The Community for Technology Leaders
Computer Security Applications Conference, Annual (2004)
Tucson, Arizona
Dec. 6, 2004 to Dec. 10, 2004
ISSN: 1063-9527
ISBN: 0-7695-2252-1
TABLE OF CONTENTS

Program Committee (PDF)

pp. xviii
Distinguished Practitioner

The Trustworthy Computing Security Development Lifecycle (Abstract)

Steve Lipner , Microsoft Corporation, Redmond, WA
pp. 2-13
Track A: Intrusion Detection

An Intrusion Detection Tool for AODV-Based Ad hoc Wireless Networks (Abstract)

Elizabeth M. Belding-Royer , University of California, Santa Barbara
Richard A. Kemmerer , University of California, Santa Barbara
Kavitha Srinivasan , University of California, Santa Barbara
Giovanni Vigna , University of California, Santa Barbara
Sumit Gwalani , University of California, Santa Barbara
pp. 16-27

Automatic Generation and Analysis of NIDS Attacks (Abstract)

Somesh Jha , University of Wisconsin, Madison
Shai Rubin , University of Wisconsin, Madison
Barton P. Miller , University of Wisconsin, Madison
pp. 28-38

Reasoning About Complementary Intrusion Evidence (Abstract)

Peng Ning , North Carolina State University, Raleigh, NC
Douglas S. Reeves , North Carolina State University, Raleigh, NC
Yan Zhai , North Carolina State University, Raleigh, NC
Purush Iyer , North Carolina State University, Raleigh, NC
pp. 39-48
Track B: Start Seeing Security

Visualizing and Identifying Intrusion Context from System Calls Trace (Abstract)

Amitabha Das , Nanyang Technological University, Singapore
Zhuowei Li , Nanyang Technological University, Singapore
pp. 61-70

VIsualizing Enterprise-Wide Security (VIEWS) (Abstract)

Carson Zimmerman , The MITRE Corporation
Mindy Rudell , The MITRE Corporation
J. J. Brennan , The MITRE Corporation
Don Faatz , The MITRE Corporation
pp. 71-79
Track A: Software Safety

A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors) (Abstract)

Daniel Dumitran , Massachusetts Institute of Technology, Cambridge, MA
Cristian Cadar , Massachusetts Institute of Technology, Cambridge, MA
Tudor Leu , Massachusetts Institute of Technology, Cambridge, MA
Martin Rinard , Massachusetts Institute of Technology, Cambridge, MA
Daniel M. Roy , Massachusetts Institute of Technology, Cambridge, MA
pp. 82-90

Detecting Kernel-Level Rootkits Through Binary Analysis (Abstract)

Giovanni Vigna , University of California, Santa Barbara
Christopher Kruegel , Technical University Vienna
William Robertson , University of California, Santa Barbara
pp. 91-100

Detecting Exploit Code Execution in Loadable Kernel Modules (Abstract)

Wenliang Du , Syracuse University, NY
Steve J. Chapin , Syracuse University, NY
Haizhi Xu , Syracuse University, NY
pp. 101-110
Track B: Panel
Track A: Malware

Using Predators to Combat Worms and Viruses: A Simulation-Based Study (Abstract)

Daniel C. DuVarney , Stony Brook University, NY
Ajay Gupta , Stony Brook University, NY
pp. 116-125

High-Fidelity Modeling of Computer Network Worms (Abstract)

Kalyan S. Perumalla , Georgia Institute of Technology, Atlanta, Georgia
Srikanth Sundaragopalan , Georgia Institute of Technology, Atlanta, Georgia
pp. 126-135

Worm Detection, Early Warning and Response Based on Local Victim Information (Abstract)

Monirul Sharif , Georgia Institute of Technology, Atlanta, GA
George Riley , Georgia Institute of Technology, Atlanta, GA
Wenke Lee , Georgia Institute of Technology, Atlanta, GA
Guofei Gu , Georgia Institute of Technology, Atlanta, GA
David Dagon , Georgia Institute of Technology, Atlanta, GA
Xinzhou Qin , Georgia Institute of Technology, Atlanta, GA
pp. 136-145

Cozilet: Transparent Encapsulation to Prevent Abuse of Trusted Applets (Abstract)

Hisashi Kojima , Fujitsu Laboratories Limited
Yuji Yamaoka , Fujitsu Laboratories Limited
Yuko Nakayama , Fujitsu Laboratories Limited
Ikuya Morikawa , Fujitsu Laboratories Limited
pp. 146-155
Track B: Audit Analysis

Extracting Attack Manifestations to Determine Log Data Requirements for Intrusion Detection (Abstract)

Erland Jonsson , Chalmers University of Technology, Sweden
Emilie Lundin Barse , Chalmers University of Technology, Sweden
pp. 158-167

Detecting Attacks That Exploit Application-Logic Errors Through Application-Level Auditing (Abstract)

Jingyu Zhou , University of California, Santa Barbara
Giovanni Vigna , University of California, Santa Barbara
pp. 168-178

Design, Implementation, and Evaluation of A Repairable Database Management System (Abstract)

Tzi-cker Chiueh , Rether Networks Inc., Centereach, NY
Dhruv Pilania , Rether Networks Inc., Centereach, NY
pp. 179-188

RACOON: Rapidly Generating User Command Data For Anomaly Detection From Customizable Templates (Abstract)

