CSDL - Proceedings A

Welcome from the Program Chairs (PDF)

pp. xi

Conference Committee (PDF)

pp. xii

Program Committee (PDF)

pp. xiii

Additional Reviewers and Tutorial Reviewers (PDF)

pp. xiv

ACSAC Steering Committee (PDF)

pp. xv

Sponsor: Applied Computer Security Associates (PDF)

pp. xvi-xvii

Distinguished Practitioner

So You Think You Can Dance? (Abstract)

Richard A. Kemmerer

pp. 3-17

PDF

Operating Systems Security and Trusted Computing

Establishing and Sustaining System Integrity via Root of Trust Installation (Abstract)

pp. 19-29

PDF

Tampering with Special Purpose Trusted Computing Devices: A Case Study in Optical Scan E-Voting (Abstract)

pp. 30-39

PDF

Toward a Medium-Robustness Separation Kernel Protection Profile (Abstract)

pp. 40-51

PDF

Malware and Intrusion Detection

Improving Signature Testing through Dynamic Data Flow Analysis (Abstract)

pp. 53-63

PDF

HoneyIM: Fast Detection and Suppression of Instant Messaging Malware in Enterprise-Like Networks (Abstract)

pp. 64-73

PDF

Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms (Abstract)

pp. 74-85

PDF

Database Security

Toward Realistic and Artifact-Free Insider-Threat Data (Abstract)

Kevin S. Killourhy

Roy A. Maxion

pp. 87-96

PDF

Database Isolation and Filtering against Data Corruption Attacks (Abstract)

Meng Yu

Wanyu Zang

Peng Liu

pp. 97-106

PDF

Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Injection (Abstract)

pp. 107-117

PDF

Applied Cryptography

Closed-Circuit Unobservable Voice over IP (Abstract)

Carlos Aguilar Melchor

Yves Deswarte

Julien Iguchi-Cartigny

pp. 119-128

PDF

SSARES: Secure Searchable Automated Remote Email Storage (Abstract)

pp. 129-139

PDF

Misuse Detection and Forensics

The Design and Development of an Undercover Multipurpose Anti-spoofing Kit (UnMask) (Abstract)

pp. 141-150

PDF

Efficiency Issues of Rete-Based Expert Systems for Misuse Detection (Abstract)

pp. 151-160

PDF

Tracking Darkports for Network Defense (Abstract)

pp. 161-171

PDF

Personal Privacy without Computational Obscurity: Rethinking Privacy Protection Strategies for Open Information Networks (Abstract)

Invited Essayist

Daniel J. Weitzner

pp. 173-175

PDF

Classic Paper

Distributed Secure Systems: Then and Now (Abstract)

Brian Randell

John Rushby

pp. 177-199

PDF

Access Control

Extensible Pre-authentication Kerberos (Abstract)

Phillip L. Hellewell

Kent E. Seamons

pp. 201-210

PDF

Quarantining Untrusted Entities: Dynamic Sandboxing Using LEAP (Abstract)

Manigandan Radhakrishnan

Jon A. Solworth

pp. 211-220

PDF

Retrofitting the IBM POWER Hypervisor to Support Mandatory Access Control (Abstract)

pp. 221-231

PDF

Wireless and Mobile Systems Security

Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices (Abstract)

pp. 233-242

PDF

Countering False Accusations and Collusion in the Detection of In-Band Wormholes (Abstract)

pp. 243-256

PDF

Venkata Gopala Krishna Addada

Efficient Distributed Detection of Node Replication Attacks in Sensor Networks (Abstract)

Bo Zhu

pp. 257-267

PDF

Security Engineering

Security Usability Principles for Vulnerability Analysis and Risk Assessment (Abstract)

pp. 269-278

PDF

Breaking Visual CAPTCHAs with Naive Pattern Recognition Algorithms (Abstract)

Jeff Yan

Ahmad Salah El Ahmad

pp. 279-291

PDF

Combining Static and Dynamic Analysis for Automatic Identification of Precise Access-Control Policies (Abstract)

pp. 292-303

PDF

Security in P2P Systems

Routing in the Dark: Pitch Black (Abstract)

pp. 305-314

PDF

Centralized Security Labels in Decentralized P2P Networks (Abstract)

Nathalie Tsybulnik

Kevin W. Hamlen

Bhavani Thuraisingham

pp. 315-324

PDF

A Taxonomy of Botnet Structures (Abstract)

pp. 325-339

PDF

Distributed Systems Security

An Overview of the Annex System (Abstract)

pp. 341-352

PDF

Efficient Detection of Delay-Constrained Relay Nodes (Abstract)

Baris Coskun

Nasir Memon

pp. 353-362

PDF

Bonsai: Balanced Lineage Authentication (Abstract)

Ashish Gehani

Ulf Lindqvist

pp. 363-373

PDF

Software and Applications Security

Secure Input for Web Applications (Abstract)

pp. 375-384

PDF

Secure and Flexible Monitoring of Virtual Machines (Abstract)

pp. 385-397

PDF

Automated Format String Attack Prevention for Win32/X86 Binaries (Abstract)

Wei Li

Tzi-cker Chiueh

pp. 398-409

PDF

Malware

MetaAware: Identifying Metamorphic Malware (Abstract)

Qinghua Zhang

Douglas S. Reeves

pp. 411-420

PDF

Limits of Static Analysis for Malware Detection (Abstract)

pp. 421-430

PDF

OmniUnpack: Fast, Generic, and Safe Unpacking of Malware (Abstract)

pp. 431-441

PDF

Assurance

Channels: Runtime System Infrastructure for Security-Typed Languages (Abstract)

pp. 443-452

PDF

Automated Security Debugging Using Program Structural Constraints (Abstract)

pp. 453-462

PDF

Fine-Grained Information Flow Analysis and Enforcement in a Java Virtual Machine (Abstract)

Deepak Chandra

Michael Franz

pp. 463-475

PDF

Software Security

Automated Vulnerability Analysis: Leveraging Control Flow for Evolutionary Input Crafting (Abstract)

pp. 477-486

PDF

The Age of Data: Pinpointing Guilty Bytes in Polymorphic Buffer Overflows on Heap or Stack (Abstract)

Asia Slowinska

Herbert Bos

pp. 487-500

PDF

Spector: Automatically Analyzing Shell Code (Abstract)

pp. 501-514

PDF

Author Index

Author Index (PDF)

pp. 515-516