaign; Aaron Schulman, University of California San Diego

Wednesday August 14, 2019 4:10pm - 4:30pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

4:10pm

CT-GAN: Malicious Tampering of 3D Medical Imagery using Deep Learning
Yisroel Mirsky and Tom Mahler, Ben-Gurion University; Ilan Shelef, Soroka University Medical Center; Yuval Elovici, Ben-Gurion University

Wednesday August 14, 2019 4:10pm - 4:30pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

4:30pm

CANvas: Fast and Inexpensive Automotive Network Mapping
Sekar Kulandaivel, Tushar Goyal, Arnav Kumar Agrawal, and Vyas Sekar, Carnegie Mellon University

Wednesday August 14, 2019 4:30pm - 4:50pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

4:30pm

4:40pm

4:50pm

4:50pm

Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault Attacks
Sanghyun Hong, University of Maryland College Park; Pietro Frigo, Vrije Universiteit Amsterdam; Yiğitcan Kaya, University of Maryland College Park; Cristiano Giuffrida, Vrije Universiteit Amsterdam; Tudor Dumitraș, University of Maryland College Park

Wednesday August 14, 2019 4:50pm - 5:10pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

5:10pm

RVFuzzer: Finding Input Validation Bugs in Robotic Vehicles through Control-Guided Testing
Taegyu Kim, Purdue University; Chung Hwan Kim and Junghwan Rhee, NEC Laboratories America; Fan Fei, Zhan Tu, Gregory Walkup, Xiangyu Zhang, Xinyan Deng, and Dongyan Xu, Purdue University

Wednesday August 14, 2019 5:10pm - 5:30pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

5:10pm

CSI NN: Reverse Engineering of Neural Network Architectures Through Electromagnetic Side Channel
Lejla Batina, Radboud University, The Netherlands; Shivam Bhasin and Dirmanto Jap, Nanyang Technological University, Singapore; Stjepan Picek, Delft University of Technology, The Netherlands

Wednesday August 14, 2019 5:10pm - 5:30pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

6:00pm

USENIX Security '19 Symposium Reception
Mingle with fellow attendees at the USENIX Security ’19 Symposium Reception, featuring dinner, drinks, and the chance to connect with other attendees, speakers, and symposium organizers.

Wednesday August 14, 2019 6:00pm - 7:30pm
Santa Clara Ballroom

7:30pm

USENIX Security '19 Lightning Talks
This is intended as an informal session of short and engaging presentations on recent unpublished results, work in progress, or other topics of interest to USENIX Security attendees. As in the past, talks do not always need to be serious and funny talks are encouraged!

You can continue submitting talks via the submission form at sec19lightning.usenix.hotcrp.com or by email to sec19lightning@usenix.org until Wednesday, August 14, 2019, 12:00 pm PDT.

Wednesday August 14, 2019 7:30pm - 8:30pm
Grand Ballroom ABC
 
Thursday, August 15
 

8:00am

8:00am

Badge Pickup
Thursday August 15, 2019 8:00am - 5:00pm
Lobby East

9:00am

simTPM: User-centric TPM for Mobile Devices
Dhiman Chakraborty, CISPA Helmholtz Center for Information Security, Saarland University; Lucjan Hanzlik, CISPA Helmholtz Center for Information Security, Stanford University; Sven Bugiel, CISPA Helmholtz Center for Information Security

Thursday August 15, 2019 9:00am - 9:20am
*USENIX Security '19 Track 1: Grand Ballroom ABC

9:00am

SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks
Saad Islam and Ahmad Moghimi, Worcester Polytechnic Institute; Ida Bruhns and Moritz Krebbel, University of Luebeck; Berk Gulmezoglu, Worcester Polytechnic Institute; Thomas Eisenbarth, Worcester Polytechnic Institute and University of Luebeck; Berk Sunar, Worcester Polytechnic Institute

Thursday August 15, 2019 9:00am - 9:20am
*USENIX Security '19 Track 2: Grand Ballroom FGH

9:00am

9:20am

The Betrayal At Cloud City: An Empirical Analysis Of Cloud-Based Mobile Backends
Omar Alrawi, Georgia Institute of Technology; Chaoshun Zuo, Ohio State University; Ruian Duan and Ranjita Pai Kasturi, Georgia Institute of Technology; Zhiqiang Lin, Ohio State University; Brendan Saltaformaggio, Georgia Institute of Technology

Thursday August 15, 2019 9:20am - 9:40am
*USENIX Security '19 Track 1: Grand Ballroom ABC

