About ISPEC 2018

The 14th International Conference on Information Security Practice and Experience (ISPEC 2018) will be held in Tokyo in September 2018. The ISPEC conference is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and their integration with IT systems in various vertical sectors. In previous years, ISPEC has taken place in Singapore (2005), Hangzhou, China (2006), Hong Kong, China (2007), Sydney, Australia (2008), Xi'an, China (2009), Seoul, Korea (2010), Guangzhou, China (2011), Hangzhou, China (2012), Lanzhou, China (2013), Fuzhou, China (2014), Beijing, China (2015), Zhangjiajie, China (2016) and Melbourne, Australia (2017). For all sessions, the conference proceedings were published by Springer in the Lecture Notes in Computer Science series.

Organized by:

University of Tukuba, Japan

Sponsored by:

Hitachi, Ltd.

Mitsubishi Electric Corporation

TOSHIBA Corporation

Huawei Technologies Co., Ltd.

ANDISEC, Ltd.

Supported by:

ISEC of IEICE, Japan

CSEC of IPSJ (Special Interest Group on Computer Security of Information Processing Society of Japan)

News & Updates

August 7, 2018   Conference program is updated.

July 15, 2018   Keynote speaker information is updated.

July 10, 2018   Accepted paper list is updated.

June 7, 2018   Visa application is updated.

June 4, 2018   The deadline of registration payment for each accepted paper is changed to June 23, 2018.

June 4, 2018   The registration system is open.

April 17, 2018   The submission deadline is extended to 25th April, 2018, 23:59 JST (Strict! No more extension!).

April 2, 2018   The submission deadline is extended to 16th April, 2018, 23:59 JST.

March 19, 2018   Springer had formally accepted ISPEC 2018 for publication as an LNCS proceedings.

March 01, 2018   The paper submission is available.

Keynote Speakers

Note: The order of speakers is sorted according to the alphabetical order of surname.

Assistant Professor Sherman S. M. Chow
Affiliation: The Chinese University of Hong Kong
Title: Password-Hardening Services

Learn More

Abstract

Password remains the most widespread means of authentication, especially on the Internet. As such, it is the Achilles heel of many modern systems. We witnessed the trend of recurring breaches where (salted) password databases get stolen. This is disastrous as low-entropy passwords can be guessed by brute-force attacks easily. Facebook pioneered using a cryptographic server to harden password-based authentication. We call it password-hardening (PH) service. The crypto server serves as a helper in the validation process and as a rate-limiter to thwart online dictionary attack. We first show that the PH scheme of Schneider et al. (ACM CCS '16) is vulnerable to offline attacks just after a single validation query. We then suggest stronger security definitions, and an even more efficient construction, Phoenix, to achieve them. It can handle up to three times more than Pythia (USENIX Security '15), the first and the only solution remains secure before our work. PH only provides user-authentication but cannot provide confidentiality of sensitive user data (e.g., credit card number for an e-commerce site). Although encryption somewhat alleviates the problem, decryption is often needed for utility, and keeping the decryption key within reach is obviously dangerous. To address this seemingly unavoidable problem, we propose the notion of password-hardened encryption (PHE). PHE inherits the security features of PH, in particular, the crypto rate-limiter learns neither the password nor the sensitive data, while validating the password and helping in decryption. More importantly, both the crypto rate-limiter and the crypto-service client can rotate their secret keys, providing a proactive security mechanism mandated by the Payment Card Industry Data Security Standard. We build an extremely simple PHE which can handle more than 525 encryption and (successful) decryption requests per second per core on a 10-core Intel Xeon E5-2640 CPU. This talk is based on two papers appeared in USENIX Security 2017 and 2018.


