CUING 2019

The Third International Workshop on Criminal Use of Information Hiding (CUING 2019)

to be held in conjunction with the 14 th International Conference on Availability, Reliability and Security
(ARES 2019 – )

August 26 – August 29, 2019, Canterbury, UK

With the constant rise of the number of Internet users, available bandwidth and an increasing number of services shifting into the connected world, criminals are increasingly active in the virtual world. With improving defensive methods cybercriminals have to utilize more and more sophisticated ways to perform their malicious activities. While protecting the privacy of users, many technologies used in current malware and network attacks have been abused in order to allow criminals to carry out their activities undetected. This poses a lot of new challenges for digital forensics analysts, academics, law enforcement agencies (LEAs), and security professionals.

The aim of the Third International Workshop on Criminal Use of Information Hiding (CUIng) is to bring together researchers, practitioners, law enforcement representatives, and security professionals in the area of analysis of information hiding. However data hiding is understood here in a wider manner than in the academic world i.e. all techniques that pertain to camouflaging/masking/hiding various types of data (e.g. identities, behavior, communication, etc.) are included here. This means not only digital steganography/covert channels but also obfuscation/anti-forensics techniques and even underground networks (darknets) or activities related to behavior impersonation or mimicking. This will allow to present a more complete picture on novel research regarding the use of data and communication hiding methods in criminal environments and discuss ideas for fighting misuse of privacy enhancing technologies.

Moreover, this year the CUING workshop is co-organized with the SIMARGL (Secure Intelligent Methods for Advanced RecoGnition of malware and stegomalware) H2020 project.

Topics of interest include, but are not limited to

Information hiding techniques
Studies regarding the use of information hiding in cybercrime
Analysis of cybercrime cases related to CUIng
Large scale coordinated actions by LEAs from CUIng perspective
New steganographic & steganalysis methods
Local, air-gapped, and network covert channels
Side channels and less obvious usage of information hiding techniques
Novel countermeasures against information hiding techniques: detection, prevention, limitation
Evasion, obfuscation and anti-forensics techniques used by cybercriminals
Traffic type obfuscation techniques e.g. traffic morphing
Masking network attacks with another types of threats
Hiding covert communication within network attacks e.g. DDoS, SPAM, etc.
Impersonation of one cybercriminals groups by the other

Underground marketplaces and their business models
Botnet analysis from CUIng perspective
Methods for botnet detection and mitigation from CUIng perspective
Banking Trojans from CUIng perspective
IoT-botnets from CUIng perspective
Privacy enhancing techniques
Analysis of underground environments
Legal and technical aspects of Darknet research
Cybercrime and CPS from CUIng perspective
Future scenarios in cybercrime from CUIng perspective
Aspects and methods for sharing strategic intelligence
Abusing legitimate cloud-based services for masking criminal activities
Abusing legitimate social media services for masking criminal activities

Important Dates
Submission Deadline May 28, 2019
Author Notification June 15, 2019
Proceedings Version June 23, 2019
ARES EU Symposium August 26, 2019
Conference August 26 – August 29, 2019

Steganography and steganalysis: Lessons learnt the hard way over 15 years of academic practice.
Prof. Julio Hernandez-Castro, University of Kent, UK

Workshop CUING

Abstract: In this keynote speech, Prof. Hernandez-Castro will draw on his experience on steganography and steganalysis to presents relevant facts, some experiences, a modicum of insights and plenty of tough lessons.

He will try to offer some recommendations, best practices and discuss what common errors to avoid in the daily chores of an academic practitioner seeking research funds and conducting research targeted to some top venues. He will, additionally, present some recent research results of general interest to the community.

Prof. Julio Hernandez-Castro got a mathematics degree in 1995 from Universidad Complutense in Madrid, Spain, and postgraduate degrees from University of Valladolid and Universidad Carlos III.

In the latter he got his PhD in 2003 and stayed until 2009 in different roles up to the equivalent to Assistant Professor. He moved to the UK in 2009 and after a brief stay at the University of Portsmouth joined the University of Kent in 2012.
In 2017 he became a full professor, thanks in part to his research in the area of steganography and steganalysis over image and video.
He has published his research in this area on relevant venues such as Digital Investigation, IEEE Transactions of Information Forensics and Security (TIFS), etc.
He has a total of 3,800 citations to his over 200 peer-reviewed works, with an h-index of 26 according to Google Scholar.
He is currently working on three projects related to the topic of steganography and steganalysis, funded by Huawei, EPSRC and the EU H2020 program.

Workshop Chairs

Wojciech Mazurczyk (Chair)
Warsaw University of Technology, Poland

Philipp Amann (Chair)
Europol, European Cybercrime Centre, The Netherlands

Jart Armin (Chair)
CyberDefcon, The Netherlands

Angelo Consoli (Chair)
Scuola universitaria professionale della Svizzera italiana (SUPSI), Switzerland

Peter Kieseberg (Chair)
SBA Research, Austria

Joerg Keller (Chair)
FernUniversitaet in Hagen, Germany

Program Committee

Ahmed A. Abd El-Latif, Menoufia University, Egypt
Soumya Banerjee, CNAM-CEDRIC LAB, INRIA-EVA, Paris, France
Krzysztof Cabaj, Warsaw University of Technology, Poland
Luca Caviglione, IMATI CNR, Italy
Marco Cremonini, University of Milan, Italy
Jana Dittmann, Otto-von-Guericke University Magdeburg, Germany
Mattia Epifani, CNR, Italy
Zeno Geradts, NFI, The Netherlands
Julio Hernandez-Castro, School of Computing, University of Kent, UK
Felix Iglesias, Vienna University of Technology, Austria
Stefan Katzenbeisser, TU Darmstadt, Germany
Zbigniew Kotulski, Warsaw University of Technology, Poland
Christian Kraetzer, Otto-von-Guericke University Magdeburg, Germany
Jean-Francois Lalande, CentraleSupélec, France
Daniel Lerch-Hostalot, Universitat Oberta de Catalunya, Spain
Shujun Li, University of Kent, UK
David Megias, Universitat Oberta de Catalunya, Spain
Aleksandra Mileva, University Goce Delcev, Republic of Macedonia
Avinash Srinivasan, Temple University, USA
Hui Tian, National Huaqiao University, China
Edgar Weippl, SBA Research, Austria
Steffen Wendzel, Worms University of Applied Sciences and Fraunhofer FKIE, Germany
Tanja Zseby, Vienna University of Technology, Austria

Submission Guidelines

The submission guidelines valid for the workshop are the same as for the ARES conference. They can be found at .