9:20am

Robust Website Fingerprinting Through the Cache Occupancy Channel
Anatoly Shusterman, Ben-Gurion University of the Negev; Lachlan Kang, University of Adelaide; Yarden Haskal and Yosef Meltser, Ben-Gurion University of the Negev; Prateek Mittal, Princeton University; Yossi Oren, Ben-Gurion University of the Negev; Yuval Yarom, University of Adelaide and Data61

Thursday August 15, 2019 9:20am - 9:40am
*USENIX Security '19 Track 2: Grand Ballroom FGH

9:40am

EnTrust: Regulating Sensor Access by Cooperating Programs via Delegation Graphs
Giuseppe Petracca, Pennsylvania State University, US; Yuqiong Sun, Symantec Research Labs, US; Ahmad-Atamli Reineh, Alan Turing Institute, UK; Patrick McDaniel, Pennsylvania State University, US; Jens Grossklags, Technical University of Munich, DE; Trent Jaeger, Pennsylvania State University, US

Thursday August 15, 2019 9:40am - 10:00am
*USENIX Security '19 Track 1: Grand Ballroom ABC

9:40am

Identifying Cache-Based Side Channels through Secret-Augmented Abstract Interpretation
Shuai Wang, HKUST; Yuyan Bao and Xiao Liu, Penn State University; Pei Wang, Baidu X-Lab; Danfeng Zhang and Dinghao Wu, Penn State University

Thursday August 15, 2019 9:40am - 10:00am
*USENIX Security '19 Track 2: Grand Ballroom FGH

9:50am

10:00am

PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play
Benjamin Andow and Samin Yaseer Mahmud, North Carolina State University; Wenyu Wang, University of Illinois at Urbana-Champaign; Justin Whitaker, William Enck, and Bradley Reaves, North Carolina State University; Kapil Singh, IBM T.J. Watson Research Center; Tao Xie, University of Illinois at Urbana-Champaign

Thursday August 15, 2019 10:00am - 10:20am
*USENIX Security '19 Track 1: Grand Ballroom ABC

10:00am

ScatterCache: Thwarting Cache Attacks via Cache Set Randomization
Mario Werner, Thomas Unterluggauer, Lukas Giner, Michael Schwarz, Daniel Gruss, and Stefan Mangard, Graz University of Technology

Thursday August 15, 2019 10:00am - 10:20am
*USENIX Security '19 Track 2: Grand Ballroom FGH

10:20am

50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System
Joel Reardon, University of Calgary / AppCensus Inc.; Álvaro Feal, IMDEA Networks Institute / Universidad Carlos III Madrid; Primal Wijesekera, U.C. Berkeley / ICSI; Amit Elazari Bar On, U.C. Berkeley; Narseo Vallina-Rodriguez, IMDEA Networks Institute / ICSI / AppCensus Inc.; Serge Egelman, U.C. Berkeley / ICSI / AppCensus Inc.

Thursday August 15, 2019 10:20am - 10:40am
*USENIX Security '19 Track 1: Grand Ballroom ABC

10:20am

Pythia: Remote Oracles for the Masses
Shin-Yeh Tsai, Purdue University; Mathias Payer, EPFL and (on leave from) Purdue; Yiying Zhang, Purdue University

Thursday August 15, 2019 10:20am - 10:40am
*USENIX Security '19 Track 2: Grand Ballroom FGH

10:40am

Break with Refreshments
Thursday August 15, 2019 10:40am - 11:10am
Grand Ballroom Foyer

11:10am

HideMyApp: Hiding the Presence of Sensitive Apps on Android
Anh Pham, ABB Corporate Research; Italo Dacosta, EPFL; Eleonora Losiouk, University of Padova; John Stephan, EPFL; Kévin Huguenin, University of Lausanne; Jean-Pierre Hubaux, EPFL

Thursday August 15, 2019 11:10am - 11:30am
*USENIX Security '19 Track 1: Grand Ballroom ABC

11:10am

BITE: Bitcoin Lightweight Client Privacy using Trusted Execution
Sinisa Matetic, Karl Wüst, Moritz Schneider, and Kari Kostiainen, ETH Zurich; Ghassan Karame, NEC Labs; Srdjan Capkun, ETH Zurich

Thursday August 15, 2019 11:10am - 11:30am
*USENIX Security '19 Track 2: Grand Ballroom FGH

