NESD Fall 2017

ProgramPostersRegistration | Venue & Travel | Policy | Organizers 

The next New England Security Day (NESD) will be held on Friday, September 29, 2017, at Northeastern University.

The goal of NESD is to bring together premier practitioners, researchers, students, and funding partners in security, in and around New England. NESD serves as an opportunity to share the latest advances, debate roadmaps and future directions, create new collaborations, and seek new opportunities.



Download a PDF of the program.


8:00 – 8:50 Registration and breakfast


8:50 Opening remarks

Session 1

9:00 – 10:15 Bog: An Ensemble Approach to Building Failure-Resistant Password-Based Key Derivation Functions. E. Heilman (Boston University), J. Hennessey (Boston University), S. Scheffler (Boston University), M. Varia (Boston University)
  Reusable Key Derivation from the Iris. S. Simhadri (University of Connecticut), J. Steel (University of Connecticut), B. Fuller (University of Connecticut)
  Algorand: Scaling Byzantine Agreements for Cryptocurrencies. Yossi Gilad (Boston University and MIT), Rotem Hemo (MIT), Silvio Micali (MIT), Georgios Vlachos (MIT) and Nickolai Zeldovich (MIT)


10:15 – 10:45 Coffee break

Session 2

10:45 – 12:00 Timecop: Efficient Buffer Overflow Prevention. B. Powers (University of Massachusetts Amherst), E. Berger (University of Massachusetts Amherst)
  A Modular, User-Centric Security Analysis of OpenStack. H. Maleki (University of Connecticut), K. Hogan (MIT), R. Rahaeimehr (University of Connecticut), J. Hennessey (Boston University), R. Canetti (Boston University), M. Varia (Boston University), M. van Dijk (University of Connecticut), H. Zhang (University of Connecticut)

Side-channel Attacks on SGX Enclaves. A. Moghimi (Worcester Polytechnic Institute)


12:00 – 1:30 Lunch and Poster session

Session 3

1:30 – 2:45 Characterizing the Nature and Dynamics of Tor Exit Blocking. R. Singh (University of Massachusetts Amherst), R. Nithyanand (University of Massachusetts Amherst), S. Afroz (ICSI, UC Berkeley), P. Pearce (UC Berkeley), M. C. Tschantz (ICSI), P. Gill (University of Massachusetts Amherst), V. Paxson (ICSI, UC Berkeley)
  Toward usable network traffic policies for IoT devices in consumer networks. N. DeMarinis (Brown University), R. Fonseca (Brown University)
  A Longitudinal, End-to-End View of the DNSSEC Ecosystem. T. Chung (Northeastern University), R. van Rijswijk-Deij (University of Twente and SURFnet), B. Chandrasekaran (TU Berlin), D. Choffnes (Northeastern University), D. Levin (University of Maryland), B. M. Maggs (Duke University and Akamai Technologies), A. Mislove (Northeastern University), C. Wilson (Northeastern University)

Coffee Break

2:45 – 3:15 Coffee break

Session 4

3:15 – 4:30 Introducing the MassBrowser Censorship Circumvention System. A. Houmansadr (University of Massachusetts Amherst)
  Identifier Binding Attacks and Defenses in Software-Defined Networks. Samuel Jero, William Koch, Richard Skowyra, Hamed Okhravi, Cristina Nita-Rotaru, David Bigelow.
  Lens on the endpoint: Hunting for malicious software through endpoint data analysis. A. S. Buyukkayhan (Northeastern University), A. Oprea (Northeastern University), Z. Li (RSA Laboratories), W. Robertson (Northeastern University)

