Conference Program
The technical sessions of WiSec 2026 will take place over 3 days, from June 30 to July 2. All times are shown in Central European Time (CET). The conference is single-track, and all conference sessions will be held in the main conference space (Saal Ost) of the Congress Center. Presentation slots are 20 minutes for full papers, including Q&A, and 10 minutes for short papers, including Q&A.
Tuesday 30 June
| CET | | Session Chair |
|---|
| 09:00 | Welcome (General Chairs and TPC Chairs) | | |
|---|
| 09:30 | Keynote: The Zen of Bluetooth Security
Dr. Daniele Antonioli | | |
|---|
| 10:30 | Break (30 min) | | |
|---|
| 11:00 | Session 1: Securing Wireless Infrastructure: From Satellite to Ground Segment | TBD | |
- The Final Security Frontier: Using Privacy-Preserving Computation to Secure Satellite Rendezvous and Proximity Operations
(Caroline Fedele, Carson Stillman, Joel Hirschmann, Marina Blanton, Christopher Petersen, Kevin Butler, and Sara Rampazzi) - [Short Paper]
Denied by Border: Denial-of-Service Attack Exploiting Location Restrictions in Non-Terrestrial Networks
(Kwangmin Kim, Taekkyung Oh, and Yongdae Kim) - SideDish: Low-Cost Anti-Spoofing Countermeasure for Satellite Data Communications
(Edd Salkield, Louis-Emile Ploix, Martin Strohmeier, Sebastian Kohler, Simon Birnbach, and Ivan Martinovic) - The Worm is in the Root: On the Security of IoT Provisioning Protocols and PMF in Wi-Fi Devices
(Lucien Dikla Ngueleo, Kevin Jiokeng, and Valeria Loscri)
| |
|---|
| 12:00 | Lunch Break (60 min) | | |
|---|
| 13:00 | Session 2: Security Analysis of Modern Computing Architectures | TBD | |
|---|
- The Cost of Zero Trust: A Comparative Analysis of MACsec and IPsec Architectures for Secure Open Fronthaul
(M. Mahesha Viduranga, Atif Ahmed, Madhura Adeppady, and Aloizio Da Silva) - ArchSnoop: LLM Architecture Snooping via Electromagnetic Side-Channel on Edge Devices
(Haozhe Weng, Ruochen Zhou, Yubo Qu, Xiaoyu Ji, and Wenyuan Xu) - Unlocking Apple's Private Cloud Compute: An Analysis of Privacy-Preserving Artificial Intelligence
(Yannik Dittmar, Marvin Jerome Stephan, Thomas Völkl, Matthias Hollick, and Jiska Classen)
| |
|---|
| 14:00 | Break (30 min) | | |
|---|
| 14:30 | Posters and Demos (90 min) | | |
|---|
- [Poster]
Improving WLAN Firmware Fuzzing for Advanced Analyses of Qualcomm Hexagon WLAN Chips
(Daniel Bücheler, Daniel Fraunholz, and Hartmut Koenig) - [Poster]
Link Secrecy in the Near-Field With Antenna Subset Modulation
(HSIANG-YAO KUO, Chia-Yi Yeh, and Chung-Tse Michael Wu) - [Poster]
Accountable Cross-Operator 5G Charging via TEEs
(Mijin Shin, Wooram Park, Sangwook Bae, CheolJun Park, and Seongmin Kim) - [Demo]
Recent Advancements in Detecting Cellular Attacks with CellGuard
(Swantje Lange, Lukas Arnold, Maximilian Paß, Matthias Hollick, and Jiska Classen) - [Demo]
5G SA Roaming Testbed for Post Quantum IPsec Security Evaluations
(Oliver Zeidler, Mert Günes, Sai Anirudh Madhavapeddi, and Wolfgang Kellerer)
| |
|---|
| 16:00 | End of Day 1 | | |
|---|
| 18:00 | Conference Dinner at Noya | | |
|---|
Wednesday 1 July
| CET | | Session Chair |
|---|
| 09:00 | Keynote 2: OpenSky: How a Security Project Became Global Infrastructure
Dr. Ivan Martinovic and Dr. Martin Strohmeier | | |
|---|
| 10:00 | Break (30 min) | | |
|---|
| 10:30 | Session 3: Bluetooth & Wi-Fi Security | TBD | |
- Pair-Fi: Integrity Code Protected Secure Device Pairing via SDR-Enabled Wi-Fi Chips on Smartphones
(Jakob Link, Florentin Putz, and Matthias Hollick) - HardaBLE: Hardening BLE Against Software Compromise
(Tommaso Sacchetti, Daniele Antonioli, and Norrathep Rattanavipanon) - [Short Paper]
Secure Trust On First Use for Enterprise Wi-Fi: Design Guidelines and Linux Implementation
(Rathan Appana and Mathy Vanhoef) - BlueBrothers: Three New Protocols to Secure Bluetooth
(Tommaso Sacchetti, Kasper Rasmussen, and Daniele Antonioli) - [Short Paper]
Towards Fast Detection of Suspicious Bluetooth Trackers using Anomaly Detection
(Orobosa Ekhator, Dylan Conklin, Primal Pappachan, and Roberto Yus)
| |
|---|
