RAID 2025 – The 28th International Symposium on Research in Attacks, Intrusions and Defenses

Full Program

Registration 08:00 – 17:00 per day at Level 1, Hilton Surfers Paradise
Registration opens at 07:30 for day 1

Keynote & Session A: The Grand Ballroom, Level 1, Hilton Surfers Paradise
Session B: The Promenade Room, Level 1, Hilton Surfers Paradise

Monday 20/10/2025

08:30 - 09:00

Opening Remark

09:00 - 10:00

Keynote I

Battista Biggio
Wild Patterns: Twenty Years of Attacks and Defenses in Machine Learning Security

Abstract: Over the past two decades, machine learning security has evolved through a continuous arms race between attacks and defenses. From early evasion and poisoning attacks on spam and malware detectors to the rise of adversarial examples, researchers have repeatedly exposed the fragility of modern AI models. Despite notable progress, no bulletproof defense has emerged, and many countermeasures have proven ineffective against more sophisticated attacks. In this talk, I will provide a historical perspective on adversarial machine learning—from the initial, simplistic perturbation models to more complex attacks in security-related tasks, up to today’s challenges involving large language and foundation models. I will critically examine the key factors still hindering progress, including the lack of a systematic and scalable framework for evaluating models under adversarial and out-of-distribution conditions, and the need for better debugging tools to uncover common evaluation flaws, dataset biases, and spurious correlations. I will present recent results from our laboratory addressing some of these limitations and discuss how integrating AI as a component within complex, well-engineered systems may foster the development of more resilient and trustworthy intelligent technologies.

Bio: Battista Biggio (MSc 2006, PhD 2010) is a Full Professor of Computer Engineering at the University of Cagliari, Italy, and research co-director of AI Security at the sAIfer lab (www.saiferlab.ai). He has been attacking machine-learning (ML) models well before adversarial examples were even discovered, in the context of cybersecurity-related applications like spam filtering, malware detection, web security, and biometric recognition (PRJ 2018). His team has been the first to formalize attacks on ML models as optimization problems, and demonstrate gradient-based evasion (ECML-PKDD 2013) and poisoning (ICML 2012) attacks on machine-learning algorithms, playing a leading role in the establishment and advancement of this research field. His seminal paper on “Poisoning Attacks against Support Vector Machines” won the 2022 ICML Test of Time Award. His work on “Wild Patterns” won the 2021 Best Paper Award and Pattern Recognition Medal from Elsevier Pattern Recognition. Prof. Biggio has managed several industrial, national, and EU-funded projects, and regularly serves as Area Chair for top-tier conferences in machine learning and computer security, like NeurIPS and the IEEE Symposium on Security and Privacy. He is an Associate Editor-in-Chief of Pattern Recognition and chaired IAPR TC1 (2016-2020). He is a Fellow of IEEE and AAIA, a Senior Member of ACM, and a member of IAPR and ELLIS.

10:00 - 10:30

Tea Break

10:30 - 12:00

Session A: Attacks on and Defenses for ML Models

Reconstruction of Differentially Private Text Sanitization via Large Language Models [PDF]
Shuchao Pang, Nanjing University of Science and Technology
Zhigang Lu, Western Sydney University
Haichen Wang, Nanjing University of Science and Technology
Peng Fu, IIE, Chinese Academy of Sciences
Yongbin Zhou, Nanjing University of Science and Technology
Jason (Minhui) Xue, CSIRO's Data61 & RAIR Centre, University of Adelaide

An In-model Spy in Edge Intelligence [PDF]
Fengxu Yang, ShanghaiTech University
Paizhuo Chen, ShanghaiTech University
Yihui Yan, ShanghaiTech University
Zhice Yang, ShanghaiTech University

VulCodeMark: Adaptive Watermarking for Vulnerability Datasets Protection [PDF]
Di Cao, Swinburne University of Technology
Jun Zhang, Swinburne University of Technology
Shigang Liu, CSIRO's Data61
Yang Xiang, Swinburne University of Technology

