10  November 2021

European Interdisciplinary Cybersecurity Conference

Targu Mures, Romania

About EICC 2021

The European Interdisciplinary Cybersecurity Conference – EICC 2021 aims at establishing a venue for the exchange of information on cybersecurity and its many aspects between academics and practitioners in Europe. EICC was until 2019 known as the Central European Cybersecurity Conference – CECC and has been rebranded to underscore the interdisciplinarity of the conference and broaden its reach. EICC 2021 encourages the dialogue between computer scientists and researchers in all other fields related to cybersecurity, such as behavioral sciences, sociology, criminology, investigations and law. Interdisciplinary contributions are especially welcome.

COVID-19 Update

EICC 2021 switched to a fully virtual conference. Conference proceedings will be published by ACM as planned.

Special Session on Advanced and Reliable Solutions to Counter Malware and Stegomalware - DETONATOR 2021

Keynote

Gary McGraw

Gary McGraw

Security Engineering for Machine Learning

Machine Learning appears to have made impressive progress on many tasks including image classification, machine translation, autonomous vehicle control, playing complex games including chess, Go, and Atari video games, and more. This has led to much breathless popular press coverage of Artificial Intelligence, and has elevated deep learning to an almost magical status in the eyes of the public. ML, especially of the deep learning sort, is not magic, however. ML has become so popular that its application, though often poorly understood and partially motivated by hype, is exploding. In my view, this is not necessarily a good thing. I am concerned with the systematic risk invoked by adopting ML in a haphazard fashion. Our research at the Berryville Institute of Machine Learning (BIIML) is focused on understanding and categorizing security engineering risks introduced by ML at the design level. Though the idea of addressing security risk in ML is not a new one, most previous work has focused on either particular attacks against running ML systems (a kind of dynamic analysis) or on operational security issues surrounding ML. This talk focuses on the results of an architectural risk analysis (sometimes called a threat model) of ML systems in general. A list of the top five (of 78 known) ML security risks will be presented.

Gary McGraw is co-founder of the Berryville Institute of Machine Learning. He is a globally recognized authority on software security and the author of eight best selling books on this topic. His titles include Software Security, Exploiting Software, Building Secure Software, Java Security, Exploiting Online Games, and 6 other books; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 100 peer-reviewed scientific publications. Gary serves on the Advisory Boards of Irius Risk, Maxmyinterest, Runsafe Security, and Secure Code Warrior. He has also served as a Board member of Cigital and Codiscope (acquired by Synopsys) and as Advisor to CodeDX (acquired by Synopsys), Black Duck (acquired by Synopsys), Dasient (acquired by Twitter), Fortify Software (acquired by HP), and Invotas (acquired by FireEye). Gary produced the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine for thirteen years. His dual PhD is in Cognitive Science and Computer Science from Indiana University where he serves on the Dean’s Advisory Council for the Luddy School of Informatics, Computing, and Engineering.

https://garymcgraw.com
https://berryvilleiml.com/
@cigitalgem

CONFERENCE PROGRAM

9.00 CET

Opening

Welcome Message from Organizers
Bela Genge, organizing chair
Martin Gilje Jaatun, conference chair
Andrej Sotlar, dean, University of Maribor, Faculty of Criminal Justice and Security
Joerg Keller, EICC steering committee

Talk
9.10 CET

Session I - ANALYSIS AND DETECTION

Session Chair: Daniela Soares Cruzes

Automated, Dynamic Android App Vulnerability and Privacy Leak Analysis: Design Considerations, Required Components and Available Tools
Kris Heid and Jens Heider

Full Paper

USBCulprit: Analysis of USB-borne Air-Gap Malware
Mordechai Guri

Full Paper

Operation Digital Ant - A Serious Game Approach to Collect Insider Threat Scenarios and Raise Awareness
Manfred Hofmeier and Ulrike Lechner

Full Paper

DOCTORAL SYMPOSIUM: Detection of Anomalous Values within TIA Project Data History for Industrial Control Systems (Doctoral Symposium Submission)
Laura Hartmann and Steffen Wendzel