Closing remarks

4:30 Closing remarks


  1. Apache Spot. D. Kwok (Cloudera, Inc)1. Apache Spot. D. Kwok (Cloudera, Inc)
  2. How to Catch when Proxies Lie. Z. Weinberg (CMU / UMass), N. Christin (CMU), V. Sekar (CMU)
  3. Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning
  4. ..better to use a lock screen than to worry about saving a few seconds of time: Effect of Fear Appeal in the Context of Smartphone Locking Behavior
  5. Studying TLS Usage in Android using Lumen. A. Razaghpanah (Stony Brook University),  A. A. Niaki (University of Massachusetts Amherst)
  6. Estimation of Miner Hash Rates and Consensus on Blockchains. A. P. Ozisik (UMass Amherst), G. Bissias (UMass Amherst), B. N. Levine (UMass Amherst) 
  7. High Capacity Covert Communications Through Multimedia Social Networks. A. Sepahi (University of Massachusetts Amherst),  A. Houmansadr (University of Massachusetts Amherst), D. L. Goeckel (University of Massachusetts Amherst), D F. Towsley (University of Massachusetts Amherst)
  8. MassBrowser: A New Censorship Circumvention Tool. A. Houmansadr (University of Massachusetts Amherst) 
  9. Fingerprinting user behavior through mobile advertisements. K. Sung (University of Massachusetts Amherst), B. Levine (University of Massachusetts Amherst), M. Corner (University of Massachusetts Amherst)
  10. A Churn for the Better: Localizing Censorship using Network-level Path Churn and Network Tomography. S. Cho (Stony Brook University), R. Nithyanand (Stony Brook University),  A. Razaghpanah (Stony Brook University), P. Gill (University of Massachusetts, Amherst)
  11. COMP 50 / PS 188: Cyber Security and Cyber Warfare at Tufts University. M. Chow (Tufts University), J. Taliaferro (Tufts University)
  12. Cloud Privacy: Privacy Analysis of Cloud Monitoring Systems. S. Krishnan (Northeastern University), A. Oprea (Northeastern University), C. Nita-Rotaru (Northeastern University)
  13. Compiler-Assisted Threshold Implementation Against Power Analysis Attacks. P. Luo (Northeastern University), L. Zhang (Northeastern University), Z. H. Jiang (Northeastern University), Y. Fei (Northeastern University), A. A. Ding (Northeastern University), T. Wahl (Northeastern University) 
  14. Practical Challenges of Type Checking in Control Flow Integrity. R. M. Farkhani (Northeastern University), S. Arshad (Northeastern University), S. Jafari (Northeastern University) 
  15. PTrix-AFL: PT-reinforced American Fuzzy Lop. Y. Chen (Northeastern University)
  16. A New Proof-of-Work Target That Minimizes Blockchain Mining Time Variance. G. Bissias (UMass Amherst), B. Levine (UMass Amherst) 
  17. Privacy-Free Garbled Circuits for Formulas: Size Zero and Information-Theoretic. Y. Kondi (Northeastern University), A. Patra (Indian Institute of Science)
  18. Automatic Vulnerability Finding in IoT/embedded device Firmware. B. Feng (Northeastern University), L. Lu (Northeastern University) 
  19. Scaling ORAM for Secure Computation. J. Doerner (Northeastern University), a. shelat (Northeastern University) 
  20. Affordable and Comprehensive Remote Attestation for IoT Devices. Z. Sun (Northeastern University), B. Feng (Northeastern University), L. Lu (Northeastern University)
  21. 21. Covert Timing Channel on Renewal Packet Channels. R. Soltani (UMass – ECE), D. Goeckel (UMass – ECE), D. Towsley (UMass – CICS), A. Houmansadr (UMass – CICS) 
  22. A Longitudinal Study of PII Leaks Across Android App Versions. J. Ren (Northeastern University) 
  23. Off-path Man-in-the-Middle Attack on Tor Hidden Services. A. Sanatinia (Northeastern University), G. Noubir (Northeastern University) 
  24. Bog: An Ensemble Approach to Building Failure-Resistant Password-Based Key Derivation Functions. . E. Heilman (Boston University), J. Hennessey (Boston University), S. Scheffler (Boston University), M. Varia (Boston University)
  25. A Modular, User-Centric Security Analysis of OpenStack, . H. Maleki (University of Connecticut), K. Hogan (MIT), R. Rahaeimehr (University of Connecticut), J. Hennessey (Boston University), R. Canetti (Boston University), M. Varia (Boston University), M. van Dijk (University of Connecticut),  H. Zhang (University of Connecticut)
  26. Finding Constraint Logic Gadgets for Fuzzing. J. Carlson (Veracode)

Registration and Call for Presentations and Posters

Registration for NESD on September 29 is now closed. 

We would also like to invite you to submit presentation proposals. We are interested in all presentations that concern research on computer security. NESD presentations do not need to be about polished or complete results. Proposals for presentations of preliminary work, progress reports on ongoing projects, useful lessons from research that has failed, and tool demos are also welcomed at NESD. For submissions please use Deadline is September 10, 2017.

There are 12 slots for presentations in the schedule. If we have more presentation proposals than slots, we will select presentations based on the diversity of the participants’ talks, and appeal to a broad audience.