Professor Robert Deng
Affiliation: Singapore Management University
Title: A User Centric and Layered Approach to Mobile Security

Learn More

Abstract

Mobile computing has become a fundamental feature in the lives of billions of people, who have developed an unprecedented reliance on smart phones and tablets compared to any previous computing technology. With the trend of bring your own device, mobile devices are increasingly used to access and store sensitive corporate information as well. However, not only mobile devices and applications present a unique set of risks to personal privacy, they also pose new security challenges to enterprise information systems. This talk will provide an overview of the research activities conducted in the Secure Mobile Center at the Singapore Management University, from techniques to fortifying mobile platforms with a user centric trust anchor, mobile malware analysis, detection and containment, secure and usable schemes for local and remote authentication, to scalable and efficient access control of encrypted data in the cloud for mobile users whose devices are constrained in both power and computation capabilities.


Professor Shin’ichiro Matsuo
Affiliation: Georgetown University
Title: Era of Elusiveness in Security and Privacy

Learn More

Abstract

When we think about security and privacy, we try and tend to establish a consistent model to design and evaluate technologies. Such a model helps understandings of problems, development of theory and technologies over the same common ground. Thus, we believe that creating a concrete model and goal for a kind of technologies are required to achieve enough security and privacy. Recent progress of application protocol raises a question to such a style of security research. Bitcoin, a protocol proposed in an anonymous paper without a consistent model and peer review, realizes unexpected economic impacts than other cryptographic protocols. The protocol is a beautiful combination of many different kinds of theoretical backgrounds; hence, the reverse-engineering to produce a consistent model is hard, and there are no successful attempts to obtain it. Beyond Bitcoin, blockchain is expected to be used for broad applications than payment in Bitcoin. For those wide ranges of applications, we need to deal with additional many uncertain factors to evaluate security and privacy of blockchain based systems, over the bitcoin which still lacks a consistent model. System model, trust model and decentralization, security assumptions, and performance requirements are in a trade-off relationship. Designers of each blockchain based system deal with elusive and non-static security and privacy model. In this keynote, I will show how bitcoin and blockchain give a new perspective to analyze the nature of these protocols, and what is needed for security researchers to deal with practical but elusive technologies.


Professor Kui Ren
Affiliation: Zhejiang University

Title: Attributing Pictures to Smartphones via Camera Fingerprinting

Learn More

Abstract

Today’s society faces numerous data leakage incidents, which affect users’ privacy more severe than ever. Existing user authentication practices based on traditional cryptography and biometric techniques have become largely insufficient, if not ineffective, as we move into the AI and IoT era. In order to address this challenge, smartphones have been widely explored by both academia and industry as a readily available possession device of the users. In this talk, we explore the technique of camera fingerprinting to develop a brand-new hardware-rooted smartphone authentication mechanism. Various security issues underlying the proposed authentication mechanism are discussed in-depth. The usability of the proposed solution is also demonstrated through real-world experiments.


Professor Mark Ryan
Affiliation: University of Birmingham
Title: Security of machine learning

Learn More

Abstract

Machine learning has achieved impressive results in a wide variety of computing problems, including computer vision, speech recognition, content filtering, anomaly detection, and competitive game playing. However, the models in machine learning are often insecure, both from a confidentiality and an integrity point of view. In a confidentiality compromise, say involving a machine learning model mapping symptoms to disease diagnosis, an attacker could extract from the model data about specific individuals used in its training. Integrity compromises include the possibility that an attacker subtly alters query data, for example by modifying the pixel values of an image in ways that can't be detected by a human viewer, in order to achieve a particular result. The talk will introduce machine learning, and review existing attacks and defences concerning its security. Plenty of examples and intuitions will be given.

Call For Papers       CFP Download

Authors are invited to submit full papers presenting new research results related to information security technologies and applications. Areas of interest include, but are not limited to:

  • Cryptology
  • Applied cryptography
  • Mobile security
  • Cloud security
  • Access control
  • Privacy enhanced technology
  • Viruses and malware
  • Software security
  • Database security
  • Web security
  • Operating system security
  • Intrusion detection
  • Big data security and privacy
  • Biometric Security
  • Implementation
  • Network security
  • Key management
  • Security and privacy in ubiquitous computing
  • Formal methods for security
  • Digital forensics
  • Security for critical infrastructures
  • Embedded systems security
  • Lightweight security
  • Smart grid security
  • Cyber security for urban transportation
  • Cyber-physical security
  • Cryptocurrency

