ESPRE 2019
The 6th International Workshop on Evolving Security & Privacy Requirements Engineering
Monday 23rd September 2019
co-located with the 27th IEEE International Requirements Engineering Conference
Jeju Island, South Korea
The Evolving Security and Privacy Requirements Engineering (ESPRE) Workshop is a multi-disciplinary, one-day workshop. It brings together practitioners and researchers interested in security and privacy requirements.
ESPRE probes the interfaces between Requirements Engineering and Security & Privacy, and aims to evolve security and privacy requirements engineering to meet the needs of stakeholders; these range from business analysts and security engineers, to technology entrepreneurs and privacy advocates.
Throughout the day, the workshop organisers will note potential research challenges that form the basis of a roadmap for evolving security and privacy requirements engineering.
Following the final session, we will close the workshop with a wrap-up session, in which these challenges and a potential roadmap for addressing them will be proposed.
In this talk, we are going to talk about source code authorship identification method. Successful software authorship de-anonymization has both software forensics applications and privacy implications. However, the process requires an efficient extraction of authorship attributes. The extraction of such attributes is very challenging, due to various software code formats from executable binaries with different toolchain provenance to source code with different programming languages. Moreover, the quality of attributes is bounded by the availability of software samples to a certain number of samples per author and a specific size for software samples.
To this end, in this talk, we propose a deep Learning-based approach for software authorship attribution, that facilitates large-scale, format-independent, language-oblivious, and obfuscation-resilient software authorship identification. This proposed approach incorporates the process of learning deep authorship attribution using a recurrent neural network, and ensemble random forest classifier for scalability to de-anonymize programmers. Results by comprehensive experiments will be given.
DaeHun Nyang received a B.Eng. degree in electronic engineering from Korea Advanced Institute of Science and Technology, M.S. and Ph.D. degrees in computer science from Yonsei University, Korea in 1994, 1996, and 2000 respectively. He has been a senior member of the engineering staff at Electronics and Telecommunications Research Institute, Korea, from 2000 to 2003. Since 2003, he has been a full professor at Computer Information Engineering Department of Inha University, Korea where he is also the founding director of the Information Security Research Laboratory. He is a member of the board of directors and an editorial board of ETRI Journal and also Korean Institute of Information Security and Cryptology. Prof. Nyang's research interests include cryptography, network security, traffic measurement, privacy, usable security, biometrics and deep learning-based security.
09:00 | Workshop Opening (Duncan Ki-Aries) |
09:15 - 10:30 | Keynote: Prof. Daehun NyangTalk Title: Source Code Authorship Identification with Deep Learning |
10:30 - 11:00 | Coffee break |
11:00 - 12:30 | Session One
|
12:30 - 14:00 | Lunch |
14:00 - 15:30 | Session Two
|
15:30 - 16:00 | Coffee break |
16:00 - 16:30 | Session Three
|
16:30 - 17:30 | Wrap-up: A roadmap for evolving security and privacy requirements engineering |
17:30 | Workshop Close |