Unsupervised Backdoor Detection and Mitigation for Spiking Neural Networks [PDF]
Jiachen Li, RMIT University
Bang Wu, RMIT University
Xiaoyu Xia, RMIT University
Xiaoning Liu, RMIT University
Xun Yi, RMIT University
Xiuzhen Zhang, RMIT University

Functional Encryption in Secure Neural Network Training: Data Leakage and Practical Mitigations [PDF]
Alexandru Ionita, "Al. I. Cuza" University of Iasi
Andreea Ionita, "Al. I. Cuza" University of Iasi

Session B: Systems and Software Security

DEPHP: A Source Code Recovery Method for PHP Bytecode with Improved Structural Analysis [PDF]
Shiwu Zhao, Institute of Information Engineering, Chinese Academy of Sciences; University of Chinese Academy of Sciences
Ningjun Zheng, Tencent Technology (Shanghai) Co. Ltd.
Haoyu Li, Institute of Information Engineering, Chinese Academy of Sciences; University of Chinese Academy of Sciences
Ruizhi Feng, Institute of Information Engineering, Chinese Academy of Sciences; University of Chinese Academy of Sciences
Xingchen Chen, Institute of Information Engineering, Chinese Academy of Sciences
Ru Tan, Institute of Information Engineering, Chinese Academy of Sciences; University of Chinese Academy of Sciences
Qixu Liu, Institute of Information Engineering, Chinese Academy of Sciences

SyzRetrospector: A Large-Scale Retrospective Study of Syzbot [PDF]
Joseph Bursey, UC Irvine
Ardalan Amiri Sani, University of California, Irvine
Zhiyun Qian, University of California, Riverside

SyzGrapher: Resource-Centric Graph-Based Kernel Fuzzing [PDF]
Marius Fleischer, NVIDIA
Harrison Green, Carnegie Mellon University
Ilya Grishchenko, University of Toronto
Christopher Kruegel, UC Santa Barbara
Giovanni Vigna, UC Santa Barbara

SH3ARS: Privilege Reduction for ARMv8.0-A Secure Monitors [PDF]
Jonas Röckl, Friedrich-Alexander-Universität Erlangen-Nürnberg
Julian Funk, Friedrich-Alexander-Universität Erlangen-Nürnberg
Matti Schulze, Friedrich-Alexander-Universität Erlangen-Nürnberg
Tilo Müller, Hof University of Applied Sciences

TypeFlexer: Type Directed Flexible Program Partitioning [PDF]
Arunkumar Bhattar, Purdue University
Liyi Li, Iowa State University
Mingwei Zhu, University of Maryland, College Park
Le Chang, University of Maryland, College Park
Aravind Machiry, Purdue University

12:00 - 13:30

Lunch Break

13:30 - 15:00

Session A: Intrusion Detection and Response

Perry: A High-level Framework for Accelerating Cyber Deception Experimentation [PDF]
Brian Singer, Carnegie Mellon University
Yusuf Saquib, Carnegie Mellon University
Lujo Bauer, Carnegie Mellon University
Vyas Sekar, Carnegie Mellon University

Carbon Filter: Scalable, Efficient, and Secure Alert Triage for Endpoint Detection & Response [PDF]
Muhammad Adil Inam, University of Illinois at Urbana-Champaign
Jonathan Oliver, Broadcom
Raghav Batta, Broadcom
Adam Bates, University of Illinois at Urbana-Champaign

STGraph: Spatio-Temporal Graph Mining for Anomaly Detection in Distributed System Logs [PDF]
Teng Li, Xidian University
Shengkai Zhang, Xidian University
Yebo Feng, Nanyang Technological University
Jiahua Xu, UCL
Zexu Dang, Xidian University
Yang Liu, Nanyang Technological University
Jianfeng Ma, Xidian University

