The Community for Technology Leaders
2014 Twelfth Annual Conference on Privacy, Security and Trust (PST) (2014)
Toronto, ON, Canada
July 23, 2014 to July 24, 2014
ISBN: 978-1-4799-3502-4
TABLE OF CONTENTS

Front cover (PDF)

pp. c1

[Title page] (PDF)

pp. 1

Can apps play by the COPPA Rules? (Abstract)

Ilaria Liccardi , Computer Science and Artificial Intelligence Laboratory, Massachusetts Institute of Technology, Cambridge, USA
Monica Bulger , Oxford Internet Institute, University of Oxford, England, UK
Hal Abelson , Computer Science and Artificial Intelligence Laboratory, Massachusetts Institute of Technology, Cambridge, USA
Daniel J. Weitzner , Computer Science and Artificial Intelligence Laboratory, Massachusetts Institute of Technology, Cambridge, USA
Wendy Mackay , INRIA Saclay Île-de-France, Orsay, France
pp. 1-9

Privacy-preserving mobility-casting in opportunistic networks (Abstract)

Gianpiero Costantino , IIT-CNR, Pisa, Italy
Fabio Martinelli , IIT-CNR, Pisa, Italy
Paolo Santi , IIT-CNR, Pisa, Italy
pp. 10-18

Undetectable communication: The Online Social Networks case (Abstract)

Filipe Beato , KU Leuven, ESAT/COSIC and iMinds, Belgium
Emiliano De Cristofaro , University College London, Dept. of Computer Science, UK
Kasper B. Rasmussen , University of Oxford, Dept. of Computer Science, UK
pp. 19-26

Building privacy-preserving location-based apps (Abstract)

Brian Sweatt , Massachusetts Institute of Technology, Cambridge, USA
Sharon Paradesi , Computer Science and Artificial Intelligence Laboratory, Massachusetts Institute of Technology, Cambridge, USA
Ilaria Liccardi , Computer Science and Artificial Intelligence Laboratory, Massachusetts Institute of Technology, Cambridge, USA
Lalana Kagal , Computer Science and Artificial Intelligence Laboratory, Massachusetts Institute of Technology, Cambridge, USA
Alex Pentlandz , Massachusetts Institute of Technology, Cambridge, USA
pp. 27-30

“You are what you play”: Breaching privacy and identifying users in online gaming (Abstract)

Dragana Martinovic , University of Windsor, Ontario, Canada
Victor Ralevich , Sheridan College, Oakville, Ontario, Canada
Joshua McDougall , Bitcoinsultants, Toronto, Ontario, Canada
Michael Perklin , Bitcoinsultants, Toronto, Ontario, Canada
pp. 31-39

Inferring social relationships from technology-level device connections (Abstract)

Jason R. C. Nurse , Cyber Security Centre, Department of Computer Science, University of Oxford, UK
Jess Pumphrey , Cyber Security Centre, Department of Computer Science, University of Oxford, UK
Thomas Gibson-Robinson , Cyber Security Centre, Department of Computer Science, University of Oxford, UK
Michael Goldsmith , Cyber Security Centre, Department of Computer Science, University of Oxford, UK
Sadie Creese , Cyber Security Centre, Department of Computer Science, University of Oxford, UK
pp. 40-47

MindYourPrivacy: Design and implementation of a visualization system for third-party Web tracking (Abstract)

Yuuki Takano , National Institute of Information and Communications Technology, Tokyo, Japan
Satoshi Ohta , National Institute of Information and Communications Technology, Tokyo, Japan
Takeshi Takahashi , National Institute of Information and Communications Technology, Tokyo, Japan
Ruo Ando , National Institute of Information and Communications Technology, Tokyo, Japan
Tomoya Inoue , Japan Advanced Institute of Science and Technology, Ishikawa, Japan
pp. 48-56

A secure two-party bartering protocol using privacy-preserving interval operations (Abstract)

Fabian Forg , Stevens Institute of Technology, Hoboken, NJ, USA
Daniel Mayer , Stevens Institute of Technology, Hoboken, NJ, USA
Susanne Wetzel , Stevens Institute of Technology, Hoboken, NJ, USA
Stefan Wuller , RWTH Aachen University, Germany
Ulrike Meyer , RWTH Aachen University, Germany
pp. 57-66

