Detailed Program

Edgar Weippl (SBA Research and University of Vienna, Austria) , Mathias Fischer (Universität Hamburg, Germany)

Short Pitch of each EU Symposium Workshop

The strange world of the password

Steve Furnell (University of Nottingham, United Kingdom)

Abstract: Despite years of evidence of poor practice, people continue to choose weak passwords and continue to be allowed to do so. Normally, if something is broken then the answer is to fix or replace it. However, with passwords the problem seems able to persist unchecked and we continue to use them extensively despite the flaws. Adding further evidence of the issue, this presentation reports on the fifth run of a study into the provision of password guidance and the enforcement of password rules by a series of leading websites. The investigation has been conducted every 3-4 years since 2007 and the latest findings continue to reveal areas of notable weakness. This includes many sites still offering little or no meaningful guidance, and still permitting users to choose passwords that ought to be blocked at source. It seems that while we remain ready to criticise users for making poor choices, we repeatedly fail to take steps that would help them to do better.

VMIFresh: Efficient and Fresh Caches for Virtual Machine  Introspection

Thomas Dangl (University of Passau, Germany), Stewart Sentanoe (University of Passau, Germany) and Hans P. Reiser (Reykjavík University, Iceland)

Privacy-Preserving Polyglot Sharing and Analysis of Confidential Cyber Threat Intelligence

Davy Preuveneers and Wouter Joosen (imec-DistriNet, KU Leuven, Belgium)

Distance-based Techniques for Personal Microbiome Identification

Markus Hittmeir, Rudolf Mayer and Andreas Ekelhart (SBA Research, Austria)

SOAR4IoT: Securing IoT Assets with Digital Twins

Philip Empl, Daniel Schlette, Daniel Zupfer and Günther Pernul (University of Regensburg, Germany)

Attacking Power Grid Substations: An Experiment Demonstrating How to Attack the SCADA Protocol IEC 60870-5-104

László Erdődi, Pallavi Kaliyar, Siv Hilde Houmb, Aida Akbarzadeh and Andre Jung Waltoft-Olsen (Department of Information Security and Communication Technology, Norwegian University of Science and Technology, Norway)

Substation-Aware. An intrusion detection system for the IEC 61850 protocol

Jose Antonio Lopez, Iñaki Angulo and Saturnino Martinez (TECNALIA, Basque Research and Technology Alliance (BRTA), Spain)

Cyber-security measures for protecting EPES systems in the 5G area

Alexios Lekidis (Public Power Corporation, Greece)

Handling Critical Infrastructures in Federation of Cyber Ranges: A Classification Model

Evangelos Chaskos, Jason Diakoumakos, Nicholas Kolokotronis and George Lepouras (University of the Peloponnese Department of Informatics and Telecommunications, Greece)

Fault-Tolerant SDN Solution for Cybersecurity Applications

Athanasios Liatifis (University of Western Macedonia, Macedonia), Christos Dalamagkas (Testing Research & Standards Center of Public Power Corporation SA, Greece), Panagiotis Radoglou-Grammatikis (University of Western Macedonia, Macedonia), Thomas Lagkas (International Hellenic University, Greece), Evangelos Markakis (Hellenic Mediterranean University, Greece), Valeri Mladenov (Technical University of Sofia, Bulgaria), Panagiotis Sarigiannidis (University of Western Macedonia, Macedonia)

Securing Communication and Identifying Threats in RTUs: A Vulnerability Analysis

Engla Rencelj Ling (Division of Network and Systems Engineering, KTH Royal Institute of Technology, Sweden), Jose Eduardo Urrea Cabus (Division of Network and Systems Engineering, KTH Royal Institute of Technology, Sweden), Ismail Butun (Division of Network and Systems Engineering, KTH Royal Institute of Technology, Sweden), Robert Lagerström (Division of Network and Systems Engineering, KTH Royal Institute of Technology, Sweden), Johannes Olegard (Department of Computer and Systems Sciences, Stockholm University, Sweden)

Explainability-based Debugging of Machine Learning for Vulnerability Discovery

Angelo Sotgiu, Maura Pintor and Battista Biggio (Pluribus One, University of Cagliari, Italy)

Lightweight Parsing and Slicing for Bug Identification in C

Luca Mecenero (University of Trento, Italy), Ranindya Paramitha (University of Trento, Italy), Ivan Pashchenko (TomTom, The Netherlands), Fabio Massacci (University of Trento, Italy, Vrije Universiteit Amsterdam, The Netherlands)

On the feasibility of detecting injections in malicious npm packages

Simone Scalco (University of Trento, Italy), Ranindya Paramitha (University of Trento, Italy), Duc-Ly Vu (FPT University, Vietnam) and Fabio Massacci (University of Trento, Italy, Vrije Universiteit Amsterdam, The Netherlands)

Towards a Security Benchmark for the Architectural Design of Microservice Applications

Anusha Bambhore Tukaram (Hamburg University of Technology, Germany), Simon Schneider (Hamburg University of Technology, Germany), Nicolás E. Díaz Ferreyra (Hamburg University of Technology, Germany), Georg Simhandl (University of Vienna, Austria), Uwe Zdun (University of Vienna, Austria), Riccardo Scandariato (Hamburg University of Technology, Germany)

Learning State Machines to Monitor and Detect Anomalies on a Kubernetes Cluster

Clinton Cao (Delft University of Technology, The Netherlands), Agathe Blaise (Thales SIX GTS France, France), Sicco Verwer (Delft University of Technology, The Netherlands) and Filippo Rebecchi (Thales SIX GTS France, France)

Security Maturity Self-Assessment Framework for Software Development Lifecycle

Raluca Brasoveanu (TomTom, The Netherlands), Yusuf Karabulut (TomTom, Germany) and Ivan Pashchenko (TomTom, The Netherlands)

Attack graphs as digital twins for managing breach prevention, detection, and reaction

Giuseppe Nebbione and Mathias Ekstedt (KTH Royal Institute of Technology, Sweden)

Methodological improvement of the Cyber Security of Energy Data Services: the CyberSEAS way

Luigi Cappolino (University of Naples “Parthenope”, Italy)

A joint approach to cybersecurity for Energy operators: the CyberEPES cluster

Paolo Roccetti (Engineering R&D Labs, Italy)

Security-by-Design in Intelligent Infrastructures: the HAII-T orchestrator

Gabriele Costa , IMT School for Advanced Studies Lucca

Abstract : In the last years Security-by-Design has emerged as the main methodology for securing the life cycle of software and systems. Its effectiveness is the result of a strong integration with all the development phases, from the earliest conceptualization and design to the final disposal. Large scale, critical infrastructures can benefit the most from this approach. Nevertheless, they also carry an extreme degree of complexity that must be dealt with. In this talk we will consider the SPARTA perspective on the definition and implementation of a secure orchestrator for making intelligent infrastructures Secure-by-Design.

Implementation of Revocable Keyed-Verification Anonymous Credentials on Java Card

Raúl Casanova-Marqués (Brno University of Technology, Universitat Jaume I, Czech Republic), Petr Dzurenda (Brno University of Technology, Czech Republic), Jan Hajny (Brno University of Technology, Czech Republic)

Real-world Deployment of Privacy-Enhancing Authentication System using Attribute-based Credentials

Petr Dzurenda (Brno University of Technology, Czech Republic), Raúl Casanova-Marqués (Brno University of Technology, Universitat Jaume I, Czech Republic), Lukas Malina (Brno University of Technology, Czech Republic)

Cybersecurity Skills Gap: ENISA Analysis and Actions

Fabio Di Franco, ENISA

Abstract: Fabio will provide a holistic view on the nature and characteristics of the skills gap in Europe and the results of the joint effort done with other EU players (eg. the pilots of the EU Competence Network). He will report on the European Cybersecurity Skills Framework (ECSF) which aims to close the cybersecurity skills’ gap on the European labour market, building comprehensive bridges between European workplace context and learning environment through an EU skills framework.  He will also provide insights on the cybersecurity higher education database (CyberHEAD), an initiative to allow young talents to make informed decisions on the variety of possibilities offered by higher education in cybersecurity through an easy-to-use web portal.

Properties for Cybersecurity Awareness Posters’ Design and Quality Assessment

Sunil Chaudhary (Norwegian University of Science and Technology, Norway), Marko Kompara (University of Maribor, Slovenia), Sebastian Pape (Goethe University, Germany), Vasileios Gkioulos (Norwegian University of Science and Technology, Norway)

Security of Smart Grid Networks in the Cyber Ranges

Tomas Lieskovan, Jan Hajny (Brno University of Technology, Czech Republic)

Requirements for an Information Privacy Pedagogy based on the Constructivism Learning Theory

Thanos Papaioannou (Ionian University, Greece), Aggeliki Tsohou (Ionian University, Greece), Maria Karyda (University of the Aegean, Greece), Stylianos Karagiannis (PDM & FC, Portugal)

CyBOK - The Cyber Security Body Of Knowledge

Dr. Yulia Cherdantseva, Senior Lecturer at the School of Computer Science & Informatics at Cardiff University

Abstract : Cyber Security Body of Knowledge (CyBOK) is a major project sponsored by the UK National Cyber Security Centre with the aim of developing a substantial resource offering a guide to the Cyber Security as a discipline and as a field of professional practice.  CyBOK codifies the foundational knowledge in cyber security for education and professional training.  It is an open and freely accessible resource (www.cybok.org) developed by the Community for the Community with contributions from over 115 experts across the world since 2017. CyBOK v1.1 is constituted by 21 knowledge areas. There are also free supplementary resources for students, educators and trainers, e.g. podcasts, resources for developing programmes based on CyBOK, lab materials, case studies for use in classroom, etc. This presentation will describe the process of developing CyBOK and maintaining it up to date, discuss the role of the international community in this process, outline the use cases of CyBOK and the future directions of the CyBOK project evolution.