| 12:00 | Lunch (60 min) | | |
|---|
| 13:00 | Session 4: Mobile App Privacy & Security | TBD | |
- Are Android Developers Following Privacy Guidelines? A Study on Logging Practices of Personal Data
(Jin Ouyang, Tiash Roy, Daqing Hou, Yuzhe Tang, and Xueling Zhang) - iOSModZoo: A Large-Scale Study of Third-Party iOS App Markets
(Luis A. Saavedra, Hridoy S. Dutta, Alastair Beresford, and Alice Hutchings) - [Short Paper]
PrivacyAssist: A User-Centric Agent Framework for Detecting Privacy Inconsistencies in Android Apps
(Tran Thanh Lam Nguyen, Edoardo Di Tullio, Barbara Carminati, and Elena Ferrari) - AttestLens: A Large-Scale Measurement of Play Integrity Adoption in Android Apps
(Collin MacDonald and Stephen Herwig)
| |
|---|
| 14:15 | Break (30 min) | | |
|---|
| 14:45 | Session 5: Session 5: 5G & O-RAN Security | TBD | |
- ORANClaw: Shredding E2 Nodes in O-RAN via Structure-aware MiTM Fuzzing
(Geovani Benita, Matheus E. Garbelini, Sudipta Chattopadhyay, and Jianying Zhou) - [Short Paper]
Evaluation of Security-Induced Latency on 5G RAN Interfaces and User Plane Communication
(Sotiris Michaelides, Jakub Lapawa, Daniel Eguiguren Chavez, and Martin Henze) - RAN-GUARD: A Hybrid Multi-Model Approach for Early Detection of IP-based DDoS Attacks in O-RAN
(Yousef Khalil, Hyame Assem Alameddine, and Chadi Assi) - StormShield: Fingerprint-Based Detection and Mitigation of RRC Signaling Storms in O-RAN 5G RANs
(Noemi Giustini, Andrea Lacava, Leonardo Bonati, Stefano Maxenti, Michele Polese, Tommaso Melodia, and Francesca Cuomo)
| |
|---|
| 16:00 | End of Day 2 | | |
|---|
Thursday 2 July
| CET | | Session Chair |
|---|
| 09:00 | Session 6: Security for Constrained and Embedded Systems | TBD | |
- MUTUALISM: Low-Footprint and High-Throughput Software Implementation of HQC for Resource-Constrained Devices
(Cong Liu, Akira Maruko, Yasushi Takahashi, and Naoto Yanai) - TinyContainer: Container Runtime Middleware Enabling Multi-tenant Microcontrollers with Built-in Security
(Bastien Buil, Chrystel Gaber, Samuel Legouix, Emmanuel Baccelli, and Samia Bouzefrane) - V-PASS: Sybil-Resistant Pseudonym Self-Provisioning for V2X
(Hexuan Yu, Md Mohaimin Barat, Shaoyu Li, Md Hasan Shahriar, Yang Xiao, Panos Papadimitratos, Y. Thomas Hou, and Wenjing Lou)
| |
|---|
| 10:00 | Break (30 min) | | |
|---|
| 10:30 | Panel: "Wireless Security in the Dual-Use Age: Open Science, Defence, and Responsible Collaboration" | Martin Strohmeier | |
| 12:00 | Lunch (60 min) | | |
|---|
| 13:00 | Session 7: RF Fingerprinting & Physical Layer Security | TBD | |
- Beyond Static Signatures: Statistical Analysis of Radio Fingerprint Mutations
(Gabriele Oligeri and Savio Sciancalepore) - [Short Paper]
Black-Box RF Fingerprint Spoofing via Surrogate-Guided Generative Perturbations
(Zhaoyi Lu, Wenchao Xu, Yuhan Zhang, and Cunqing Hua) - A Deep Dive into Wormhole Attacks in Underwater Acoustic Communication: From Theory to Practice
(Luisa Lux, Jan Bauer, Eric Wagner, Konrad Wolsing, and Ulrike Meyer) - Security Analysis of Time-of-Arrival Estimation via Cross-Correlation under Narrow-Band Conditions
(Claudio Anliker, Daniele Coppola, Giovanni Camurati, and Srdjan Čapkun) - Timestamps Unchained: Toward Secure Distance-Bounding on Commodity Wi-Fi Hardware
(Maximilian von Tschirschnitz, Daniel von Kirschten, Viktor Boskovski, Simon Neuenhausen, and Jens Großklags)
| |
|---|
| 14:30 | Break (30 min) | | |
|---|
| 15:00 | Session 8: Device Fingerprinting, Tracking & Pairing | TBD | |
- TrackAR: AR/VR Device Fingerprinting and User-Device Pairing Detection via Shared Motion Sensor Data
(Ahmed Tanvir Mahdad, Md Shahidur Rahaman, and Nitesh Saxena) - Finding Phones Fast: Low-Latency and Scalable Monitoring of Cellular Communications in Sensitive Areas
(Martin Kotuliak, Simon Erni, Jakub Polak, Marc Roeschlin, Richard Baker, Ivan Martinovic, and Srdjan Čapkun) - [Short Paper]
StateFi: Effectively Identifying Wi-Fi Devices through State Transitions
(Abhishek kumar Mishra and Mathieu Cunche)
| |
|---|
| 16:00 | Concluding Remarks (End of Main Conference) | | |
|---|