Direct Anonymous Attestation in practice: Implementation and efficient revocation (Abstract)

Li Xi , Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, China
Dengguo Feng , Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, China
Yu Qin , Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, China
Feng Wei , Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, China
Jianxiong Shao , Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, China
Bo Yang , Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, China
pp. 67-74

Using biometric key commitments to prevent unauthorized lending of cryptographic credentials (Abstract)

David Bissessar , Canada Border Services Agency CANADA
Carlisle Adams , EECS Ottawa University, CANADA
Dong Liu , Canada Border Services Agency CANADA
pp. 75-83

Mining YouTube metadata for detecting privacy invading harassment and misdemeanor videos (Abstract)

Nisha Aggarwal , Indraprastha Institute of Information Technology, Delhi (IIITD), India
Swati Agrawal , Indraprastha Institute of Information Technology, Delhi (IIITD), India
Ashish Sureka , Indraprastha Institute of Information Technology, Delhi (IIITD), India
pp. 84-93

Who Uses Bitcoin? An exploration of the Bitcoin community (Abstract)

Jeremiah Bohr , University of Illinois at Urbana-Champaign, USA
Masooda Bashir , University of Illinois at Urbana-Champaign, USA
pp. 94-101

Desperately seeking assurances: Segmenting users by their information-seeking preferences (Abstract)

Anthony Morton , Department of Computer Science, University College London, United Kingdom
M. Angela Sasse , Department of Computer Science, University College London, United Kingdom
pp. 102-111

Private intersection of regular languages (Abstract)

Roberto Guanciale , KTH Royal Institute of Technology, Stockholm, Sweden
Dilian Gurov , KTH Royal Institute of Technology, Stockholm, Sweden
Peeter Laud , Cybernetica AS, Tartu, Estonia
pp. 112-120

Enabling privacy through transparency (Abstract)

Oshani Seneviratne , Decentralized Information Group, MIT CSAIL, USA
Lalana Kagal , Decentralized Information Group, MIT CSAIL, USA
pp. 121-128

Privacy-respecting digital investigation (Abstract)

Ali Dehghantanha , Faculty of Computer Science and Information Technology, University Putra Malaysia, Malaysia
Katrin Franke , Testimon Digital Forensics Lab, Gjøvik University College- Norway
pp. 129-138

ZARATHUSTRA: Extracting Webinject signatures from banking trojans (Abstract)

Claudio Criscione , Politecnico di Milano, Italy
Fabio Bosatelli , Politecnico di Milano, Italy
Stefano Zanero , Politecnico di Milano, Italy
Federico Maggi , Politecnico di Milano, Italy
pp. 139-148

Quantifying the financial impact of it security breaches on business processes (Abstract)

Clemens Martin , Department of Business Informatics, Duale Hochschule Baden-Württemberg, Mannheim, Germany
Amina Kadry , Department of Business Informatics, Duale Hochschule Baden-Württemberg, Mannheim, Germany
Ghada Abu-Shady , Department of Business Informatics, Duale Hochschule Baden-Württemberg, Mannheim, Germany
pp. 149-155

Semi-synthetic data set generation for security software evaluation (Abstract)

Florian Skopik , Safety and Security Department, AIT Austrian Institute of Technology, Austria
Giuseppe Settanni , Safety and Security Department, AIT Austrian Institute of Technology, Austria
Roman Fiedler , Safety and Security Department, AIT Austrian Institute of Technology, Austria
Ivo Friedberg , Safety and Security Department, AIT Austrian Institute of Technology, Austria
pp. 156-163

Towards efficient evaluation of XACML policies (Abstract)

Azzam Mourad , Department of Computer Science and Mathematics, Lebanese American University, Beirut, Lebanon
Hussein Jebbaoui , Department of Computer Science and Mathematics, Lebanese American University, Beirut, Lebanon
pp. 164-171

A forensic analysis framework for recovering encryption keys and BB10 backup decryption (Abstract)

