Important Dates

    Papers due:
    20 April 2014
    30 April 2014 (extended)
  • Notification:
    31 May 2014
  • Pre-proceeding version due:
    6 July 2014
  • Final version due:
    27 July 2014
    (after the workshop)
  • Workshop:
    18 July 2014

Previous Editions

STAST 2011:
stast2011.uni.lu

STAST 2012:
stast2012.uni.lu

STAST 2013:
stast2013.uni.lu

Main Event

Vienna Summer of Logic 2014

Supported by

SnT

SnT

UNICT

DTU

DMU

Accepted Papers

Accepted papers are all those in the programme. Talks last 45 minutes including questions and answers.

Programme

08:45 - 09:00 Welcome and Opening
09:00 - 10:15 Session 1: Keynote Talk
Tackling the Awareness-Behaviour Divide in Security: (step 1) Understand the User
Lynne Coventry (Psych. and Comm. Tech. Lab, Univ. of Northumbria)

Abstract: Various factors influence user's behaviour and interactions with technology. This means security has a socio-technical element, that continues to present a challenge in research and attempts to improve security behaviour. Users may not be the enemy but their (un)intentional (mis)use of technology is certainly part of the problem in security. To solve this problem, we must do more than simply pay lip service to the need to address the human element; we need to systematically explore the environmental, social and personal influencers of behaviour within the context of cybersecurity. Those who seek to ensure cybersecurity must learn to utilise such influencers as efficiently as those who seek to exploit them. Awareness training is touted as the solution, awareness may be necessary but it is seldom sufficient. Psychological research and organisational reports suggest that increased user awareness alone is insufficient when it comes to changing actual behaviour. This may make users' behaviours seem irrational, but they are understandable if you appreciate the cognitive biases people are prone to and the heuristics they use when the time, effort and knowledge required to follow a "rational" decision making process outweighs the benefits perceived by the user. This talk provides a short overview of the issues worthy of exploration in security research and suggests several strategies on how to tackle the security awareness - behaviour divide".
10:15 - 10:45 Coffee Break
10:45 - 13:00 Session 2: Security Ceremonies and Policies
Decision Justifications for Wireless Network Selection
Debora Jeske, Lynne Coventry and Pam Briggs (Northumbria Univ.)
Reflecting on the Ability of Enterprise Security Policy to Address Accidental Insider Threat
Oliver Buckley, Jason Nurse, Philip Legg, Michael Goldsmith and Sadie Creese ( Oxford Univ.)
Modelling User Devices in Security Ceremonies
Taciane Martimiano, Jean Everson Martina (Univ. Fed. de Santa Catarina), Maina Olembo (CASED, TU Darmstadt) and Marcelo Carlos (RHUL)
13:00 - 14:30 Lunch
14:30 - 16:00 Session 3: Security and Human Behaviour
The Social Engineering Personality Framework
Sven Uebelacker and Susanne Quiel (Hamburg Univ. of Technology)
Modeling Human Behaviour with Higher Order Logic: Insider Threats
Jaap Boender (Middlesex Univ.), Marieta Georgieva Ivanova (DTU), Florian Kammueller and Giuseppe Primiero (Middlesex Univ.)
16:00 - 16:30 Coffee Break
16:30-18:00 Session 4: Socio-Technical Security
What You Enter Is What You Sign: Input Integrity in an Online Banking Rnvironment
Sven Kiljan, Harald Vranken (Open Univ.) and Marko van Eekelen (Radboud Univ. Nijmegen)
Using Statistical Information to Communicate Android Permission Risks to Users
Lydia Kraus, Ina Wechsung and Sebastian Möller (Telekom Innovation Labs/ TU Berlin)
18:00-18:10 Closing and Farewell