Hide and Seek: Privacy-Preserving and FAA-compliant Drones Location Tracing

Alessandro Brighente (University of Padova, Italy), Mauro Conti (University of Padova, Italy, Delft University of Technology, The Netherlands), Savio Sciancalepore (Eindhoven University of Technology (TU/e)The Netherlands)

Revisiting Online Privacy and Security Mechanisms Applied in the In-App Payment Realm from the Consumers’ Perspective

Salatiel Ezennaya-Gomez, Edgar Blumenthal, Marten Eckardt, Justus Krebs, Christopher Kuo, Julius Porbeck, Emirkan Toplu, Stefan Kiltz and Jana Dittmann (Otto-von-Guericke University Magdeburg, Germany)

Towards Efficient FHE Based cPIR Schemes and Their Parameter Selection

Cavidan Yakupoglu and Kurt Rohloff (NJIT, United States)

Introduction to the International Workshop on Privacy and Security of Multi-Modal Transport Systems

Roland Rieke (Fraunhofer SIT | ATHENE, Germany)

Challenges and solutions for security and seamless authentication services in airport-train multimodal travels

Stefano Sebastio (Collins ART, Ireland)

SECurity Test and Evaluation platform for Autonomous driving

Daniel Zelle (Fraunhofer SIT | ATHENE, Germany)

Security Operations Center for Multi-Modal Transport Systems

Ali Recai Yekta (Yekta IT GmbH, Germany)

Collaborative Security Pattern for Automotive Electrical/Electronic (E/E) Architectures

Florian Fenzl (Fraunhofer SIT | ATHENE, Germany)

Demonstration of alignment of the Pan-European Cybersecurity Incidents Information Sharing Platform to Cybersecurity policy, regulatory and legislative advancements

Dimitrios Skias (Netcompany-Intrasoft, Luxembourg), Sofia Tsekeridou (Netcompany-Intrasoft, Greece), Theodore Zahariadis (SYNELIXIS SOLUTIONS S.A, Greece.), Artemis Voulkidis (SYNELIXIS SOLUTIONS S.A., Greece) and Terpsichori-Helen Velivassaki (SYNELIXIS SOLUTIONS S.A., Greece)

A Collaborative Intelligent Intrusion Response Framework for Smart Electrical Power and Energy Systems

Konstantinos P. Grammatikakis, Ioannis Koufos and Nicholas Kolokotronis (University of the Peloponnese, Department of Informatics and Telecommunications, Greece)

Evaluating The Cyber-Security Culture of the EPES Sector

Anna Georgiadou, Ariadni Michalitsi-Psarrou and Dimitris Askounis (National Technical University of Athens, Greece)

Classifying the factors affecting the adoption of the SDN-microSENSE innovations

Theodoros Rokkas and Ioannis Neokosmidis (inCITES Consulting, Luxembourg)

The AssureMOSS security certification scheme

Ákos Milánkovich, Gergely Eberhardt and Dávid Lukács (Search-Lab Ltd., Hungary)

Panel discussion

Panel on delta certification - challenges and possible solutions

Panelists: Eric Vetillard (ENISA), Kai Rannenberg (GUF, Cybersec4Europe), Isaac Dangana (CyberSEAS, Engineering), Luna Garcia Jesus (BOSCH, MEDINA)

Toward Automated Playbook Generation through Natural Language Processing

Zsolt - Levente Kucsván (University of Twente, The Netherlands)

Algorithms for detecting automatically generated domain names

Irina Chiscop (TNO, the Netherlands) and Francesca Soro (AIT, Austria)

Analysis of anomalies detected on endpoints

Dmitriy Komashinskiy (F-secure, Finland)

Artificial Intelligence-Assisted Side Channel Attacks

Xiaolu Hou , Faculty of Informatics and Information Technologies, Slovak University of Technology

Abstract: Deep neural networks (DNN) have gained popularity in the last decade due to advances in available computational resources. In particular, side-channel attacks (SCA) have received the most attention as being a classification problem, DNN comes as a natural candidate. In this talk, we will first provide the basics of SCA and explain how it can recover the secret key of a cryptographic implementation. Then, we will present the recent literature on applications of DNN to SCA. As a demonstration, we will detail a work that aims to propose a general framework that helps users with the overall trace analysis aided by DNN, minimizing the necessity for architecture adjustments by the user.

CloudFL: A Zero-Touch Federated Learning Framework for Privacy-aware Sensor Cloud

Viraaji Mothukuri (Kennesaw State University, United States), Reza M. Parizi (Kennesaw State University, United States), Seyedamin Pouriyeh (Kennesaw State University, United States), Afra Mashhadi (University of Washington, United States)

Enhanced anomaly detection for cyber-attack detection in smart water distribution systems

Branka Stojanovic, Helmut Neuschmied, Martin Winter and Ulrike Kleb (JOANNEUM RESEARCH Forschungsgesellschaft mbH, Austria)

Adding European Cybersecurity Skills Framework into Curricula Designer

Jan Hajny (Brno University of Technology, Czech Republic), Marek Sikora (Brno University of Technology, Czech Republic), Athanasios Grammatopoulos (University of Piraeus, Greece), Fabio Di Franco (ENISA, Greece)

The Platform for Czech National Qualifications Framework in Cybersecurity

Jakub Vostoupal (Masaryk University, Faculty of Informatics, Masaryk University, Faculty of Law, Czech Republic), František Kasl (Masaryk University, Faculty of Informatics, Masaryk University, Faculty of Law, Czech Republic), Pavel Loutocký (Masaryk University, Faculty of Informatics, Masaryk University, Faculty of Law, Czech Republic), Tomáš Pitner (Masaryk University, Faculty of Informatics, Czech Republic), Patrik Valo (Masaryk University, Faculty of Informatics, Czech Republic), Adam Valalský (Masaryk University, Faculty of Informatics, Czech Republic), Damián Paranič (Masaryk University, Faculty of Informatics, Czech Republic)

Job Adverts Analyzer for Cybersecurity Skills Needs Evaluation

Sara Ricci (Brno University of Technology, Czech Republic), Marek Sikora (Brno University of Technology, Czech Republic), Simon Parker (Deutsches Krebsforschungszentrum, Germany), Imre Lendak (University of Novi Sad, Serbia), Yianna Danidou (European University Cyprus, Cyprus), Argyro Chatzopoulou (APIROPLUS Solutions Ltd., Cyprus), Remi Badonnel (University of Lorraine, France), Donatas Alksnys (Mykolas Romeris University, Lithuania)

Panel Discussio n

CCN: CONCORDIA (Felicia Cutas), ECHO (Pavel Varbanov), SPARTA (Jan Hajny)

YOU SHALL NOT COMPUTE on my Data: Access Policies for Privacy-Preserving Data Marketplaces and an Implementation for a Distributed Market using MPC

Stefan More and Lukas Alber (Graz University of Technology, Austria)

Identity and Access Management Framework for Multi-tenant Resources in Hybrid Cloud Computing

Saurabh Deochake and Vrushali Channapattan (Twitter, United States)

All that is Solid Melts into Air: Towards Decentralized Cryptographic Access Control

Harry Halpin (K.U. Leuven, Belgium)

Identity management for a seamless authentication in the transportation sector

Piotr Sobonski (Collins ART, Ireland)

Attribute-based authorization for a transaction between a transport company and a passenger

Jean-Paul Bultel (CEA, France)

An authentication and data sharing framework in the mobility service domain

Henry Gadacz (Fraunhofer SIT | ATHENE, Germany)

Utilizing the Trusted Platform Module in automotive networks to secure car sharing applications

Lukas Jäger, Christian Plappert (Fraunhofer SIT | ATHENE, Germany)

Panel disccusion with representatives from EPES projects

Distributed Key Management in Microgrids

Christos Xenakis, University of Piraeus

Abstract: Security for smart industrial systems is prominent due to the proliferation of cyber threats threatening national critical infrastructures. Smart grid comes with intelligent applications that can utilize the bidirectional communication network among its entities. Microgrids are small-scale smart grids that enable Machine-to-Machine (M2M) communications as they can operate with some degree of independence from the main grid. In addition to protecting critical microgrid applications, an underlying key management scheme is needed to enable secure M2M message transmission and authentication. Existing key management schemes are not adequate due to microgrid special features and requirements. We propose the Micro sElf-orgaNiSed mAnagement (MENSA), which is the first hybrid key management and authentication scheme that combines Public Key Infrastructure (PKI) and Web-of-Trust concepts in micro-grids. Our experimental results demonstrate the efficiency of MENSA in terms of scalability and swiftness.

The cybersecurity-related ethical issues of cloud technology and how to avoid them

Aleksandra Pawlicka (ITTI Sp. z o.o. and University of Warsaw, Poland), Marek Pawlicki (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland), Rafał Renk (ITTI Sp. z o.o. and Adam Mickiewicz University, Poland), Rafał Kozik (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland) and Michal Choras (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland)

The PRAETORIAN Project in a Nutshell

Eva María Muñoz Navarro (ETRA I+D) and Frederic Guyomard (Électricité de France)

The PRECINCT Project in a Nutshell

Jenny Rainbird (Inlecom Pathways)

CI Interdependencies and Cascading Effects

Stefan Schauer and Sandra König (AIT Austrian Institute of Technology)

Resilience Management Framework for Interdependent CIs

Lorcan Connolly (Research Driven Solutions)

Parametrization of Probabilistic Risk Models

Sandra König and Abdelkader Magdy Shaaban (AIT Austrian Institute of Technology)

Response Coordination for Complex Scenarios

Lazaros Papadopoulos (Institute of Communication and Computer Systems)

On Secure and Side-Channel Resistant Hardware Implementations of Post-Quantum Cryptography

Petr Jedlicka (Brno University of Technology, FEEC, Department of Telecommunications, Czech Republic), Lukas Malina (Brno University of Technology, FEEC, Department of Telecommunications, Czech Republic), Tomas Gerlich (Brno University of Technology, FEEC, Department of Telecommunications, Czech Republic), Zdenek Martinasek (Brno University of Technology, FEEC, Department of Telecommunications, Czech Republic), Jan Hajny (Brno University of Technology, FEEC, Department of Telecommunications, Czech Republic), Petr Socha (Czech Technical University in Prague, Faculty of Information Technology, Dept. of Digital Design, Czech Republic)

Securing Shared Mobility Integration into Public Transport Infrastructure

Abasi-Amefon Obot Affia and Raimundas Matulevicius

An Internet-Wide View of Connected Cars: Discovery of Exposed Automotive Devices

Takahiro Ueda, Takayuki Sasaki, Katsunari Yoshioka and Tsutomu Matsumoto (Yokohama National University, Japan)

CyberSANE project: concept, background, objectives, consortium (15 min)

Jorge Manuel Martins, Project Manager, PDMFC

CyberSANE architecture: : Core & 5 components (45 min)

Luis Landeiro Ribeiro, Head of PMO at PDMFC, Project Manager for the CyberSANE project

Thanos Karantjias, Chief Technology Officer, Maggioli

CyberSANE Business models (30 min)

Armend Duzha, Maggioli

Challenges of cybersecurity education from a learner and educator perspective

COLTRANE project overview

Gregor Langner (Austrian Institute of Technology (AIT), Vienna, Austria)

Steve Furnell (University of Nottingham, Nottingham, United Kingdom)

Ticket based lightweight security solution for small car E/E-components

Claus-Henning Friederichs (AVL, Germany)

Practical guidelines to configure homomorphic encryption schemes: An application to machine learning

Antoine Choffrut (CEA, France)

Homomorphic Encryption Based Pattern Search for Privacy Preserving Analytics

Hoang-Gia NGUYEN (CEA, France)

DRIVES: Android App for Automotive Customized Services

Marco de Vincenzi (CNR, Italy)

SAMM: Situation Awareness with Machine Learning for Misbehavior Detection in VANET

Mohammed A. Abdelmaguid, Hossam S. Hassanein and Mohammad Zulkernine (School of Computing, Queen’s University, Canada)

Towards Deployment Shift Inhibition Through Transfer Learning in Network Intrusion Detection

Marek Pawlicki, Rafał Kozik and Michał Choraś (ITTI Sp. z o.o. Poznań, Bydgoszcz University of Science and Technology Bydgoszcz, Poland)

Image-based Neural Network Models for Malware Traffic Classification using PCAP to Picture Conversion

Giorgos Agrafiotis, Eftychia Makri, Ioannis Flionis, Antonios Lalas, Konstantinos Votis and Dimitrios Tzovaras (Centre for Research and Technology Hellas/ Information Technologies Institute (CERTH/ITI), Greece)

Applying Machine Learning on RSRP-based Features for False Base Station Detection

Prajwol Kumar Nakarmi, Jakob Sternby and Ikram Ullah (Ericsson, Sweden)

Physical and Cyber Situational Awareness for CI

Juan José Hernández Montesino (ETRA I+D) and Stephane Paul (Thales)

Hybrid Situational Awareness

Israel Perez Llopis and Javier Hingant Gómez (Universitat Politecnica de Valencia)

Serious Games in Crisis Situations

Daniel McCrum and Páraic Carroll (University College Dublin)

A Methodology for Enhancing Emergency Situational Awareness through Social Media

Antonios Karteris, Georgios Tzanos, Lazaros Papadopoulos, Konstantinos Demestichas, Dimitrios Soudris, Juliette Pauline Philibert and Carlos López Gómez

The PRAETORIAN Use Cases in a Nutshell

Eva María Munoz Navarro (ETRA I+D), Frederic Guyomard (Électricité de France) and
Tamara Hadjina (KONCAR)

The PRECINCT Living Labs in a Nutshell

Isabel Verwee and Shirley Delannoy (VIAS Institute)

CyberSANE pilots: use cases and lessons learnt (60 min)

Pablo Giménez Salazar, CyberSANE Pilot Coordinator and CyberSANE Transport Pilot Manager at Fundacion Valenciaport

Robert Bordianu, Senior DevOps Engineer & IoT Evangelist in Lightsource Labs Limited and CyberSANE Energy pilot Manager

Andrius Patapovas, CyberSANE Health Pilot, Healthcare Information Processing at Klinikum Nuremberg

Guillermo Yuste, Cybersecurity Specialist and Data Analytics Consultant, Atos

CyberSANE Standardisation activities (15 min)

Manos Athanathos, Technical Project Manager, ICS Forth

Q&A (15 min)

Chaired by Luis Landeiro Ribeiro, Head of PMO at PDMFC, Project Manager for the CyberSANE project

Usable Privacy: Retrospective and Challenges ahead

Delphine Reinhardt (University of Göttingen, Germany)

Abstract: Since the introduction of the GDPR  and the resulting cookie banners, providing or not our consent to data collection has become a recurrent activity that requests attention and time for each visited website.  While consent is an important instrument to protect our privacy, its implementation is a source of annoyance for most website visitors due to its lack of usability. As a result, they may choose the easiest way and click on the most attractive button without a second thought, thus voiding the original intention beyond an informed consent. To avoid such effects for which the users are not to blame, different usable privacy solutions have been proposed in the past. In this keynote, we will consider the different steps beyond consent in which the users can be involved and detail selected examples. Based on them, we will identify future research directions and discuss challenges that we will need to solve in the next years as a community.

SoK: How private is Bitcoin? Classification and Evaluation of Bitcoin Privacy Techniques

Simin Ghesmati (SBA Research, Austria), Walid Fdhila (SBA Research, Austria) and Edgar Weippl (University of Vienna and SBA Research, Austria)

Towards Verifiable Differentially-Private Polling

Gonzalo Munilla Garrido (SEBIS, Technical University of Munich, Germany), Johannes Sedlmeir (Fraunhofer FIT, Branch Business and Information Systems Engineering, Germany) and Matthias Babel (FIM Research Center, University of Bayreuth, Germany)

Automatic online quantification and prioritization of data protection risks

Sascha Sven Zmiewski (University of Duisburg-Essen, Germany), Jan Laufer (University of Duisburg-Essen, Germany) and Zoltán Ádám Mann (University of Amsterdam, The Netherlands)

Reviewing review platforms: a privacy perspective

Kevin De Boeck, Jenno Verdonck, Michiel Willocx, Jorn Lapon and Vincent Naessens (imec-DistriNet, Belgium)

Explain to Not Forget: Defending Against Catastrophic Forgetting with XAI

Sami Ede (Fraunhofer Heinrich Hertz Institute, Germany), Serop Baghdadlian (Fraunhofer Heinrich Hertz Institute, Germany), Leander Weber (Fraunhofer Heinrich Hertz Institute, Germany), An Nguyen (Friedrich Alexander-Universität Erlangen-Nürnberg, Germany), Dario Zanca (Friedrich Alexander-Universität Erlangen-Nürnberg, Germany), Wojciech Samek (Fraunhofer Heinrich Hertz Institute, Technische Universität Berlin, BIFOLD – Berlin Institute for the Foundations of Learning and Data, Germany) and Sebastian Lapuschkin (Fraunhofer Heinrich Hertz Institute, Germany)

Approximation of SHAP values for Randomized Tree Ensembles

Markus Loecher (Berlin School of Economics and Law, Germany), Dingyi Lai (Dept. of Statistics, Humboldt University, Germany), Wu Qi (Dept. of Statistics, Humboldt University, Germany)

Color shadows (part I): exploratory usability evaluation of activation maps in radiological machine learning

Federico Cabitza (Universit´a degli Studi di Milano-Bicocca, IRCCS Istituto Galeazzi Milano, Italy), Andrea Campagner (Universit´a degli Studi di Milano-Bicocca, Italy), Lorenzo Famiglini (Universit´a degli Studi di Milano-Bicocca, Italy), Enrico Gallazzi (Istituto Ortopedico Gaetano Pini — ASST Pini-CTO, Italy) and Giovanni Andrea La Maida (Istituto Ortopedico Gaetano Pini — ASST Pini-CTO, Italy)

Effects of Fairness and Explanation on Trust in Ethical AI

Alessa Angerschmid (Human-Centered AI Lab, University of Natural Resources and Life Sciences Vienna, Austria), Kevin Theuermann (Graz University of Technology, Austria), Andreas Holzinger (Human-Centered AI Lab, University of Natural Resources and Life Sciences Vienna, Austria), Fang Chen (Human-Centered AI Lab, University of Technology Sydney, Australia), Jianlong Zhou (Human-Centered AI Lab, University of Technology Sydney, Australia)

Analysis and prediction of web proxies misbehavior

Zahra Nezhadian, Enrico Branca, and Natalia Stakhanova (University of Saskatchewan, Canada)

Analyzing RRC Replay Attack and Securing Base Station with Practical Method

Seongmin Park (Korea Internet & Security Agency, South Korea), Ilsun You (Kookmin University, South Korea), Hoonyong Park (Soonchunhyang University, South Korea) and Dowon Kim (Korea Internet & Security Agency, South Korea)

Sim2Testbed Transfer: NDN Performance Evaluation

Enkeleda Bardhi (Sapienza University of Rome, Italy), Mauro Conti (University of Padua, Italy), Riccardo Lazzeretti (Sapienza University of Rome, Italy), Eleonora Losiouk (University of Padua, Italy) and Ahmed Taffal (Sapienza University of Rome, Italy)

Performance Evaluation of DTLS Implementations on RIOT OS for Internet of Things Applications

Karol Rzepka, Przemysław Szary, Krzysztof Cabaj and Wojciech Mazurczyk (Warsaw University of Technology, Poland)

Describing Steganography Hiding Methods with a Unified Taxonomy

Steffen Wendzel ( Scientific Director Center of Technology & Transfer and Professor, Hochschule Worms Lecturer, University of Hagen)

Abstract: Steganography embraces several hiding techniques which spawn across multiple domains, such as digital media steganography, text steganography, cyber-physical systems steganography, network steganography (network covert channels), and filesystem steganography. However, the related terminology is not unified among the different domains. To cope with this, an attempt has been made in 2015 with the introduction of the so-called “hiding patterns”. Hiding patterns allow to describe hiding techniques in a more abstract manner. Despite significant enhancements, the main limitation of the original taxonomy is that it only considers the case of network steganography. The 2015-taxonomy was optimized over the years but a major revision (presented at ARES’ CUING’21) has paved the path towards a taxonomy that covers all steganography domains.

