[Front cover] (PDF)

[Copyright notice] (PDF)

Table of contents (PDF)

Program Committee (PDF)

Additional Reviewers and Tutorial Reviewers (PDF)

Sponsor: Applied Computer Security Associates (PDF)

Title Page i (PDF)

Title Page iii (PDF)

Welcome from the Conference Chair (PDF)

Welcome from the Program Chairs (PDF)

Conference Committee (PDF)

ACSAC Steering Committee (PDF)

Structuring for Strategic Cyber Defense: A Cyber Manhattan Project Blueprint (Abstract)

Practical Applications of Bloom Filters to the NIST RDS and Hard Drive Triage (Abstract)

Systematic Signature Engineering by Re-use of Snort Signatures (Abstract)

Analysing the Performance of Security Solutions to Reduce Vulnerability Exposure Window (Abstract)

New Side Channels Targeted at Passwords (Abstract)

PinUP: Pinning User Files to Known Applications (Abstract)

Defending Against Attacks on Main Memory Persistence (Abstract)

Automatic Inference and Enforcement of Kernel Data Structure Invariants (Abstract)

VICI (Abstract)

Soft-Timer Driven Transient Kernel Control Flow Attacks and Defense (Abstract)

On Purely Automated Attacks and Click-Based Graphical Passwords (Abstract)

YAGP: Yet Another Graphical Password Strategy (Abstract)

Privacy-Aware Biometrics: Design and Implementation of a Multimodal Verification System (Abstract)

Improving the Efficiency of Capture-Resistant Biometric Authentication Based on Set Intersection (Abstract)

ProActive Access Control for Business Process-Driven Environments (Abstract)

Assessing Quality of Policy Properties in Verification of Access Control Policies (Abstract)

Please Permit Me: Stateless Delegated Authorization in Mashups (Abstract)

OMOS: A Framework for Secure Communication in Mashup Applications (Abstract)

Execution Trace-Driven Automated Attack Signature Generation (Abstract)

Improving Security Visualization with Exposure Map Filtering (Abstract)

Attack Grammar: A New Approach to Modeling and Analyzing Network Attack Sequences (Abstract)

Host-Centric Model Checking for Network Vulnerability Analysis (Abstract)

The Role Hierarchy Mining Problem: Discovery of Optimal Role Hierarchies (Abstract)

Permission Set Mining: Discovering Practical and Useful Roles (Abstract)

Enforcing Role-Based Access Control Policies in Web Services with UML and OCL (Abstract)

Addressing Low Base Rates in Intrusion Detection via Uncertainty-Bounding Multi-Step Analysis (Abstract)

Toward Automatic Generation of Intrusion Detection Verification Rules (Abstract)

STILL: Exploit Code Detection via Static Taint and Initialization Analyses (Abstract)

McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables (Abstract)

[Roster] (PDF)

Preventing Information Leaks through Shadow Executions (Abstract)

XSSDS: Server-Side Detection of Cross-Site Scripting Attacks (Abstract)

Anti-Phishing in Offense and Defense (Abstract)

OMOS: A Framework for Secure Communication in Mashup Applications (Abstract)

Behavior-Profile Clustering for False Alert Reduction in Anomaly Detection Sensors (Abstract)

Bluetooth Network-Based Misuse Detection (Abstract)

Bridging the Gap between Data-Flow and Control-Flow Analysis for Anomaly Detection (Abstract)

Epilogue for RFC 1281, Guidelines for the Secure Operation of the Internet (Abstract)

The Evolution of System-Call Monitoring (Abstract)

PAS: Predicate-Based Authentication Services Against Powerful Passive Adversaries (Abstract)

pwdArmor: Protecting Conventional Password-Based Authentications (Abstract)

DARE: A Framework for Dynamic Authentication of Remote Executions (Abstract)

Instruction Set Extensions for Enhancing the Performance of Symmetric-Key Cryptography (Abstract)

A Survey to Guide Group Key Protocol Development (Abstract)

Transaction Oriented Text Messaging with Trusted-SMS (Abstract)

Author Index (PDF)