Important Dates

Submission Deadline 16th April, 2018, 23:59 JST , 25th April, 2018, 23:59 JST (Strict! No more extension!)
Acceptance Notification25th May, 2018, 8th June, 2018
Camera-ready Copy Due 15th June, 2018, 25th June, 2018
Conference 25th - 27th September, 2018

Author Instructions

Authors are invited to submit original papers: they must not substantially duplicate work that any of the authors have published elsewhere or have submitted in parallel to any other conferences that have proceedings or any journal. The submission must be anonymous, with no author names, affiliations, acknowledgements, or obvious references. Original contributions are invited up to 16 pages in length (single column) excluding appendices and bibliography and up to 20 pages in total, using at least 11-point fonts and with reasonable margins. Submissions not meeting the submission guidelines risk rejection without consideration of their merits.

ISPEC 2018 Submission Link

We are pleased to announce that the proceeding will be published by Springer as a volume of the Lecture Notes in Computer Science (LNCS) series. Auther instructions and LaTeX/Word templates for LNCS publications can be found via the following link.

Springer LNCS Author Information

Journal Special Issues

Selected papers presented at the ISPEC 2018 will be invited to consider submission (after significant extension) for special issues in the following journals (more to come):

Wireless Communications and Mobile Computing
Special Issue on Security, Privacy and Trust on Internet of Things
Learn more
Journal of Information Security and Application
Special Issue on Recent Advances in Internet-of-Things Attacks and Defences
Learn more
Security and Communication Networks
Special Issue on Machine Learning for Wireless Multimedia Data Security   Learn more
AI-Driven Cyber Security Analytics and Privacy Protection   Learn more
Sensors
Special Issue on Threat Identification and Defence for Internet-of-Things
Learn more
Cryptography
Special Issue "Information Security Practice and Experience"
Learn more
International Journal of Distributed Sensor Networks
Special Collection on Security and Privacy in Distributed Networks and Internet of Vehicles
Learn more

Organising Committee

Honored Chair

Eiji Okamoto, University of Tsukuba, Japan

General Co-Chairs

Kazumasa Omote, University of Tsukuba, Japan
Jiageng Chen, Central China Normal University, China

Program Co-Chairs

Chunhua Su, University of Aizu, Japan
Hiroaki Kikuchi, Meiji University, Japan

Liaison Chair

Naoto Yanai, Osaka University, Japan

Local Organizing Chair

Keita Emura, NICT, Japan

Publication Co-chairs

Weizhi Meng, Technical University of Denmark, Denmark
Takeshi Okamoto, Tsukuba University of Technology, Japan

Publicity Co-chairs

Debiao He, Wuhan University, China
Atsuo Inomata, Tokyo Denki University/NAIST, Japan

Registration Chair

Masaki Fujikawa, Kogakuin University, Japan

Web Chair

Kaitai Liang, University of Surrey, UK

Program Committee

Man Ho Au, The Hong Kong Polytechnic University, Hong Kong
Joonsang Baek, University of Wollongong, Australia
Aniello Castiglione, University of Salerno, Italy
David Chadwick, University of Kent, UK
Xiaofeng Chen, Xidian University, China
Chen-Mou Cheng, Osaka University, Japan
Kim-Kwang Raymond Choo, The University of Texas at San Antonio, USA
Mauro Conti, University of Padua, Italy
Robert Deng, Singapore Management University, Singapore
Dieter Gollmann, Hamburg University of Technology, Gemerny
Stefanos Gritzalis, University of the Aegean, Greece
Gerhard Hancke, City University of Hong Kong, Hong Kong
Shoichi Hirose, University of Fukui, Japan
Xinyi Huang, Fujian Normal University, China
Julian Jang-Jaccard, Massey University, Nеw Zеаlаnd
Kwangjo Kim, Korea Advanced Institute of Science and Technology, Korea
Noboru Kunihiro, The University of Tokyo, Japan
Miroslaw Kutylowski, Wroclaw University of Technology, Poland
Albert Levi, Sabanci University, Turkey
Costas Lambrinoudakis, University of Piraeus, Greece
Giovanni Livraga, Politecnico di Milano, Italy
Shujun Li, University of Kent, UK
Yingjiu Li, Singapore Management University, Singapore
Joseph Liu, Monash University, Australia
Zhe Liu, University of Luxembourg, Luxembourg
Javier Lopez, University of Malaga, Spain
Rongxing Lu, University of New Brunswick, Canada
Di Ma, University of Michigan, USA
Weizhi Meng, Technical University of Denmark, Denmark
Chris Mitchell, Royal Holloway, University of London, UK
David Naccache, École normale supérieure, France
Günther Pernul, Universität Regensburg, Gemerny
Josef Pieprzyk, Queensland University of Technology, Australia
C. Pandu Rangan, Indian Institute of Technology Madras, India
Indrajit Ray, Colorado State University, USA
Na Ruan, Shanghai Jiaotong University, China
Sushmita Ruj, Indian Statistical Institute, India
Pierangela Samarati, Universita' degli Studi di Milano, Italy
Jun Shao, Zhejiang Gongshang University, China
Willy Susilo, University of Wollongong, Australia
Qiang Tang, Cornell University, USA
Cong Wang, City University of Hong Kong, Hong Kong
Ding Wang, Peking University, China
Qianhong Wu, Beihang University, China
Shouhuai Xu, University of Texas at San Antonio, USA
Toshihiro Yamauchi, Okayama University, Japan
Wun-She Yap, Universiti Tunku Abdul Rahman, Malaysia
Kuo-Hui Yeh, National Dong Hwa University, Taiwan
Xun Yi, RMIT University, Australia
Siu Ming Yiu, The University of Hong Kong, Hong Kong

Accepted Papers

Full paper:

A New Insight - Proxy Re-Encryption under LWE with Strong Anti-Collusion
Wei Yin, Qiaoyan Wen, Wenmin Li, Hua Zhang and Zhengping Jin

Non-adaptive Group-Testing Aggregate MAC Scheme
Shoichi Hirose and Junji Shikata

A Generic Construction of Integrated Secure-Channel Free PEKS and PKE
Tatsuya Suzuki, Keita Emura and Toshihiro Ohigashi

Efficient and Secure Firmware Update/Rollback Method for Vehicular Devices(Invited Paper)
Yuichi Komano, Zhengfan Xia, Takeshi Kawabata and Hideo Shimizu

Efficient Evaluation of Low Degree Multivariate Polynomials in Ring-LWE Homomorphic Encryption Schemes
Sergiu Carpov and Oana Stan

Macros Finder: Do You Remember LOVELETTER?
Hiroya Miura, Mamoru Mimura and Hidema Tanaka

An Almost Non-Interactive Order Preserving Encryption Scheme
Jingjing Guo, Jianfeng Wang, Zhiwei Zhang and Xiaofeng Chen

Leakage-Resilient Chosen-Ciphertext Secure Functional Encryption from Garbled Circuits
Huige Wang, Kefei Chen, Joseph K. Liu and Ziyuan Hu

Towards Securing Challenge-based Collaborative Intrusion Detection Networks via Message Verification
Wenjuan Li, Weizhi Meng, Yu Wang, Jinguang Han and Jin Li

TMGMap: Designing Touch Movement-based Geographical Password Authentication on Smartphones
Weizhi Meng and Zhe Liu

Constrained (Verifiable) Pseudorakkndom Function from Functional Encryption
Pratish Datta

Time Series Analysis: Unsupervised Anomaly Detection Beyond Outlier Detection
Max Landauer, Markus Wurzenberger, Florian Skopik, Giuseppe Settanni and Peter Filzmoser

HanT_SM: Elliptic Curve Scalar Multiplication Algorithm Secure against Single-Trace Attacks
Bo-Yeon Sim, Kyu Young Choi, Dukjae Moon, Hyo Jin Yoon, Jihoon Cho and Dong-Guk

Keyword-Based Delegable Proofs of Storage
Binanda Sengupta and Sushmita Ruj

Certificateless Public Key Signature Schemes from Standard Algorithms
Zhaohui Cheng and Liqun Chen