This keynote introduces the concept of hiding patterns and reviews the development of the methodology. It will also present a major revision of the patterns-taxonomy, which was developed by a consortium with members from several countries (HS Worms (Germany), CNR (Italy), WUT (Poland), Univ. Goce Delcev (North Macedonia), University of Magdeburg (Germany), and TH Brandenburg (Germany)). The new version of the taxonomy will be made publicly available in mid-August, here .

A novel, refined dataset for real-time Network Intrusion Detection

Mikołaj Komisarek (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland), Marek Pawlicki (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland), Maria-Elena Mihailescu (University Politehnica of Bucharest, Romania), Darius Mihai (University Politehnica of Bucharest, Romania), Mihai Carabas, Rafał Kozik (ITTI Sp. z o.o. and Bydgoszcz University of Science and Technology, Poland) and Michał Choraś (FernUniversität in Hagen and Bydgoszcz University of Science and Technology, Poland)

Horizon scanning and strategic knowledge management for future military operations

Dr. Joachim Klerx, Austrian Insititute of Technology, Austria

Abstract: Actionable information and strategic knowledge have always created competitive advantages in war situations. However, the digital revolution of the last decades has been proven to be a game changer in the strategic knowledge management for future military operations. Digital innovations did change processes, technologies and capabilities in conflict scenarios and is continuing to do so. This is obvious for operative intelligence, surveillance and reconnaissance (ISR) but is not so obvious for the strategic knowledge management for future military operations.

In this talk, results from long-term monitoring of military cyber research and AI horizon scanning with intelligent agents are presented. After presenting a short introduction into the methodical approach, this talk will summarize the horizon scanning results for future military AI solutions, including some corresponding future threat scenarios, innovations and trends. Finally, the impacts on cyber situational awareness and future security policy perspectives are discussed.

VALKYRIES: Harmonization and Pre-Standardization of Technology, Training and Tactical Coordinated Operations for First Responders on EU MCI

Yantsislav Yanakiev (Bulgarian Defence Institute, Bulgaria), Marta Irene García Cid (Indra, Spain), Jorge Maestre Vidal (Indra, Spain), Nikolai Stoianov (Bulgarian Defence Institute, Bulgaria) and Marco Antonio Sotelo Monge (Indra, Spain)

Disruptive Quantum Safe Technologies

Marta Irene Garcia Cid (Indra, UPM, Spain), Jorge Álvaro González (Indra, Spain), Diego Del Río Gómez (Indra, Spain) and Laura Ortíz Martín (Indra, UPM, Spain)

SoK: Security of Microservice Applications: A Practitioners' Perspective on Challenges and Best Practices

Priyanka Billawa (Hamburg University of Technology, Germany), Anusha Bambhore Tukaram (Hamburg University of Technology, Germany), Nicolás E. Díaz Ferreyra (Hamburg University of Technology, Germany), Jan-Philipp Steghöfer (Chalmers University of Technology, University of Gothenburg, Sweden), Riccardo Scandariato (Hamburg University of Technology, Germany) and Georg Simhandl (University of Vienna, Austria)

Themis: A Secure Decentralized Framework for Microservice Interaction in Serverless Computing

Angeliki Aktypi (Department of Computer Science, University of Oxford, United Kingdom), Dimitris Karnikis (Aarno Labs, United States), Nikos Vasilakis (Massachusetts Institute of Technology, United States) and Kasper Rasmussen (Department of Computer Science, University of Oxford, United Kingdom)

Assessing discrepancies between network traffic and privacy policies of public sector web services

Timi Heino, Robin Carlsson, Sampsa Rauti and Ville Leppänen (University of Turku, Finland)

Cookie Disclaimers: Impact of Design and Users’ Attitude

Benjamin Maximilian Berens (Karlsruhe Institut of Technology, Germany), Heike Dietmann (Karlsruhe Institut of Technology, Germany), Chiara Krisam (Karlsruhe Institut of Technology, Germany), Oksana Kulyk (IT University of Copenhagen, Denmark) and Melanie Volkamer (Karlsruhe Institut of Technology, Germany))

Towards Refined Classifications driven by SHAP explanations

Yusuf Arslan (SnT – University of Luxembourg, Luxembourg), Bertrand Lebichot (SnT – University of Luxembourg, Luxembourg), Kevin Allix (SnT – University of Luxembourg, Luxembourg), Lisa Veiber (SnT – University of Luxembourg, Luxembourg), Clément Lefebvre (BGL BNP Paribas, Luxembourg), Andrey Boytsov (BGL BNP Paribas, Luxembourg), Anne Goujon (BGL BNP Paribas, Luxembourg), Tegawendé F. Bissyandé (SnT – University of Luxembourg, Luxembourg) and Jacques Klein (SnT – University of Luxembourg, Luxembourg)

Global Interpretable Calibration Index, a New Metric to Estimate Machine Learning Models’ Calibration

Federico Cabitza (Dipartimento di Informatica, Sistemistica e Comunicazione, University of
Milano-Bicocca, IRCCS Istituto Ortopedico Galeazzi, Italy), Andrea Campagner (Dipartimento di Informatica, Sistemistica e Comunicazione, University of Milano-Bicocca, Italy) and Lorenzo Famiglini (Dipartimento di Informatica, Sistemistica e Comunicazione, University of Milano-Bicocca, Italy)

The ROC Diagonal is not Layperson’s Chance: a New Baseline Shows the Useful Area

André M. Carrington (Department of Radiology, Radiation Oncology and Medical Physics, Faculty of Medicine, University of Ottawa and the Ottawa Hospital, Canada), Paul W. Fieguth (Department of Systems Design Engineering, University of Waterloo, Canada), Franz Mayr (Faculty of Engineering, Universidad ORT Uruguay, Uruguay), Nick D. James (Software Solutions, Systems Integration and Architecture, The Ottawa Hospital, Canada), Andreas Holzinger (University of Natural Resources and Life Sciences Vienna, Austria), John W. Pickering (Christchurch Heart Institute, Department of Medicine, University of Otago, New Zealand) and Richard I. Aviv (Department of Radiology, Radiation Oncology and Medical Physics, Faculty of Medicine, University of Ottawa and the Ottawa Hospital, Canada)

Debiasing MDI Feature Importance and SHAP values in Tree Ensembles

Markus Loecher (Berlin School of Economics and Law, Germany)

We cannot trust in you: a study about the dissonance among anti-malware engines

Davide Cocca (Yoroi srl, Italy), Antonio Pirozzi (Universita’ Degli Studi Del Sannio, Italy) and Aaron Visaggio (Universita’ Degli Studi Del Sannio, Italy)

FileUploadChecker: Detecting and Sanitizing Malicious File Uploads in Web Applications at the Request Level

Pascal Wichmann (Universität Hamburg, Security in Distributed Systems, Germany), Alexander Groddeck (Universität Hamburg, Germany) and Hannes Federrath (Universität Hamburg, Security in Distributed Systems, Germany)

Joint Security-vs-QoS Framework: Optimizing the Selection of Intrusion Detection Mechanisms in 5G networks

Arash Bozorgchenani (Lancaster University, United Kingdom), Charilaos C. Zarakovitis (National Centre for Scientific Research “Demokritos”, Greece), Su Fong Chien (MIMOS Berhad, Malaysia), Heng Siong Lim (Multimedia University, Malaysia), Qiang Ni (Lancaster University, United Kingdom), Antonios Gouglidis (Lancaster University, United Kingdom) and Wissam Mallouli (Montimage EURL, France)

The Owner, the Provider and the Subcontractors : How to Handle Accountability and Liability Management for 5G End to End Service

Chrystel Gaber (Orange, France), Ghada Arfaoui (Orange, France), Yannick Carlinet (Orange, France), Nancy Perrot (Orange, France), Laurent Valleyre (Orange, France), Marc Lacoste (Orange, France), Jean-Philippe Wary (Orange, France), Yacine Anser (Orange,CNAM, France), Rafal Artych (Orange Polska, Poland), Aleksandra Podlasek (Orange Polska, Poland), Edgardo Montesdeoca (Montimage, France), Vinh Hoa La (Montimage, France), Vincent Lefebvre (TAGES, France), Gürkan Gür (Zurich Univeristy of Applied Sciences, Switzerland)

