ACM SIGSAC 14th Workshop on Programming Languages and Analysis for Security (PLAS 2019)

Friday November 15, 2019 - London, UK
(Co-located with ACM CCS 2019)

The 2020 workshop has released its call for papers. See the 2020 website for details.

Workshop presentations are available on video on youtube.

Workshop program is available.

Program

Friday November 15, 2019

  • Invited Talk 1 chair: Piotr Mardziel
    • 9:00-10:00: Electronic voting: a journey to verifiability and vote privacy (youtube)
      Véronique Cortier (LORIA Laboratory)
  • Break
    • 10:00-10:45: Coffee
  • Session 1: Malware and Cryptography chair: Eleanor Birrell
    • 10:45-11:10: Are All Firewall Systems Equally Powerful? (youtube) Digital Library logoACM Digital Library
      Lorenzo Ceragioli (Dipartimento di Informatica, Università di Pisa), Pierpaolo Degano (Dipartimento di Informatica - Universita' di Pisa), Letterio Galletta (IMT School for Advanced Studies Lucca)
    • 11:10-11:35: Unacceptable Behavior: Robust PDF Malware Detection Using Abstract Interpretation (youtube) Digital Library logoACM Digital Library
      Alexander Jordan (Oracle Labs), Francois Gauthier (Oracle Labs), Behnaz Hassanshahi (Oracle Labs), David Zhao (Oracle Labs)
    • 11:35-12:00: High-level Cryptographic Abstractions (youtube) Digital Library logoACM Digital Library
      Christopher Kane (Computer Science at Stony Brook University), Bo Lin (Stony Brook University), Saksham Chand (Stony Brook University), Scott Stoller (Stony Brook University), Yanhong A. Liu (Stony Brook University)
  • Break
    • 12:00-14:00: Lunch
  • Invited Talk 2 chair: Niki Vazou
    • 14:00-15:00: DEEPSEC - Deciding equivalence properties in security protocols
      Steve Kremer (INRIA)
  • Break
    • 15:00-15:45: Coffee
  • Session 2: Information Flow chair: Marco Vassena
    • 15:45-16:10: An Empirical Study of Information Flows in Real-World JavaScript (youtube) Digital Library logoACM Digital Library
      Cristian-Alexandru Staicu (TU Darmstadt), Daniel Schoepe (Chalmers University of Technology), Musard Balliu (KTH Royal Institute of Technology), Michael Pradel (TU Darmstadt), Andrei Sabelfeld (Chalmers University of Technology)
    • 16:10-16:35: Simple Noninterference by Normalization (youtube) Digital Library logoACM Digital Library
      Carlos Tomé Cortiñas (Chalmers University of Technology), Nachiappan Valliapan (Chalmers University of Technology)
  • Short Talks chair: Niki Vazou
    • 16:35-16:45: Reasoning about Effects in Information Flow (youtube)
      Andrew Hirsch
    • 16:45-16:55: Quantifying Use (youtube)
      Piotr Mardziel
    • 17:05-17:15: Reantrancy Protection with Information Flow (youtube)
      Ethan Cecchetti

Sponsors



Sponsorship opportunities are available. See the call for sponsors for more information.

Accepted Papers

Digital Library logoFull Citation in the ACM Digital Library
  • An Empirical Study of Information Flows in Real-World JavaScript Digital Library logoACM Digital Library
    Cristian-Alexandru Staicu (TU Darmstadt), Daniel Schoepe (Chalmers University of Technology), Musard Balliu (KTH Royal Institute of Technology), Michael Pradel (TU Darmstadt), Andrei Sabelfeld (Chalmers University of Technology)
  • Are All Firewall Systems Equally Powerful? Digital Library logoACM Digital Library
    Lorenzo Ceragioli (Dipartimento di Informatica, Università di Pisa), Pierpaolo Degano (Dipartimento di Informatica - Universita' di Pisa), Letterio Galletta (IMT School for Advanced Studies Lucca)
  • High-level Cryptographic Abstractions Digital Library logoACM Digital Library
    Christopher Kane (Computer Science at Stony Brook University), Bo Lin (Stony Brook University), Saksham Chand (Stony Brook University), Scott Stoller (Stony Brook University), Yanhong A. Liu (Stony Brook University)
  • Simple Noninterference by Normalization Digital Library logoACM Digital Library
    Carlos Tomé Cortiñas (Chalmers University of Technology), Nachiappan Valliapan (Chalmers University of Technology)
  • Unacceptable Behavior: Robust PDF Malware Detection Using Abstract Interpretation Digital Library logoACM Digital Library
    Alexander Jordan (Oracle Labs), Francois Gauthier (Oracle Labs), Behnaz Hassanshahi (Oracle Labs), David Zhao (Oracle Labs)

Invited Speakers



Véronique Cortier
(LORIA Laboratory)

Electronic voting: a journey to verifiability and vote privacy

Véronique Cortier is CNRS research director at Loria (Nancy, France). In 2003, she received her Ph.D. degree in Computer Science from the École Normale Supérieure de Cachan, from which she graduated. Her research focuses on formal verification of security protocols, in particular e-voting, using formal techniques such as first order logic or rewriting. She has co-authored more than 80 publications on these topics. In 2010, she was awarded an ERC starting grant and in 2015, she received the INRIA - Académie des Sciences young researcher award.