Recovering Memory Access Sequence with Differential Flush+Reload Attack
Zhiwei Yuan, Yang Li, Kazuo Sakiyama, Takeshi Sugawara and Jian Wang

Revisiting the Sparsification Technique in Kannan’s Embedding Attack on LWE
Yuntao Wang and Thomas Wunderer

Universal Wavelet Relative Distortion: A New Counter Forensic Attack on Photo Response Non-Uniformity based Source Camera Identification
Udaya Sameer Venkata and Ruchira Naskar

Efficient Trapdoor Generation from Multiple Hashing in Searchable Symmetric Encryption(Invited paper)
Takato Hirano, Yutaka Kawai and Yoshihiro Koseki

Hierarchical Secret Sharing Schemes Secure against Rushing Adversary: Cheater Identification and Robustness
Partha Sarathi Roy, Sabyasachi Dutta, Kirill Morozov, Avishek Adhikari, Kazuhide Fukushima, Shinsaku Kiyomoto and Kouichi Sakurai

A New Design of Online/Offline Signatures Based on Lattice
Mingmei Zheng, Shao-Jun Yang, Wei Wu, Jun Shao and Xinyi Huang

CHQS: Publicly Verifiable Homomorphic Signatures Beyond the Linear Case
Lucas Schabhüser, Denis Butin and Johannes Buchmann

Seeing is believing: authenticating users with what they see and remember.
Wayne Chiu, Kuo-Hui Yeh and Akihito Nakamura

An Efficient and Provably Secure Private Polynomial Evaluation Scheme
Zhe Xia, Bo Yang, Mingwu Zhang and Yi Mu

Achieving Almost-Full Security for Lattice-based Fully Dynamic Group Signatures with Verifier-local Revocation
Maharage Nisansala Sevwandi Perera and Takeshi Koshiba

Compact Ring Signature in the Standard Model for Blockchain
Hao Ren, Peng Zhang, Qingchun Shentu, Joseph K. Liu and Tsz Hon Yuen

A Two-Stage Classifier Approach for Network Intrusion Detection
Wei Zong, Yang-Wai Chow and Willy Susilo


Short paper:

Secure Computation of Inner Product of Vectors with Distributed Entries & its Applications to SVM
Sabyasachi Dutta, Nishant Nikam and Sushmita Ruj

Attribute-based Traceable Anonymous Proxy Signature Strategy for Mobile Healthcare
Entao Luo and Guojun Wang

DSH: Deniable Secret Handshake Framework
Yangguang Tian, Yingjiu Li, Yinghui Zhang, Nan Li, Guomin Yang and Yong Yu

M-ORAM Revisited: Security and Construction Updates
Karin Sumongkayothin

Efficient Traceable Oblivious Transfer and Its Applications
Weiwei Liu, Yinghui Zhang, Yi Mu, Guomin Yang and Yangguang Tian

Entanglement between Hash Encodings and Signatures from ID Schemes with Non-Binary Challenges: a Case Study on Lightweight Code-based Signatures
Bagus Santoso, Taiyo Yamaguchi and Tomoyuki Ohkubo

(k,l)-clustering for Transactional Data Streams Anonymization
Jimmy Tekli, Bechara Al Bouna, Youssef Bou Issa, Marc Kamradt and Ramzi Haraty

Generic Framework for Accountable Optimistic Fair Exchange Protocol
Jia-Ch'Ng Loh, Swee-Huay Heng and Syh-Yuan TanA

Regulating IoT messages
Alban Gabillon and Emmanuel Bruno

Leveled Hierarchical Identity-Based Fully Homomorphic Encryption from Learning with Rounding
Fucai Luo, Kunpeng Wang and Changlu Lin

Security cycle clock synchronization method based on mobile reference nodes in Wireless Sensor Networks
Jing Xu, Yuqiang Zhang and Fei Xu

Privacy-preserving data collection for mobile phone sensing tasks
Yining Liu, Yanping Wang, Xiaofen Wang, Zhe Xia and Jingfang Xu

 Conference Schedule

Registration Information

Registration payment is required by 23rd June 2018 for EACH accepted paper. This deadline will be strictly enforced. Failure to pay the registration fee by 23rd June 2018 will result in the exclusion of the papers from the Conference Proceedings. The registration system will be closed on 10th September 2018.

