Program

Note: Technical program details follow the outline agenda.

Tuesday August 17 (Day 1)

8:00

Breakfast and Registration (Plenary)

8:30 – 9:00

Welcome and Official Opening (Plenary)

9:00 – 12:00

Innovation Day: Leveraging ICT to Address the “Hard Problems” in Public Safety and Security Part 1

9:00 – 9:45

9:45 – 10:30

Keynote:The Hard Problems in Public Safety and SecuritySir Terry Matthews, Chairman, Wesley Clover
Keynote: Cyber Security for Major Events
Luc Beaudoin, Chief of Cyber Operations, Canadian Cyber Incident Response Centre
Lynne Genik, Operational Research Scientist, Defence R&D Canada Centre for Security Science

10:45 – Noon

Panel #1: Policy, regulatory, legislative and societal issues
Panelists:
Lynne Genik - Defence R&D Canada
Bill St. Arnaud - Sensor Nets
Alex Langshur, CEO, PublicInsite - Social Media

9:00 – 12:00

Morning Workshop and Tutorials (parallel)

9:00	Workshop #1 Introduction to Usable Security
9:00	Workshop #2 Botnets

10:30

Refreshment Break

12:00 – 1:30

Luncheon and Keynote - Ann Cavoukian, IPC Ontario (Plenary)

1:30 – 5:00

Innovation Day: Leveraging ICT to Address the “Hard Problems”in Public Safety and Security - Part 2

1:30	Panel #2: Nature and scope of today’s enabling technologies Panelists: Dave McMahon, Bell Canada – Cyber Security Threats Sonny Landhal, Amita Corporation Darrell O’Donnell, CTO, Black Coral Chris DeJager, CAE Inc.
3:30	Panel #3: Landscape scan of disruptive technologies Panelists: Joel Martin, NRC-IIT Lance Valcour, CPRC - Interoperability Jean Luc Berube , CRC Hussein Mouftah, U Ottawa – Optical Networks
5:00	Panel #4: Collaboration - bringing it all together for maximum effect Panelists: Mark Williamson, DRDC Kevin Wennekes, CATA Tony Rahilly, IRAP Bill Munson, ITAC

1:30 – 5:30

Afternoon Workshop and Tutorials (parallel)

1:30	Workshop #3 Biometrics: Enhancing Privacy, Security and Trust through Privacy by Design
1:30	Workshop#4 Dwindling Consumer Trust in Online Transactions – Causation, Implications and Treatment

3:00 – 3:30

Refreshment Break

5:30 – 7:30

Poster Session (see technical program details below) and Networking Reception (Plenary)

Wednesday August 18 (Day 2)

8:00

Breakfast (Plenary)

9:00 – 10:00

Academic Keynote(Plenary)

10:00- 10:30

Refreshment Break

10:30 – 12:00

Paper Session

12:00 - 2:00

Luncheon and Industry Keynote (Plenary)

2:00 - 3:30

Paper Sessions

3:30 - 4:00

Refreshment Break

4:00 - 5:30

Paper Sessions

5:30 - 7:30

Banquet and Awards (Plenary)

Thursday August 19 (Day 3)

8:00

Breakfast

9:00 - 10:00

Academic Keynote

10:00 - 10:30

Refreshment Break

10:30 - 12:00

Paper Session

12:00 - 2:00

Luncheon and Industry Keynote (Plenary)

2:00 - 3:30

Paper Sessions

3:30

Official Closing (Plenary)

Detail Technical Program

Day	Time	Plenary
Tue	05:30 PM-07:30 PM	Posters
Wed	09:00 AM-10:00 AM	Cyber Forensics: Challenges and Techniques
	10:30 AM-12:00 PM	Network Forensics Analysis
	02:00 PM-03:30 PM	Security Protocols and Architectures, Trust
	04:00 PM-05:50 PM	Privacy, Identity and Access Management
Thu	09:00 AM-10:00 AM	Assuring Data Trustworthiness - Concepts and Research Challenges
	10:30 AM-12:00 PM	Software Security
	02:00 PM-03:30 PM	Biometrics Technologies

Tuesday, August 17

5:30 PM - 7:30 PM

Posters (room DMS4101)

Chair: Babak Esfandiari (Carleton University, Canada)

Co-Located Physical-Layer Network Coding to Mitigate Passive Eavesdropping: Michael Hay (Carleton University, Canada); Basil Saeed (Carleton University, Canada); Chung-Horng Lung (Carleton University, Canada); Anand Srinivasan (Carleton University, Canada)
Ray – A Secure Micro Kernel Architecture: Stefan Nuernberger (CASED - Center for Advanced Security Research Darmstadt, Germany); Thomas Feller (CASED - Center for Advanced Security Research Darmstadt, Germany); Sorin A. Huss (CASED - Center for Advanced Security Research Darmstadt, Germany)

Wednesday, August 18

9:00 AM - 10:00 AM

Cyber Forensics: Challenges and Techniques (room DMS4101)

Dr. Mourad Debabbai, Director, Concordia Institute for Information Systems Engineering, Concordia University

Cyber forensics plays a major role by providing scientifically proven methods to gather, process, interpret, and to use digital evidence to bring a conclusive description of cyber crime activities. Even though cyber forensics is at its infancy as a discipline, it is extremely pertinent and more than ever nowadays. In this talk, we will overview the main cyber threats and discuss the underlying major challenges that this new discipline is facing. In this respect, we will review the state of the art processes, methodologies, techniques and technologies. In additions, we will present some of our research results on the forensics of physical memory, logging, networking, and internet-mediated communication

Chair: Ali Miri (University of Ottowa & Ryerson University, Canada)

10:30 AM - 12:00 PM

Network Forensics Analysis (room DMS1110)

Chair: Ali A. Ghorbani (University of New Brunswick, Canada)

10:30 Method Ontology for Intelligent Network Forensics Analysis: Sherif Saad (University of Victoria, Canada); Issa Traore (University of Victoria, Canada)
10:50 Detection, Correlation, and Visualization of Attacks Against Critical Infrastructure Systems: Linda Briesemeister (SRI International, USA); Steven Cheung (SRI International, USA); Ulf Lindqvist (SRI International, USA); Alfonso Valdes (SRI International, USA)
11:10 Achieving Critical Infrastructure Protection through the Interaction of Computer Security and Network Forensics: Ray Hunt (University of Canterbury, New Zealand); Jill Slay (University of South Australia, Australia)
11:30 On the Analysis of the Zeus Botnet Crimeware Toolkit: Hamad Binsalleeh (Concordia University, Canada); Thomas Ormerod (Master Student, Canada); Amine Boukhtouta (Concordia University, Canada); Prosenjit Sinha (Concordia University, Canada); Amr Youssef (Concordia University, Canada); Mourad Debbabi (Concordia University, Montreal, Canada); Lingyu Wang (Concordia University, Canada)

2:00 PM - 3:30 PM

Security Protocols and Architectures (room DMS1130)

Chair: Carlisle Adams (University of Ottawa, Canada)

14:00 On the Representation and Verification of Cryptographic Protocols in a Theory of Action: James Delgrande (Simon Fraser University, Canada); Aaron Hunter (Simon Fraser University, Canada); Torsten Grote (Simon Fraser University, Canada)
14:20 J3: High Payload Histogram Neutral JPEG Steganography: Mahendra Kumar (University of Florida, USA); Richard E. Newman (University of Florida, USA)
14:40 Design of Distributed Security Architecture for Multihop WiMAX Networks: Perumalraja Rengaraju (Carleton University, Canada); Chung-Horng Lung (Carleton University, Canada); Anand Srinivasan (Carleton University, Canada)
15:00 Security Advances and Challenges in 4G Wireless Networks: Nabil Seddigh (Solana Networks, Canada); Biswajit Nandy (Solana Networks, Canada); Rupinder Makkar (Carleton University, Canada); Jean-Francois Beaumont (Defence Research and Development Canada - Ottawa, Canada)

Trust (room DMS1110)

Chair: Steve Marsh (CRC, Canada)

14:00 The Relationship of Trust, Demand, and Utility: Be More Trustworthy, Then I Will Buy More: Amirali Salehi-Abari (Carleton University, Canada); Tony Richard White (Carleton University, Canada)
14:20 Assessing Trustworthiness of Nodes to Enhance Performance in Mobile Ad hoc Networks: Sanat Bista (University of Bradford, United Kingdom); Keshav Dahal (University of Bradford, United Kingdom); Peter Cowling (University of Bradford, United Kingdom); Aziz Bouras (Université Lumière Lyon 2, France)
14:40 Trust-Aware Monitoring Scheme for WiMax Networks: Haidar Safa (American University of Beirut, Lebanon); Farah Abu Shahla (American University of Beirut, Lebanon)
15:00 Vampire Bats Trust in Privacy: Tracy Ann Kosa (University of Ontario Institute of Technology, Canada)

4:00 PM - 5:50 PM

Privacy (room DMS1130)

Chair: Khaled El Emam (University of Ottowa, Canada)

16:00 Towards A Privacy Preserving Policy Based Infrastructure for Social Data Access To Enable Scientific Research: Palanivel Andiappan Kodeswaran (University of Maryland Baltimore County, USA); Evelyne Viegas (Microsoft Research, USA)
16:20 A New Perspective of Privacy Protection: Unique Distinct l-SR diversity: Yunli Wang (National Research Council Canada, Canada); Yan Cui (National Research Council Canada, Canada); Liqiang Geng (National Research Council Canada, Canada); Hongyu Liu (National Research Council Canada, Canada)
16:40 Analysis of Privacy Impact Assessments within Major Jurisdictions: David Tancock (HP Labs, United Kingdom); Siani Pearson (HP Labs, United Kingdom); Andrew Charlesworth (Bristol University, United Kingdom)
17:00 Efficient Privacy Preserving Reputation Protocols Inspired by Secure Sum: Omar Hasan (INSA Lyon, France); Elisa Bertino (Purdue University, USA); Lionel Brunie (INSA de LYON, France)
17:20 Social Networks for Health Care: Addressing Regulatory Gaps with Privacy-by-Design: James Williams (University of Victoria, Canada); Jens Weber (University of Victoria, Canada)

