10
November,
2021
European Interdisciplinary Cybersecurity Conference
Targu Mures, Romania
Targu Mures, Romania
The European Interdisciplinary Cybersecurity Conference – EICC 2021 aims at establishing a venue for the exchange of information on cybersecurity and its many aspects between academics and practitioners in Europe. EICC was until 2019 known as the Central European Cybersecurity Conference – CECC and has been rebranded to underscore the interdisciplinarity of the conference and broaden its reach. EICC 2021 encourages the dialogue between computer scientists and researchers in all other fields related to cybersecurity, such as behavioral sciences, sociology, criminology, investigations and law. Interdisciplinary contributions are especially welcome.
EICC 2021 switched to a fully virtual conference. Conference proceedings will be published by ACM as planned.
Gary McGraw
Machine Learning appears to have made impressive progress on many tasks including image classification, machine translation, autonomous vehicle control, playing complex games including chess, Go, and Atari video games, and more. This has led to much breathless popular press coverage of Artificial Intelligence, and has elevated deep learning to an almost magical status in the eyes of the public. ML, especially of the deep learning sort, is not magic, however. ML has become so popular that its application, though often poorly understood and partially motivated by hype, is exploding. In my view, this is not necessarily a good thing. I am concerned with the systematic risk invoked by adopting ML in a haphazard fashion. Our research at the Berryville Institute of Machine Learning (BIIML) is focused on understanding and categorizing security engineering risks introduced by ML at the design level. Though the idea of addressing security risk in ML is not a new one, most previous work has focused on either particular attacks against running ML systems (a kind of dynamic analysis) or on operational security issues surrounding ML. This talk focuses on the results of an architectural risk analysis (sometimes called a threat model) of ML systems in general. A list of the top five (of 78 known) ML security risks will be presented.
Gary McGraw is co-founder of the Berryville Institute of Machine Learning. He is a globally recognized authority on software security and the author of eight best selling books on this topic. His titles include Software Security, Exploiting Software, Building Secure Software, Java Security, Exploiting Online Games, and 6 other books; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 100 peer-reviewed scientific publications. Gary serves on the Advisory Boards of Irius Risk, Maxmyinterest, Runsafe Security, and Secure Code Warrior. He has also served as a Board member of Cigital and Codiscope (acquired by Synopsys) and as Advisor to CodeDX (acquired by Synopsys), Black Duck (acquired by Synopsys), Dasient (acquired by Twitter), Fortify Software (acquired by HP), and Invotas (acquired by FireEye). Gary produced the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine for thirteen years. His dual PhD is in Cognitive Science and Computer Science from Indiana University where he serves on the Dean’s Advisory Council for the Luddy School of Informatics, Computing, and Engineering.
https://garymcgraw.com
https://berryvilleiml.com/
@cigitalgem
Opening
Welcome Message from Organizers
Bela Genge, organizing chair
Martin Gilje Jaatun, conference chair
Andrej Sotlar, dean, University of Maribor, Faculty of Criminal Justice and Security
Joerg Keller, EICC steering committee
Session I - ANALYSIS AND DETECTION
Session Chair: Daniela Soares Cruzes
Automated, Dynamic Android App Vulnerability and Privacy Leak Analysis: Design Considerations, Required Components
and Available Tools
Kris Heid and Jens Heider
USBCulprit: Analysis of USB-borne Air-Gap Malware
Mordechai Guri
Operation Digital Ant - A Serious Game Approach to Collect Insider Threat Scenarios and Raise Awareness
Manfred Hofmeier and Ulrike Lechner
DOCTORAL SYMPOSIUM: Detection of Anomalous Values within TIA Project Data History for Industrial Control Systems
(Doctoral Symposium Submission)
Laura Hartmann and Steffen Wendzel
Coffee Break
Poster Session
Session chair: Simon Vrhovec
FROM DETONATOR
How Feasible are Steganographic and Stealth Attacks on TIA Project Metadata of ICS: A Case Study with Real-world
Data
Laura Hartmann and Steffen Wendzel
How to Tweak a Cryptographic Permutation by Direct Manipulation
Jörg Keller
A Comparison of SONA and MTurk for Cybersecurity Surveys
Anne Wagner, Anna Bakas, Shelia Kennison and Eric Chan-Tin
Key Exchange and Management Schemes for Automotive Control Units
Miao Zhang, Shaoning Chen and Barbara Graziano
Session II - MITIGATION TECHNIQUES
Session chair: Bela Genge
It is not as simple as that: Playing out password security trainings in order to nudge password changes
Fabian Sterk and Andreas Heinemann
Salt&Pepper: Spice up Security Behavior with Cognitive Triggers
Susanne Kießling, Thomas Hanka and Dominik Merli
Non-Interactive VDF Client Puzzle for DoS Mitigation
Mayank Raikwar and Danilo Gligoroski
Lunch
Invited Talk
Session chair: Martin Gilje Jaatun