UNCOVER: Development of an efficient steganalysis framework for uncovering hidden data in digital media

Vaila Leask (Royal Military Academy, Belgium), Rémi Cogranne (Université de Technologie Troyes, France), Dirk Borghys (Royal Military Academy, Belgium) and Helena Bruyninckx (Royal Military Academy, Belgium)

Revealing MageCart-like Threats in Favicons via Artificial Intelligence

Massimo Guarascio (CNR, ICAR, Italy), Marco Zuppelli (CNR, IMATI, Italy), Nunziato Cassavia (CNR, ICAR, Italy), Luca Caviglione (CNR, IMATI, Italy) and Giuseppe Manco (CNR, ICAR, Italy)

Detection of Malicious Images in Production-Quality Scenarios with the SIMARGL Toolkit

Luca Caviglione (CNR, Italy), Martin Grabowski (Netzfactor GmbH, Germany), Kai Gutberlet (Netzfactor GmbH, Germany), Adrian Marzecki (Orange Polska, Poland), Marco Zuppelli (CNR, Italy), Andreas Schaffhauser (FernUniversität in Hagen, Germany) and Wojciech Mazurczyk (Warsaw University of Technology, Poland)

Web Page Harvesting for Automatized Large-scale Digital Images Anomaly Detection

Marcin Kowalczyk, Agnieszka Malanowska, Wojciech Mazurczyk and Krzysztof Cabaj (Warsaw University of Technology, Poland)

A Quantitative Analysis of Offensive Cyber Operation (OCO) Automation Tools

Samuel Zurowski (University of New Haven, United States), George Lord (University of New Haven, United States) and Ibrahim Baggili (University of New Haven, Louisiana State University, United States)

Panel: Recent advances in Cyber Situational Awareness

Invited speakers & workshop chairs

Web Cryptography API: Prevalence and Possible Developer Mistakes

Pascal Wichmann, Maximilian Blochberger and Hannes Federrath (University of Hamburg, Germany)

Dating Phish: An Analysis of the Life Cycles of Phishing Attacks and Campaigns

Vincent Drury, Luisa Lux and Ulrike Meyer (RWTH Aachen University, Germany)

Web Bot Detection Evasion Using Deep Reinforcement Learning

Christos Iliou (Information Technologies Institute, CERTH, Greece and BU-CERT, Bournemouth University, United Kingdom), Theodoros Kostoulas (Department of Information and Communication Systems Engineering, University of the Aegean, Greece), Theodora Tsikrika (Information Technologies Institute, CERTH, Greece), Vasilios Katos (Bournemouth University, United Kingdom), Stefanos Vrochidis (Information Technologies Institute, CERTH, Greece) and Ioannis Kompatsiaris (Information Technologies Institute, CERTH, Greece)

Rumor and clickbait detection by combining information divergence measures and deep learning techniques

Christian Oliva (ITEFI-CSIC and UAM, Spain), Ignacio Palacio-Marín (UAM, Spain), Luis F. Lago-Fernández (UAM, Spain) and David Arroyo (ITEFI-CSIC, Spain)

Identifying Fraud Rings Using Domain Aware Weighted Community Detection

Shaik Masihullah, Meghana Negi, Jose Matthew, and Jairaj Sathyanarayana (Swiggy, Bangalore, India)

Capabilities, limitations and challenges of style transfer with CycleGANs: a study on automatic ring design generation

Tomas Cabezon Pedroso (Carnegie Mellon University, United States), Javier Del Ser (TECNALIA, Basque Research & Technology Alliance (BRTA), University of the Basque Country (UPV/EHU), Spain) and Natalia Díaz-Rodríguez (Department of Computer Sciences and Artificial Intelligence, Andalusian Research Institute in Data Science and Computational Intelligence (DaSCI), CITIC, University of Granada, Spain)

Semantic Causal Abstraction for Event Prediction

Sasha Strelnikoff, Aruna Jammalamadaka and Tsai-Ching Lu (Information Systems and Sciences Laboratory, HRL Laboratories, LLC, United States)

The Influence of User Diversity on Motives and Barriers when Using Health Apps - A Conjoint Investigation of the Intention-Behavior Gap

Eva Rößler, Patrick Halbach, Laura Burbach, Martina Ziefle (RWTH Aachen University, Germany) and André Calero Valdez (University of Lübeck, Germany)

Coming Back to the Backlog: Can Digital Investigations Catch Up?

Dr. Andrew Marrington (Zayed University, United Arab Emirates)

Abstract: Digital evidence is crucial in a wide variety of criminal investigations and prosecutions. The digital footprint of everyday life and the proximity of smartphones and other digital devices to physical crime scenes means that the relevance of digital evidence is by no means confined to cybercrime cases. As a result, law enforcement agencies around the world have huge backlogs of digital evidence awaiting extraction and examination. In the UK alone, the collective backlog is at least 21,000 digital devices (smartphones, computers, tablets, etc), contributing to significant delays in investigations and prosecutions.

For two decades, digital forensics research has been grappling with this backlog in a variety of ways. Researchers have proposed faster methodologies and tools, more automation of the process of examination and analysis, triage techniques to make better use of examinter time, and more. Nevertheless, the problem of large backlogs persists. This keynote considers the causes of the backlog problem, and discusses how the digital forensics community can try to address it in the years ahead.

Forensic analysis of Tor in Windows environment: A case study
Vaia-Maria Angeli, Ahmad Atamli and Erisa Karafili (School of Electronics and Computer Science, University of Southampton, United Kingdom)

WSL2 Forensics: Detection, Analysis & Revirtualization

Philipp Boigner (St. Pölten University of Applied Sciences, Austria) and Robert Luh (St. Pölten University of Applied Sciences and University of Vienna, Austria)

Fast and Blind Detection of Rate-Distortion-Preserving Video Watermarks

Hannes Mareen (IDLab, Ghent University – imec, Belgium), Glenn Van Wallendael (IDLab, Ghent University – imec, Belgium), Peter Lambert (IDLab, Ghent University – imec, Belgium) and Fouad Khelifi (Department of Computer and Information Sciences, Northumbria University, United Kingdom)

Network Steganography Through Redundancy in Higher-Radix Floating-Point Representations

Carina Heßeling, Jörg Keller and Sebastian Litzinger (FernuUniversitaet Hagen, Germany)

Using Telegram as a carrier for image steganography: Analysing Telegrams API limits

Niklas Bunzel (Fraunhofer SIT, ATHENE, Germany), Tobias Chen (TU Darmstadt, Germany) and Martin Steinebach (Fraunhofer SIT, ATHENE, Germany)

Challenging Channels: Encrypted Covert Channels within Challenge-Response Authentication

Tobias Schmidbauer (FernUniversität in Hagen, Germany), Jörg Keller (FernUniversität in Hagen, Germany) and Steffen Wendzel (Hochschule Worms and FernUniversität in Hagen, Germany)

Improving Performance of Machine Learning based Detection of Network Steganography in Industrial Control Systems

Tom Neubert (Brandenburg University of Applied Sciences, Germany), Antonio José Caballero Morcillo (Universitat Politècnica de València, Spain) and Claus Vielhauer (Brandenburg University of Applied Sciences, Germany)

GTM: Game Theoretic Methodology for optimal cybersecurity defending strategies and investments
Ioannis Kalderemidis (University of Piraeus, Greece), Aristeidis Farao (University of Piraeus, Greece), Panagiotis Bountakas (University of Piraeus, Greece), Sakshyam Panda (University of Greenwich, United Kingdom), Christos Xenakis (University of Piraeus, Greece)

Revisiting a Privacy-Preserving Location-based Service Protocol using Edge Computing
Santosh Kumar Upadhyaya and Srinivas Vivek (International Institute of Information Technology, Bangalore, India)

A Revisit of Attestable Nodes for Networked Applications
Mathias Schüpany and Martin Pirker (St.Pölten University of Applied Sciences, Austria)

Explanation as an essential component of machine-mediated acquisition of knowledge for predictive models

R.G. Goebel (University of Alberta and XAI-Lab in Edmonton, Alberta, Canada)

Abstract: Explanation is not a recent invention precipitated by black-box predictive models, but rather a revival of the role of scientific explanation as a remedy to create trust and transparency for applications of machine learning.  We note two strong trends in the grand challenge of the knowledge acquisition bottleneck, and propose that explanatory knowledge must be acquired concurrently in the process of supervised learning.   The resource costs to do so must be balanced in a tradeoff of explainability and knowledge acquisition resources, e.g., as in federated learning systems.

