Information Systems Security and Privacy 5th International Conference, ICISSP 2019, Prague, Czech Republic, February 23-25, 2019, Revised Selected Papers

The 19 full papers presented were carefully reviewed and selected from a total of 100 submissions. The papers presented in this volume address various topical research, including new approaches for attack modelling andprevention, incident management and response, and user authentication andaccess control, as well as business and human-oriented aspects such as data pro-tection and privacy, and security awareness.

SPROOF: A Decentralized Platform for Attribute-based Authentication.- Next Generation Information Warfare: Rationales, Scenarios, Threats, and Open Issues.- Information Technology Consulting Firms' Readiness for Managing Information Security Incidents.- Evaluation of Side-channel Key-recovery Attacks on LoRaWAN End-device.- Black-box Attacks via the Speech Interface using Linguistically Crafted Input.- Proposal and Performance Evaluation of an Order-specied Aggregate Authority-transfer Signature.- Context-aware Software-dened Networking for Automated Incident Response in Industrial Networks.- Transparency Enhancing Tools and the GDPR: Do They Match?.- User Study of the Eectiveness of a Privacy Policy Summarization Tool.- A General Framework for Decentralized Combinatorial Testing of Access Control Engine: Examples of Application.- Protection of User-dened Sensitive Attributes on Online Social Networks against Attribute Inference Attack via Adversarial Data Mining.- User Behavioral Biometrics and Machine Learning towards Improving User Authentication in Smartphones.- Threat Modeling and Attack Simulations of Connected Vehicles: Proof of Concept.- The Security of the Speech Interface: A Modelling Framework and Proposals for New Defence Mechanisms.- Hypervisor Memory Introspection and Hypervisor based Malware Honeypot.- Guidelines and Tool Support for Building a Cybersecurity Awareness Program for SMEs.- Analysing the Provenance of IoT Data.- Improving Interoperability in Multi-domain Enterprise Right Management Applications.- Fine-grained Access Control for Querying Over Encrypted Document-oriented Database.