NordSec 2019

The 24th Nordic Conference on Secure IT Systems

November 18-20

NordSec is an annual research conference series that has been running since 1996. The NordSec conferences address a broad range of topics on IT security. The events bring together security researchers from the Nordic countries, Northern Europe, and beyond. In addition to being venue for academic publishing, NordSec is an important meeting place for university faculty, students, and industry researchers and experts from the region.

Background, aim and scope

NordSec addresses a broad range of topics within IT security with the aim of bringing together computer security researchers and encouraging interaction between academia and industry. In addition to regular research paper submissions, we invite participants to present their ideas in poster sessions during lunches and coffee breaks.

Possible topics include, but are not limited to:

  • Access control and security models
  • Applied cryptography
  • Blockchains
  • Cloud security
  • Cryptographic protocols
  • Cyber crime, warfare, and forensics
  • Economic, legal, and social aspects of security
  • Hardware and embedded security
  • Information-flow security
  • Language-based security
  • Mobile and Internet of Things security
  • New ideas and paradigms in security
  • Operating system security
  • Privacy and anonymity
  • Security and machine learning
  • Security education and training
  • Security management and audit
  • Security metrics
  • Security usability
  • Social engineering and phishing
  • Software security and malware
  • Threat Modelling
  • Trust and identity management
  • Trusted computing
  • Vulnerability testing
  • Web application security

Important dates

Submissions due: Aug 25, 2019, AoE Aug 09, 2019, AoE
Notification of acceptance: Sep 15, 2019, AoE
Poster abstract submission deadline Oct 13, 2019, AoE Sep 11, 2019, AoE
Poster notification Oct 20, 2019, AoE Sep 30, 2019, AoE
Camera ready copy Oct 01, 2019, AoE
Early registration deadline Oct 15, 2019, AoE
Conference Nov 18 - 20, 2019


Contributions should reflect original research, developments, studies and experience. Submitted papers should not exceed 16 pages (including references and appendices) in Springer LNCS format. Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings.

All submitted papers will be judged based on their quality and relevance through double-blind reviewing, where the identities of the authors are withheld from the reviewers. As an author, you are required to make a good-faith effort to preserve the anonymity of your submission, while at the same time allowing the reader to fully grasp the context of related past work, including your own. Minimally, please take the following steps when preparing your submission:

  • Remove the names and affiliations of authors from the title page.
  • Remove acknowledgment of identifying names and funding sources.
  • Use care in referring to related work, particularly your own. Do not omit references to provide anonymity, as this leaves the reviewer unable to grasp the context. Instead, reference your past work in the third person, just as you would any other piece of related work by another author.
  • Papers must not exceed 16 pages.

All submissions will be peer-reviewed by the program committee listed below.

Papers should be formatted using the Springer LNCS format and must be submitted online, in PDF format, via EasyChair.


The poster exhibition gives Master's and PhD students the opportunity to expose and discuss their security research with other NordSec participants. Please submit an extended abstract (2 pages) of your poster topic. If your abstract is accepted, you are expected to create the full poster, print it yourself and present it at the conference's poster exhibition.


The online proceedings have been published (electronically) in the Springer LNCS series (volume number 11875) and can be accessed freely the next four weeks: Secure IT Systems 24th Nordic Conference, NordSec 2019, Aalborg, Denmark, November 18–20, 2019, Proceedings.

Program committee

  • Magnus Almgren (Chalmers University of Technology)
  • Mads Andersen (The Alexandra Institute)
  • Hamed Arshad (University of Oslo)
  • Aslan Askarov (Aarhus University) (co-chair)
  • Mikael Asplund (Linköping University)
  • Musard Balliu (Royal Institute of Technology)
  • Billy Brumley (Tampere University)
  • Sonja Buchegger (KTH Royal Institute of Technology)
  • György Dán (KTH Royal Institute of Technology)
  • Mathias Ekstedt (KTH Royal Institute of Technology)
  • Daniel Fava (University of Oslo)
  • Ulrik Franke (RISE)
  • Lothar Fritsch (Karlstad University)
  • Kristian Gjøsteen (Norwegian University of Science and Technology)
  • Nils Gruschka (University of Oslo)
  • Jonas Hallberg (Swedish Defence Research Agency)
  • René Rydhof Hansen (Aalborg University) (co-chair)
  • Tor Helleseth (University of Bergen)
  • Martin Gilje Jaatun (SINTEF Digital)
  • Justinas Janulevicius (VGTU)
  • Meiko Jensen (Kiel University of Applied Sciences)
  • Thomas Johansson (Dept. of Electrical and Information Technology, Lund University)
  • Pontus Johnson (KTH Royal Institute of Technology)
  • Sokratis Katsikas (Center for Cyber and Information Security, NTNU)
  • Audun Jøsang (University of Oslo)
  • Ville Leppänen (University of Turku, Department of Future Technologies)
  • Luigi Lo Iacono (Cologne University of Applied Sciences)
  • Ijlal Loutfi (University of Oslo)
  • Olaf Maennel (Tallinn University of Technology)
  • Tobias Mahler (University of Oslo)
  • Raimundas Matulevicius (University of Tartu)
  • Vasileios Mavroeidis (University of Oslo)
  • Nils Nordbotten (FFI)
  • Mads Chr. Olesen (TrackUnit)
  • Jens Myrup Pedersen (Aalborg University, Dept. of Electronic Systems)
  • Willard Rafnsson (IT University of Copenhagen) (poster chair)
  • Shahid Raza (RISE SICS Stockholm)
  • Juha Röning (University of Oulu)
  • Berry Schoenmakers (Eindhoven University of Technology)
  • Einar Snekkenes (Norwegian University of Science and Technology)
  • Shukun Tokas (University of Oslo)
  • Alix Trieu (Aarhus University)
  • Alexandre Vernotte (KTH Royal Institute of Technology)
  • Øyvind Ytrehus (University of Bergen)
  • Fabio Massimo Zennaro (University of Oslo)
  • Bingsheng Zhang (Lancaster University)


