Web 2.0 Security & Privacy 2014

Sunday, May 18 2014
The Fairmont Hotel, San Jose, California

The goal of this one-day workshop is to bring together researchers, practitioners, web programmers, policy makers, and others interested in the latest understanding and advances in the security and privacy of the web, browsers, cloud, mobile and their eco-system. We have had seven years of successful W2SP workshops.

More information regarding workshops co-located with the 2014 IEEE Symposium on Security and Privacy can be found on the conference website.

Previous W2SP Workshops:  2013, 2012, 2011, 2010, 2009, 2008, 2007

Read the 2014 Call For Papers


7:30–8:30 Breakfast
8:30–8:40 Welcome
8:40–8:50 Remarks from the Workshop Chairs
8:50–9:00 Best Paper Award & Keynote Intro
9:00–10:00 Keynote:

Speaker: Fred Wilmot is the Global Security Practice Director for Splunk

Fred is an experienced security professional currently running Splunk's global security practice. He leverages Splunk as a security intelligence platform, visualization of immense data sets, analytics for cyber security and IT. Enjoys Big Data security challenges for global businesses, and using technology and process to mature organizations. His current security focus is behavioral modeling, statistical analysis, threat intelligence and contextual data for enrichment for Security Operations and translating SecOps models to KPIs/KPMs; Solving security problems using raw and enriched data to solve business problems in conjunction with Hadoop, MongoDB, Cassandra, or Hortonworks through Splunk. Moving security from detection, to active defense and response.

Expertise: Incident Response and Investigation, cyber network defense, security operations models, Security Architecture, Threat intelligence, Strategic leadership, Leading cross-functional teams, solving hard problems, security technology and process development, big data applications to business, behavioral and statistical modeling, fraud modeling, Application management, Product Development, Secure Software Development Life Cycles, collaboration, service delivery and log management..

10:00–10:30 Morning Coffee Break
10:30–12:00 Session 1: Social Networks and the Web (Session Chair: )

Benjamin Henne (Leibniz Universitat Hannover), Marcel Linke (Leibniz Universitat Hannover) and Matthew Smith (Universitat Bonn)

    A study on the Unawareness of Shared Photos in Social Network Services (Abstract, Slides)

Sai Lu, Janne Lindqvist and Rebecca Wright (Rutgers University)

    Uncovering Facebook Side Channels and User Attitudes (Abstract, Slides)

Yaoqi Jia, Xinshu Dong, Zhenkai Liang and Prateek Saxena (National University of Singapore)

    I Know Where You’ve Been: Geo-Triangulation Attacks via the Browser Cache (Abstract, Slides)

12:00–1:10pm Lunch
1:10–2:30 Session 2: Analysis and Improvement (Session Chair: )

Joel Lee and Lujo Bauer (Carnegie Mellon University)

    Studying the Effectiveness of Security Images in Internet Banking (Abstract, Slides)

Lin-Shung Huang (Carnegie Mellon University), Shrikant Adhikarla (Microsoft), Dan Boneh (Stanford University) and Collin Jackson (Carnegie Mellon University)

    An Experimental Study of TLS Forward Secrecy Deployment (Abstract, Slides)

Sonali Batra (University at Buffalo)

    Short paper: PHAD-A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking (Abstract, Slides)

2:30–3:00 Break
3:00–4:45 Session 3: Tools and Insight (Session Chair: )

Ksenya Kveler, Abigail Goldsteen, Tamar Domany, Igor Gokhman, Boris Rozenberg and Ariel Farkash (IBM Research – Haifa)

    Application-screen Masking: A Hybrid Approach (Abstract, Slides)

Amy Zhang, Sandilya Bhamidipati, Nadia Fawaz and Branislav Kveton (Technicolor)

    PriView: Media Consumption and Recommendation Meet Privacy Against Inference Attacks (Abstract, Slides)

Marco Ghiglieri (Technische Universitat Darmstadt)

    I Know What You Watched Last Sunday - A New Survey Of Privacy In HbbTV (Abstract, Slides)

Andrew West (Verisign Labs) and Adam Aviv (U.S. Naval Academy)

    Short paper: On the Privacy Concerns of URL Query Strings (Abstract, Slides)

4:45–... Schmoozing

Workshop Co-Chairs

Larry Koved (IBM Research)
Matt Fredrikson (University of Wisconsin - Madison)

Program Chair

Tyrone Grandison (Proficiency Labs)

Program Committee

Aaron Massey (Georgia Institute of Technology)
Adrienne Porter Felt (Google)
Aleecia M. McDonald (Center for Internet & Society)
Alex Smolen (Twitter)
Alexander Polyakov (ERPScan)
Amine Cherrai (Amine Cherrai Consulting)
Anand Prakash (Flipkart)
Bhavani Thuraisingham (University of Texas - Dallas)
Brad Malin (Vanderbilt University)
Carrie Gates (Dell Research)
Christy Philip Matthew (Offcon Info Security)
Dieter Gollmann (Hamburg University of Technology)
Elena Ferrari (University of Insubria)
Gerome Miklau (University of Massachusetts - Amherst)
Hakan Hacigumus (NEC Labs)
Ilya Mironov (Microsoft Research)
James Kettle (Context Information Security)
Kimberley Hall (Security Advisory & Management Services Ltd)
Michael Franz (University of California - Irvine)
Michael Waidner (Technische Universitat Darmstadt)
Monica Chew (Mozilla)
Pierangela Samarati (University of Milan)
Raquel L. Hill (Indiana University)
Rafae Bhatti (Price Waterhouse Coopers)
Reginaldo Silva (Ubercomp)
Rose Gamble (University of Tulsa)
Sabrina De Capitani di Vimercati (University of Milan)
Sean Thorpe (University of Technology - Jamaica)
Sid Stamm (Mozilla)
Simson Garfinkel (Naval Postgraduate School)
Szymon Gruszecki
Varun Bhagwan (Yahoo)
Vinnie Moscaritolo (Silent Circle)