Detecting and Adapting to Stealthy Label-Inversion Drifts via Conditional Distribution Inference [PDF]
Xiaoli Zhang, University of Science and Technology Beijing
Yue Xiao, Wuhan University
Qilei Yin, Zhongguancun Lab
Zhengyang Li, University of Science and Technology Beijing
Xinyan Wang, China Unicom Digital Technology Co. Ltd
Jianrong Zhang, China Unicom Digital Technology Co. Ltd
Ke Xu, Tsinghua University
Qi Li, Tsinghua University
Xu-Cheng Yin, University of Science and Technology Beijing

NIDP: Solving Feature Distribution Shifts in Network Intrusion Detection via Neural Pruning [PDF]
Jiangtao Ding, Zhejiang University of Technology
Junli Zheng, Zhejiang University of Technology
Chenyang Mo, China Jiliang University
Zhicheng Xu, Zhejiang University of Technology
Han Zhu, Zhejiang University of Technology

Hongbing Cheng, Zhejiang University of Technology

Session B: IoT, Mobile, and VR Security

DeepFW: A DNN-Based Firmware Version Identification Framework for Online IoT Devices [PDF]
Zhen Lei, Taiyuan University of Technology, China
Nian Xue, Shandong University of Technology, China
Zhen Li, Shandong University of Technology, China
Dan Yu, Taiyuan University of Technology, China
Xin Huang, Taiyuan University of Technology, China
Yongle Chen, Taiyuan University of Technology, China

TAPPecker: TAP Logic Inference and Violation Detection in Heterogeneous Smart Home Systems [PDF]
Qixiao Lin, Beihang University
Jian Mao, Beihang University
Ziwen Liu, Beihang University
Zhenkai Liang, National University of Singapore

Careless Whisper: Exploiting Silent Delivery Receipts to Monitor Users on Mobile Instant Messengers [PDF]
Gabriel Karl Gegenhuber, University of Vienna
Maximilian Günther, University of Vienna
Markus Maier, University of Vienna
Aljosha Judmayer, University of Vienna
Florian Holzbauer, University of Vienna
Philipp Frenzel, SBA Research
Johanna Ullrich, University of Vienna

When (Inter)actions Speak Louder Than (Pass)words: Task-Based Evaluation of Implicit Authentication in Virtual Reality [PDF]
Woojin Jeon, Sungkyunkwan University
Chaejin Lim, Sungkyunkwan University
Hyoungshick Kim, Sungkyunkwan University

MotionDecipher: General Video-assisted Passcode Inference In Virtual Reality [PDF]
Guanchong Huang, University of Oklahoma
Yan He, University of Oklahoma
Shangqing Zhao, University of Oklahoma
Yi Wu, University of Oklahoma
Song Fang, University of Oklahoma

15:30 - 16:00

Tea Break

16:00 - 16:55

Session A: System Forensics & Investigation

A Comprehensive Quantification of Inconsistencies in Memory Dumps [PDF]
Andrea Oliveri, EURECOM
Davide Balzarotti, EURECOM

MuSAR: Multi-Step Attack Reconstruction from Lightweight Security Logs via Event-Level Semantic Association in Multi-Host Environments [PDF]
Yang Liu, Xi'an Jiaotong University
Zisen Xu, Xi'an Jiaotong University
Zian Luo, Xi'an Jiaotong University
Jin'ao Shang, Xi'an Jiaotong University
660300a349/660300a349.pdf Shilong Zhang, Xi'an Jiaotong University
Haichuan Zhang, University of Science and Technology of China
Ting Liu, Xi'an Jiaotong University

Exploring Runtime Evolution in Android: A Cross-Version Analysis and Its Implications for Memory Forensics [PDF]
Babangida Bappah, Louisiana State University
Lauren G Bristol, Louisiana State University
Lamine Noureddine, Louisiana State University
Sideeq Bello, Louisiana State University
Umar Farooq, Louisiana State University
Aisha Ali-Gombe, Louisiana State University