Halima Al Shehhi , College of Technological Innovation, Zayed University, United Arab Emirates
Dua'a Abu Hamdi , College of Technological Innovation, Zayed University, United Arab Emirates
IzzEddin Asad , College of Technological Innovation, Zayed University, United Arab Emirates
Farkhund Iqbal , College of Technological Innovation, Zayed University, United Arab Emirates
pp. 172-178

Continuous authentication using micro-messages (Abstract)

Marcelo Luiz Brocardo , Department of Electrical and Computer Engineering, University of Victoria - UVIC, British Columbia, Canada
Issa Traore , Department of Electrical and Computer Engineering, University of Victoria - UVIC, British Columbia, Canada
pp. 179-188

Improving usability of passphrase authentication (Abstract)

Glen Nielsen , Department of Applied Mathematics & Computer science, Technical University of Denmark, Denmark
Michael Vedel , Department of Applied Mathematics & Computer science, Technical University of Denmark, Denmark
Christian D. Jensen , Department of Applied Mathematics & Computer science, Technical University of Denmark, Denmark
pp. 189-198

Secure VANET applications with a refined group signature (Abstract)

Mohammad Saiful Islam Mamun , Japan Advanced Institute of Science and Technology (JAIST), Ishikawa, Japan
Atsuko Miyaji , Japan Advanced Institute of Science and Technology (JAIST), Ishikawa, Japan
pp. 199-206

A study of mnemonic image passwords (Abstract)

Soumyadeb Chowdhury , School of Computing Science, University of Glasgow, UK
Ron Poet , School of Computing Science, University of Glasgow, UK
Lewis Mackenzie , School of Computing Science, University of Glasgow, UK
pp. 207-214

Data-centric phishing detection based on transparent virtualization technologies (Abstract)

Sebastian Biedermann , Security Engineering Group, Department of Computer Science, Technische Universität Darmstadt, Germany
Tobias Ruppenthal , Security Engineering Group, Department of Computer Science, Technische Universität Darmstadt, Germany
Stefan Katzenbeisser , Security Engineering Group, Department of Computer Science, Technische Universität Darmstadt, Germany
pp. 215-223

Clickjuggler: Checking for incomplete defenses against clickjacking (Abstract)

Yusuke Takamatsu , Keio University, Japan
Kenji Kono , Keio University, Japan
pp. 224-231

Identifying users with application-specific command streams (Abstract)

Alaa El Masri , Department of Computer Science, George Mason University, Fairfax, VA, USA
Harry Wechsler , Department of Computer Science, George Mason University, Fairfax, VA, USA
Peter Likarish , Department of Mathematics and Computer Science, Drew University, Madison, NJ, USA
Brent ByungHoon Kang , Graduate School of Information Security, Korea Advanced Institute of Science and Technology, Daejeon, South Korea
pp. 232-238

Granularity based flow control (Abstract)

Omar Abahmane , Université du Québec en Outaouais, Canada
Luigi Logrippo , Université du Québec en Outaouais, Canada
pp. 239-248

Automated generation of models for fast and precise detection of HTTP-based malware (Abstract)

Apostolis Zarras , Ruhr-University Bochum, Germany
Antonis Papadogiannakis , FORTH-ICS, Greece
Robert Gawlik , Ruhr-University Bochum, Germany
Thorsten Holz , Ruhr-University Bochum, Germany
pp. 249-256

P-SPADE: GPU accelerated malware packer detection (Abstract)

Neha Gupta , Department of Computer Engineering, Malaviya National Institute of Technology, Jaipur, India
Smita Naval , Department of Computer Engineering, Malaviya National Institute of Technology, Jaipur, India
Vijay Laxmi , Department of Computer Engineering, Malaviya National Institute of Technology, Jaipur, India
M.S. Gaur , Department of Computer Engineering, Malaviya National Institute of Technology, Jaipur, India
Muttukrishnan Rajarajan , City University, United Kingdom
pp. 257-263

Detection and mitigation of malicious JavaScript using information flow control (Abstract)

Bassam Sayed , Department of Electrical and Computer Engineering, University of Victoria, BC, Canada
Issa Traore , Department of Electrical and Computer Engineering, University of Victoria, BC, Canada
Amany Abdelhalim , Department of Electrical and Computer Engineering, University of Victoria, BC, Canada
pp. 264-273

