About the Conference
NordSec is an annual research conference series that has been running since 1996. The NordSec conferences address a broad range of topics on IT security. The events bring together security researchers from the Nordic countries, Northern Europe, and beyond. In addition to being a venue for academic publishing, NordSec is an important meeting place for university faculty, students, and industry researchers and experts from the region.
Call for Papers
Background, aim, and scope
NordSec addresses a broad range of topics within IT security with the aim of bringing together computer security researchers and encouraging interaction between academia and industry.
Possible topics include, but are not limited to:
- Access control and security models
- Applied cryptography
- Blockchains
- Cloud security
- Cryptanalysis
- Cryptographic protocols
- Cyber crime, warfare, and forensics
- Economic, legal, and social aspects of security
- Formal analysis
- Hardware and smart card security
- Information flow security
- Intrusion detection and mitigation
- Language-based security
- Mobile, embedded, and Internet of Things security
- Operating System security
- Privacy and anonymity
- Security and machine learning
- Security education and training
- Security management and audit
- Security metrics
- Security protocols
- Security usability
- Social engineering and phishing
- Software security and malware
- Threat modelling
- Trust and identity management
- Trusted computing
- Vulnerability testing
- Web application security
Contributions should reflect original research, developments, studies and experience. Submitted papers should not exceed 16 pages (excluding references and appendices) in Springer LNCS format. Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings.
Submission Guidelines
All submitted papers will be judged based on their quality and relevance through double-blind reviewing, where the identities of the authors are withheld from the reviewers. As an author, you are required to make a good-faith effort to preserve the anonymity of your submission, while at the same time allowing the reader to fully grasp the context of related past work, including your own. Minimally, please take the following steps when preparing your submission:
- Remove the names and affiliations of authors from the title page.
- Remove acknowledgment of identifying names and funding sources.
- Use care in referring to related work, particularly your own. Do not omit references to provide anonymity, as this leaves the reviewer unable to grasp the context. Instead, reference your past work in the third person, just as you would any other piece of related work by another author.
- We encourage the inclusion of anonymized digital research artifacts in the form of anonymized download links in the submitted manuscript. Tools like https://github.com/tdurieux/anonymous_github/ could be useful to authors to anonymize links and contents of research artifacts consisting in code repositories.
- Submissions should be formatted using the Springer LNCS format and must not exceed 16 pages (excluding well-marked appendices, and references), with an overall limit of 20 pages. Appendices may be included to assist reviewers who may have questions that fall outside the stated contribution of the paper on which your work is to be evaluated or to provide details that would only be of interest to a small minority of readers. Reviewers are not required to read any appendices so the paper should be self-contained without them. Finally, notice that, according to latest LNCS guidelines, if a paper includes appendices, they should be placed in front of the references.
All submissions will be peer-reviewed by the program committee listed below.
Papers must be written in English, and submitted online in PDF format, via Easychair, at https://easychair.org/conferences/?conf=nordsec2022.
Submissions not meeting these guidelines risk rejection without consideration of their merits. Authors of accepted papers must agree with Springer LNCS copyright and guarantee that their papers will be presented at the conference.
