Conference Program

August 28, 2017
August 29, 2017
August 30, 2017
Opening Session,
Plenary Session I
Plenary Session II
Plenary Session III
Coffee break
Coffee break
Coffee break
Technical Session I
Technical Session III
Technical Session VI
Technical Session II,
Technical Session IV
Technical Session VII,
Closing Session
Coffee break
Coffee break
Coffee break
Warsaw Sightseeing
Technical Session V
Gala Dinner

August 28, 2017
Registration (8:30 - )
Opening Session (9:00 - 9:30)
Plenary Session I
Keynote Talk I - 9:30-10:30
An Adaptive Multi-Factor Authentication (A-MFA) Methodology
Dipankar Dasgupta, The University of Memphis, USA, IEEE Fellow
Multi-factor Authentication (MFA) is the current trend to genuinely identify authorized users (in multiple ways) through an authentication process via passwords, security tokens, biometrics, cognitive behavior metrics, software/hardware sensors, etc. Existing MFA systems typically use static policies for selecting authentication factors and do not consider dynamic aspects of the operating environment. We developed anauthentication framework for adaptive selection of multiple modalities at different operating environment so to make authentication strategy unpredictable to hackers. This methodology, called adaptive multi-factor authentication (A-MFA) incorporates a novel approach of calculating trustworthy values of different authentication factors while the computing device being used under different environmental settings. Accordingly, a subset of authentication factors are determined (at triggering events) on the fly thereby leaving no exploitable a priori pattern or clue for adversaries. Empirical studies with a group of users were conducted with varying environmental settings and the performance of the adaptive MFA is compared with other selection strategies. These results reflect that such a methodology of adaptive authentication selection can provide legitimacy to user transactions with an added layer of access protection that is not rely on a fixed set of authentication modalities. Robustness of the system is assuredby designing the framework in such a way that if any modality data get compromised, the system can still perform flawlessly using other non-compromised modalities. Scalability can also be achieved by adding new and/or improved modalities with existing set of modalities and integrating the operating/configuration parameters for the added modality.A video highlighting the unique features of A-MFA system is available at YouTube( A patent application (#14/968676) regarding Adaptive Multi-factor Authentication has been submitted to USPTO (status pending)and a licensing agreement with a company.
Dipankar Dasgupta is a Professor of Computer Science at the University of Memphis. His research interests are broadly in the area of scientific computing, design, and development of intelligent cyber security solutions inspired by biological processes. He is one of the founding fathers of the field of artificial immune systems, in which he has established himself with his works on nature-inspired cyber defense. Hisgraduate level textbook on “Immunological Computation”, was published by CRC press in 2009. He also edited two books: one on Evolutionary Algorithms in Engineering Applications and the other is entitled "Artificial Immune Systems and Their Applications", published by Springer-Verlag. His new textbook on Advances in User Authentication will be published by Springer-Verlag (in press).
Dr. Dasgupta is at the forefront of research in applying bio-inspired and machine learning approaches to cyber defense. Some of his groundbreaking works, like digital immunity, negative authentication, cloud insurance model, and Auth-Spectra put his name in Computer World Magazine and other News media.Prof. Dasgupta is an Advisory Board member of Geospatial Data Center (GDC), Massachusetts Institute of Technology since 2010, and worked on joint research projects with MIT.
Dr. Dasgupta has more than 250 publications with 12000+ citations and having h-index of 54 as per Google scholar. He received four Best Paper Awards at international conferences (1996, 2006, 2009, and 2012) and two Best Runner-Up Paper Awards (2013 and 2014): one from ACM Information Security Curriculum Development in October 2013, and the other from ACM Cyber and Information Security Research (CISR-9) Conference in April 2014. He is the recipient of 2012 Willard R. Sparks Eminent Faculty Award, the highest distinction and most prestigious honor given to a faculty member by the University of Memphis. Prof. Dasgupta received the 2014 ACM SIGEVO Impact Award, and also designated as an ACM Distinguished Speaker.