Security Engineering for Machine Learning
Gary McGraw
Coffee Break
Session III - MULTIDISCIPLINARY SECURITY
Session chair: Piroska Haller
A Statefull Firewall and Intrusion Detection System Enforced with Secure Logging for Controller Area Network
Teri Lenard and Roland Bolboaca
With a Little Help from Your Friends: Collaboration With Vendors During Smart Grid Incident Response Exercises
Mari Langås, Sanna Løfqvist, Basel Katt, Thomas Haugan and Martin Gilje Jaatun
Sealed Storage for Low-Cost IoT Devices: an Approach Using SRAM PUFs and Post-Quantum Cryptography
Roberto Román and Iluminada Baturone
Coffee Break
Detonator
Session chairs: Jörg Keller, Steffen Wendzel
Retransmission steganography in real-world scenarios: a practical study
Javier Hospital, David Megías and Wojciech Mazurczyk
Reset- and Reconnection-based Covert Channels in CoAP
Laura Hartmann, Sebastian Zillien and Steffen Wendzel
Multilevel Network Steganography in Fountain Codes
Jörg Keller
How to Make an Intrusion Detection System Aware of Steganographic Transmission
Tomasz Koziak, Katarzyna Wasielewska and Artur Janicki
Coffee Break
CONFERENCE WRAP-UP AND BEST PAPER AWARD
M.G. Jaatun, J. Keller, B. Genge
Regular registration
75 EUR
(early-bird)
100 EUR
Student registration
50 EUR
(early-bird)
65 EUR
Participation
(without an accepted paper)
30 EUR
(early-bird)
45 EUR
Student registration fee is intended for Doctoral Symposium papers.
Student authors of full papers, short papers and posters are not eligible for the student registration fee and must pay the regular registration fee.
After receiving the registration confirmation email, attendees should forward the proof of payment and a valid student ID (student authors only) to: bela.genge@umfst.ro.
Early-bird registration fees must be paid on 27 September 2021 or earlier. Registration is open until 22 October 2021.
Payment in EURO via Bank transfer:
Universitatea de Medicina, Farmacie, Stiinte si Tehnologie (U.M.F.S.T) Tg. Mures
Str. Gh.Marinescu Nr.38, Tg. Mures, Jud. Mures, Romania
Tax Code (Cod Fiscal): 4322742
Banca Comercială Română Tg. Mures
SWIFT Code: RNCBROBU
Account Number: RO92RNCB0193015967800002
Please indicate your paper ID and Conference acronym : EICC 2021
Martin Gilje Jaatun, University of Stavanger (Norway)
Geir Myrdahl Køien, University of South-eastern Norway (Norway)
Oksana Kulyk, ITU Copenhagen (Denmark)
Daniela Soares Cruzes, Norwegian university of science and technology (Norway)
Lynsay Shepherd, Abertay University (UK)
Habtamu Abie, Norwegian Computing Centre (Norway)
Rafael Asorey Cacheda, Universidad Politécnica de Cartagena (Spain)
Jurlind Budurushi, Cloudical Deutschland (Germany)
Luca Caviglione, IMATI - CNR (Italy)
Michal Choras, University of Science and Technology (Poland)
Michele Colajanni, University of Modena and Reggio Emilia (Italy)
Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten (Germany)
Marijke Coetzee, University of Johannesburg (South Africa)
Virginia Franqueira, University of Kent (UK)
Dieter Gollmann, Hamburg University of Technology (Germany)
Petra Grd, University of Zagreb (Croatia)
Nils Gruschka, University of Oslo (Norway)
Mordechai Guri, Ben-Gurion University of the Negev (Israel)
Piroska Haller, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures
(Romania)
Marko Hölbl, University of Maribor (Slovenia)
Xinyi Huang, Fujian Normal University (China)
Pedro R. M. Inácio, University Beira Interior (Portugal)
Audun Jøsang, University of Oslo (Norway)
Georgios Karopoulos, Joint Research Centre (Italy)
Stefan Katzenbeisser, University of Passau (Germany)
Peter Kieseberg, St. Pölten University of Applied Sciences (Austria)
Romain Laborde, University of Toulouse (France)
Jean-Francois Lalande, CentraleSupélec / Inria (France)
Albert Levi, Sabanci University (Turkey)
Shujun Li, University of Kent (UK)
Zhen Liu, Shanghai Jiao Tong University (China)
Haibing Lu, Santa Clara University (USA)
Olaf Maennel, Tallinn University of Technology (Estonia)
Brad Malin, Vanderbilt University (USA)
Karola Marky, Technical University of Darmstadt (Germany)
Peter Mayer, Karlsruhe Institute of Technology (Germany)
Rodrigo Miani, Universidade Federal de Uberlândia (Brazil)
Aleksandra Mileva, University Goce Delcev (North Macedonia)
Caroline Moeckel, Royal Holloway, University of London (UK)
Pal-Stefan Murvay, Politehnica University of Timisoara (Romania)
Sebastian Pape, Goethe University Frankfurt (Germany)
Alexander Pretschner, Technical University of Munich (Germany)
Kaja Prislan, University of Maribor (Slovenia)
Anderson Santana De Oliveira, SAP (Germany)
Gerardo Simari, Universidad Nacional del Sur in Bahía Blanca and CONICET (Argentina)
Florian Skopik, AIT Austrian Institute of Technology (Austria)
Daniel Spiekermann, Polizeiakademie Niedersachsen (Germany)
Hung-Min Sun, National Tsing Hua University (Taiwan)
Yuqiong Sun, Facebook (USA)
Mahesh Tripunitara, University of Waterloo (Canada)
Edgar Weippl, SBA Research (Austria)
Steffen Wendzel, Worms University of Applied Sciences (Germany)
Christos Xenakis, University of Piraeus (Greece)
Nicola Zannone, Eindhoven University of Technology (Netherlands)
Aleš Završnik, Institute of Criminology at the Faculty of Law Ljubljana (Slovenia)
