QASA 2014 - Program Available Print

3rd International Workshop on Quantitative Aspects in Security Assurance
Affiliated workshop with ESORICS 2014
Wroclaw, Poland, September 11, 2014

*** Invited Speakers: Elisa Bertino and  Audun Josang ***


There is an increasing demand for techniques to deal with quantitative aspects of security assurance
at several levels of the development life-cycle of systems & services, e.g., from requirements elicitation
to run-time operation and maintenance. The aim of this workshop is to bring together researchers and
practitioners interested in these research topics with a particular emphasis techniques for service oriented architectures.
The scope of the workshop, is intended to be broad, including aspects as dependability, privacy, risk and trust.


09:00-10:00 QASA/SETOP Session I

Invited Talk  Elisa Bertino. Assessing Data Trustworthiness - Concepts and Research Challenges

10:00-11:15 QASA Session II

Wolter Pieters and Mohsen Davarynejad. Calculating adversarial risk from attack trees: Control strength and probabilistic attackers

Kristian Beckers, Leanid Krautsevich and Artsiom Yautsiukhin. Analysis of Social Engineering Threats with Attack Graphs

Cristian Prisacariu and Audun Jøsang. Probabilistic Modeling of Humans in Security Ceremonies (Short paper)

11:15-11:45 Coffee Break

11:45-13:00 QASA/SETOP Session III

Tarek Bouyahia, Muhammad Sabir Idrees, Nora Cuppens-Boulahia, Frederic Cuppens and Fabien Autrel. Metric for Security Activities assisted by Argumentative Logic

Smita Naval, Vijay Laxmi, Manoj Gaur, Sachin Raja, Muttukrishnan Rajarajan and Mauro Conti. Environment–Reactive Malware Behavior: Detection and Categorization

Maxime Puys, Lionel Rivière, Thanh-Ha Le and Julien Bringer. High-Level Simulation for Multiple Fault Injection Evaluation (QASA Short paper)

13:00-14:00 Lunch

14:00-15:00 QASA  Session IV

Invited Talk  Audun Josang. Defining assurance levels for user and server authentication

14:00-16:15 QASA Session V

Jerry Den Hartog and Ilaria Matteucci. Introducing Probabilities in Controller Strategies

Tom Chothia, Chris Novakovic and Rajiv Ranjan Singh. Automatically Calculating Quantitative Integrity Measures for Imperative Programs

Alessandro Armando, Michele Bezzi, Nadia Metoui and Antonino Sabetta. Risk-Aware Information Disclosure


ESORICS registration service: