---------------------------------------------------------------------

                         CALL FOR PARTICIPATION

                               DIMVA 2014

                   Eleventh International Conference on
     Detection of Intrusions and Malware & Vulnerability Assessment


                       Organized by GI SIG SIDAR
    Technically Co-Sponsored by the IEEE CS Technical Committee on 
                         Security and Privacy


             Royal Holloway University of London, Egham, UK
                            July 10-11 2014

                     http://www.dimva.org/dimva2014
                             info@dimva.org

----------------------------------------------------------------------

The annual DIMVA conference serves as  a premier forum for advancing the
state  of  the  art  in  intrusion  detection,  malware  detection,  and
vulnerability assessment.  Each year DIMVA brings together international
experts from  academia, industry and  government to present  and discuss
novel  research  in  these  areas. DIMVA is  organized  by  the  special
interest group  Security - Intrusion  Detection and Response  (SIDAR) of
the German Informatics Society (GI).

Registration

Registration is open: http://dimva2014.isg.rhul.ac.uk/registration.html 
Early-bird ends on Jun 16, 2014 --- Hurry up!

High-class Keynotes

The DIMVA 2014 program includes three high-class keynotes by Ross Anderson, 
Alex Halderman, and Susan Landau.

Sponsorship Opportunities

We solicit interested organizations to serve as sponsors for DIMVA 2014;
please contact the sponsorship chair for information regarding corporate
sponsorship (mail to sponsor-chair@dimva.org).

Sponsors

Gold Sponsors: GCHQ, HP Labs Bristol, Huawei, and Kaspersky Lab
Silver Sponsors: Nominet, Silent Circle and Trend Micro

Program

Thursday, July 10, 2014

9:00  Opening remarks

9:15  Keynote Talk: Alex Halderman

10:15 Break

10:45 Session: Malware 1

Data structure archaeology: scrape away the dirt and glue back the pieces!
(Or: automated techniques to recover split and merged variables)
Asia Slowinska, Istvan Haller, Andrei Bacs, Silviu Horia Baranga and Herbert Bos

Identifying Shared Software Components to Support Malware Forensics
Brian Ruttenberg, Craig Miles, Lee Kellog, Vivek Notani, Michael Howard,
Charles Ledoux, Arun Lakhotia and Avi Pfeffer

Instruction-Level Steganography for Covert Trigger-Based Malware (short paper)
Dennis Andriesse and Herbert Bos

12:05 Lunch

13:30 Keynote Talk: Ross Anderson

Title: "The economics and psychology of botnets"

Abstract: We know that botnets are a problem, but why should anyone
pay attention? How big a problem are they and what can the average
person do about them anyway? In this talk I will discuss what's known
about the costs botnets and other shared criminal infrastructure
impose on society from the viewpoint of an analysis of the costs of
cybercrime. I will then discuss what we know about the effectiveness
of warnings. Many warnings are designed by lawyers to benefit the
person giving the warning rather than the person receiving it; how
would we communicate a warning to someone if we really want them to
act on it?

Bio: Ross Anderson is Professor of Security Engineering at Cambridge
University where his research ranges from cryptography (where his
algorithm Serpent was an AES finalist) through hardware tamper
resistance and peer-to-peer systems to the social-science aspects of
security. He was one of the founders of the study of the economics of
security; this is now a field with over a hundred active researchers.
This has extended in recent years to the behavioural economics and
psychology of security. He is a Fellow of the Royal Society and of the
Royal Academy of Engineering.

14:30 Break

15:00 Mobile Security

AndRadar: Fast Discovery of Android Applications in Alternative Markets
Martina Lindorfer, Stamatis Volanis, Alessandro Sisto, Matthias
Neugschwandtner, Elias Athanasopoulos, Federico Maggi, Christian Platzer,
Stefano Zanero and Sotiris Ioannidis

Attacks on Android Clipboard
Xiao Zhang and Wenliang Du

I Sensed It Was You: Authenticating Mobile Users with Sensor-enhanced 
Keystroke Dynamics
Cristiano Giuffrida, Kamil Majdanik, Mauro Conti and Herbert Bos