Steve Kremer
(INRIA)

DEEPSEC - Deciding equivalence properties in security protocols

Steve Kremer studied computing followed by a PhD thesis at the Université Libre in Brussels, Belgium (2003). Following a post-doctoral fellowship at the University of Birmingham in the UK, in 2004 he joined the Inria SECSI team at the ENS Cachan, before joining the CASSIS team at the Inria Nancy centre, where he now works as research director. He has published numerous articles on protocol security in conferences and specialist journals. He is also one of the first two Inria recipients of an ERC grant in the Consolidator Grant category.

The Workshop

PLAS provides a forum for exploring and evaluating the use of programming language and program analysis techniques for promoting security in the complete range of software systems, from compilers to machine learnt models. The workshop encourages proposals of new, speculative ideas, evaluations of new or known techniques in practical settings, and discussions of emerging threats and problems. We also host position papers that are radical, forward-looking, and lead to lively and insightful discussions influential to the future research at the intersection of programming languages and security.

The scope of PLAS includes, but is not limited to:

  • *NEW THIS YEAR*: Programming language techniques and verification applied to security in other domains (e.g. adversarial learning)
  • Compiler-based security mechanisms (e.g. security type systems) or runtime-based security mechanisms (e.g. inline reference monitors)
  • Program analysis techniques for discovering security vulnerabilities
  • Automated introduction and/or verification of security enforcement mechanisms
  • Language-based verification of security properties in software, including verification of cryptographic protocols
  • Specifying and enforcing security policies for information flow and access control
  • Model-driven approaches to security
  • Security concerns for Web programming languages
  • Language design for security in new domains such as cloud computing and IoT
  • Applications, case studies, and implementations of these techniques

Call for Papers

We invite both full papers and short papers. For short papers we especially encourage the submission of position papers that are likely to generate lively discussion.

  • Full papers should be at most 11 pages long, plus as many pages as needed for references and appendices. Papers in this category are expected to have relatively mature content. Full paper presentations will be 25 minutes each.
  • Short papers should be at most 5 pages long, plus as many pages as needed for references. Papers that present radical, open-ended and forward-looking ideas are particularly welcome in this category, as are papers presenting preliminary and exploratory work. Authors submitting papers in this category must prepend the phrase "Short Paper:" to the title of the submitted paper. Short paper presentations will be 15 minutes each.

Submissions should be PDF documents typeset in the ACM proceedings format using 10pt fonts. A SIGPLAN-approved template can be found at SIGPLAN Author Information. We recommend using this template.

Both full and short papers must describe work not published in other refereed venues (see the SIGPLAN republication policy for more details). Accepted papers will appear in workshop proceedings, which will be distributed to the workshop participants and be available in the ACM Digital Library.

Submissions can be made via Easychair.

Important Dates

Paper submission:
   Monday July 1, 2019 (AoE). EXTENDED: Monday July 8, 2019 (AoE) FINAL EXTENSION: Wednesday July 17 (AoE) (Abstract Only);
   Friday July 5, 2019 (AoE). EXTENDED: Friday July 12, 2019 (AoE) FINAL EXTENSION: Friday, July 19 (AoE) (Paper)
Author notification: Friday August 9, 2019
Camera ready version: Friday August 23, 2019 (AoE)
Workshop date: Friday November 15, 2019

Program Committee


Eleanor Birrell
(Pomona College)

Fraser Brown
(Stanford University)

Stephen Chong
(Harvard University)

Nate Foster
(Cornell University)

Klaus von Gleissenthall
(University of California, San Diego)

Leonidas Lampropoulos
(University of Maryland, College Park)

Piotr Mardziel
(Carnegie Mellon University, Co-Chair)

Annabelle McIver
(Macquarie University)

Corina Pasareanu
(NASA Ames)

Aseem Rastogi
(Microsoft Research India)

Marco Vassena
(CISPA Helmholtz Center for Information Security)

Niki Vazou
(IMDEA Software, Co-Chair)

Previous Meetings

PLAS 2018, Toronto, Canada
PLAS 2017, Dallas, TX, USA
PLAS 2016, Vienna, Austria
PLAS 2015, Prague, Czech Republic
PLAS 2014, Uppsala, Sweden
PLAS 2013, Seattle, Washington
PLAS 2012, Beijing, China
PLAS 2011, San Jose, California
PLAS 2010, Toronto, Canada
PLAS 2009, Dublin, Ireland
PLAS 2008, Tucson, Arizona
PLAS 2007, San Diego, California
PLAS 2006, Ottawa, Canada

Contact us at plas2019@easychair.org