Full Paper
10.30 CET

Coffee Break

11.00 CET

Poster Session

Session chair: Simon Vrhovec

FROM DETONATOR
How Feasible are Steganographic and Stealth Attacks on TIA Project Metadata of ICS: A Case Study with Real-world Data
Laura Hartmann and Steffen Wendzel

Poster

How to Tweak a Cryptographic Permutation by Direct Manipulation
Jörg Keller

Poster

A Comparison of SONA and MTurk for Cybersecurity Surveys
Anne Wagner, Anna Bakas, Shelia Kennison and Eric Chan-Tin

Poster

Key Exchange and Management Schemes for Automotive Control Units
Miao Zhang, Shaoning Chen and Barbara Graziano

Poster
12.00 CET

Session II - MITIGATION TECHNIQUES

Session chair: Bela Genge

It is not as simple as that: Playing out password security trainings in order to nudge password changes
Fabian Sterk and Andreas Heinemann

Full Paper

Salt&Pepper: Spice up Security Behavior with Cognitive Triggers
Susanne Kießling, Thomas Hanka and Dominik Merli

Full Paper

Non-Interactive VDF Client Puzzle for DoS Mitigation
Mayank Raikwar and Danilo Gligoroski

Full Paper
13.00 CET

Lunch

14.00 CET

Invited Talk

Session chair: Martin Gilje Jaatun

Security Engineering for Machine Learning
Gary McGraw

Invited Talk
15.00 CET

Coffee Break

15.30 CET

Session III - MULTIDISCIPLINARY SECURITY

Session chair: Piroska Haller

A Statefull Firewall and Intrusion Detection System Enforced with Secure Logging for Controller Area Network
Teri Lenard and Roland Bolboaca

Full Paper

With a Little Help from Your Friends: Collaboration With Vendors During Smart Grid Incident Response Exercises
Mari Langås, Sanna Løfqvist, Basel Katt, Thomas Haugan and Martin Gilje Jaatun

Full Paper

Sealed Storage for Low-Cost IoT Devices: an Approach Using SRAM PUFs and Post-Quantum Cryptography
Roberto Román and Iluminada Baturone

Full Paper
16.30 CET

Coffee Break

17.00 CET

Detonator

Session chairs: Jörg Keller, Steffen Wendzel

Retransmission steganography in real-world scenarios: a practical study
Javier Hospital, David Megías and Wojciech Mazurczyk

Full Paper

Reset- and Reconnection-based Covert Channels in CoAP
Laura Hartmann, Sebastian Zillien and Steffen Wendzel

Full Paper

Multilevel Network Steganography in Fountain Codes
Jörg Keller

Full Paper

How to Make an Intrusion Detection System Aware of Steganographic Transmission
Tomasz Koziak, Katarzyna Wasielewska and Artur Janicki

Full Paper
18.20 CET

Coffee Break

18.25 CET

CONFERENCE WRAP-UP AND BEST PAPER AWARD

M.G. Jaatun, J. Keller, B. Genge

Registration

Regular registration

75 EUR
(early-bird)

100 EUR

Student registration

50 EUR
(early-bird)

65 EUR

Participation
(without an accepted paper)

30 EUR
(early-bird)

45 EUR

Student registration fee is intended for Doctoral Symposium papers.

Student authors of full papers, short papers and posters are not eligible for the student registration fee and must pay the regular registration fee.

After receiving the registration confirmation email, attendees should forward the proof of payment and a valid student ID (student authors only) to: bela.genge@umfst.ro.

Early-bird registration fees must be paid on 27 September 2021 or earlier. Registration is open until 22 October 2021.