Secure exams despite malicious management (Abstract)

Giampaolo Bella , Dipartimento di Matematica e Informatica, Università di Catania, Italy
Rosario Giustolisi , Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, Luxembourg
Gabriele Lenzini , Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, Luxembourg
pp. 274-281

Another free app: Does it have the right intentions? (Abstract)

Mohamed Fazeen , Department of Computer Science & Engineering, University of North Texas, Denton, 76207-7102, USA
Ram Dantu , Department of Computer Science & Engineering, University of North Texas, Denton, 76207-7102, USA
pp. 282-289

Specifying and enforcing constraints in dynamic access control policies (Abstract)

Nada Essaouini , Télécom Bretagne, France
Frederic Cuppens , Télécom Bretagne, France
Nora Cuppens-Boulahia , Télécom Bretagne, France
Anas Abou El Kalam , Cadi Ayyad University, ENSA of Marrakesh, Maroc
pp. 290-297

Design requirements to counter parallel session attacks in security protocols (Abstract)

Anca D. Jurcut , University of Limerick, Ireland
Tom Coffey , University of Limerick, Ireland
Reiner Dojen , University of Limerick, Ireland
pp. 298-305

Automata-based approach to design and analyze security policies (Abstract)

Wadie Krombi , ENSIAS, Mohammed V-Souissi University, Rabat, Morocco
Mohammed Erradi , ENSIAS, Mohammed V-Souissi University, Rabat, Morocco
Ahmed Khoumsi , Dept. Electrical & Comp. Eng., University of Sherbrooke, Canada
pp. 306-313

Efficient verification of data encryption on cloud servers (Abstract)

Keji Hu , Department of Computer Science, Iowa State University, USA
Wensheng Zhang , Department of Computer Science, Iowa State University, USA
pp. 314-321

Assessing cryptographic signature schemes from a legal perspective (Abstract)

Dan T.F. Chan , Department of Computer Science, The University of Hong Kong, Pokfulam Road, Hong Kong
Lucas C.K. Hui , Department of Computer Science, The University of Hong Kong, Pokfulam Road, Hong Kong
S.M. Yiu , Department of Computer Science, The University of Hong Kong, Pokfulam Road, Hong Kong
pp. 322-329

Distributed Searchable Symmetric Encryption (Abstract)

Christoph Bosch , CTIT, University of Twente, The Netherlands
Andreas Peter , CTIT, University of Twente, The Netherlands
Bram Leenders , CTIT, University of Twente, The Netherlands
Hoon Wei Lim , CCRG, Nanyang Technological University, Singapore
Qiang Tang , APSIA, SnT, University of Luxembourg, Luxembourg
Huaxiong Wang , CCRG, Nanyang Technological University, Singapore
Pieter Hartel , CTIT, University of Twente, The Netherlands
Willem Jonker , CTIT, University of Twente, The Netherlands
pp. 330-337

Generalization of socio-rational secret sharing with a new utility function (Abstract)

Mehrdad Nojoumian , Department of Computer Science, Southern Illinois University, Carbondale, USA
pp. 338-341

Crypto-assistant: Towards facilitating developer's encryption of sensitive data (Abstract)

Ricardo Rodriguez Garcia , Faculty of Business and Information Technology, University of Ontario Institute of Technology, Oshawa, Canada
Julie Thorpe , Faculty of Business and Information Technology, University of Ontario Institute of Technology, Oshawa, Canada
Miguel Vargas Martin , Faculty of Business and Information Technology, University of Ontario Institute of Technology, Oshawa, Canada
pp. 342-346

A trust based Information sharing model (TRUISM) in MANET in the presence of uncertainty (Abstract)

Khalid Zaman Bijon , Institute for Cyber Security & Department of Computer Science, University of Texas at San Antonio, USA
Md Munirul Haque , Department of Computer and Information Sciences, University of Alabama at Birmingham, USA
Ragib Hasan , Department of Computer and Information Sciences, University of Alabama at Birmingham, USA
pp. 347-354