Session B: Web and Media Security

{{alert(’CSTI’)}}: Large-Scale Detection of Client-Side Template Injection [PDF]
Lorenzo Pisu, University of Cagliari
Davide Balzarotti, EURECOM
Davide Maiorca, University of Cagliari, Italy
Giorgio Giacinto, University of Cagliari

Deep Learning-Based Attacks on Traditional Watermarking Systems in Real-Time Live Video Streams [PDF]
Amin Sakzad, Monash University
Rebecca Wang, Monash University
Stuart W. Hall, Monash University

Deception Meets Diagnostics: Deception-based Real-Time Threat Detection in Healthcare Web Systems [PDF]
Zeeshan Zulkifl Shah, Macquarie University
Muhammad Ikram, Macquarie University
Hassan Jameel Asghar, Macquarie University
Mohamed Ali Kaafar, Macquarie University

18:00

Poster Session and Reception at Sky Point

Tuesday 21/10/2025

09:00 - 10:00

Keynote II

Toby Murray
Attacking and Verifying Certified Robustness for Neural Networks
Abstract: The fastest way to get your software hacked is to claim it is unbreakable. Yet humanity has produced a few rare systems demonstrably resistant to attack, such as the formally verified seL4 microkernel. Can we hope for similar assurance for today’s most exciting software — machine-learning models?
In this keynote, I will argue why ML models resist correctness verification. Much research has instead focused on verifying non-functional properties, like robustness. Unfortunately, these approaches face seemingly inherent scalability challenges. I will present our alternative: verified certified robustness, in which we built a formally verified robustness certifier for neural networks. I will show why verified certification is important, by exposing implementation flaws in existing, unverified certifiers. Finally, I will conclude with our recent discovery of subtle floating-point exploits against our own verified certifier. In doing so I hope to underscore not just the promise but also the open challenges of verified certified robustness---challenges I invite the community to address with us..

Bio: Toby Murray first got hooked on computer security at high school, when he was suspended for hacking the school’s computers. That early curiosity turned into a career after a stint as a graduate with the Department of Defence, and was super-charged during his D.Phil. at Oxford. Today he is a Professor in the School of Computing and Information Systems at the University of Melbourne, where he has led the School’s cybersecurity research, teaching, and engagement activities. He also serves as Director of the Defence Science Institute. His work on rigorously secure systems has been recognised with numerous awards, including the Eureka Prize for Outstanding Science in Safeguarding Australia and the ACM Software System Award.

10:00 - 10:30

Tea Break

10:30 - 12:00

Session A: Machine Learning for Security Applications

On the Effectiveness of Custom Transformers for Binary Analysis [PDF]
Xuezixiang Li, UC Riverside
Lian Gao, UC Riverside
Sheng Yu, UC Riverside
Yu Qu, UC Riverside
Heng Yin, UC Riverside

Developing a Strong CPS Defender: An Evolutionary Approach [PDF]
Qingyuan Hu, School of Information Science and Technology, ShanghaiTech University
Christopher M. Poskitt, Singapore Management University
Jun Sun, Singapore Management University
Yuqi Chen, School of Information Science and Technology, ShanghaiTech University

Scalable and Generalizable RL Agents for Attack Path Discovery via Continuous Invariant Spaces [PDF]
Franco Terranova, Université de Lorraine, CNRS, Inria, LORIA
Abdelkader Lahmadi, Université de Lorraine, CNRS, Inria, LORIA
Isabelle Chrisment, Université de Lorraine, CNRS, Inria, LORIA

From Text to Actionable Intelligence: Automating STIX Entity and Relationship Extraction [PDF]
Ahmed Lekssays, Qatar Computing Research Institute
Husrev Taha Sencar, Qatar Computing Research Institute
Ting Yu, Mohamed bin Zayed University of Artificial Intelligence

Semantic Heat Guided Relational Privacy Inference Based on Panoptic Scene Graph [PDF]
Qi Hao, School of Cyber Science and Engineering, Southeast University
Jie Huang, Southeast University
Changhao Ding, School of Cyber Science and Engineering, Southeast University
Zeping Zhang, Southeast University