11:10am

Reading the Tea leaves: A Comparative Analysis of Threat Intelligence
Vector Guo Li, University of California, San Diego; Matthew Dunn, Northeastern University; Paul Pearce, Georgia Tech; Damon McCoy, New York University; Geoffrey M. Voelker and Stefan Savage, University of California, San Diego; Kirill Levchenko, University of Illinois Urbana-Champaign

Thursday August 15, 2019 11:10am - 11:30am
*USENIX Security '19 Track 3: Grand Ballroom DE

11:30am

TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time
Feargus Pendlebury, Fabio Pierazzi, and Roberto Jordaney, King's College London & Royal Holloway, University of London; Johannes Kinder, Bundeswehr University Munich; Lorenzo Cavallaro, King's College London

Thursday August 15, 2019 11:30am - 11:50am
*USENIX Security '19 Track 1: Grand Ballroom ABC

11:30am

FastKitten: Practical Smart Contracts on Bitcoin
Poulami Das, Lisa Eckey, Tommaso Frassetto, David Gens, Kristina Hostáková, Patrick Jauernig, Sebastian Faust, and Ahmad-Reza Sadeghi, Technische Universität Darmstadt, Germany

Thursday August 15, 2019 11:30am - 11:50am
*USENIX Security '19 Track 2: Grand Ballroom FGH

11:30am

Towards the Detection of Inconsistencies in Public Security Vulnerability Reports
Ying Dong, University of Chinese Academy of Sciences and The Pennsylvania State University; Wenbo Guo, Yueqi Chen, and Xinyu Xing, The Pennsylvania State University and JD Security Research Center; Yuqing Zhang, University of Chinese Academy of Sciences; Gang Wang, Virginia Tech

Thursday August 15, 2019 11:30am - 11:50am
*USENIX Security '19 Track 3: Grand Ballroom DE

11:50am

Devils in the Guidance: Predicting Logic Vulnerabilities in Payment Syndication Services through Automated Documentation Analysis
Yi Chen, Institute of Information Engineering, CAS; Luyi Xing, Yue Qin, Xiaojing Liao, and XiaoFeng Wang, Indiana University Bloomington; Kai Chen and Wei Zou, Institute of Information Engineering, CAS

Thursday August 15, 2019 11:50am - 12:10pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

11:50am

StrongChain: Transparent and Collaborative Proof-of-Work Consensus
Pawel Szalachowski, Daniël Reijsbergen, and Ivan Homoliak, Singapore University of Technology and Design (SUTD); Siwei Sun, Institute of Information Engineering and DCS Center, Chinese Academy of Sciences

Thursday August 15, 2019 11:50am - 12:10pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

11:50am

Understanding and Securing Device Vulnerabilities through Automated Bug Report Analysis
Xuan Feng, Beijing Key Laboratory of IOT Information Security Technology, Institute of Information Engineering, CAS, China; School of Cyber Security, University of Chinese Academy of Sciences, China; Xiaojing Liao and XiaoFeng Wang, Department of Computer Science, Indiana University Bloomington, USA; Haining Wang, Department of Electrical and Computer Engineering, University of Delaware, USA; Qiang Li, School of Computer and Information Technology, Beijing Jiaotong University, China; Kai Yang, Hongsong Zhu, and Limin Sun, Beijing Key Laboratory of IOT Information Security Technology, Institute of Information Engineering, CAS, China; School of Cyber Security, University of Chinese Academy of Sciences, China

Thursday August 15, 2019 11:50am - 12:10pm
*USENIX Security '19 Track 3: Grand Ballroom DE

12:10pm

Understanding iOS-based Crowdturfing Through Hidden UI Analysis
Yeonjoon Lee, Xueqiang Wang, Kwangwuk Lee, Xiaojing Liao, and XiaoFeng Wang, Indiana University; Tongxin Li, Peking University; Xianghang Mi, Indiana University

Thursday August 15, 2019 12:10pm - 12:30pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

12:10pm

Tracing Transactions Across Cryptocurrency Ledgers
Haaroon Yousaf, George Kappos, and Sarah Meiklejohn, University College London

Thursday August 15, 2019 12:10pm - 12:30pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

12:10pm

12:30pm

USENIX Security '19 Symposium Luncheon
Sponsored by Facebook
The Internet Defense Prize will be presented during the USENIX Security '19 Symposium Luncheon.