Payment in EURO via Bank transfer:

Universitatea de Medicina, Farmacie, Stiinte si Tehnologie (U.M.F.S.T) Tg. Mures
Str. Gh.Marinescu Nr.38, Tg. Mures, Jud. Mures, Romania
Tax Code (Cod Fiscal): 4322742
Banca Comercială Română Tg. Mures
SWIFT Code: RNCBROBU
Account Number: RO92RNCB0193015967800002

Please indicate your paper ID and Conference acronym : EICC 2021

Committees

Conference chair

Martin Gilje Jaatun, University of Stavanger (Norway)

Program committee co-chair

Geir Myrdahl Køien, University of South-eastern Norway (Norway)
Oksana Kulyk, ITU Copenhagen (Denmark)

Doctoral symposium chair

Daniela Soares Cruzes, Norwegian university of science and technology (Norway)

Doctoral symposium co-chair

Lynsay Shepherd, Abertay University (UK)

Program committee

Habtamu Abie, Norwegian Computing Centre (Norway)
Rafael Asorey Cacheda, Universidad Politécnica de Cartagena (Spain)
Jurlind Budurushi, Cloudical Deutschland (Germany)
Luca Caviglione, IMATI - CNR (Italy)
Michal Choras, University of Science and Technology (Poland)
Michele Colajanni, University of Modena and Reggio Emilia (Italy)
Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten (Germany)
Marijke Coetzee, University of Johannesburg (South Africa)
Virginia Franqueira, University of Kent (UK)
Dieter Gollmann, Hamburg University of Technology (Germany)
Petra Grd, University of Zagreb (Croatia)
Nils Gruschka, University of Oslo (Norway)
Mordechai Guri, Ben-Gurion University of the Negev (Israel)
Piroska Haller, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)
Marko Hölbl, University of Maribor (Slovenia)
Xinyi Huang, Fujian Normal University (China)
Pedro R. M. Inácio, University Beira Interior (Portugal)
Audun Jøsang, University of Oslo (Norway)
Georgios Karopoulos, Joint Research Centre (Italy)
Stefan Katzenbeisser, University of Passau (Germany)
Peter Kieseberg, St. Pölten University of Applied Sciences (Austria)
Romain Laborde, University of Toulouse (France)
Jean-Francois Lalande, CentraleSupélec / Inria (France)
Albert Levi, Sabanci University (Turkey)
Shujun Li, University of Kent (UK)
Zhen Liu, Shanghai Jiao Tong University (China)
Haibing Lu, Santa Clara University (USA)
Olaf Maennel, Tallinn University of Technology (Estonia)
Brad Malin, Vanderbilt University (USA)
Karola Marky, Technical University of Darmstadt (Germany)
Peter Mayer, Karlsruhe Institute of Technology (Germany)
Rodrigo Miani, Universidade Federal de Uberlândia (Brazil)
Aleksandra Mileva, University Goce Delcev (North Macedonia)
Caroline Moeckel, Royal Holloway, University of London (UK)
Pal-Stefan Murvay, Politehnica University of Timisoara (Romania)
Sebastian Pape, Goethe University Frankfurt (Germany)
Alexander Pretschner, Technical University of Munich (Germany)
Kaja Prislan, University of Maribor (Slovenia)
Anderson Santana De Oliveira, SAP (Germany)
Gerardo Simari, Universidad Nacional del Sur in Bahía Blanca and CONICET (Argentina)
Florian Skopik, AIT Austrian Institute of Technology (Austria)
Daniel Spiekermann, Polizeiakademie Niedersachsen (Germany)
Hung-Min Sun, National Tsing Hua University (Taiwan)
Yuqiong Sun, Facebook (USA)
Mahesh Tripunitara, University of Waterloo (Canada)
Edgar Weippl, SBA Research (Austria)
Steffen Wendzel, Worms University of Applied Sciences (Germany)
Christos Xenakis, University of Piraeus (Greece)
Nicola Zannone, Eindhoven University of Technology (Netherlands)
Aleš Završnik, Institute of Criminology at the Faculty of Law Ljubljana (Slovenia)

Organizing chair

Bela Genge, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)

Organizing co-chair

Piroska Haller, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)

Organizing team

Bogdan Crainicu, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)
Adam Gergely, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)
Teri Lenard, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)
Roland Bolboaca, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)