Session B: Threat Intelligence & Offensive Tactics

From Concealment to Exposure: Understanding the Lifecycle and Infrastructure of APT Domains [PDF]
Athanasios Avgetidis, Georgia Institute of Technology
Aaron Faulkenberry, Georgia Institute of Technology
Boladji Vinny Adjibi, Georgia Institute of Technology
Tillson Galloway, Georgia Institute of Technology
Panagiotis Kintis, Georgia Institute of Technology
Omar Alrawi, Georgia Institute of Technology
Zane Ma, Oregon State University
Angelos Keromytis, Georgia Institute of Technology
Fabian Monrose, Georgia Institute of Technology
Roberto Perdisci, University of Georgia
Manos Antonakakis, Georgia Tech

The Persistent Threat of DGA-Based Botnets [PDF]
Arthur Drichel, RWTH Aachen University
Ulrike Meyer, RWTH Aachen University

CasinoLimit: An Offensive Dataset Labeled with MITRE ATT&CK Techniques [PDF]
Sebastien Kilian, CentraleSupélec
Valérie Viet Triem Tong, CentraleSupélec
Jean-François Lalande, CentraleSupélec
Frédéric Majorczyk, DGA, Ministère des Armées
Alexandre Sanchez, Inria
Natan Talon, CentraleSupélec
Pierre-Victor Besson, Inria
Helene Orsini, CentraleSupelec
Pierre Lledo, DGA, Ministère des Armées
Pierre-François Gimenez, Univ. Rennes, Inria, IRISA

A Longitudinal Analysis of LockBit 3.0’s Extortion Lifecycle and Response to Law Enforcement [PDF]
Yin Minn Pa Pa, Yokohama National University
Yuji Sekine, Yokohama National University
Yamato Kawaguchi, Yokohama National University
Tatsuki Yogo, Yokohama National University
Kelvin Lubbertsen, Delft University of Technology
Rolf van Wegberg, Delft University of Technology
Michel van Eeten, Delft University of Technology
Katsunari Yoshioka, Yokohama National University

EventHunter: Dynamic Clustering and Ranking of Security Events from Hacker Forum Discussions [PDF]
Yasir Ech-chammakhy, Mohammed VI Polytechnic University, College of Computing
Anas Motii, Mohammad VI Polytechnic University, College of Computing
Anass Rabii, Deloitte Morocco Cyber Center
Jaafar Chbili, Deloitte Conseil

12:00 - 13:30

Lunch Break

13:30 - 17:00

Social Event at SeaWorld (bus pick up at hotel at 13:30)

17:15

Conference Banquet & Award Ceremony at Sea World Resort Conference Centre

20:00

Return to hotel (bus pick up at the banquet venue)

Wednesday 22/10/2025

10:00 - 10:30

Morning Tea

10:30 - 12:00

Session A: Adversarial Machine Learning

ViDToken: A Video-Transformer-Based Latent Token Defense for Adversarial Video Detection [PDF]
Wei Song, UNSW Sydney
Zhenchang Xing, CSIRO's Data61
Liming Zhu, CSIRO's Data61
Yulei Sui, UNSW Sydney
Jingling Xue, UNSW Sydney

Robust Cross-Modal Deepfake Detection via Facial UV Maps and Momentum Contrastive Learning [PDF]
Yuesen Tang, Southeast University
Yuanyang Zhang, Southeast University
Wangxiao Mao, Southeast University
Li Yao, Southeast University

BadLogo: A Physically Realizable Adversarial Sticker for Evaluating the Robustness of Face Recognition Models [PDF]
Fuqi Qi, Xidian University
Haichang Gao, Xidian University
Boling Li, Xidian University
Shiping Guo, Xidian University
Yuming Zheng, Xidian University
Bingqian Zhou, Xidian University