Thursday August 15, 2019 12:30pm - 1:50pm
Santa Clara Ballroom

1:50pm

Leaky Images: Targeted Privacy Attacks in the Web
Cristian-Alexandru Staicu and Michael Pradel, TU Darmstadt

Thursday August 15, 2019 1:50pm - 2:10pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

1:50pm

“Johnny, you are fired!” – Spoofing OpenPGP and S/MIME Signatures in Emails
Jens Müller and Marcus Brinkmann, Ruhr University Bochum; Damian Poddebniak, Münster University of Applied Sciences; Hanno Böck, unaffiliated; Sebastian Schinzel, Münster University of Applied Sciences; Juraj Somorovsky and Jörg Schwenk, Ruhr University Bochum

Thursday August 15, 2019 1:50pm - 2:10pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

1:50pm

FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation
Yaowen Zheng, Beijing Key Laboratory of IOT Information Security Technology, Institute of Information Engineering, CAS, China; School of Cyber Security, University of Chinese Academy of Sciences, China; Ali Davanian, Heng Yin, and Chengyu Song, University of California, Riverside; Hongsong Zhu and Limin Sun, Beijing Key Laboratory of IOT Information Security Technology, Institute of Information Engineering, CAS, China; School of Cyber Security, University of Chinese Academy of Sciences, China

Thursday August 15, 2019 1:50pm - 2:10pm
*USENIX Security '19 Track 3: Grand Ballroom DE

2:10pm

All Your Clicks Belong to Me: Investigating Click Interception on the Web
Mingxue Zhang and Wei Meng, Chinese University of Hong Kong; Sangho Lee, Microsoft Research; Byoungyoung Lee, Seoul National University and Purdue University; Xinyu Xing, Pennsylvania State University

Thursday August 15, 2019 2:10pm - 2:30pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

2:10pm

Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities
Robert Merget and Juraj Somorovsky, Ruhr University Bochum; Nimrod Aviram, Tel Aviv University; Craig Young, Tripwire VERT; Janis Fliegenschmidt and Jörg Schwenk, Ruhr University Bochum; Yuval Shavitt, Tel Aviv University

Thursday August 15, 2019 2:10pm - 2:30pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

2:10pm

Not Everything is Dark and Gloomy: Power Grid Protections Against IoT Demand Attacks
Bing Huang, The University of Texas at Austin; Alvaro A. Cardenas, University of California, Santa Cruz; Ross Baldick, The University of Texas at Austin

Thursday August 15, 2019 2:10pm - 2:30pm
*USENIX Security '19 Track 3: Grand Ballroom DE

2:30pm

2:30pm

The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR
Daniele Antonioli, SUTD; Nils Ole Tippenhauer, CISPA; Kasper B. Rasmussen, University of Oxford

Thursday August 15, 2019 2:30pm - 2:50pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

2:30pm

Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms
Wei Zhou, National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences; Yan Jia, Yao Yao, and Lipeng Zhu, School of Cyber Engineering, Xidian University; National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences; Le Guan, Department of Computer Science, University of Georgia; Yuhang Mao, School of Cyber Engineering, Xidian University; National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences; Peng Liu, College of Information Sciences and Technology, Pennsylvania State University; Yuqing Zhang, National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences; School of Cyber Engineering, Xidian University; State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences

Thursday August 15, 2019 2:30pm - 2:50pm
*USENIX Security '19 Track 3: Grand Ballroom DE

2:50pm

2:50pm

2:50pm

Looking from the Mirror: Evaluating IoT Device Security through Mobile Companion Apps
Xueqiang Wang, Indiana University Bloomington; Yuqiong Sun and Susanta Nanda, Symantec Research Labs; XiaoFeng Wang, Indiana University Bloomington

Thursday August 15, 2019 2:50pm - 3:10pm
*USENIX Security '19 Track 3: Grand Ballroom DE

3:10pm

Small World with High Risks: A Study of Security Threats in the npm Ecosystem
Markus Zimmermann and Cristian-Alexandru Staicu, TU Darmstadt; Cam Tenny, r2c; Michael Pradel, TU Darmstadt

Thursday August 15, 2019 3:10pm - 3:30pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

3:10pm

When the Signal is in the Noise: Exploiting Diffix's Sticky Noise
Andrea Gadotti and Florimond Houssiau, Imperial College London; Luc Rocher, Imperial College London and Université catholique de Louvain; Benjamin Livshits and Yves-Alexandre de Montjoye, Imperial College London

Thursday August 15, 2019 3:10pm - 3:30pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

3:10pm

All Things Considered: An Analysis of IoT Devices on Home Networks
Deepak Kumar, University of Illinois at Urbana-Champaign; Kelly Shen and Benton Case, Stanford University; Deepali Garg, Galina Alperovich, Dmitry Kuznetsov, and Rajarshi Gupta, Avast Software s.r.o.; Zakir Durumeric, Stanford University