Each slot is 25 minutes long. However, we would like to use an unconventional slot structure. Each speaker will be given 15 minutes to present their material (strict). Then for 5 minutes, members of the audience will form groups of 3-5 people, discuss the talk, filter and form questions. The last 5 minutes of each slot will involve Q&A between the speaker and the audience. This structure encourages members of the audience to interact with each other and exchange opinions, and clarify their understanding of the talk. It is especially beneficial for students as it will allow them to interact with senior researchers. Moreover, the quality of questions filtered up to the speaker is improved.1

We invite you to submit a poster proposal as well. Like the talks, posters should concern security and can report on ongoing work. Posters will be displayed all day around the workshop space; there is no particular poster session. We have limited space for posters, and we’ll follow the same selection process that we have for presentations. For submissions please use Deadline is September 10, 2017.

Venue (and Travel Information)

NESD will be held in the conference room on the ground floor, at the Interdisciplinary Science and Engineering Complex (ISEC) at Northeastern University. The street address of the building is 805 Columbus Ave, Boston, MA 02120

Getting to Northeastern

Northeastern is easily accessible by public transit, via the Ruggles Station on the MBTA Orange Line or Northeastern Station on the MBTA Green Line.  See here for more information.


Visitors to Northeastern are expected to park in the Renaissance Park Garage or the Gainsborough Garage.

Renaissance Park Garage
835 Columbus Avenue
Boston, MA 02120

Gainsborough Garage
10 Gainsborough Street
Boston, MA 02115

On the university’s campus map, Renaissance Park Garage is #62 and Gainsborough Garage is #45.


There are several hotels and inns within walking distance of the venue, and within 1 or 2 stops public transit. We list some of them here. Unfortunately, due to high demand for accommodation, rates may be quite high. Cheaper rates may be available at hotels further away from Northeastern, or on services such as AirBnB. If you are stuck, please contact the organizers.

Budget-Friendly hotels

Club Quarters
(4.9 miles from Boston campus)
161 Devonshire St
Boston, MA 02110
Tel: 617.357.6400
Online booking
Member Code: NEU

Holiday Inn Brookline
(1.9 miles from Boston Campus)
1200 Beacon Street
Brookline, MA 02446
Tel: 617.277.1200
Online booking

Holiday Inn Dedham
(21.6 miles from Boston Campus)
55 Ariadne Rd
Dedham, MA 02026
Tel: 781.329.1000
Online booking

The Midtown Hotel
(0.8 miles from Boston Campus)
220 Huntington Ave
Boston, MA 02115
Tel: 617.262.1000
Online booking

Global Franchises, Rewards

Courtyard Marriott – South Boston
(2.6 miles from Boston Campus)
63R Boston Street
South Boston, MA 02125
Tel: 617.436.8200
Online booking

Hampton Inn & Suites – Boston Crosstown Center
(0.8 miles from Boston Campus)
811 Massachusetts Ave
Boston, MA 02118
Tel: 617.445.6400
Online booking

Hilton Back Bay
(0.8 miles from Boston Campus)
40 Dalton St
Boston, MA 02115
Tel: 617.236.1100
Online booking

Residence Inn by Marriot Back Bay – Fenway
(1.2 miles from Boston Campus)
125 Brookline Avenue
Boston, MA 02215
Tel 617.936.2033
Contact: Victoria Patterson
Mobile: 781.572.1432
Online booking

Sheraton Boston
(0.8 miles from Boston Campus)
39 Dalton Street
Boston, MA 02116
Tel: 617.236.6000
Online booking

Westin Hotel Copley Place
(1 mile from Boston Campus)
10 Huntington Avenue
Boston, MA 02116
Tel: 617.262.9600
Online booking

Anti-Harassment Policy

The open exchange of ideas and the freedom of thought and expression are central to the aims and goals of NESD; these require an environment that recognizes the inherent worth of every person and group, that fosters dignity, understanding, and mutual respect, and that embraces diversity. For these reasons, NESD is dedicated to providing a harassment-free experience, and implements the ACM policy against harassment.

Participants violating these standards may be sanctioned or expelled from NESD, at the discretion of the organizing committee members.

A useful related resource is the Geek Feminism Wiki, which includes models for public announcements and guidance for conference staff. If you hear an inappropriate remark, intended or misjudged, we encourage you not to stay silent. You may find this list of comebacks to be useful.


Steering Committee


1. Shriram Krishnamurthy has used this structure to organize a couple of events so far with much success.