The PC chairs can be contacted at the following addresses:
  • Aslan Askarov: aslan [at] cs [dot] au [dot] dk
  • René Rydhof Hansen: rrh@ [at] cs [dot] aau [dot] dk
The poster chair can be contacted at the following address:
  • Willard Rafnsson: wilr [at] itu [dot] dk

Registration and Venue

Please follow this link to register for NordSec 2019. Note that the deadline for early registration is Oct 15, 2019.

The venue for NordSec 2019 will be Nordkraft, an old power plant located in the city centre and with several hotels within walking distance, e.g., Cabinn Aalborg.

Previous editions

Program (tentative)

Time Day 1 Day 2 Day 3
9:30 Keynote 2: Daniel Lux (Seluxit)
Analysis of Topology Poisoning Attacks in Software-Defined Networking
Thanh Bui, Markku Antikainen and Tuomas Aura
Experimental Analysis of the Laser-induced Instruction Skip Fault Model
Jean-Max Dutertre, Timothé Riom, Olivier Potin and Jean-Baptiste Rigaud
10:30 Coffee + Registration Coffee Coffee
11:00 (11:15 opening)
VMIGuard: Detecting and Preventing Service Integrity Violations by Malicious Insiders Using Virtual Machine Introspection
Stewart Sentanoe, Benjamin Taubmann and Hans P. Reiser
Client-side Vulnerabilities in Commercial VPNs
Thanh Bui, Siddarth Prakash Rao, Markku Antikainen and Tuomas Aura
A Roadmap for Improving the Impact of Anti-Ransomware Research
Jamie Pont, Osama Abu Oun, Calvin Brierley, Budi Arief and Julio Hernandez-Castro
Can Microkernels Mitigate Microarchitectural Attacks?
Gunnar Grimsdal, Patrik Lundgren, Christian Vestlund, Felipe Boeira and Mikael Asplund
Securing Optical Network by Modern Cryptographic Techniques
Joo Yeon Cho
An Experimental Analysis of Cryptojacking Attacks
Per Håkon Meland, Bent Heier Johansen and Guttorm Sindre
MicroSCOPE: Enabling Access Control in Searchable Encryption with the use of Attribute-based Encryption and SGX
Antonis Michalas, Alexandros Bakas, Hai-Van Dang and Alexandr Zalitko
12:30 Lunch Lunch Lunch
My Smartwatch is Mine – Machine Learning Based Theft Detection of Smartwatches
Christian Roth, Mirja Nitschke, Christian Hutzler, Maximilian Koller, Rolf Küffner, Marc Roßberger and Dogan Kesdogan
Even Turing Should Sometimes Not Be Able To Tell: Mimicking Humanoid Usage Behavior for Exploratory Studies of Online Services
Stephan Wiefling, Nils Gruschka and Luigi Lo Iacono
Privacy Impact Assessment: Comparing methodologies with a focus on practicality
Tamás Bisztray and Nils Gruschka
A Study of Security Vulnerabilities and Software Weaknesses in Vehicles
Wenjun Xiong, Melek Gülsever, Koray Mustafa Kaya and Robert Lagerström
Rotten Cellar: Security and Privacy of the Browser Cache Revisited
Florian Dehling, Tobias Mengel and Luigi Lo Iacono
15:30 Poster session + Coffee
Improving Privacy through Fast Passive Wi-Fi Scanning
Frederik Goovaerts, Gunes Acar, Rafael Galvez, Frank Piessens and Mathy Vanhoef
16:00 Poster-session
Cronus: Everlasting Privacy with Audit and Cast
Thomas Haines
Using Partial Signatures in Intrusion Detection for Multipath TCP
Zeeshan Afzal, Johan Garcia, Stefan Lindskog and Anna Brunstrom
17:30 Reception (Cafe Azzurra, Nordkraft)
19:00   Dinner (Prinses Juliana)