Thursday August 15, 2019 3:10pm - 3:30pm
*USENIX Security '19 Track 3: Grand Ballroom DE

3:30pm

4:00pm

KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities
Wei Wu, Institute of Information Engineering, Chinese Academy of Sciences; Pennsylvania State University; School of Cybersecurity, University of Chinese Academy of Sciences; Yueqi Chen and Xinyu Xing, Pennsylvania State University; Wei Zou, Institute of Information Engineering, Chinese Academy of Sciences; School of Cybersecurity, University of Chinese Academy of Sciences

Thursday August 15, 2019 4:00pm - 4:20pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

4:00pm

Detecting and Characterizing Lateral Phishing at Scale
Grant Ho, UC Berkeley and Barracuda Networks; Asaf Cidon, Barracuda Networks and Columbia University; Lior Gavish and Marco Schweighauser, Barracuda Networks; Vern Paxson, UC Berkeley and ICSI; Stefan Savage and Geoffrey M. Voelker, UC San Diego; David Wagner, UC Berkeley

Thursday August 15, 2019 4:00pm - 4:20pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

4:00pm

4:20pm

PeX: A Permission Check Analysis Framework for Linux Kernel
Tong Zhang, Virginia Tech; Wenbo Shen, Zhejiang University; Dongyoon Lee, Stony Brook University; Changhee Jung, Purdue University; Ahmed M. Azab and Ruowen Wang, Samsung Research America

Thursday August 15, 2019 4:20pm - 4:40pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

4:20pm

High Precision Detection of Business Email Compromise
Asaf Cidon, Barracuda Networks and Columbia University; Lior Gavish, Itay Bleier, Nadia Korshun, Marco Schweighauser, and Alexey Tsitkin, Barracuda Networks

Thursday August 15, 2019 4:20pm - 4:40pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

4:40pm

ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK)
Anjo Vahldiek-Oberwagner, Eslam Elnikety, Nuno O. Duarte, Michael Sammler, Peter Druschel, and Deepak Garg, Max Planck Institute for Software Systems, Saarland Informatics Campus

Thursday August 15, 2019 4:40pm - 5:00pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

4:40pm

Cognitive Triaging of Phishing Attacks
Amber van der Heijden and Luca Allodi, Eindhoven University of Technology

Thursday August 15, 2019 4:40pm - 5:00pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

4:50pm

Shining Light on Internet-based Crimes Against Children
Brian Levine, Professor, University of Massachusetts Amherst

Thursday August 15, 2019 4:50pm - 5:40pm
*USENIX Security '19 Track 3: Grand Ballroom DE

5:00pm

SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization
Zhe Wang and Chenggang Wu, State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, University of Chinese Academy of Sciences; Yinqian Zhang, The Ohio State University; Bowen Tang, State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, University of Chinese Academy of Sciences; Pen-Chung Yew, University of Minnesota at Twin-Cities; Mengyao Xie, Yuanming Lai, and Yan Kang, State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, University of Chinese Academy of Sciences; Yueqiang Cheng, Baidu USA; Zhiping Shi, The Capital Normal University

Thursday August 15, 2019 5:00pm - 5:20pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

5:00pm

Users Really Do Answer Telephone Scams
Huahong Tu, University of Maryland; Adam Doupé, Arizona State University; Ziming Zhao, Rochester Institute of Technology; Gail-Joon Ahn, Arizona State University and Samsung Research

Thursday August 15, 2019 5:00pm - 5:20pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

5:20pm

Exploiting Unprotected I/O Operations in AMD’s Secure Encrypted Virtualization
Mengyuan Li, Yinqian Zhang, and Zhiqiang Lin, The Ohio State University; Yan Solihin, University of Central Florida

Thursday August 15, 2019 5:20pm - 5:40pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

5:20pm

Platforms in Everything: Analyzing Ground-Truth Data on the Anatomy and Economics of Bullet-Proof Hosting
Arman Noroozian, TU Delft; Jan Koenders and Eelco van Veldhuizen, Dutch National High-Tech Crime Unit; Carlos H. Ganan, TU Delft; Sumayah Alrwais, King Saud University and International Computer Science Institute; Damon McCoy, New York University; Michel van Eeten, TU Delft

Thursday August 15, 2019 5:20pm - 5:40pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

6:00pm

USENIX Security '19 Poster Session and Happy Hour
Sponsored by Microsoft
Check out the cool new ideas and the latest preliminary research on display at the Poster Session and Happy Hour. Take part in discussions with your colleagues over complimentary drinks and snacks. View the list of accepted posters.