Preliminary Conference Schedule
| Time | 30. Nov | Room V102 | 01. Dec | Room M101 | 02. Dec | Room V101 |
|---|---|---|---|
| 08:30 | Registration | Registration | Registration |
| 09:00 |
Opening
Marcel Kyas (General Chair): Logistics Luca Aceta (Dean of CS Dept): Welcome note Elín Sif Kjartansdóttir (Ministry of Higher Education, Science and Innovation): Icelandic National Cybersecurity Strategy and Action Plan |
Keynote 2
Electronic voting: design, attacks and proofs |
Session 7 - Secure Protocols
Session chair: Utz Roedig Automatic Implementations Synthesis of Secure Protocols and Attacks
from Abstract Models
|
| 09:30 |
Keynote 1
A New Age of Cyber Security in Peace and Conflict |
How to Avoid Repetitions in Lattice-based Deniable Zero-Knowledge Proofs
|
|
| 10:00 | Coffee Break | Coffee Break | |
| 10:30 | Coffee Break |
Session 4 - Attacks & Attack Detection I
Session chair: Marios Anagnostopoulos Honeysweeper: Towards Stealthy Honeytoken Fingerprinting Techniques
|
Session 8 - Secure Systems
Session chair: Mikael Asplund Simplex: Repurposing Intel Memory Protection Extensions for Secure Storage
|
| 11:00 |
Session 1 - Privacy 1
Session chair: Hans P. Reiser On the Effectiveness of Intersection Attacks in Anonymous Microblogging
|
Towards Self-Monitoring Enclaves: Side-Channel Detection using
Performance Counters
|
Malware Analysis with Symbolic Execution and Graph Kernel
|
| 11:30 |
Data Privacy in Ride-Sharing Services: From an Analysis of Common Practices to Improvement of User Awareness
|
DeCrypto: Finding Cryptocurrency Miners on ISP networks
|
Closing |
| 12:00 | Lunch | Lunch | Lunch | 12:30 |
| 13:00 | |||
| 13:15 | Optional excursion to the Blue Lagoon. The excursion is not included in the registration fee, see the tour description here for more detail. | ||
| 13:30 |
Session 2 - Privacy 2
Session chair: Tomas Olovsson Location Privacy, 5G AKA, and Enhancements
|
Session 5 - Attacks & Attack Detection II
Session chair: Sebastian Schrittwieser Detection of Voice Conversion Spoofing Attacks using Voiced Speech
|
|
| 14:00 |
Local Differential Privacy for Private Construction of Classification Algorithms
|
A Wide Network Scanning for Discovery of UDP-based Reflectors in
the Nordic Countries
|
|
| 14:30 |
IMSI Probing: Possibilities and Limitations
|
GPU-FAN: Leaking Data From Air-Gapped Machines via Covert Noise from GPUFans
|
|
| 15:00 | Coffee Break | Coffee Break | |
| 15:30 |
Session 3 - Security Evaluation
Session chair: Marcel Kyas Obfuscation-resilient Semantic Functionality Identification Through ProgramSimulation
|
Session 6 - Forensics
Session chair: Emmanouil Vasilomanolakis Maraudrone’s Map: An Interactive Web Application for Forensic
Analysis and Visualization of DJI Drone Log Data
|
|
| 16:00 |
WearSec: Towards Automated Security Evaluation of Wireless
Wearable Devices
|
VinciDecoder: Automatically Interpreting Provenance Graphs into
Textual Forensic Reports with Application to OpenStack
|
|
| 16:30 | Poster Teaser |
Actionable Cyber Threat Intelligence for Automated Incident Response
|
|
| 17:00 | |||
| 17:30 | |||
| 18:00 | Reception & Poster Session | ||
| 19:00 | Dinner at Hotel Marina, Mýrargata 2, 101 Reykjavík |
Keynote 1: A New Age of Cyber Security in Peace and Conflict
The growth of capability of computers has been exponential for more than half a century and it has been the backbone of the economic growth we have enjoyed. But has security been addressed as well as in other fields relying on new inventions and technology? What could we learn from other fields for better security and resilience? Computers and networks now play a key role in conflicts, both as targets and weapons. How do modern militaries view cyber weapons and what is the framework for their use? How can we take this into account in our approach to cyber security?
Keynote 2: Electronic voting: design, attacks and proofs
Electronic voting aims to achieve the same properties as traditional paper based voting. Even when voters vote from their home, they should be given the same guarantees, without having to trust the election authorities, the voting infrastructure, and/or the Internet network. The two main security goals are vote privacy: no one should know how I voted; and verifiability: a voter should be able to check that the votes have been properly counted. In this talk, we will explore how these properties can be realized, attacked, and proved. We will in particular illustrate our presentation with the Belenios protocol.