The Adaptive Arms Race: Redefining Robustness in AI Security [PDF]
Ilias Tsingenopoulos, KU Leuven
Vera Rimmer, KU Leuven
Davy Preuveneers, KU Leuven
Fabio Pierazzi, University College London
Lorenzo Cavallaro, University College London
Wouter Joosen, KU Leuven

Red-Teaming LLMs with Token Control Score: Efficient, Universal, and Transferable Jailbreaks [PDF]
Leo Hyun Park, Yonsei University
Taekyoung Kwon, Yonsei University

Session B: Malware & Attack Infrastructure

Malware and Vulnerability Analysis using Graph-synchronized Language Model [PDF]
Paventhan Vivekanandan, Indiana University Bloomington
Alexander Shroyer, Indiana University Bloomington
Martin Swany, Indiana University Bloomington

Demystifying Feature Engineering in Malware Analysis of API Call Sequences [PDF]
Tianheng Qu, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences, China
Hongsong Zhu, Institute of Information Engineering, CAS, China; School of Cyber Security, University of Chinese Academy of Sciences, China
Limin Sun, Institute of Information Engineering, CAS
Haining Wang, Virginia Tech
Haiqiang Fei, Institute of Information Engineering, Chinese Academy of Sciences
Zheng He, National Computer Network Emergency Response Technical Team / Coordination Center of China
Zhi Li, Institute of Information Engineering, Chinese Academy of Sciences, China

Evaluating LLM-Based Detection of Malicious Package Updates in npm [PDF]
Elizabeth Wyss, University of Kansas
Dominic Tassio, University of Kansas
Lorenzo De Carli, University of Calgary
Drew Davidson, University of Kansas

ADAPT: A Pseudo-labeling Approach to Combat Concept Drift in Malware Detection [PDF]
Md Tanvirul Alam, Rochester Institute of Technology
Aritran Piplai, University of Texas El Paso
Nidhi Rastogi, Rochester Institute of Technology

Revealing Informed Scanners by Colocating Reactive and Passive Telescopes [PDF]
Dario Ferrero, Delft University of Technology
Georgios Smaragdakis, Delft University of Technology
Harm Griffioen, Delft University of Technology

12:00 - 13:30

Lunch Break

13:30 - 15:00

Session A: Security and Privacy in Federated & Distributed Learning

PRIV-HFL: Privacy-Preserving and Robust Federated Learning for Heterogeneous Clients Against Data Reconstruction Attacks [PDF]
Mohammadreza Najafi, La Trobe University
Hooman Alavizadeh, La Trobe University
Ahmad Salehi Shahraki, La Trobe University
A.S.M Kayes, La Trobe University
Wenny Rahayu, La Trobe University

Guard-GBDT: Efficient Privacy-Preserving Approximated GBDT Training on Vertical Dataset [PDF]
Anxiao Song, Xidian University
Shujie Cui, Monash University
Jianli Bai, Singapore Management University
Ke Cheng, Xidian University
Yulong Shen, Xidian University, China
Giovanni Russello, University of Auckland

Re-examine Federated Rank Learning: Analyzing Its Robustness Against Poisoning Attacks [PDF]
Xiaofei Huang, Institute of Information Engineering, Chinese Academy of Sciences
Xiaojie Zhu, King Abdullah University of Science and Technology
Chi Chen, Institute of Information Engineering, Chinese Academy of Sciences
Paulo Esteves-Veríssimo, King Abdullah University of Science and Technology

BadFU: Backdoor Federated Learning Through Adversarial Machine Unlearning [PDF]
Bingguang Lu, University of Newcastle
Hongsheng Hu, University of Newcastle
Yuantian Miao, University of Newcastle
Shaleeza Sohail, University of Newcastle
Chaoxiang He, Shanghai Jiao Tong University
Shuo Wang, Shanghai Jiao Tong University
Xiao Chen, University of Newcastle

FedSIG: Privacy-Preserving Federated Recommendation via Synthetic Interaction Generation [PDF]
Thirasara Ariyarathna, University of New South Wales
Salil Kanhere, University of New South Wales
Hye-Young (Helen) Paik, University of New South Wales (UNSW)
Meisam Mohammady, Iowa State University of Science and Technology, USA