Bela Genge, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures
(Romania)
Piroska Haller, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)
Bogdan Crainicu, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures
(Romania)
Adam Gergely, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures
(Romania)
Teri Lenard, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures
(Romania)
Roland Bolboaca, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures
(Romania)
Igor Bernik, University of Maribor (Slovenia)
Bela Genge, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures
(Romania)
Joerg Keller, FernUniversitaet in Hagen (Germany)
Blaž Markelj, University of Maribor (Slovenia)
Wojciech Mazurczyk, Warsaw University of Technology (Poland)
Simon Vrhovec, University of Maribor (Slovenia)
Submission deadline & Doctoral Symposium abstract submission
30 Jun 2021
Author notification
25 Jul 2021
Poster submission & Doctoral Symposium submission
23 Aug 2021
Camera-ready
27 Sep 2021
The conference is devoted to exploring and presenting original innovative applications, scientific and technological advancements in the field of cybersecurity. Topics for this conference include, but are not limited to:
EICC 2021 proceedings will be published by Association for Computer Machinery (ACM) in the ACM Digital Library within its International Conference Proceedings Series (ICPS).
Proceedings from the previous conferences are available here:
The official language of the conference is English. Papers are limited to 6 pages.
All papers must be original and not simultaneously submitted to another journal or conference. The following paper categories are welcome:
The conference will offer a Best paper award and a Best Doctoral Symposium paper award. The awards will be announced and bestowed at the conference closing session. The award will be conferred to the author(s) of awarded papers who will be present at the conference. The decision criterion will consider both the paper quality and the oral presentation quality.
Papers submitted to EICC 2021 have to use the ACM SigConf template. Please, read template instructions carefully before submitting the paper. The use of the Latex template is strongly encouraged. Non-proficient Latex users are encouraged to use the Overleaf online collaborative Latex platform (ACM Latex template on Overleaf).
Word users: For peer review, use the two-column template. Keep in mind that you will need to submit the paper in the one-column template to TAPS after acceptance. The final paper will be published in a two-column format.
Latex users: Use only the two-column template (first line in the document:
\documentclass[sigconf]{acmart}). Keep in mind that
TAPS supports only specific packages.
The quality of the research papers will be assessed based on its originality, significance and clarity.
All submitted research papers will undergo a double-blind reviewing process. Please, make sure that submitted papers do not contain author names or obvious self-references. Please note that the page limit applies to papers with authors and not the submitted anonymized version.
Each paper will be reviewed by 2-3 reviewers. Afterwards, a discussion will be held by the chairs and reviewers to determine the outcomes of the peer-review.
Authors of accepted posters should prepare A1 sized posters (portrait or landscape) for the poster exhibition. Other designs may be considered. Titles of poster submissions should be prefixed with POSTER (e.g., POSTER: The role of information sensitivity in adoption of E2EE communication software).
Titles of papers submitted to the Doctoral Symposium should be prefixed with DOCTORAL SYMPOSIUM (e.g., DOCTORAL SYMPOSIUM: A novel approach for acquiring training and software security requirements).
Submission of a paper / poster implies that at least one of the authors will register and present the paper / poster at the conference if the paper / poster is accepted. If an author has more than one accepted paper / poster, each additional accepted paper / poster costs the same fee as the first.
Submit papers using EICC 2021 submission system.
Full papers and doctoral symposium papers can exceed the page limit by a maximum of 2 pages. Each additional page above the page limit will be charged 20 EUR on top of the registration fee.
EICC 2021 is inviting proposals for high-quality workshops to be co-located with the conference. The typical goal of a workshop is to present and discuss in a thorough and more narrow manner a specific aspect of cybersecurity and its interdisciplinary nature. EICC 2021 provides workshop organizers with the opportunity to publish accepted workshop papers as part of its conference proceedings. To be included in the EICC 2021 proceedings, workshop papers must follow the conference submission guidelines and undergo the same rigorous reviewing process as conference papers.
Martin Gilje Jaatun, University of Stavanger (Norway)
Bela Genge, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)
Proposal submission deadline
15 Mar 2021
Acceptance notification
7 days after submission
The official language of EICC 2021 and related workshops is English.
Workshop proposals should include:
Submit workshop proposals using the submission form.