Accepted Papers
- Mordechai Guri. GPU-FAN: Leaking Data From Air-Gapped Machines via Covert Noise from GPU Fans
- Azadeh Tabiban, Heyang Zhao, Yosr Jarraya, Makan Pourzandi and Lingyu Wang. VinciDecoder: Automatically Interpreting Provenance Graphs into Textual Forensic Reports with Application to OpenStack
- Cristoffer Leite da Silva, Jerry Den Hartog, Daniel Ricardo dos Santos and Elisa Costante. Actionable Cyber Threat Intelligence for Automated Incident Response
- Sebastian Schrittwieser, Patrick Kochberger, Michael Pucher, Caroline Lawitschka, Philip König and Edgar R. Weippl. Obfuscation-resilient Semantic Functionality Identification Through Program Simulation
- Mohamed Taoufiq Damir and Valtteri Niemi. Location Privacy, 5G AKA, and Enhancements
- Carsten Hesselmann, Delphine Reinhardt, Jan Gertheiss and Jörg P. Müller. Data Privacy in Ride-Sharing Services: From an Analysis of Common Practices to Improvement of User Awareness
- Charles-Henry Bertrand Van Ouytsel and Axel Legay. Malware Analysis with Symbolic Execution and Graph Kernel
- Alexander Bjerre, Andreas Philip Westh, Emil Villefrance, A S M Farhan Al Haque, Jonas Bukrinski Andersen, Lucas K. Helgogaard and Marios Anagnostopoulos. A wide network scanning for discovery of UDP-based reflectors in the Nordic countries
- Richard Plný, Karel Hynek and Tomáš Čejka. DeCrypto: Finding Cryptocurrency Miners on ISP networks
- Tobias Latzo, Andreas Hellmich, Annika Knepper, Lukas Hardi, Tim Phillip Castello-Waldow, Felix Freiling and Andreas Attenberger. Maraudrone’s Map: An Interactive Web Application for Forensic Analysis and Visualization of DJI Drone Log Data
- Arun Sankar, Phillip De Leon and Utz Roedig. Detection of Voice Conversion Spoofing Attacks using Voiced Speech
- Matthew Cole and Aravind Prakash. Simplex: Repurposing Intel Memory Protection Extensions for Secure Storage
- Daniel Fraunholz, Dominik Brunke, Hartmut Koenig, Simon Beidenhauser, Sebastian Berger and Daniel Reti. IMSI Probing: Possibilities and Limitations
- Mohamed Msaad, Shreyas Srinivasa, Mikkel M. Andersen, David H. Audran, Charity Uche Orji G and Emmanouil Vasilomanolakis. Honeysweeper: Towards stealthy Honeytoken fingerprinting techniques
- David Lantz, Felipe Boeira and Mikael Asplund. Towards Self-Monitoring Enclaves: Side-Channel Detection using Performance Counters
- Camille Sivelle, Lorys Debbah, Maxime Puys, Pascal Lafourcade and Thibault Franco-Rondisson. Automatic Implementations Synthesis of Secure Protocols and Attacks from Abstract Models
- Xavier Arnal, Abraham Cano, Tamara Finogina and Javier Herranz. How to Avoid Repetitions in Lattice-based Deniable Zero-Knowledge Proofs
- Sarah Abdelwahab Gaballah, Lamya Abdullah, Minh Tung Tran, Ephraim Zimmer and Max Mühlhäuser. On the Effectiveness of Intersection Attacks in Anonymous Microblogging
- Mina Sheikhalishahi, Daan Gast and Sam Vermeiren. Local Differential Privacy for Private Construction of Classification Algorithms
- Bernhards Blumbergs, Ēriks Dobelis, Peteris Paikens, Krišjānis Nesenbergs, Kirils Solovjovs and Artis Rušiņš. WearSec: Towards Automated Security Evaluation of Wireless Wearable Devices
Accepted Posters
- E. Seidl, S. Schrittwieser, A. Ekelhart, E. R. Weippl: Safe or Scam? An Empirical Simulation Study on Trust Indicators in Online Shopping
- A. Mirzai, A. Z. Coban, M. Almgren, W. Aoudi, T. Bertilsson: Dynamic User-Level Scheduling to Improve ML-Based IDS on IoT
- T. K. T. Mogensen, Diego F. Aranha: Security analysis of the passwordless MitID digital identity system
- S. Sentanoe et al.: SmartVMI: Reconstructing meaningful kernel-level and application-level information about a target system using machine learning
Proceedings
The proceedings are available to be accessed here.
Registration Information
The registration can be done here.
For student registration, please send copy of the student certificate to nordsec2022@easychair.org.
Early Registration Fee (before 02 November 2022)
| Student | 57.000 ISK |
| Regular | 70.000 ISK |
Normal Registration Fee (from 02 November 2022)
| Student | 67.000 ISK |
| Regular | 80.000 ISK |
Location
NordSec 2022 takes place at Reykjavik University, Menntavegur 1, 102 Reykjavik.
- 30. Nov : Room V102
- 01. Dec : Room M101
- 02. Dec : Room V101
Accomodation
Hotel reservations in the Icelandair Hotel Reykjavik Natura can be made at a special rate at this Synxis.com site. Reykjavik Natura is only a 10 minute walk from the university.
Prices (including breakfast):
- 27.700 ISK per room per night (double occupancy)
- 24.300 ISK per room per night (single occupancy)
There are limited number of rooms with that discount.