Thursday August 15, 2019 6:00pm - 7:30pm
Santa Clara Ballroom/Mezzanine

7:30pm

Students, Smarthome Security, Storytelling, and Diverse Stakeholders
Smarthome security is difficult for many people to reason about, including students and technology designers. We will begin this BOF with a demo of a new smarthome-focused security lab, designed to help familiarize students with a diverse spectrum of smarthome-related computer security and privacy issues (and help instructors teach the topics as well). This lab will be open to all researchers and educators. The discussion will include existing components, use in different educational settings, and how to contribute. We will also discuss the importance of the narrative around IoT education and activities. IoT provides new opportunities and risks because of the great diversity of users and participants, particularly relative to the security community. Storytelling and narrative in teaching can impinge inclusion and efficacy of educational outcomes. We will also ask people to come forward with lessons learned or options for more imaginative storytelling and engagement. We will brainstorm about the use of different storylines to reach under-represented populations. As a starting point we will discuss use of the IoT demo with two storylines — a traditional capture the flag and then an alternative feed the cat (CTF/FTC) where all technical actions are the same but the narrative differs — to collectively understand how to integrate activities and narratives.

This BOF is designed to be interactive and discussion-filled, with the hope of leaving all attendees in a better position to help others (their students, relevant companies, or anyone else) better understand and navigate challenging smarthome security and privacy design.

Thursday August 15, 2019 7:30pm - 8:30pm
Grand Ballroom ABC

7:30pm

USENIX LGBTQ+ and Allies Happy Hour
Refreshments Provided by Google
All are welcome! Come enjoy tasty refreshments while meeting and chatting with LGBTQ+ attendees and allies in the security community.

Thursday August 15, 2019 7:30pm - 8:30pm
Cypress Room

8:30pm

CATS Project Feedback Session on the Cybersecurity Curriculum Assessment (CCA)
Organizers: Alan T. Sherman (UMBC) and Peter Peterson (UMN Duluth), Contact: sherman@umbc.edu

The Cybersecurity Assessment Tools (CATS) Project is creating the Cybersecurity Concept Assessment (CCA), a concept inventory for college graduates of security programs. As part of the initial validation process, the CATS Project seeks feedback on its CCA test items. Attendees are encouraged to take the CCA before the session by following these instructions: https://www.youtube.com/watch?v=pMhOehNrfgw. Refreshments will be provided. This event is supported in part by the National Science Foundation under SFS capacity grant 1819521.

Thursday August 15, 2019 8:30pm - 10:30pm
Alameda Room
 
Friday, August 16
 

8:00am

8:00am

Badge Pickup
Friday August 16, 2019 8:00am - 12:00pm
Lobby East

9:00am

9:00am

Mobile Private Contact Discovery at Scale
Daniel Kales and Christian Rechberger, Graz University of Technology; Thomas Schneider, Matthias Senker, and Christian Weinert, TU Darmstadt

Friday August 16, 2019 9:00am - 9:20am
*USENIX Security '19 Track 2: Grand Ballroom FGH

9:00am

Security Educational Panel
Moderator: Elissa Redmiles, Microsoft Research and Princeton University

Panelists: Matt Bishop, Professor, Dept. of Computer Science, University of California, Davis; Justin Cappos, Associate Professor, NYU Tandon School of Engineering; Raheem Beyah, Professor, Georgia Tech, ECE

Friday August 16, 2019 9:00am - 10:40am
*USENIX Security '19 Track 3: Grand Ballroom DE

9:20am

WAVE: A Decentralized Authorization Framework with Transitive Delegation
Michael P Andersen, Sam Kumar, Moustafa AbdelBaky, Gabe Fierro, John Kolb, Hyung-Sin Kim, David E. Culler, and Raluca Ada Popa, University of California, Berkeley

Friday August 16, 2019 9:20am - 9:40am
*USENIX Security '19 Track 1: Grand Ballroom ABC

9:20am

EverParse: Verified Secure Zero-Copy Parsers for Authenticated Message Formats
Tahina Ramananandro, Antoine Delignat-Lavaud, Cédric Fournet, and Nikhil Swamy, Microsoft Research; Tej Chajed, MIT; Nadim Kobeissi, Inria Paris; Jonathan Protzenko, Microsoft Research

Friday August 16, 2019 9:20am - 9:40am
*USENIX Security '19 Track 2: Grand Ballroom FGH

