CSDL - Proceedings A

Title Page i (PDF)

pp. i

Title Page iii (PDF)

pp. iii

pp. iv

Table of Contents (PDF)

pp. v-viii

Welcome from the Conference Chair (PDF)

pp. ix

Welcome from the Program Chairs (PDF)

pp. x

Conference Committee (PDF)

pp. xi

Program Committee (PDF)

pp. xii

Additional Reviewers and Tutorial Reviewers (PDF)

pp. xiii

ACSAC Steering Committee (PDF)

pp. xiv

Sponsor: Applied Computer Security Associates (PDF)

pp. xv

Structuring for Strategic Cyber Defense: A Cyber Manhattan Project Blueprint (Abstract)

O. Sami Saydjari

pp. 3-10

PDF

Practical Applications of Bloom Filters to the NIST RDS and Hard Drive Triage (Abstract)

pp. 13-22

PDF

Systematic Signature Engineering by Re-use of Snort Signatures (Abstract)

pp. 23-32

PDF

Analysing the Performance of Security Solutions to Reduce Vulnerability Exposure Window (Abstract)

pp. 33-42

PDF

New Side Channels Targeted at Passwords (Abstract)

Albert Tannous

Jonathan Trostle

Mohamed Hassan

Stephen E. McLaughlin

Trent Jaeger

pp. 45-54

PDF

PinUP: Pinning User Files to Known Applications (Abstract)

pp. 55-64

PDF

Defending Against Attacks on Main Memory Persistence (Abstract)

pp. 65-74

PDF

Automatic Inference and Enforcement of Kernel Data Structure Invariants (Abstract)

pp. 77-86

PDF

VICI (Abstract)

pp. 87-96

PDF

Soft-Timer Driven Transient Kernel Control Flow Attacks and Defense (Abstract)

pp. 97-107

PDF

On Purely Automated Attacks and Click-Based Graphical Passwords (Abstract)

pp. 111-120

PDF

YAGP: Yet Another Graphical Password Strategy (Abstract)

pp. 121-129

PDF

Privacy-Aware Biometrics: Design and Implementation of a Multimodal Verification System (Abstract)

pp. 130-139

PDF

Improving the Efficiency of Capture-Resistant Biometric Authentication Based on Set Intersection (Abstract)

pp. 140-149

PDF

ProActive Access Control for Business Process-Driven Environments (Abstract)

Mathias Kohler

Andreas Schaad

pp. 153-162

PDF

Assessing Quality of Policy Properties in Verification of Access Control Policies (Abstract)

Tao Xie

pp. 163-172

PDF

Please Permit Me: Stateless Delegated Authorization in Mashups (Abstract)

pp. 173-182

PDF

Implementing ACL-Based Policies in XACML (Abstract)

pp. 183-192

PDF

Execution Trace-Driven Automated Attack Signature Generation (Abstract)

Susanta Nanda

Tzi-cker Chiueh

pp. 195-204

PDF

Improving Security Visualization with Exposure Map Filtering (Abstract)

pp. 205-214

PDF

Attack Grammar: A New Approach to Modeling and Analyzing Network Attack Sequences (Abstract)

Yinqian Zhang

Xun Fan

Yijun Wang

Zhi Xue

pp. 215-224

PDF

Host-Centric Model Checking for Network Vulnerability Analysis (Abstract)

Rattikorn Hewett

Phongphun Kijsanayothin

pp. 225-234

PDF

The Role Hierarchy Mining Problem: Discovery of Optimal Role Hierarchies (Abstract)

Qi Guo

Jaideep Vaidya

Vijayalakshmi Atluri

pp. 237-246

PDF

Permission Set Mining: Discovering Practical and Useful Roles (Abstract)

Dana Zhang

Kotagiri Ramamohanarao

Tim Ebringer

Trevor Yann

pp. 247-256

PDF

Enforcing Role-Based Access Control Policies in Web Services with UML and OCL (Abstract)

pp. 257-266

PDF

Addressing Low Base Rates in Intrusion Detection via Uncertainty-Bounding Multi-Step Analysis (Abstract)

Robert J. Cole

Peng Liu

pp. 269-278

PDF

Toward Automatic Generation of Intrusion Detection Verification Rules (Abstract)

pp. 279-288

PDF

STILL: Exploit Code Detection via Static Taint and Initialization Analyses (Abstract)

pp. 289-298

PDF

McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables (Abstract)

pp. 301-310

PDF

MalTRAK: Tracking and Eliminating Unknown Malware (Abstract)

Amit Vasudevan

pp. 311-321

PDF

Preventing Information Leaks through Shadow Executions (Abstract)

pp. 322-331

PDF

XSSDS: Server-Side Detection of Cross-Site Scripting Attacks (Abstract)

pp. 335-344

PDF

Anti-Phishing in Offense and Defense (Abstract)

Chuan Yue

Haining Wang

pp. 345-354

PDF

OMOS: A Framework for Secure Communication in Mashup Applications (Abstract)

pp. 355-364

PDF

Behavior-Profile Clustering for False Alert Reduction in Anomaly Detection Sensors (Abstract)

Vanessa Frias-Martinez

Salvatore J. Stolfo

Angelos D. Keromytis

pp. 367-376

PDF

Bluetooth Network-Based Misuse Detection (Abstract)

Terrence OConnor

Douglas Reeves

pp. 377-391

PDF

Bridging the Gap between Data-Flow and Control-Flow Analysis for Anomaly Detection (Abstract)

Peng Li

pp. 392-401

PDF

Epilogue for RFC 1281, Guidelines for the Secure Operation of the Internet (Abstract)

Barbara Fraser

Steve Crocker

pp. 405-417

PDF

The Evolution of System-Call Monitoring (Abstract)

pp. 418-430

PDF

PAS: Predicate-Based Authentication Services Against Powerful Passive Adversaries (Abstract)

Bin Ma

pp. 433-442

PDF

pwdArmor: Protecting Conventional Password-Based Authentications (Abstract)

Timothy W. van der Horst

Kent E. Seamons

pp. 443-452

PDF

DARE: A Framework for Dynamic Authentication of Remote Executions (Abstract)

Erdem Aktas

Kanad Ghose

pp. 453-462

PDF

Instruction Set Extensions for Enhancing the Performance of Symmetric-Key Cryptography (Abstract)

Sean O'Melia

Adam J. Elbirt

pp. 465-474

PDF

A Survey to Guide Group Key Protocol Development (Abstract)

pp. 475-484

PDF

Transaction Oriented Text Messaging with Trusted-SMS (Abstract)

pp. 485-494

PDF

Author Index (PDF)

pp. 495-497

Roster Page (PDF)

pp. 498