Booking.com or Expedia.com also have other options. It takes about 20-30 minutes (2.6 km) to walk from Reykjavik city center to Reykjavik University.
Airport Transportation
Iceland’s international airport (KEF) is at Keflavik, a 40-45 minutes drive from Reykjavik (not to be confused with Reykjavik city airport).
Arrivals
A Flybus operates all day from Keflavik Airport to Reykjavik in connection with all incoming international flights. Tickets can be bought inside the terminal building at the Flybus booth, online, or at a ticket automaton located by the exit door of the terminal building. The Flybus brings passengers to the BSÍ Bus Station in Reykjavik near the center of town. At the terminal passengers with Flybus Plus tickets board smaller buses which take them to selected hotels and guest houses in Reykjavík. List of hotels and guesthouses with drop-off/pick-up service available can be found here: www.re.is/flybus/flybusplus.
Departures
The Flybus operates all day in connection with all outgoing flights. Scheduled departures are from the BSÍ Bus Station in Reykjavík. Pick-up service is available from selected hotels and guest houses in Reykjavík for passengers holding Flybus Plus tickets. The day before departure, passengers need to inform the reception desk staff of their hotel/guest house that they want the Flybus to pick them up the following day.
All further Flybus information under www.re.is/flybus
Taxi service between Keflavik and Reykjavík is also available, but more expensive.
Local Transportation
Reykjavik University is located next to Öskjuhlíð hill, one of Reykjavík’s green areas shaped by the Ice Age. Bus line 8 departs at BSI and stops in front of the university (stop HR). You can buy single trip tickets on the bus for 550 ISK (cash only, no change given), or use the Straeto app (with registered credit card). For more information on local buses, check http://www.straeto.is/english/. You can use the trip planner to check the best route from your hotel to Reykjavik University.
Electric scooters are available as means of local transportation as well (see https://hopp.bike/).
Important dates
- Submission due:
22 August 202231 August 2022 (AoE) - Notification of acceptance:
03 October 202206 October 2022 - Camera ready due: 17 October 2022
- Conference: 30 November 2022 - 02 December 2022
Publication
Nordsec 2022 proceedings will be published in Springer Lecture Notes in Computer Science series.
Committees
General Chair
- Marcel Kyas, Reykjavik University
PC Chair
- Hans P. Reiser, Reykjavik University
- Marcel Kyas, Reykjavik University
Website Chair
- Stewart Sentanoe, University of Passau
PC Members
- Emmanouil Vasilomanolakis, Technical University of Denmark
- Nils Gruschka, University of Oslo
- Musard Balliu, KTH Royal Institute of Technology
- Nicola Tuveri, Tampere University
- Shahid Raza, RISE Research Institutes of Sweden
- Stefan Lindskog, SINTEF Digital and Karlstad University
- Mohammad Hamad, TUM
- Raimundas Matulevicius, University of Tartu
- Martin Gilje Jaatun, SINTEF Digital
- Nicola Dragoni, Technical University of Denmark
- Dieter Gollmann, Hamburg University of Technology
- Ville Leppänen, University of Turku, Department of Future Technologies
- Nils Nordbotten, Thales Norway and University of Oslo
- Per Håkon Meland, SINTEF ICT
- Antonis Michalas, Tampere University
- Magnus Almgren, Chalmers University of Technology
- Meiko Jensen, Karlstad University
- Ulrik Franke, RISE
- Øyvind Ytrehus, University of Bergen
- Mikael Asplund, Linköping University
- Nicolae Paladi, CanaryBit AB and Lund University
- Simin Nadjm-Tehrani, Linköping university
- Stefan Axelsson, Stockholm University
- Tomas Olovsson, Chalmers University of Technology
- Rene Rydhof Hansen, Aalborg University
- Felipe Boeira, Linköping University
- Hai-Van Dang, Plymouth University
- Thomas Johansson, Dept. of Electrical and Information Technology, Lund University
- Olaf Maennel, Tallinn University of Technology
- Arnis Paršovs, University of Tartu
- Einar Snekkenes, Norwegian University of Science and Technology
- Tassos Dimitriou, Computer Technology Institute, Greece and Kuwait University, Kuwait
- Ulf Kargén, Linköping University
- Kristian Gjøsteen, Norwegian University of Science and Technology
Contact
PC chair: Hans P. Reiser - hansr(_at_)ru.is
Hosted By