Coffee Break (10:30 - 11:15)
Technical Session I - Critical Infrastructure Protection and Visualization (11:15 - 13:00)
Chair: John Bay, Binghamton University (US)
1. Extending FAST-CPS for the Analysis of Data Flows in Cyber-Physical Systems (Full Paper, 11:15-11:45)
Laurens Lemaire and Jan Vossaert (KU Leuven, Belgium); Bart De Decker (K.UniversityLeuven, Belgium); Vincent Naessens (KU Leuven, Belgium)
2. Visualization-Driven Approach to Anomaly Detection in the Movement of Critical Infrastructure (Short Paper, 11:45-12:10)
Evgenia Novikova (St.Petersburg State Electrotechnical University); Ivan Murenin (St. Petersburg State Electrotechnical University, Russia)
3. Detection and Mitigation of Time Delay Injection Attacks on Industrial Control Systems with PLCs (Short Paper, 12:10-12:35)
Emrah Korkmaz (Binghamton University & Turkish Military Academy, USA); Matthew Davis and Andrey Dolgikh (Binghamton University, USA); Victor Skormin (Binghamton University, NY, USA)
4. Choosing Models for Security Metrics Visualization (Short Paper, 12:35-13:00)
Maxim Kolomeec (SPIIRAS, Russia); Gustavo Gonzalez-Granadillo (Institut Mines-Telecom, France); Elena Doynikova, Andrey Chechulin and Igor Kotenko (SPIIRAS, Russia); Herve Debar (Telecom SudParis & Institut Mines-Telecom, France)
Lunch (13:00 - 14:00)
Technical Session II - Security and Resilience of Network Systems (14:00 - 15:20)
Chair: Victor Skormin, Binghamton University (US)
1. iCrawl: A Visual High Interaction Web Crawler (Full Paper, 14:00-14:30)
Deeraj Nagothu and Andrey Dolgikh (Binghamton University, USA)
2. Race Condition Faults in Multi-Core Systems (Short Paper, 14:30-14:55)
Leonard Popyack, Jr (Utica College & Anjolen, Inc, USA); Jay Biernat (Anjolen Inc, USA)
3. Security Requirements for the Deployment of Services Across Tactical SOA (Short Paper, 14:55-15:20)
Vasileios Gkioulos (Norwegian University of Science and Technology & Norwegian Information Security Laboratory, Norway); Stephen Wolthusen (Royal Holloway - University of London, Norway)
Group Photo of MMM-ACNS 2017 Participants (15:20 - 15:30)
Coffee Break (15:30 - 16:15)
Warsaw Sightseeing (16:15 - )
August 29, 2017
Plenary Session II (9:00-10:30)
Chair: Stig Mjolsnes (Norwegian University of Science and Technology, Norway)
1. Meeting Requirements Imposed by Secure Software Development Standards and Still Remaining Agile
(Invited Paper: 9:00-9:50)
Janusz Gorski and Katarzyna Lukasiewicz (Gdansk University of Technology, Poland)
2. Adapting Enterprise Security Approaches for Evolving Cloud Processing and Networking Models
(Invited Paper: 9:50-10:30)
Andrew Hutchison (UCT South Africa)
Coffee Break (10:30 - 11:10)
Technical Session III - Adaptive Security (11:10 - 13:00)
Chair: Leonard Popyack, Utica Colllege (US)
1. Nodal Cooperation Equilibrium Analysis In Multihop Wireless Ad Hoc Networks With a Reputation System (Full Paper, 11:10-11:40)
Jerzy Konorski (Gdansk University of Technology, Poland); Karol Rydzewski (Gdansk University of Technology, Poland)
2. Network Anomaly Detection Based on an Ensemble of Adaptive Binary Classifiers (Full Paper, 11:40-12:10)
Alexander Branitskiy and Igor Kotenko (SPIIRAS, Russia)
3. Cardholder's Reputation System for Contextual Risk Management in Payment Transactions (Short Paper, 12:10-12:35)
Albert Sitek and Zbigniew Kotulski (Warsaw University of Technology, Poland)
4. Towards Self-Aware Approach for Mobile Devices Security (Short Paper, 12:35-13:00)
Nanda Kumar Thanigaivelan, Ethiopia Nigussie, Seppo Virtanen and Jouni Isoaho (University of Turku, Finland)
Lunch (13:00 - 14:00)
Technical Session IV: Anti-malware Techniques: Detection, Analysis, Prevention (14:00 - 15:50)