Precise Analysis of Purpose Limitation in Data Flow Diagrams

Hanaa Alshareef (Chalmers University of Technology, Sweden), Katja Tuma (Vrije Universiteit Amsterdam, The Netherlands), Sandro Stucki (Chalmers University of Technology, Sweden), Gerardo Schneider (University of Gothenburg, Sweden) and Riccardo Scandariato (Hamburg University of Technology, Germany)

Compiler-Aided Development of Trusted Enclaves with Rust

Felix Dreissig (noris network AG, Germany), Jonas Röckl (FAU Erlangen-Nürnberg, Germany) and Tilo Müller (Hof University of Applied Sciences, Germany)

Bridging the Gap Between Certification and Software Development

Claudio A. Ardagna (Department of Computer Science, Università degli Studi di Milano, Italy), Nicola Bena (Department of Computer Science, Università degli Studi di Milano, Italy) and Ramon Martín de Pozuelo (CaixaBank, Spain)

SMODIC: A Model Checker for Self-modifying Code

Tayssir Touili and Xin Ye (LIPN, CNRS, France)

An Evaluation Study of Intrinsic Motivation Techniques applied to Reinforcement Learning over Hard Exploration Environments

Alain Andres (TECNALIA, Basque Research & Technology Alliance (BRTA), University of the Basque Country (UPV/EHU), Spain), Esther Villar-Rodriguez (TECNALIA, Basque Research & Technology Alliance (BRTA), Spain) and Javier Del Ser (TECNALIA, Basque Research & Technology Alliance (BRTA), University of the Basque Country (UPV/EHU), Spain))

Towards Generating Financial Reports From Tabular Data Using Transformers

Clayton Leroy Chapman (University of Bonn, Germany), Lars Hillebrand (University of Bonn, Fraunhofer IAIS, Germany), Marc Robin Stenzel (Fraunhofer IAIS, Germany), Tobias Deußer (University of Bonn, Fraunhofer IAIS, Germany), David Biesner (University of Bonn, Fraunhofer IAIS, Germany), Christian Bauckhage (University of Bonn, Fraunhofer IAIS, Germany) and Rafet Sifa (Fraunhofer IAIS, Germany)

Evaluating the performance of SOBEK text mining keyword extraction algorithm

Eliseo Reategui (PGIE, UFRGS, Brazil), Marcio Bigolin (PGIE, UFRGS, IFRS, Brazil), Michel Carniato (PUCRS, Brazil), Rafael Antunes dos Santos (PGIE, UFRGS, Brazil)

Classification of Screenshot Image Captured in Online Meeting System

Minoru Kuribayashi, Kodai Kamakari and Nobuo Funabiki (Graduate School of Natural Science and Technology, Okayama University, Japan)

Cyber Security when IT meets OT

Sokratis K. Katsikas , Director of the Norwegian Centre for Cybersecurity in Critical Sectors Professor with the Department of Information Security and Communication Technology, Norwegian University of Science and Technology, Norway

Abstract: The current trend of automation and data exchange in industry, through the development, use and integration of cyber-physical systems, the Internet of things, cloud computing, artificial intelligence and other enabling technologies is expected to bring tremendous benefits in the economy, including improved productivity and efficiency, better flexibility and agility, and increased profitability. However, it also comes with increased cybersecurity risks, primarily deriving from the integration of information technology and operational technology. Thus, as in all cases of a major shift in computing paradigms, a number of cybersecurity challenges arise, that cannot be addressed by simply porting solutions from other domains. In this talk a brief overview of such challenges, and current best practices for addressing them, as well as open issues will be provided.

STRIPED: A Threat Analysis Method for IoT Systems

Kamakshi Srikumar, Komal Kashish, Kolja Eggers, Nicolás E. Díaz Ferreyra, Julian Koch, Thorsten Schüppstuhl and Riccardo Scandariato (Hamburg University of Technology, Germany)

An Investigation of PSA Certified

Seonghan Shin, Tomoyuki Ogawa, Ryo Fujita, Mari Itoh and Hirotaka Yoshida (National Institute of Advanced Industrial Science and Technology (AIST), Japan))

Limitations of Web Cryptojacking Detection: A Practical Evaluation

Pawel Rajba (University of Wroclaw, Poland) and Wojciech Mazurczyk (Warsaw University of Technology, Poland)

Data Acquisition on a large Darknet Marketplace

York Yannikos, Julian Heeger and Martin Steinebach (Fraunhofer SIT, Germany)

A synopsis of critical aspects for darknet research

Florian Platzer (Fraunhofer SIT, Germany) and Alexandra Lux (TU Darmstadt, Germany)

Towards Image Hashing Robust Against Cropping and Rotation

Martin Steinebach (Fraunhofer SIT, Germany), Tiberius Berwanger (TU Darmstadt, Germany) and Huajian Liu (Fraunhofer SIT, Germany)

Trusted and Secure Self-Sovereign Identity framework

Vaios Bolgouras, Anna Angelogianni, Ilias Politis and Christos Xenakis (University of Piraeus, Greece)

Improving Security and Scalability in Smart Grids using Blockchain Technologies

Mandana Falahi (University POLITEHNICA of Bucharest, Romania), Andrei Vasilateanu (University POLITEHNICA of Bucharest, Romania), Nicolae Goga (University POLITEHNICA of Bucharest, Romania), George Suciu (BEIA Consult International, Romania), Mari-Anais Sachian (BEIA Consult International, Romania), Robert Florescu (University POLITEHNICA of Bucharest, Romania), Ștefan-Daniel Stanciu (University POLITEHNICA of Bucharest, Romania)

ConSenseIoT: A Consensus Algorithm for Secure and Scalable Blockchain in the IoT context

Harris Niavis and Konstantinos Loupos (Inlecom Innovation, Greece)

INCOGNITO: IdeNtity verifiCatiOn with privacy-preservinG credeNtIals for anonymous access To Online services

Vaios Bolgouras  (University of Piraeus, Greece)

FOLPETTI: A Novel Multi-Armed Bandit Smart Attack for Wireless Networks

Emilie Bout (Inria, France), Alessandro Brighente (University of Padova, Italy), Mauro Conti (University of Padova, Italy) and Valeria Loscri (Inria, France)

Limiting the Size of a Predictive Blacklist While Maintaining Sufficient Accuracy

Samuel Šuľan (Faculty of Informatics, Masaryk University, Czech Republic) and Martin Husák (Institute of Computer Science, Masaryk University, Czech Republic)

Secure Services for Standard RISC-V Architectures

Davide Bove (Friedrich-Alexander-Universität Erlangen-Nürnberg, Germany)

RIPEMB: A framework for assessing hardware-assisted software security schemes in embedded systems

Stefan Tauner (TU Wien, Austria)

A survey on the application of virtual reality in event-related potential research

Vladimir Marochko (The Artificial Intelligence and Cognitive Load research lab, the Applied Intelligence Research Center, School of Computer Science, Technological University Dublin, Ireland), Richard Reilly (School of Medicine, Institute of Neuroscience, Trinity College Dublin, The University of Dublin, Ireland), Rachel McDonnell (School of Computer Science and Statistics, The University of Dublin, Trinity College, Ireland) and Luca Longo (The Artificial Intelligence and Cognitive Load research lab, the Applied Intelligence Research Center, School of Computer Science, Technological University Dublin, Ireland)

Visualizing Large Collections of URLs Using the Hilbert Curve

Poornima Belavadi (Human-Computer Interaction Center, RWTH Aachen University, Germany), Johannes Nakayama (Human-Computer Interaction Center, RWTH Aachen University, Germany), and André Calero Valdez (Institute for Multimedia and Interactive Systems, University of Lübeck, Germany)

How to Reduce the Time Necessary for Evaluation of Tree-based Models

Viera Anderková and František Babič (Department of Cybernetics and Artificial Intelligence, Faculty of Electrical Engineering and Informatics, Technical University of Košice, Slovakia)

An Empirical Analysis of Synthetic-Data-based Anomaly Detection
Majlinda Llugiqi (Vienna University of Technology, Austria) and Rudolf Mayer (SBA Research & Vienna University of Technology, Austria)

SECI Model in Data-Based Procedure for the Assessment of the Frailty State in Diabetic Patient

František Babič (Department of Cybernetics and Artificial Intelligence, Faculty of Electrical Engineering and
Informatics, Technical University of Košice, Slovakia), Viera Anderková (Department of Cybernetics and Artificial Intelligence, Faculty of Electrical Engineering and Informatics, Technical University of Košice, Slovakia), Zvonimir Bosnić (Department of Family Medicine, Faculty of Medicine, Josip Juraj Strossmayer University of Osijek, Croatia), Mile Volarić (Faculty of Medicine, Josip Juraj Strossmayer University of Osijek, Croatia), Ljiljana Trtica Majnarić (Department of Family Medicine, Faculty of Medicine, Josip Juraj Strossmayer University of Osijek, Croatia)

Reactive Jamming Detection for LoRaWAN Based on Meta-Data Differencing

Henri Ruotsalainen (Institute of IT Security Research / St. Pölten University of Applied Sciences, Austria)

MalRec: A Blockchain-based Malware Recovery Framework for Internet of Things

Ahmed Lekssays, Giorgia Sirigu, Barbara Carminati and Elena Ferrari (Università degli Studi dell’Insubria, Italy)

A Resilient Network Node for the Industrial Internet of Things

Lukas Jäger, Dominik Lorych and Michael Eckel (Fraunhofer Institute SIT | ATHENE, Germany)

Announcement of best paper award & final remarks

SoK: A Survey on Technological Trends for (pre)Notified eIDAS Electronic Identity Schemes

Amir Sharif (Fondazione Bruno Kessler, Italy), Matteo Ranzi (University of Trento, Italy), Roberto Carbone (Fondazione Bruno Kessler, Italy), Giada Sciarretta (Fondazione Bruno Kessler, Italy), Silvio Ranise (Fondazione Bruno Kessler,University of Trento, Italy)

Distributed Enforcement of Access Control policies in Intelligent Transportation System (ITS) for Situation Awareness
Tahir Ahmad (Fondazione Bruno Kessler (FBK), Italy), Umberto Morelli (Fondazione Bruno Kessler (FBK), Italy), Silvio Ranise (Fondazione Bruno Kessler (FBK), University of Trento, Italy)

Applying a cryptographic metric to post-quantum lattice-based signature algorithms

Markus Rautell (VTT Technical Research Centre of Finland, Finland), Outi-Marja Latvala (VTT Technical Research Centre of Finland, Finland), Visa Vallivaara (VTT Technical Research Centre of Finland, Finland), Kimmo Halunen (University of Oulu and National Defence University of Finland, Finland)

