The best paper award was given to two papers at ESORICS 2019:
Ilias Giechaskiel, Youqian Zhang and Kasper Rasmussen: “A Framework for Evaluating Security in the Presence of Signal Injection Attacks”
Jacqueline Brendel, Marc Fischlin and Felix Günther: “Breakdown Resilience of Key Exchange Protocols: NewHope, TLS 1.3, and Hybrids”
| Authors | Paper |
|---|---|
| Martin Albrecht, Loenzo Grassi, Leo Perrin, Sebastian Ramacher, Christian Rechberger, Dragos Rotaru, Arnab Roy and Markus Schofnegger. | Feistel Structures for MPC, and More |
| Saed Alrabaee, El Mouatez Karbab, Lingyu Wang and Mourad Debbabi. | BinEye: Towards Efficient Binary Authorship Characterization Using Deep Learning |
| Emma Arfelt, David Basin and Søren Debois. | Monitoring the GDPR |
| Gildas Avoine, Sébastien Canard and Loïc Ferreira. | IoT-friendly AKE: Forward Secrecy and Session Resumption Meet Symmetric-key Cryptography |
| Gilles Barthe, Sonia Belaïd, Gaëtan Cassiers, Pierre-Alain Fouque, Benjamin Grégoire and François-Xavier Standaert. | Automated Verification of Higher-Order Masking in Presence of Physical Defaults |
| Alex Belkin, Nethanel Gelernter and Israel Cidon. | The Risks of WebGL: Analysis, Evaluation and Detection |
| Jacqueline Brendel, Marc Fischlin and Felix Günther. | Breakdown Resilience of Key Exchange Protocols: NewHope, TLS 1.3, and Hybrids |
| Sergiu Bursuc and Steve Kremer. | Contingent payments on a public ledger: models and reductions for automated verification |
| Maxime Buser, Joseph K. Liu, Ron Steinfeld, Amin Sakzad and Shi-Feng Sun. | A Dynamic & Revocable Group Merkle Signature |
| Matteo Cagnazzo, Norbert Pohlmann and Thorsten Holz. | GDPiRated – Stealing Personal Information On- and Offline |
| Stefano Calzavara, Alvise Rabitti, Alessio Ragazzo and Michele Bugliesi. | Testing for Integrity Flaws in Web Sessions |
| Darion Cassel, Yan Huang and Limin Jia. | Uncovering Information Flow Policy Violations in C Programs |
| Stefanos Chaliasos, George Metaxopoulos, George Argyros and Dimitris Mitropoulos. | Mime Artist: Bypassing Whitelisting for the Web with JavaScript Mimicry Attacks |
| Shan Chen, Samuel Jero, Matthew Jagielski, Alexandra Boldyreva and Cristina Nita-Rotaru. | Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) vs. QUIC |
| Lingguang Lei, Yuewu Wang, Dawei Chu, Yanchu Li, Jiwu Jing and Kun Sun | OCRAM-assisted Sensitive Data Protection on ARM-based Platform |
| Max Curran, Xiao Liang, Himanshu Gupta, Omkant Pandey and Samir Das. | ProCSA: Protecting Privacy in Crowdsourced Spectrum Allocation |
| Hung Dang, Ee-Chien Chang and Dat Le Tien. | Towards a Marketplace for Secure Outsourced Computations |
| Nicolai Davidssoon, Andre Pawlowski and Thorsten Holz. | Towards Automated Application-Specific Software Stacks |
| Alexandre Debant, Stephanie Delaune and Cyrille Wiedling. | Symbolic analysis of terrorist fraud resistance |
| Keita Emura, Shuichi Katsumata and Yohei Watanabe. | Identity-Based Encryption with Security against the KGC: A Formal Model and Its Instantiation from Lattices |
| Nils Fleischhacker, Giulio Malavolta and Dominique Schroeder. | Arithmetic Garbling from Bilinear Maps |
| Behrad Garmany, Martin Stoffel, Robert Gawlik and Thorsten Holz. | Static Detection of Uninitialized Stack Variables in Binary Code |
| Ilias Giechaskiel, Youqian Zhang and Kasper Rasmussen. | A Framework for Evaluating Security in the Presence of Signal Injection Attacks |
| Sébastien Gondron and Sebastian A. Mödersheim. | Formalizing and Proving Privacy Properties of Voting Protocols using Alpha-Beta Privacy |
| Juan Guarnizo and Pawel Szalachowski. | Practical Data Feed Service for Smart Contracts |
| Hui Guo, Zhenfeng Zhang, Jing Xu and Mingyuan Xia. | Generic Traceable Proxy Re-Encryption and Accountable Extension in Consensus Network |
| Jaybie de Guzman, Kanchana Thilakarathna and Aruna Seneviratne. | A First Look into Privacy Leakage in 3D Mixed Reality Data |
| Vincent Haupert and Stephan Gabert. | Where to Look for What You See Is What You Sign? User Confusion in Transaction Security |
| Ross Horne, Sjouke Mauw, Zach Smith and Ihor Filimonov. | Breaking Unlinkability of the ICAO 9303 Standard for e-Passports using Bisimilarity |