Session B: Hardware Security and Side-Channels

Portal: Enabling Accurate Siemens PLC Rehosting via Peripheral Synthesis and Proactive Interrupt Synchronization [PDF]
Haoran Li, Zhejiang University
Dakun Shen, Zhejiang University
Wenbo Shen, Zhejiang University
Zhen Zhu, Zhejiang Lab

Activation Functions Considered Harmful: Recovering Neural Network Weights through Controlled Channels [PDF]
Jesse Spielman, University of Birmingham
David Oswald, University of Birmingham
Mark Ryan, University of Birmingham
Jo Van Bulck, DistriNet, KU Leuven

Zebrafix: Mitigating Memory-Centric Side-Channel Leakage via Interleaving [PDF]
Anna Pätschke, University of Luebeck
Jan Wichelmann, University of Luebeck
Thomas Eisenbarth, University of Luebeck

RF-Eye-D: Probing Feasibility of CMOS Camera Watermarking with Radio-Frequency Injection [PDF]
Hui Zhuang, Northeastern University
Yan Long, Northeastern University
Kevin Fu, Northeastern University

ShuffleV: A Microarchitectural Defense Strategy against Electromagnetic Side-Channel Attacks in Microprocessors [PDF]
Nuntipat Narkthong, Northeastern University
Yukui Luo, Binghamton University
Xiaolin Xu, Northeastern University

15:00 - 15:30

Tea Break

15:30 - 16:25

Session A: Network & Protocol Security

Overlapping IPv4, IPv6, and TCP data: exploring errors, test case context, and multiple overlaps inside network stacks and NIDSes with PYROLYSE [PDF]
Lucas Aubard, Inria
Johan Mazel, ANSSI
Gilles Guette, IMT Atlantique
Pierre Chifflier, ANSSI

Active Attack Resilience in 5G: A New Take on Authentication and Key Agreement [PDF]
Nazatul Haque Sultan, CSIRO's Data61, Sydney
Xinlong Guan, CSIRO's Data61, Sydney
Josef Pieprzyk, CSIRO's Data61, Sydney
Wei Ni, CSIRO's Data61, Sydney
Sharif Abuadbba, CSIRO's Data61, Sydney
Hajime Suzuki, CSIRO's Data61, Sydney

H2FUZZ: Guided, Black-box, Differential Fuzzing for HTTP/2-to-HTTP/1 Conversion Anomalies [PDF]
Anthony Gavazzi, Northeastern University
Weixin Kong, Northeastern University
Engin Kirda, Northeastern University

Session B: Enterprise and Cloud Security

Uncontained Danger: Quantifying Remote Dependencies in Containerized Applications [PDF]
Chris Tsoukaladelis, Stony Brook University
Roberto Perdisci, University of Georgia
Nick Nikiforakis, Stony Brook University

RBAClock: Contain RBAC Permissions through Secure Scheduling [PDF]
Qingwang Chen, Institute of Information Engineering, Chinese Academy of Sciences
Ru Tan, Institute of Information Engineering, Chinese Academy of Sciences
Xinyu Liu, Institute of Information Engineering, Chinese Academy of Sciences
Yuqi Shu, Institute of Information Engineering, Chinese Academy of Sciences
Zhou Tong, Institute of Information Engineering, Chinese Academy of Sciences
Haoqiang Wang, Institute of Information Engineering, Chinese Academy of Sciences
Ze Jin, Institute of Information Engineering, Chinese Academy of Sciences
Qixu Liu, Institute of Information Engineering, Chinese Academy of Sciences

Scalable Active Directory Defense with α-Metagraph [PDF]
Nhu Long Nguyen, The University of Adelaide
Nickolas Falkner, The University of Adelaide
Hung Nguyen, The University of Adelaide

16:25 - 16:30

Closing Remark

Organized by