9:40am

in-toto: Providing farm-to-table guarantees for bits and bytes
Santiago Torres-Arias, New York University; Hammad Afzali, New Jersey Institute of Technology; Trishank Karthik Kuppusamy, Datadog; Reza Curtmola, New Jersey Institute of Technology; Justin Cappos, New York University

Friday August 16, 2019 9:40am - 10:00am
*USENIX Security '19 Track 1: Grand Ballroom ABC

9:40am

10:00am

IODINE: Verifying Constant-Time Execution of Hardware
Klaus v. Gleissenthall, Rami Gökhan Kıcı, Deian Stefan, and Ranjit Jhala, University of California, San Diego

Friday August 16, 2019 10:00am - 10:20am
*USENIX Security '19 Track 1: Grand Ballroom ABC

10:00am

XONN: XNOR-based Oblivious Deep Neural Network Inference
M. Sadegh Riazi and Mohammad Samragh, UC San Diego; Hao Chen, Kim Laine, and Kristin Lauter, Microsoft Research; Farinaz Koushanfar, UC San Diego

Friday August 16, 2019 10:00am - 10:20am
*USENIX Security '19 Track 2: Grand Ballroom FGH

10:20am

VRASED: A Verified Hardware/Software Co-Design for Remote Attestation
Ivan De Oliveira Nunes, University of California, Irvine; Karim Eldefrawy, SRI International; Norrathep Rattanavipanon, University of California, Irvine; Michael Steiner, Intel; Gene Tsudik, University of California, Irvine

Friday August 16, 2019 10:20am - 10:40am
*USENIX Security '19 Track 1: Grand Ballroom ABC

10:20am

JEDI: Many-to-Many End-to-End Encryption and Key Delegation for IoT
Sam Kumar, Yuncong Hu, Michael P Andersen, Raluca Ada Popa, and David E. Culler, University of California, Berkeley

Friday August 16, 2019 10:20am - 10:40am
*USENIX Security '19 Track 2: Grand Ballroom FGH

10:40am

11:10am

Birthday, Name and Bifacial-security: Understanding Passwords of Chinese Web Users
Ding Wang and Ping Wang, Peking University; Debiao He, Wuhan University; Yuan Tian, University of Virginia

Friday August 16, 2019 11:10am - 11:30am
*USENIX Security '19 Track 1: Grand Ballroom ABC

11:10am

The Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts
Christof Ferreira Torres, Mathis Steichen, and Radu State, University of Luxembourg

Friday August 16, 2019 11:10am - 11:30am
*USENIX Security '19 Track 2: Grand Ballroom FGH

11:10am

11:30am

Protecting accounts from credential stuffing with password breach alerting
Kurt Thomas, Jennifer Pullman, Kevin Yeo, Ananth Raghunathan, Patrick Gage Kelley, Luca Invernizzi, Borbala Benko, Tadek Pietraszek, and Sarvar Patel, Google; Dan Boneh, Stanford; Elie Bursztein, Google

Friday August 16, 2019 11:30am - 11:50am
*USENIX Security '19 Track 1: Grand Ballroom ABC

11:30am

The Anatomy of a Cryptocurrency Pump-and-Dump Scheme
Jiahua Xu, École polytechnique fédérale de Lausanne (EPFL); Benjamin Livshits, Imperial College London

Friday August 16, 2019 11:30am - 11:50am
*USENIX Security '19 Track 2: Grand Ballroom FGH

11:50am

Probability Model Transforming Encoders Against Encoding Attacks
Haibo Cheng, Zhixiong Zheng, Wenting Li, and Ping Wang, Peking University; Chao-Hsien Chu, Pennsylvania State University

Friday August 16, 2019 11:50am - 12:10pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

11:50am

12:10pm

Lunch (on your own)
Friday August 16, 2019 12:10pm - 1:40pm
N/A

1:40pm

Rendered Private: Making GLSL Execution Uniform to Prevent WebGL-based Browser Fingerprinting
Shujiang Wu, Song Li, and Yinzhi Cao, Johns Hopkins University; Ningfei Wang, Lehigh University

Friday August 16, 2019 1:40pm - 2:00pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

1:40pm

RAZOR: A Framework for Post-deployment Software Debloating
Chenxiong Qian, Hong Hu, Mansour Alharthi, Pak Ho Chung, Taesoo Kim, and Wenke Lee, Georgia Institute of Technology

Friday August 16, 2019 1:40pm - 2:00pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