16:30 GI SIDAR Meeting
17:00 Royal Holloway Picture Gallery Tour (TBC)
18:00 Gala Dinner

Friday, July 11, 2014

9:00  Malware 2

AV-Meter: An Evaluation of Antivirus Scans and Labels
Aziz Mohaisen and Omar Alrawi

PExy: The other side of Exploit Kits
Giancarlo De Maio, Alexandros Kapravelos, Yan Shoshitaishvili, Christopher
Kruegel and Giovanni Vigna

Metadata-driven Threat Classification of Network Endpoints Appearing in Malware
Andrew West and Aziz Mohaisen

10:30 Break

11:00 Keynote Talk: Susan Landau

12:00 Lunch

13:30 Network Security

Parallelization of Network Intrusion Detection Systems under Attack Conditions
Rene Rietz, Franka Schuster, Hartmut Koenig and Michael Vogel

Phoenix: DGA-based Botnet Tracking and Intelligence
Stefano Schiavoni, Federico Maggi, Lorenzo Cavallaro and Stefano Zanero

15:00 Break

15:30 Host Security

Quantifiable Run-time Kernel Attack Surface Reduction
Anil Kurmus, Sergej Dechand and Ruediger Kapitza

Bee Master: Detecting Host-Based Code Injection Attacks
Thomas Barabosch, Sebastian Eschweiler and Elmar Gerhards-Padilla

Diagnosis and Emergency Patch Generation for Integer Overflow Exploits
Tielei Wang, Chengyu Song and Wenke Lee

17:00 Closing remarks

Organizing Committee

Members:
General Chair: Lorenzo Cavallaro, Royal Holloway University of London, UK
Program Chair: Sven Dietrich, Stevens Institute of Technology, USA
Financial Chair: Christian Gorecki, PI-ONE, Germany

Program Committee

Magnus Almgren, Chalmers University of Technology, Sweden
Jean Camp, Indiana University at Bloomington, USA
Justin Cappos, NYU/Poly, USA
Michael Collins, RedJack LLC, USA
Baris Coskun, AT&T Security Research Center, USA
Herve Debar, Telecom Sud Paris, France
David Dittrich, University of Washington, USA
Jose M. Fernandez, Ecole Polytechnique de Montreal, Canada
Ulrich Flegel, Infineon, Germany
Allen D. Householder, CMU/CERT, USA
Rob Johnson, Stony Brook University, USA
Chris Kanich, University of Illinois at Chicago, USA
Pavel Laskov, University of Tuebingen, Germany
Corrado Leita, Symantec Research, France
Michael Meier, University of Bonn, Germany
Daniela Oliveira, Bowdoin College, USA
Michalis Polychronakis, Columbia University, USA
Konrad Rieck, University of Goettingen, Germany
Volker Roth, Freie Universitaet Berlin, Germany
Sebastian Schmerl, AGT International, Germany
Cristina Serban, AT&T Security Research Center, USA
Micah Sherr, Georgetown University, USA
Asia Slowinska, Vrije Universiteit Amsterdam, Netherlands
Wietse Venema, IBM Research Yorktown Heights, USA

Steering Committee

Chairs

Ulrich Flegel, Infineon, Germany
Michael Meier, University of Bonn, Germany

Members

Herbert Bos, Vije Universiteit Amsterdam, the Netherlands
Danilo M. Bruschi, Universita degli Studi di Milano, Italy
Roland Bueschkes, RWE AG, Germany
Herve Debar, Telecom SudParis, France
Bernhard Haemmerli, Acris GmbH & HSLU Lucerne, Switzerland
Marc Heuse, Baseline Security Consulting, Germany
Thorsten Holz, Ruhr-Universitaet Bochum, Germany
Marko Jahnke, Fraunhofer FKIE, Germany
Klaus Julisch, Deloitte, Switzerland
Christian Kreibich, ICSI, USA
Christopher Kruegel, UC Santa Barbara, USA
Pavel Laskov, University of Tuebingen, Germany
Konrad Rieck, University of Goettingen, Germany
Robin Sommer, ICSI/LBNL, USA
Diego Zamboni, CFEngine AS, Norway