Validating trust models against realworld data sets (Abstract)

Noel Sardana , School of Computer Science, University of Waterloo, Ontario, Canada
Robin Cohen , School of Computer Science, University of Waterloo, Ontario, Canada
pp. 355-362

Demonstrating the value of credibility modeling for trust-based approaches to online message recommendation (Abstract)

Noel Sardana , School of Computer Science, University of Waterloo, Ontario, Canada
Robin Cohen , School of Computer Science, University of Waterloo, Ontario, Canada
pp. 363-370

TRAAC: Trust and risk aware access control (Abstract)

Chris Burnett , Department of Computing Science, University of Aberdeen, UK
Liang Chen , Department of Computing Science, University of Aberdeen, UK
Peter Edwards , Department of Computing Science, University of Aberdeen, UK
Timothy J. Norman , Department of Computing Science, University of Aberdeen, UK
pp. 371-378

A typed natural deduction calculus to reason about secure trust (Abstract)

Giuseppe Primiero , Department of Computer Science, Middlesex University, UK
Franco Raimondi , Department of Computer Science, Middlesex University, UK
pp. 379-382

Two trust networks in one: Using bipolar structures to fuse trust and distrust (Abstract)

Stefano Bistarelli , Department of Mathematics and Computer Science, University of Perugia, Italy
Francesco Santini , Institute of Informatics and Telematics, CNR-Pisa, Italy
pp. 383-390

Communicating and visualising multicriterial trustworthiness under uncertainty (Abstract)

Florian Volk , Technische Universität Darmstadt/CASED, Germany
Sascha Hauke , Technische Universität Darmstadt/CASED, Germany
Daniel Dieth , Telecooperation Lab, Hochschulstraße 10, 64289 Darmstadt, Germany
Max Muhlhauser , Technische Universität Darmstadt/CASED, Germany
pp. 391-397

What can the hashtag #trust tell us about how users conceptualise trust? (Abstract)

Natasha Dwyer , Victoria University, Melbourne, Australia
Stephen Marsh , Faculty of Business and IT, University of Ontario Institute of Technology, Oshawa, Canada
pp. 398-402

Analyzing trustworthiness of virtual machines in data-intensive cloud computing (Abstract)

Dipen Contractor , Department of Computer Engineering, NIT Surat, India 395007
Dhiren Patel , Department of Computer Engineering, NIT Surat, India 395007
pp. 403-406

i/k-Contact: A context-aware user authentication using physical social trust (Abstract)

Shiori Arimura , Graduate school of Informatics, Shizuoka University, Hamamatsu, Japan
Masahiro Fujita , Graduate school of Informatics, Shizuoka University, Hamamatsu, Japan
Shinya Kobayashi , Graduate school of Informatics, Shizuoka University, Hamamatsu, Japan
Junya Kani , Graduate school of Informatics, Shizuoka University, Hamamatsu, Japan
Masakatsu Nishigaki , Graduate school of Informatics, Shizuoka University, Hamamatsu, Japan
Akira Shiba , Smart Centric Laboratory Human Centric Computing Laboratories, Fujitsu Laboratories Ltd., Kawasaki, Japan
pp. 407-413

Weighting peer reviewers (Abstract)

A. Spalvieri , Dipartimento di Elettronica, Informazione e Bioingegneria, Politecnico di Milano, Italy
S. Mandelli , Dipartimento di Elettronica, Informazione e Bioingegneria, Politecnico di Milano, Italy
M. Magarini , Dipartimento di Elettronica, Informazione e Bioingegneria, Politecnico di Milano, Italy
G. Bianchi , Dipartimento di Ingegneria Elettronica, Università di Roma Tor Vergata, Italy
pp. 414-419

TrustCV: Reputation-based trust for collectivist digital business ecosystems (Abstract)

Donovan Isherwood , Academy for Computer Science and Software Engineering, University of Johannesburg, South Africa
Marijke Coetzee , Academy for Computer Science and Software Engineering, University of Johannesburg, South Africa
pp. 420-424

Author index (PDF)

pp. 425-426

Cover spine (PDF)

pp. 1
88 ms
(Ver 3.3 (11022016))