Chair: Igor Kotenko, SPIIRAS (RU)
1. Resident Security System for Government/Industry Owned Computers (Full Paper, 14:00-14:30)
Matthew Davis (Binghamton University, USA); Emrah Korkmaz (Binghamton University & Turkish Military Academy, USA); Andrey Dolgikh (Binghamton University, USA); Victor Skormin (Binghamton University, NY, USA)
2. tLab: A System Enabling Malware Clustering based on Suspicious Activity Trees (Full Paper, 14:30-15:00)
Anton Kopeikin (L. N. Gumilyov Eurasian National University, Kazakhstan); Arnur Tokhtabayev (T&T Security LLP, Kazakhstan); Nurlan Tashatov (L. N. Gumilyov Eurasian National University, Kazakhstan); Dina Satybaldina (L. Gumilyov Eurasian National University, Kazakhstan)
3. Malware Analysis and Detection via Activity Trees in User-Dependent Environment (Short Paper, 15:00-15:25)
Arnur Tokhtabayev (T&T Security LLP, Kazakhstan); Anton Kopeikin and Nurlan Tashatov (L. N. Gumilyov Eurasian National University, Kazakhstan); Dina Satybaldina (L. Gumilyov Eurasian National University, Kazakhstan)
4. A Concept of Clustering-Based Method for Botnet Detection (Short Paper, 15:25-15:50)
Hubert Ostap and Ryszard Antkiewicz (Military University of Technology, Poland)
Coffee Break (15:50 - 16:30)
Technical Session V: Security of Emerging Technologies (16:30-18:00)
Chair: Marcin Niemiec, AGH University of Science and Technology (PL)
1. Easy 4G/LTE IMSI Catchers for Non-Programmers (Full Paper, 16:30-17:00)
Stig Mjolsnes (Norwegian University of Science and Technology, Norway); Ruxandra F Olimid (NTNU, Trondheim, Norway)
2. Anomaly Detection in Cognitive Radio Networks Exploiting Singular Spectrum Analysis (Full Paper, 17:00-17:30)
Qi Dong, Zekun Yang and Yu Chen (Binghamton University, USA); Xiaohua (Edward) Li (State University of New York at Binghamton, USA); Kai Zeng (George Mason University, USA)
3. HEPPA: Highly Efficient Privacy Preserving Authentication for ITS (Full Paper, 17:30-18:00)
An Braeken (Vrije Universiteit Brussel, Belgium); Sergey V. Bezzateev (ITMO University, Saint Petersburg , Russia); Abdellah Touhafi (Vrije Universiteit Brussel, Belgium); Natalia Voloshina (ITMO University, Saint Petersburg , Russia)
Gala Dinner (19:00 - 22:30)
August 30, 2017
Plenary Session III
Keynote Talk II - 9:00-10:00
Modern Information Security Management Processes Optimization Methods
Antanas Cenys, Vilnius Gediminas Technical University, LT
Information security management nowadays is facing a number of issues, such as overregulating, inefficient budgeting, limited possibility to evaluate the price of a separate security control while implementing requirements of regulating documents, lack of user-friendly and intuitive tools for automating the routine security management process such as risk analysis, lack of human and financial resources, not established and unreliable communication channels between public and private sectors and many others. The presentation is to overview a number of research topics performed by the team of researchers at Vilnius Gediminas Technical University, such as optimizing the security standards requirements mapping via ontologies and different mapping visualization methods, calculation of separate security controls implementation costs, developed extensions of CySeMol tool for risk analysis in virtual environments and experimental SME oriented JESS-based expert system for general purpose information security risk analysis, Agile approach for security auditing and High-Level Self-Sustaining Information Security Management Framework, representing holistic approach to the collaborative information security network defense. The upcoming threats and trends of security research will be discussed.