2:00pm

2:00pm

2:20pm

Everyone is Different: Client-side Diversification for Defending Against Extension Fingerprinting
Erik Trickel, Arizona State University; Oleksii Starov, Stony Brook University; Alexandros Kapravelos, North Carolina State University; Nick Nikiforakis, Stony Brook University; Adam Doupé, Arizona State University

Friday August 16, 2019 2:20pm - 2:40pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

2:20pm

2:40pm

Less is More: Quantifying the Security Benefits of Debloating Web Applications
Babak Amin Azad, Pierre Laperdrix, and Nick Nikiforakis, Stony Brook University

Friday August 16, 2019 2:40pm - 3:00pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

2:40pm

DEEPVSA: Facilitating Value-set Analysis with Deep Learning for Postmortem Program Analysis
Wenbo Guo, Dongliang Mu, and Xinyu Xing, The Pennsylvania State University; Min Du and Dawn Song, University of California, Berkeley

Friday August 16, 2019 2:40pm - 3:00pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

3:00pm

The Web's Identity Crisis: Understanding the Effectiveness of Website Identity Indicators
Christopher Thompson, Martin Shelton, Emily Stark, Maximilian Walker, Emily Schechter, and Adrienne Porter Felt, Google

Friday August 16, 2019 3:00pm - 3:20pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

3:00pm

CONFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software
Xiaoyang Xu, Masoud Ghaffarinia, Wenhao Wang, and Kevin W. Hamlen, University of Texas at Dallas; Zhiqiang Lin, Ohio State University

Friday August 16, 2019 3:00pm - 3:20pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

3:20pm

3:50pm

Point Break: A Study of Bandwidth Denial-of-Service Attacks against Tor
Rob Jansen, U.S. Naval Research Laboratory; Tavish Vaidya and Micah Sherr, Georgetown University

Friday August 16, 2019 3:50pm - 4:10pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

3:50pm

Fuzzification: Anti-Fuzzing Techniques
Jinho Jung, Hong Hu, David Solodukhin, and Daniel Pagan, Georgia Institute of Technology; Kyu Hyung Lee, University of Georgia; Taesoo Kim, Georgia Institute of Technology

Friday August 16, 2019 3:50pm - 4:10pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

4:10pm

No Right to Remain Silent: Isolating Malicious Mixes
Hemi Leibowitz, Bar-Ilan University, IL; Ania M. Piotrowska and George Danezis, University College London, UK; Amir Herzberg, University of Connecticut, US

Friday August 16, 2019 4:10pm - 4:30pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

4:10pm

AntiFuzz: Impeding Fuzzing Audits of Binary Executables
Emre Güler, Cornelius Aschermann, Ali Abbasi, and Thorsten Holz, Ruhr-Universität Bochum

Friday August 16, 2019 4:10pm - 4:30pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

4:30pm

On (The Lack Of) Location Privacy in Crowdsourcing Applications
Spyros Boukoros, TU-Darmstadt; Mathias Humbert, Swiss Data Science Center (ETH Zurich, EPFL); Stefan Katzenbeisser, TU-Darmstadt, University of Passau; Carmela Troncoso, EPFL

Friday August 16, 2019 4:30pm - 4:50pm
*USENIX Security '19 Track 1: Grand Ballroom ABC

4:30pm

MOPT: Optimized Mutation Scheduling for Fuzzers
Chenyang Lyu, Zhejiang University; Shouling Ji, Zhejiang University & Alibaba-Zhejiang University Joint Research Institute of Frontier Technologies; Chao Zhang, BNRist & INSC, Tsinghua University; Yuwei Li, Zhejiang University; Wei-Han Lee, IBM Research; Yu Song, Zhejiang University; Raheem Beyah, Georgia Institute of Technology

Friday August 16, 2019 4:30pm - 4:50pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

4:50pm

4:50pm

EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers
Yuanliang Chen, Yu Jiang, Fuchen Ma, Jie Liang, Mingzhe Wang, and Chijin Zhou, Tsinghua University; Xun Jiao, Villanova University; Zhuo Su, Tsinghua University

Friday August 16, 2019 4:50pm - 5:10pm
*USENIX Security '19 Track 2: Grand Ballroom FGH

5:10pm

5:10pm

GRIMOIRE: Synthesizing Structure while Fuzzing
Tim Blazytko, Cornelius Aschermann, Moritz Schlögel, Ali Abbasi, Sergej Schumilo, Simon Wörner, and Thorsten Holz, Ruhr-Universität Bochum

Friday August 16, 2019 5:10pm - 5:30pm
*USENIX Security '19 Track 2: Grand Ballroom FGH