Madhusudhanan Chandrasekaran , State University of New York at Buffalo
Ramkumar Chinchani , State University of New York at Buffalo
Aarthie Muthukrishnan , State University of New York at Buffalo
Shambhu Upadhyaya , State University of New York at Buffalo
pp. 189-204
Invited Essayist Plenary
Plenary: Classic Papers
Track A: Middleware

Vulnerabilities and Security Threats in Structured Overlay Networks: A Quantitative Analysis (Abstract)

Ling Liu , Georgia Institute of Technology
Mudhakar Srivatsa , Georgia Institute of Technology
pp. 252-261

Securing Java RMI-Based Distributed Applications (Abstract)

John C. Mitchell , Stanford University, CA
Derrick Tong , Google Inc., Mountain View CA
Ninghui Li , Purdue University, West Lafayette, IN
pp. 262-271

.NET Security: Lessons Learned and Missed from Java (Abstract)

David Evans , University of Virginia
Nathanael Paul , University of Virginia
pp. 272-281
Track B: Insider Threat

Tracing the Root of "Rootable" Processes (Abstract)

Tzi-cker Chiueh , Stony Brook University
Vishnu Navda , Stony Brook University
Amit Purohit , Stony Brook University
pp. 284-303

Open-Source Applications of TCPA Hardware (Abstract)

Alex Barsamian , Dartmouth College, Hanover, NH
Josh Stabiner , Dartmouth College, Hanover, NH
Sean W. Smith , Dartmouth College, Hanover, NH
John Marchesini , Dartmouth College, Hanover, NH
Omen Wild , Dartmouth College, Hanover, NH
pp. 294-303

Security Policies to Mitigate Insider Threat in the Document Control Domain (Abstract)

Vidyaraman Sankaranarayanan , University at Buffalo, Buffalo NY
Shambhu Upadhyaya , University at Buffalo, Buffalo NY
Suranjan Pramanik , University at Buffalo, Buffalo NY
pp. 304-313
Track A: Network Security

Nabs: A System for Detecting Resource Abuses via Characterization of Flow Content Type (Abstract)

Nasir Memon , Polytechnic University, Brooklyn, NY
Mehdi Kharrazi , Polytechnic University, Brooklyn, NY
Kulesh Shanmugasundaram , Polytechnic University, Brooklyn, NY
pp. 316-325

Static Analyzer of Vicious Executables (SAVE) (Abstract)

J. Xu , New Mexico Tech, Socorro, New Mexico
A. H. Sung , New Mexico Tech, Socorro, New Mexico
S. Mukkamala , New Mexico Tech, Socorro, New Mexico
P. Chavez , New Mexico Tech, Socorro, New Mexico
pp. 326-334

CTCP: A Transparent Centralized TCP/IP Architecture for Network Security (Abstract)

Tzi-cker Chiueh , State University of New York at Stony Brook
Fu-Hau Hsu , State University of New York at Stony Brook
pp. 335-344
Track B: Panel
Track A: Event Correlation

Correlating Intrusion Events and Building Attack Scenarios Through Attack Graph Distances (Abstract)

Sushil Jajodia , George Mason University
Steven Noel , George Mason University
Eric Robertson , George Mason University
pp. 350-359

Alert Correlation through Triggering Events and Common Resources (Abstract)

Peng Ning , North Carolina State University, Raleigh, NC
Dingbang Xu , North Carolina State University, Raleigh, NC
pp. 360-369

Attack Plan Recognition and Prediction Using Causal Networks (Abstract)

Wenke Lee , Georgia Institute of Technology, Atlanta, GA
Xinzhou Qin , Georgia Institute of Technology, Atlanta, GA
pp. 370-379
Track B: Panel
Track A: Access Control Policy

PEACE: A Policy-Based Establishment of Ad-hoc Communities (Abstract)

Emil Lupu , Imperial College London, UK
Sye Loong Keoh , Imperial College London, UK
Morris Sloman , Imperial College London, UK
pp. 386-395

Role-Based Delegation Model/ Hierarchical Roles (RBDM1) (Abstract)

Ezedin Barka , University of the United Arab Emirates
Ravi Sandhu , George Mason University, Fairfax, VA, USA
pp. 396-404

Rule-Based RBAC with Negative Authorization (Abstract)

Mohammad A. Al-Kahtani , Computer Department of Saudi Air Defense
Ravi Sandhu , George Mason University & NSD Security
pp. 405-415
Track B: Innovative Design

Designing Good Deceptions in Defense of Information Systems (Abstract)

Neil C. Rowe , Cebrowski Institute, U.S. Naval Postgraduate School, Monterey CA
pp. 418-427

A Serial Combination of Anomaly and Misuse IDSes Applied to HTTP Traffic (Abstract)

Ludovic M? , Sup?lec, Rennes, France
Elvis Tombini , France T?l?com, Caen, France
Mireille Ducass? , IRISA/INSA, Rennes, France
Herv? Debar , France T?l?com, Caen, France
pp. 428-437

Securing a Remote Terminal Application with a Mobile Trusted Device (Abstract)

Glenn Durfee , Palo Alto Research Center, Palo Alto, CA
Dirk Balfanz , Palo Alto Research Center, Palo Alto, CA
Alina Oprea , Carnegie Mellon University, Pittsburgh, PA
D. K. Smetters , Palo Alto Research Center, Palo Alto, CA
pp. 438-447

Author Index (PDF)

pp. 449-450
92 ms
(Ver )