Steering committee

Igor Bernik, University of Maribor (Slovenia)
Bela Genge, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)
Joerg Keller, FernUniversitaet in Hagen (Germany)
Blaž Markelj, University of Maribor (Slovenia)
Wojciech Mazurczyk, Warsaw University of Technology (Poland)
Simon Vrhovec, University of Maribor (Slovenia)

Important dates

Submission deadline & Doctoral Symposium abstract submission

30 Jun 2021

Author notification

25 Jul 2021

Poster submission & Doctoral Symposium submission

23 Aug 2021

Camera-ready

27 Sep 2021

Call for papers

Scope

The conference is devoted to exploring and presenting original innovative applications, scientific and technological advancements in the field of cybersecurity. Topics for this conference include, but are not limited to:

Publication

EICC 2021 proceedings will be published by Association for Computer Machinery (ACM) in the ACM Digital Library within its International Conference Proceedings Series (ICPS).

Proceedings from the previous conferences are available here:

Submission guidelines

The official language of the conference is English. Papers are limited to 6 pages.

All papers must be original and not simultaneously submitted to another journal or conference. The following paper categories are welcome:

The conference will offer a Best paper award and a Best Doctoral Symposium paper award. The awards will be announced and bestowed at the conference closing session. The award will be conferred to the author(s) of awarded papers who will be present at the conference. The decision criterion will consider both the paper quality and the oral presentation quality.

Papers submitted to EICC 2021 have to use the ACM SigConf template. Please, read template instructions carefully before submitting the paper. The use of the Latex template is strongly encouraged. Non-proficient Latex users are encouraged to use the Overleaf online collaborative Latex platform (ACM Latex template on Overleaf).

Word users: For peer review, use the two-column template. Keep in mind that you will need to submit the paper in the one-column template to TAPS after acceptance. The final paper will be published in a two-column format.

Latex users: Use only the two-column template (first line in the document: \documentclass[sigconf]{acmart}). Keep in mind that TAPS supports only specific packages.

The quality of the research papers will be assessed based on its originality, significance and clarity.

All submitted research papers will undergo a double-blind reviewing process. Please, make sure that submitted papers do not contain author names or obvious self-references. Please note that the page limit applies to papers with authors and not the submitted anonymized version.

Each paper will be reviewed by 2-3 reviewers. Afterwards, a discussion will be held by the chairs and reviewers to determine the outcomes of the peer-review.

Authors of accepted posters should prepare A1 sized posters (portrait or landscape) for the poster exhibition. Other designs may be considered. Titles of poster submissions should be prefixed with POSTER (e.g., POSTER: The role of information sensitivity in adoption of E2EE communication software).

Titles of papers submitted to the Doctoral Symposium should be prefixed with DOCTORAL SYMPOSIUM (e.g., DOCTORAL SYMPOSIUM: A novel approach for acquiring training and software security requirements).

Submission of a paper / poster implies that at least one of the authors will register and present the paper / poster at the conference if the paper / poster is accepted. If an author has more than one accepted paper / poster, each additional accepted paper / poster costs the same fee as the first.

Submit papers using EICC 2021 submission system.

Full papers and doctoral symposium papers can exceed the page limit by a maximum of 2 pages. Each additional page above the page limit will be charged 20 EUR on top of the registration fee.

Workshops

EICC 2021 is inviting proposals for high-quality workshops to be co-located with the conference. The typical goal of a workshop is to present and discuss in a thorough and more narrow manner a specific aspect of cybersecurity and its interdisciplinary nature. EICC 2021 provides workshop organizers with the opportunity to publish accepted workshop papers as part of its conference proceedings. To be included in the EICC 2021 proceedings, workshop papers must follow the conference submission guidelines and undergo the same rigorous reviewing process as conference papers.

Workshop Co-chairs

Martin Gilje Jaatun, University of Stavanger (Norway)
Bela Genge, University of Medicine, Pharmacy, Sciences and Technology of Tg. Mures (Romania)

Important dates

Proposal submission deadline

15 Mar 2021

Acceptance notification

7 days after submission

Submission Guidelines

The official language of EICC 2021 and related workshops is English.

Workshop proposals should include:

Submit workshop proposals using the submission form.