Introducing Quantum Computing in Mobile Malware Detection

Giovanni Ciaramella (Institute for Informatics and Telematics, National Research Council of Italy (CNR), Italy), Giacomo Iadarola (Institute for Informatics and Telematics, National Research Council of Italy (CNR), Italy), Francesco Mercaldo (University of Molise, Institute for Informatics and Telematics, National Research Council of Italy (CNR), Italy), Marco Storto (University of Molise), Antonella Santone (University of Molise, Italy), Fabio Martinelli (Institute for Informatics and Telematics, National Research Council of Italy (CNR), Italy)

Secure Agents on Trusted Embedded Boards: A Proof of Concept based on TPM-enabled Raspberry Boards

Antonio Muñoz (University of Malaga, Spain)

Secret sharing a key in a distributed way, Lagrange vs Newton

Anastassios Voudouris, Ilias Politis and Christos Xenakis (University of Piraeus, Greece)

Fraudulent Activities in the Cyber Realm: DEFRAUDify Project

Razvan-Alexandru Bratulescu, Robert-Ionut Vatasoiu, Sorina-Andreea Mitroi, George Suciu, Mari-Anais Sachian, Daniel-Marian Dutu and Serban-Emanuel Calescu (Beia Consult International, Romania)

SealedGRID: Scalable, trustEd, and interoperAble pLatform for sEcureD smart GRID

Christos Fakitsas ( University of Piraeus, Greece)

Reinforcement Learning in the Real World: Challenges and Opportunities for Human-Agent Interaction

Matthew E. Taylor (Director, Intelligent Robot Learning Lab, Associate Professor & Graduate Admissions Chair, Computing Science; Fellow and Fellow-in-Residence, Alberta Machine Intelligence Institute Canada and CIFAR AI Chair, Amii, Canada)

Abstract: While reinforcement learning (RL) has had many successes in video games and toy domains, recent success in high-impact problems shows that this mature technology can be useful in the real world. This talk will highlight some of these successes, with an emphasis on how RL is making an impact in commercial settings, as well as what problems remain before it can become plug-and-play like many supervised learning technologies. Further, we will argue that RL, like all current AI technology, is fundamentally a human-in-the-loop paradigm. This framing will help motivate why additional fundamental research at the interaction of humans and RL agents is critical to helping RL move out of the lab and into the hands of non-academic practitioners.

SoK: Applications and Challenges of using Recommender Systems in Cybersecurity Incident Handling and Response

Martin Husák and Milan Čermák (Institute of Computer Science, Masaryk University, Czech Republic)

Model-Based Incident Response Playbooks

Avi Shaked, Yulia Cherdantseva and Pete Burnap (School of Computer Science and Informatics, Cardiff University, United Kingdom)

BISCUIT - Blockchain Security Incident Reporting based on Human Observations

Benedikt Putz, Manfred Vielberth and Günther Pernul (University of Regensburg, Germany))

SoK: A Taxonomy for Contrasting Industrial Control Systems Asset Discovery Tools

Emmanouil Samanis, Joseph Gardiner and Awais Rashid (Bristol Cyber Security Group, University of Bristol, United Kingdom)

Security of Social Networks: Lessons Learned on Twitter Bot Analysis in the Literature
Sanaz Adel Alipour, Rita Orji and Nur Zincir-Heywood (Faculty of Computer Science, Dalhousie University, Canada)

TaxIdMA: Towards a Taxonomy for Attacks related to Identities
Daniela Pöhn and Wolfgang Hommel (Universität der Bundeswehr München, Germany)

Cyber-Security Culture Assessment in Academia: A COVID-19 Study
Anna Georgiadou, Ariadni Michalitsi-Psarrou and Dimitris Askounis (Decision Support Systems Laboratory, School of Electrical & Computer Engineering, National Technical University of Athens, Greece)

IoT security for smart health and smart assisted living

Reijo M. Savola , University of Jyväskylä, Finland

Abstract : IoT solutions are in the core of effective and efficient smart health and smart assisted living solutions. Considerable increase in well-being and cost savings can be achieved by them. During the last years, IoT cybersecurity threat landscape has become wider, due to the rapidly increasing use of IoT in smart services, and the scarce computational resources available in IoT devices. This increases the risk of compromising reliable and secure use of them. Systematic proactive assistance of IoT-based smart services with cybersecurity services is essential. Cybersecurity should be designed in the services and the technologies used in a seamless way, and automation is needed. In this talk, a brief overview of challenges in IoT security for smart health and smart assisted living is will be provided, with current practices to overcome them, as well as directions for further research.

Authentication for Operators of Critical Medical Devices: A Contribution to Analysis of Design Trade-offs

Marwa Gadala (Aston University, City, University of London, United Kingdom), Lorenzo Strigini (City, University of London, United Kingdom), Radek Fujdiak (Brno University of Technology, Czech Republic)

Scenarios for Process-Aware Insider Attack Detection in Manufacturing
Martin Macak (Masaryk University, Faculty of Informatics, Czech Republic), Radek Vaclavek (Masaryk University, Faculty of Informatics, Czech Republic), Dasa Kusnirakova (Masaryk University, Faculty of Informatics, Czech Republic), Raimundas Matulevičius (Institute of Computer Science, University of Tartu, Estonia), Barbora Buhnova (Masaryk University, Faculty of Informatics, Czech Republic)

Botnet Detection in the Internet of Things through All-in-one Deep Autoencoding
Marta Catillo, Antonio Pecchia and Umberto Villano (Università degli Studi del Sannio, Italy)

Current Challenges of Cyber Threat and Vulnerability Identification Using Public Enumerations

Lukáš Sadlek(Masaryk University), Pavel Čeleda(Masaryk University), Daniel Tovarňák(Masaryk University)

An Early Detection of Android Malware Using System Calls based Machine Learning Model

Xinrun Zhang (Purdue University Northwest, United States), Akshay Mathur (The University of Toledo, United States), Lei Zhao (Purdue University Northwest, United States), Safia Rahmat (The University of Toledo, United States), Quamar Niyaz (Purdue University Northwest, United States), Ahmad Javaid (The University of Toledo, United States), Xiaoli Yang (Purdue University Northwest, United States)

MITRE ATT&CK-driven Cyber Risk Assessment

Mohamed G Ahmed (University of Greenwich, United Kingdom), Sakshyam Panda (University of Greenwich, United Kingdom), Christos Xenakis (University of Piraeus, Greece), Emmanouil Panaousis (University of Greenwich, United Kingdom)

Analyzing Coverages of Cyber Insurance Policies Using Ontology

Markos Charalambous (Cyprus University of Technology, Cyprus), Aristeidis Farao (University of Piraeus, Greece), George Kalantzantonakis (LSTech ESPANA, Spain), Panagiotis Kanakakis (LSTech ESPANA, Spain), Nikos Salamanos (Cyprus University of Technology, Cyprus), Evangelos Kotsifakos (LSTech ESPANA, Spain), Evangellos Froudakis (University of Piraeus, Greece)

NetPhish: Antiphishing Project

Panagiotis Bountakas (University of Piraeus, Greece)

SECONDO: A Security ECONomics service platform for smart security investments and cyber insurance pricing in the beyonD 2020 netwOrking era

Aristeidis Farao (University of Piraeus, Greece)

Detecting Unknown DGAs without Context Information

Arthur Drichel, Justus von Brandt and Ulrike Meyer (RWTH Aachen University, Germany)

HybridDAD: Detecting DDoS Flooding Attack using Machine Learning with Programmable Switches

Mostafa Roshani (ACM Member, Iran) and Mehdi Nobakht (University of New South Wales (UNSW), Australia)

Evading Deep Reinforcement Learning-based Network Intrusion Detection with Adversarial Attacks

Mohamed Amine Merzouk (Polytechnique Montréal, Canada and IRT SystemX, France), Joséphine Delas (Polytechnique Montréal, Canada and IRT SystemX, France), Christopher Neal (Polytechnique Montréal, Canada and IRT SystemX, France), Nora Boulahia-Cuppens (Polytechnique Montréal, Canada), Frédéric Cuppens (Polytechnique Montréal, Canada) and Reda Yaich (IRT SystemX, France)

A Near Real-Time Scheme for Collecting and Analyzing IoT Malware Artifacts at Scale

Joseph Khoury (The University of Texas at San Antonio, United States), Morteza Safaei Pour (San Diego State University, United States) and Elias Bou-Harb (The University of Texas at San Antonio, United States)

On the Feasibility of Supervised Machine Learning for the Detection of Malicious Software Packages

Marc Ohm (Rheinische Friedrich-Wilhelms-Universität Bonn, Germany), Felix Boes (Rheinische Friedrich-Wilhelms-Universität Bonn, Germany), Christian Bungartz (Rheinische Friedrich-Wilhelms-Universität Bonn, Germany), Michael Meier (Rheinische Friedrich-Wilhelms-Universität Bonn, Fraunhofer FKIE, Germany)

SoK: Combating threats in the digital supply chain

Arne Roar Nygård and Sokratis Katsikas (Norwegian University of Science and Technology, Norway)

Federated learning based IDS approach for the IoV

Amal Hbaieb (University of Technology of Troyes, France), Samiha Ayed (University of Technology of Troyes, France), Lamia Chaari (CRNS-SM@RTS (Laboratory of Signals, systeMs, aRtificial Intelligence and neTworkS) Sfax, Tunesia)

Round table discussion: IoT Security for eHealth

Panel moderator: Virginia Franqueira (University of Kent, United Kingdom)

Panellists: Sokratis Katsikas (Norwegian University of Science and Technology, Norway), Bian Yang (Norwegian University of Science and Technology, Norway), Reijo Savola (University of Jyväskylä, Finland)

A Critique of EU Digital COVID-19 Certificates: Do Vaccine Passports endanger privacy?