Professor dr. Antanas Cenys is well known in Lithuania and abroad as excellent scientist as well as science manager. He defended Ph.D. thesis on semiconductor physics in 1983 and habilitation thesis on nonlinear dynamics in 1999. Antanas Cenys started his research carrier at Semiconductor Physics Institute (SPI) in 1978 and became chief research associate and chairman of Senate of SPI in 2001. Now Antanas Cenys is professor at Information Systems Department at Vilnius Gediminas Technical University (VGTU). In 2006 he established and leads IT security laboratory at VGTU. From 2008 he was Dean of Faculty of Fundamental Sciences and in 2011 became Vice-Rector for Research responsible for doctoral studies at VGTU. At the moment professor dr. Antanas Cenys is the Chairman of the Science Committee of Lithuanian University Rector’s Conference and the member of the Doctoral Education Committee at Lithuanian Ministry of Science and Education.
Professor Antanas Cenys worked as visiting researcher at NORDITA (Denmark), KFA Julich (Germany), EcoleNormaleSuperrieur in (France), EU JRC Institute of Perspective Technological Studies. He coordinated more than 10 EU and NATO research projects and published more than 150 scientific publications( h-factor in Web of Science 15). In 1999 he received Lithuanian National Award of Science.
1. Data Mining and Information Security
(Invited Paper: 10:00-10:30)
Alexander Grusho (Institute of Informatics Problems FRC CSC RAS & Moscow State University, Russia)
Coffee Break (10:30 - 11:10)
Technical Session VI: Applied Cryptography (11:10 - 13:05)
Chair: Janusz Zalewski, Florida Gulf Coast University (US)
1. Automated Cryptographic Analysis of the Pedersen Commitment Scheme (Full Paper, 11:10-11:40)
Roberto Metere and Changyu Dong (Newcastle University, United Kingdom (Great Britain)
2. Steganalysis Based on Statistical Properties of the Encrypted Messages (Full Paper, 11:40-12:10)
Valery Korzhik (State University of Telecommunication, Russia); Ivan Fedyanin and Artur Godlewski (State University of Telecommunications, Russia); Guillermo Morales-Luna (CINVESTAV-IPN, Mexico)
3. Security Assessment of Cryptographic Algorithms (Full Paper, 12:10-12:40)
Marcin Niemiec and Maciej Francikiewicz (AGH University of Science and Technology, Poland)
4. Quick Response Code Secure: A Cryptographically Secure Anti-Phishing Tool for QR Code Attacks (Short Paper, 12:40-13:05)
Vasileios Mavroeidis (University of Oslo, Norway); Mathew Nicho (Robert Gordon University, United Kingdom (Great Britain)
Lunch (13:05 - 14:00)
Technical Session VII: New Ideas and Paradigms for Security (14:00 - 15:15)
Chair: Ryszard Antkiewicz, Military University of Technology, Poland
1. A Novel and Unifying View of Trustworthiness in Cyberphysical Systems (Short Paper, 14:00-14:25)
Steven Drager (Air Force Research Lab, USA), Janusz Zalewski (Florida Gulf Coast University, USA)
2. Information Security of SDN on the Basis of Meta Data (Short Paper, 14:25-14:50)
Alexander Grusho (Institute of Informatics Problems FRC CSC RAS & Moscow State University, Russia); Nick Grusho (Institute of Informatics Problems, FRC Computer Science and Control of the RAS, Russia); Michael Zabezhailo and Alexander Zatsarinny (FRC CSC RAS, Russia); Elena Timonina (Institute of Informatics Problems FRC CSC RAS & Moscow State University, Russia)
3. Toward Third-Party Immune Applications (Short Paper, 14:50-15:15)
Omar Iraqi (Mohammed V University & Al Akhawayn University, Morocco); Hanan El Bakkali (National Higher School of Information and Systems Analysis, Morocco)
Closing Session (15:15-15:45)
  • Best Paper Award
  • Closing remarks
  • Announcement of MMM-ACNS 2019
Farewell Coffee Break (15:45 - 16:30)