| Hugo Jonker, Benjamin Krumnow and Gabry Vlot. | Fingerprint surface-based detection of web bot detectors |
| Yusuke Kawamoto and Takao Murakami. | Local Obfuscation Mechanisms for Hiding Probability Distributions |
| Shabnam Kasra Kermanshahi, Joseph Liu, Ron Steinfeld and Surya Nepal. | Generic Multi-keyword Ranked Search on Encrypted Cloud Data |
| Florian Kerschbaum and Anselme Tueno. | An Efficiently Searchable Encrypted Data Structure for Range Queries |
| Duc Le, Mahimna Kelkar and Aniket Kate. | Flexible Signatures: Making Authentication Suitable for Real-Time Environments |
| Xiaoning Liu and Xun Yi. | Privacy-Preserving Collaborative Medical Time Series Analysis based on Dynamic Time Warping |
| Zhen Liu, Khoa Nguyen, Guomin Yang, Huaxiong Wang and Duncan S. Wong. | A Lattice-based Linkable Ring Signature Supporting Stealth Addresses |
| Kangjie Lu, Aditya Pakki and Qiushi Wu. | Automatically Identifying Security Checks for Detecting Kernel Semantic Bugs |
| Siqi Ma, Elisa Bertino, Robert Deng, Juanru Li, Diet Ostry, Surya Nepal and Sanjay Jha. | Finding Flaws from Password Authentication Code in Android Apps |
| Suryadipta Majumdar, Azadeh Tabiban, Meisam Mohammady, Alaa Oqaily, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi. | Proactivizer: Transforming Existing Verification Tools into Efficient Solutions for Runtime Security Enforcement |
| Weizhi Meng, Wenjuan Li, Lijun Jiang, Kim-Kwang Raymond Choo and Chunhua Su. | Practical Bayesian Poisoning Attacks on Challenge-based Collaborative Intrusion Detection Networks |
| Loïc Miller and Cristel Pelsser. | A Taxonomy of Attacks using BGP Blackholing |
| Kazuhiko Minematsu and Norifumi Kamiya. | Symmetric-key Corruption Detection : When XOR-MACs Meet Combinatorial Group Testing |
| Duncan Mitchell and Johannes Kinder. | A Formal Model for Checking Cryptographic API Usage in JavaScript |
| Chris Novakovic and David Parker. | Automated Formal Analysis of Side-Channel Attacks on Probabilistic Systems |
| Momen Oqaily, Yosr Jarraya, Lingyu Wang, Mengyuan Zhang, Makan Pourzandi and Mourad Debbabi. | iCAT: An Interactive Customizable Anonymization Tool |
| Henrique G. Pereira and Philip W. L. Fong. | SEPD: An Access Control Model for Resource Sharing in an IoT Environment |
| Tran Viet Xuan Phuong, Willy Susilo, Guomin Yang, Jongkil Kim and Dongxi Liu. | Puncturable Proxy Re-Encryption supporting to Group Messaging Service |
| Yue Qin, Chi Cheng and Jintai Ding. | A Complete and Optimized Key Mismatch Attack on NIST Candidate NewHope |
| Erwin Quiring, Matthias Kirchner and Konrad Rieck. | On the Security and Applicability of Fragile Camera Fingerprints |
| Juan E. Rubio, Mark Manulis, Cristina Alcaraz and Javier Lopez. | Enhancing Security and Dependability of Industrial Networks with Opinion Dynamics |
| Michael Schwarz, Martin Schwarzl, Moritz Lipp, Jon Masters and Daniel Gruss. | NetSpectre: Read Arbitrary Memory over Network |
| Sagar Sharma and Keke Chen. | Confidential Boosting with Random Linear Classifiers for Outsourced User-generated Data |
| Philip Sperl and Konstantin Böttinger. | Side-Channel Aware Fuzzing |
| Miha Stopar, Tilen Marc, Jan Hartman, Manca Bizjak and Jolanda Modic. | Privacy-Enhanced Machine Learning with Functional Encryption |
| Junichi Tomida, Atsushi Fujioka, Akira Nagai and Koutarou Suzuki. | Strongly Secure Identity-Based Key Exchange with Single Pairing Operation |
| Henry Turner, Giulio Lovisotto and Ivan Martinovic. | Attacking speaker recognition systems with phoneme morphing |
| Bryan Ward, Richard Skowyra, Chad Spensky, Jason Martin and Hamed Okhravi. | The Leakage-Resilience Dilemma |
| Jianghong Wei, Xiaofeng Chen, Xuexian Hu and Jianfeng Ma. | Forward-Secure Puncturable Identity-Based Encryption for Securing Cloud Emails |
| Konrad Weiss and Julian Schuette. | Annotary: A Concolic Execution System for Developing Secure Smart Contracts |
| Yao Yao, Wei Zhou, Yan Jia, Lipeng Zhu, Yuqing Zhang and Peng Liu. | Identifying Privilege Separation Vulnerabilities in IoT Firmware with Symbolic Execution |
| Xun Yi, Kwok-Yan Lam, Elisa Bertino and Fang-Yu Rao. | Location Privacy-Preserving Mobile Crowd Sensing with Anonymous Reputation |