Identity and Access Management (room DMS1110)

Chair: Issa Traore (University of Victoria, Canada)

16:00 Transaction Signing in Applications Using Identity Federation: Paul Rabinovich (Exostar LLC, USA)
16:20 On Achieving a Digital Identity Management System with Support for Non-Transferability: Brent Carrara (University of Ottawa, Canada); Carlisle Adams (University of Ottawa, Canada)
16:40 Risk Analysis in Access Control Systems: Ji Ma (Université du Québec en Outaouais, Canada); Kamel Adi (University of Quebec in Outaouais, Canada); Mohamed Mejri (Laval University, Canada); Luigi Logrippo (Universite de Quebec a l'Outaouais, Canada)
17:00 Secure Architecture for RFID Enabled Supply Chain Hierarchy: Nauman Abdullah (NUST, Pakistan); Muhammad Arif Wahla (National University of Sciences and Technology (NUST), Pakistan)

Thursday, August 19

9:00 AM - 10:00 AM

Assuring Data Trustworthiness - Concepts and Research Challenges (room DMS4101)

Dr. Elisa Bertino, Research Director, Center for Education and Research in Information Assurance and Security (CERIAS), Purdue University

Today, more than ever, there is a critical need for organizations to share data within and across the organizations so that analysts and decision makers can analyze and mine the data, and make effective decisions. However, in order for analysts and decision makers to produce accurate analysis and make effective decisions and take actions, data must be trustworthy. Therefore, it is critical that data trustworthiness issues, which also include data quality, provenance and lineage, be investigated for organizational data sharing, situation assessment, multi-sensor data integration and numerous other functions to support decision makers and analysts. The problem of providing trustworthy data to users is an inherently difficult problem that requires articulated solutions combining different methods and techniques. In the talk we will first elaborate on the data trustworthiness challenge and discuss a trust fabric framework to address this challenge. The framework is centered on the need of trustworthiness and risk management for decision makers and analysts and includes four key components: identity management, usage management, provenance management and attack management. We will then present an initial approach for assess the trustworthiness of streaming data and discuss open research directions.

Chair: Ali Miri (University of Ottowa & Ryerson University, Canada)

10:30 AM - 12:00 PM

Software Security (room DMS1110)

Chair: Guy-Vincent Jourdan (University of Ottawa, Canada)

10:30 A Model-Driven Penetration Test Framework for Web Applications: Pulei Xiong (SITE, University of Ottawa, Canada); Liam Peyton (University of Ottawa, Canada)
10:50 Lightweight protection against brute force login attacks on web applications: Carlisle Adams (University of Ottawa, Canada); Guy-Vincent Jourdan (University of Ottawa, Canada); Jean-Pierre Levac (University of Ottawa, Canada); François Prevost (University of Ottawa, Canada)
11:10 A New Approach for the Dynamic Enforcement of Web Services Security: Azzam Mourad (Lebanese American University (LAU), Lebanon); Sara Ayoubi (Lebanese American University (LAU), Lebanon); Hamdi Yahyaoui (Kuwait University, Kuwait); Hadi Otrok (Khalifa University of Science, Technology & Research (KUSTAR), UAE)
11:30 Guessing Click-Based Graphical Passwords by Eye Tracking: Daniel LeBlanc (Carleton University, Canada); Alain Forget (Carleton University, Canada); Robert Biddle (Carleton University, Canada)

2:00 PM - 3:30 PM

Biometrics Technologies (room DMS1110)

Chair: Sherif Saad (University of Victoria, Canada)

14:00 Keystroke Dynamics: Characteristics and Opportunities: Heather Crawford (University of Glasgow, United Kingdom)
14:20 You are the Key: Generating Cryptographic Keys from Voice Biometrics: Brent Carrara (University of Ottawa, Canada); Carlisle Adams (University of Ottawa, Canada)
14:40 Secure Information Processing with Privacy Assurance – Standard based Design and Development for Biometric Applications: Bon Sy (Queens College and University Graduate Center/City U. of New York, USA); Adam Ramirez (Queens College, USA); Arun Prakash Kumara Krishnan (Queens College, USA)
15:00 Security of Error Correcting Code for Biometric Encryption (critical note): Alex Stoianov (Office of the Information and Privacy Commissioner of Ontario, Canada)