Harry Halpin (KU Leuven, Belgium)

Modelling privacy harms of compromised personal medical data – beyond data breach

Samuel Wairimu (Karlstad University, Sweden) and Lothar Fritsch (Oslo Metropolitan University, Norway)

SASP: a Semantic web-based Approach for management of Sharable cyber security Playbooks
Mehdi Akbari Gurabi (Fraunhofer FIT,RWTH Aachen University, Germany), Avikarsha Mandal (Fraunhofer FIT, Germany), Jan Popanda (Fraunhofer FIT, Germany), Robert Rapp (University of Stuttgart, Germany), Stefan Decker (Fraunhofer FIT, RWTH Aachen University, Germany)

Deep Reinforcement Learning-Based Defense Strategy Selection

Axel Charpentier (Polytechnique Montréal, IRT SystemX, Canada), Nora Boulahia Cuppens (Polytechnique Montréal, France), Frédéric Cuppens (Polytechnique Montréal, France), Reda Yaich (IRT SystemX, France)

Preliminary Analysis of Privacy Implications Observed in Social-Media Posts Across Shopping Platforms

Bethany Sumner, Gokila Dorai and John Heslen (Augusta University, United States)

Shedding Light on the Targeted Victim Profiles of Malicious Downloaders

François Labrèche (École Polytechnique de Montréal, Canada), Enrico Mariconti (University College London, United Kingdom), Gianluca Stringhini (Boston University, United States)

PHYSICS: Optimized hybrid space-time service continuum in FAAS

Ilias Politis ( InQbit, Romania)

EVOLVED-5G: Experimentation and Validation Openness for Long-term evolution of VErtical inDustries in 5G era and beyond

Ilias Politis ( InQbit, Romania)

ERATOSTHENES: S ecure management of IoT devices lifecycle through identities, trust and distributed ledgers

Harris Niavis ( INLECOM, Greece)

CyberSane: Cyber Security Incident Handling, Warning and Response System for the European Critical Infrastructures

Christoforos Dadoyan ( Ionian University, Greece)

Explainable Empirical Risk Minimization

Alexander Jung ( Assistant Professor, Aalto University, Finland; Associate Editor, IEEE Signal Processing Letters)

Abstract: The successful application of machine learning (ML) methods becomes increasingly dependent on their interpretability or explainability. Designing explainable ML systems is instrumental to ensuring transparency of automated decision-making that targets humans. The explainability of ML methods is also an essential ingredient for trustworthy artificial intelligence. A key challenge in ensuring explainability is its dependence on the specific human user (“explainee”).
The users of machine learning methods might have vastly different background knowledge about machine learning principles. One user might have a university degree in machine learning or related fields, while another user might have never received formal training in high-school mathematics. We measure explainability via the conditional entropy of predictions, given some user signal. This user signal might be obtained from user surveys or biophysical measurements.
We propose explainable empirical risk minimization (EERM) principle of learning a hypothesis that optimally balances between the subjective explainability and risk.
The EERM principle is flexible and can be combined with arbitrary machine learning models. We present several practical implementations of EERM for linear models and decision trees. Numerical experiments demonstrate the application of EERM to detecting the use of inappropriate language on social media.

Improved Integer-wise Homomorphic Comparison and Division based on Polynomial Evaluation

Koki Morimura, Daisuke Maeda and Takashi Nishide (University of Tsukuba, Japan)

Machine-Learning Side-Channel Attacks on the GALACTICS Constant-Time Implementation of BLISS

Soundes Marzougui (Technical University of Berlin, Germany), Nils Wisiol (Technical University of Berlin, Germany), Patrick Gersch (Technical University of Berlin, Germany), Juliane Krämer (University of Regensburg, Germany) and Jean-Pierre Seifert (Technical University of Berlin, Germany)

ZEKRO: Zero-Knowledge Proof of Integrity Conformance

Heini Bergsson Debes (Technical University of Denmark, Denmark) and Thanassis Giannetsos (Ubitech Ltd., Greece)

Comparing machine learning correlations to domain experts’ causal knowledge: Employee turnover use case

Eya Meddeb (Department of Computing, Worcester Business School, University of Worcester, United Kingdom), Christopher Bowers (Department of Computing, Worcester Business School, University of Worcester, United Kingdom), Lynn Nichol (Worcester Business School, University of Worcester, United Kingdom)

Machine learning and knowledge extraction to support work safety for smart forest operations

Ferdinand Hönigsberger (University of Natural Resources and Life Sciences, Vienna, Austria), Anna Saranti (University of Natural Resources and Life Sciences, Vienna, Austria), Alessa Angerschmid (University of Natural Resources and Life Sciences, Vienna, Austria), Carl Orge Retzlaff (University of Natural Resources and Life Sciences, Vienna, Austria), Christoph Gollob (University of Natural Resources and Life Sciences, Vienna, Austria), Sarah Witzmann (University of Natural Resources and Life Sciences, Vienna, Austria), Arne Nothdurft (University of Natural Resources and Life Sciences, Vienna, Austria), Peter Kieseberg (University of Applied Sciences St.Poelten, Austria), Andreas Holzinger (University of Natural Resources and Life Sciences, Vienna, Austria) and Karl Stampfer (University of Natural Resources and Life Sciences, Vienna, Austria)

Security for Healthcare Services: Needs, Solutions and Challenges

Prof. George Spanoudakis , City University London

Abstract: This talk reviews the current state of practice and state of the art in the security of healthcare services. More specifically, it reviews the key security challenges faced by healthcare service providers, the types of security assessments needed, the methods for security risk management, and the landscape of the security solutions available. The latter are reviewed in terms of maturity and the expectations for emerging solutions in the short (1-2 years) and medium-term (3-5 years).

Register Automata for Malware Specification

Tayssir Touili (LIPN, CNRS & University Paris 13, France)

CopypastaVulGuard – A browser extension to prevent copy and paste spreading of vulnerable source code in forum posts

Holger Schmidt, Max van Aerssen, Christian Leich, Abdulkader Benni, Salar Al Ali and Jakob Tanz (Düsseldorf University of Applied Sciences, Germany)

A Quantitative Assessment of the Detection Performance of Web Vulnerability Scanners
Emma Lavens, Pieter Philippaerts, Wouter Joosen (imec – DistriNet, KU Leuven, Belgium)

Symbolic analysis meets federated learning to enhance malware identifier
Charles-Henry Bertrand Van Ouytsel, Khanh Huu The Dam and Axel Legay (Universite Catholique de Louvain, Belgium)

SoK: A Systematic Literature Review of Knowledge-Based Authentication on Augmented Reality Head-Mounted Displays

Reyhan Düzgün (Karlsruhe Institute of Technology, Germany), Naheem Noah (University of Denver, United States), Peter Mayer (Karlsruhe Institute of Technology, Germany), Sanchari Das (University of Denver, United States) and Melanie Volkamer (Karlsruhe Institute of Technology, Germany)

Combining Variational Autoencoders and Transformer Language Models for Improved Password Generation

David Biesner (Fraunhofer IAIS and University of Bonn, Germany), Kostadin Cvejoski (Fraunhofer IAIS, Germany) and Rafet Sifa (Fraunhofer IAIS, Germany)

Analysis and Evaluation of Hardware Trust Anchors in the Automotive Domain

Christian Plappert (Fraunhofer Institute SIT, ATHENE, Germany), Andreas Fuchs (Fraunhofer Institute SIT, ATHENE, Germany) and Ronald Heddergott (CARIAD SE, Germany)

Multi-Account Dashboard for Authentication Dependency Analysis

Daniela Pöhn (Universität der Bundeswehr München, FI CODE, Germany), Nils Gruschka (University of Oslo, Norway) and Leonhard Ziegler (Universität der Bundeswehr München, Germany)

Multi-label Classification of Cybersecurity Text with Distant Supervision

Masahiro Ishii, Kento Mori, Ryoichi Kuwana and Satoshi Matsuura (Tokyo Institute of Technology, Japan)

Risk Assessments Considering Safety, Security, and Their Interdependencies in OT Environments

Siegfried Hollerer (TU Wien, Austria), Thilo Sauter (TU Wien, Danube Univ., Austria), Wolfgang Kastner (TU Wien, Austria)

Improving Network, Data and Application Security for SMEs

Christos Tselios (University of Patras, Greece), Ilias Politis (University of Piraeus, Greece), Christos Xenakis (University of Piraeus, Greece)

Android Permission Manager, Visual Cues, and their Effect on Privacy Awareness and Privacy Literacy

Vera Schmitt (Technische Universität Berlin, Germany), Maija Poikela (Fraunhofer Institute for Applied and Integrated Security, Germany), Sebastian Möller (Technische Universität Berlin, Germany)

Design Space Exploration of DICE

Dominik Lorych and Lukas Jäger (Fraunhofer Institute SIT | ATHENE, Germany)

DevSecOps In Embedded Systems An Empirical Study Of Past Literature

Hasan Yasar and Sam E Teplov (Carnegie Mellon University, United States)

MetaSEnD A Security Enabled Development Life Cycle Meta-Model

Daniele Granata, Massimiliano Rak and Giovanni Salzillo (Università della Campania Luigi Vanvitelli, Italy)

Safety and Security Analysis using LDA based on Case Reports Case Study and Trust Evaluation Method

Katsuyuki Umezawa (Shonan Institute of Technology, National Institute of AIST), Hiroki Koyanagi (Internet Initiative Japan Inc.), Sven Wohlgemuth (SECOM Co., Ltd.), Yusuke Mishina (National Institute of AIST), Kazuo Takaragi (National Institute of AIST)