Registration Fee

Registration Fee (in Japanese Yen)[Early] By 6 August 2018 (23:59 JST)[Late] Until 10 September 2018 (23:59 JST)
Full Registration65,000 yen80,000 yen
Student Registration65,000 yen70,000 yen

Both types of registration include: full attendance of the conference, conference proceedings, conference banquet, lunches and coffee break.

Cancellation Policy

For the early registration before 6th August 2018, the registration fees are refundable after deducting the necessary handling fee, but Non-Refundable after 20th August. The registration fees are Non-Refundable for the late registration that is done after 6th August 2018.

Registration Method

You can proceed your conference registration here .

Venue

ISPEC 2018 will be held at Tokyo Campus, University of Tsukuba, Myogadani St., Tokyo. Tokyo Campus of University of Tsukuba is located near Myogadani Station of Tokyo Metro Marunouchi Line.

Location

Address: 3-29-1 Otsuka, Bunkyo-ku, Tokyo 112-0012 Japan.

Information on Visa Applications

All participants of ISPEC2018 should be very careful about visa requirements and should make travel plan in advance enough. Visitors are fully responsible for acquiring all documents needed for entering Japan.

Japan provides waiver of visa requirements with more than 60 countries and regions. Please refer to the recent status on the visa waiver program from the Ministry of Foreign Affairs of Japan (MOFA).

If you need a visa for attendance, you should prepare all required documents according to the visa information page by MOFA. If you have any questions, please contact diplomatic establishments of Japan in your residential area.

We will issue an invitation letter ONLY for those who have presentation(s) at ISPEC2018 upon request. If you need an invitation letter for visa application, please send the following documents to
(ispec2018-visa *at* ml.cc.tsukuba.ac.jp)
(please replace *at* with @.)
after paying the registration fee via ISPEC2018 website and fixing your accommodation during the conference. (You can download a copy of participation information sheet and schedules of stay sheet from here.)

  • Filled participation information sheet for invitation letter (MS-word and PDF format).
  • Photo-copy of your passport (PDF format). (The page which your photo and passport number are included.)
  • Photo-copy of student identification card (PDF format), if you are student. (The page(s) which your photo, name, and ID number are included.)
  • Photo-copy of employee identification card (PDF format), if you are an employee. (The page(s) which your photo, name, and ID number are included.)
  • Filled schedules of your stay sheet (MS-word or PDF format) with a proof of your stay (e.g., a confirmation e-mail, a receipt or an invoice from your accommodation).


We will respond with a detailed procedure for invitation letter request. Please make sure to make a registration for ISPEC2018 before the request.

Notices:

  • Visa application to MOFA may take a long time. Please do it well before the deadline!
  • We will normally respond to the first request in a few days.
  • After receiving all required information, we will normally handle your requests in 1 or 2 weeks and the letter will be sent by a postal mail.
  • We do not issue any form of "a letter of guarantee"
  • We will issue invitation letters only for those who have presentation(s) at ISPEC2018.
  • We hold rights to request any additional information and/or to decline your application for invitation letters.
  • In case you need a document to be submitted to your organization prior to applying Visa, just let us know immediately.
  • Registration cannot be cancelled once the Visa application related documents have been sent out to you.

About privacy:

According to the Act on the Protection of Personal Information Held by Independent Administrative Agencies and others of Japan, the information submitted to ISPEC2018 in this page will be kept secret and used only for processing the invitation letter requests. In some cases, ISPEC2018 will share those information with a part of organizing committee members concerned for resolving issues (e.g. checking registration status and paper acceptance etc.). We will not use any information received for other purposes, except those required by laws and rules of Japan.


If you have any question, please contact: ispec2018-info@ml.cc.tsukuba.ac.jp

LNCS Univesity of Tsukuba risk mitsubishi toshiba huawei andisec