| Zhongjun Zhang, Jianfeng Wang, Yunling Wang, Yaping Su and Xiaofeng Chen. | Towards Efficient Verifiable Forward Secure Searchable Symmetric Encryption |
| Yifeng Zheng, Huayi Duan and Cong Wang. | Towards Secure and Efficient Outsourcing of Machine Learning Classification |
| Huadi Zheng, Qingqing Ye and Haibo Hu. | BDPL: A Boundary Differential Private Layer against Machine Learning Model Extraction Attacks |
| Lei Zhou, Jidong Xiao, Leach Kevin, Westley Weimer, Fengwei Zhang and Guojun Wang. | Nighthawk: Transparent System Introspection from Ring -3 |
| Yevhen Zolotavkin and Veronika Kuchta. | Incentives for Harvesting Attack in Proof of Work mining pools |
| Cong Zuo, Shi-Feng Sun, Joseph K. Liu, Jun Shao and Josef Pieprzyk. | Dynamic Searchable Symmetric Encryption with Forward and Stronger Backward Privacy |
ESORICS is the annual European research event in Computer Security.
The Symposium started in 1990 and has been held in several European countries, attracting a wide international audience from both the academic and industrial communities. Papers offering novel research contributions in computer security are solicited for submission to the 2019 Symposium, to be held in Luxembourg.
The primary focus is on original, high quality, unpublished research and implementation experiences. We encourage submissions of papers discussing industrial research and development.
Submission website: https://easychair.org/conferences/?conf=esorics19
PC Chairs: Kazue Sako, NEC Japan and Steve Schneider, University of Surrey, UK
Email for PC Chairs: esorics19 [at] easychair [dot] org (submission via website only!)
Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference/workshop with proceedings. The symposium proceedings will be published by Springer in the Lecture Notes in Computer Science series (LNCS).
All submissions should follow the LNCS template ( available from http://www.springer.de/comp/lncs/authors.html ) from the time they are submitted. Submitted papers should be at most 16 pages (using 10-point font), excluding the bibliography and well-marked appendices, and at most 20 pages total. Committee members are not required to read the appendices, so the paper should be intelligible without them. All submissions must be written in English. Submissions are to be made to the submission web site. Only pdf files will be accepted. Submissions are not anonymous.
Submissions not meeting these guidelines risk rejection without consideration of their merits. Authors of accepted papers must agree with Springer LNCS copyright and guarantee that their papers will be presented at the conference.
Topics of interest include, but are not limited to:
Access control
Accountability
Ad hoc networks
Anonymity
Applied cryptography
Authentication
Biometrics
Blockchain and finance security
Data and computation integrity
Database security
Data protection
Deep learning for attack and defense
Digital content protection
Digital forensics
Distributed systems security
Embedded systems security
Inference control
Information hiding
Identity management
Information flow control
Information security governance and management
Intrusion detection
Formal security methods
Language-based security
Network security
Phishing and spam prevention
Privacy
Privacy preserving data mining
Risk analysis and management
Secure electronic voting
Security architectures
Security economics
Security metrics
Security models
Security and privacy for big data
Security and privacy in cloud scenarios
Security and privacy in complex systems
Security and privacy in content centric networking
Security and privacy in crowdsourcing
Security and privacy in the IoT
Security and privacy in location services
Security and privacy for mobile code
Security and privacy in pervasive / ubiquitous computing
Security and privacy policies
Security and privacy in social networks
Security and privacy in web services
Security and privacy in cyber-physical systems
Security, privacy and resilience in critical infrastructures
Security verification
Software security
Systems security
Trust models and management
Trustworthy user devices
Usable security and privacy
Web security
Wireless security