The Community for Technology Leaders
2014 IEEE Security and Privacy Workshops (SPW) (2014)
San Jose, CA, USA
May 17, 2014 to May 18, 2014
ISBN: 978-1-4799-5103-1
TABLE OF CONTENTS

[Title page iii] (PDF)

pp. iii

Table of contents (PDF)

pp. v-ix

A Case Study in Malware Research Ethics Education: When Teaching Bad is Good (PDF)

John P. Sullins , Dept. of Philos., Sonoma State Univ., Rohnert Park, CA, USA
pp. 1-4

Ethics in Data Sharing: Developing a Model for Best Practice (PDF)

Sven Dietrich , Comput. Sci. Dept., Stevens Inst. of Technol., Hoboken, NJ, USA
Jeroen Van Der Ham , Inf. Inst., Univ. of Amsterdam, Amsterdam, Netherlands
Aiko Pras , Centre for Telematics & Inf. Technol. (CTIT), Univ. of Twente, Enschede, Netherlands
Roland Van Rijswijk Deij , SURFnet bv, Utrecht, Netherlands
Darren Shou , Symantec Res. Labs., Culver City, CA, USA
Anna Sperotto , Centre for Telematics & Inf. Technol. (CTIT), Univ. of Twente, Enschede, Netherlands
Aimee Van Wynsberghe , Centre for Telematics & Inf. Technol. (CTIT), Univ. of Twente, Enschede, Netherlands
Lenore D. Zuck , Comput. Sci. Dept., Univ. of Illinois at Chicago, Chicago, IL, USA
pp. 5-9

Gringotts: Securing Data for Digital Evidence (PDF)

Catherine M. S. Redfield , Intell. Syst. Lab., SECOM Co., Ltd., Mitaka, Japan
Hiroyuki Date , Intell. Syst. Lab., SECOM Co., Ltd., Mitaka, Japan
pp. 10-17

P2U: A Privacy Policy Specification Language for Secondary Data Sharing and Usage (PDF)

Johnson Iyilade , Comput. Sci. Dept., Univ. of Saskatchewan, Saskatoon, SK, Canada
Julita Vassileva , Comput. Sci. Dept., Univ. of Saskatchewan, Saskatoon, SK, Canada
pp. 18-22

Architecture, Workflows, and Prototype for Stateful Data Usage Control in Cloud (PDF)

Aliaksandr Lazouski , Ist. di Inf. e Telematica, Consiglio Naz. delle Ric., Pisa, Italy
Gaetano Mancini , Ist. di Inf. e Telematica, Consiglio Naz. delle Ric., Pisa, Italy
Fabio Martinelli , Ist. di Inf. e Telematica, Consiglio Naz. delle Ric., Pisa, Italy
Paolo Mori , Ist. di Inf. e Telematica, Consiglio Naz. delle Ric., Pisa, Italy
pp. 23-30

Resilience as a New Enforcement Model for IT Security Based on Usage Control (PDF)

Sven Wohlgemuth , Syst. Security Lab., Center for Adv. Security Res. Darmstadt, Darmstadt, Germany
pp. 31-38

Structure Matters - A New Approach for Data Flow Tracking (PDF)

Enrico Lovat , Tech. Univ. Munchen, Garching, Germany
Florian Kelbert , Tech. Univ. Munchen, Garching, Germany
pp. 39-43

Hurdles for Genomic Data Usage Management (PDF)

Muhammad Naveed , Univ. of Illinois at Urbana-Champaign, Urbana, IL, USA
pp. 44-48

RAPPD: A Language and Prototype for Recipient-Accountable Private Personal Data (PDF)

Yuan J. Kang , Dept. of Comput. Sci., Columbia Univ. New York, New York, NY, USA
Allan M. Schiffman , CommerceNet, Palo Alto, CA, USA
Jeff Shrager , CommerceNet & Stanford Symbolic Syst. Program, Palo Alto, CA, USA
pp. 49-56

DF-C2M2: A Capability Maturity Model for Digital Forensics Organisations (PDF)

Ebrahim Hamad Al Hanaei , Security Lancaster Res. Centre, Lancaster Univ., Lancaster, UK
Awais Rashid , Security Lancaster Res. Centre, Lancaster Univ., Lancaster, UK
pp. 57-60

Collusion and Fraud Detection on Electronic Energy Meters - A Use Case of Forensics Investigation Procedures (PDF)

Rubens Alexandre De Faria , Dept. of Electron., Fed. Univ. of Technol. Parana (UTFPR), Curitiba, Brazil
Keiko V. Ono Fonseca , Dept. of Electron., Fed. Univ. of Technol. Parana (UTFPR), Curitiba, Brazil
Bertoldo Schneider , Dept. of Electron., Fed. Univ. of Technol. Parana (UTFPR), Curitiba, Brazil
Sing Kiong Nguang , Dept. of Electr. & Comput. Eng., Univ. of Auckland, Auckland, New Zealand
pp. 65-68

Towards Forensic Analysis of Attacks with DNSSEC (PDF)

Haya Shulman , Fachbereich Inf., Tech. Univ. Darmstadt, Darmstadt, Germany
Michael Waidner , Fachbereich Inf., Tech. Univ. Darmstadt, Darmstadt, Germany
pp. 69-76

The Tricks of the Trade: What Makes Spam Campaigns Successful? (PDF)

Jane Iedemska , Univ. of California, Santa Barbara, Santa Barbara, CA, USA
Gianluca Stringhini , Univ. of California, Santa Barbara, Santa Barbara, CA, USA
Richard Kemmerer , Univ. of California, Santa Barbara, Santa Barbara, CA, USA
Christopher Kruegel , Univ. of California, Santa Barbara, Santa Barbara, CA, USA
Giovanni Vigna , Univ. of California, Santa Barbara, Santa Barbara, CA, USA
pp. 77-83

Steganography in Long Term Evolution Systems (PDF)

Iwona Grabska , Inst. of Telecommun., Warsaw Univ. of Technol., Warsaw, Poland
Krzysztof Szczypiorski , Inst. of Telecommun., Warsaw Univ. of Technol., Warsaw, Poland
pp. 92-99

Improving Hard Disk Contention-Based Covert Channel in Cloud Computing (PDF)

Bartosz Lipinski , Inst. of Telecommun. Warsaw, Warsaw Univ. of Technol., Warsaw, Poland
Wojciech Mazurczyk , Inst. of Telecommun. Warsaw, Warsaw Univ. of Technol., Warsaw, Poland
Krzysztof Szczypiorski , Inst. of Telecommun. Warsaw, Warsaw Univ. of Technol., Warsaw, Poland
pp. 100-107

PeerShark: Detecting Peer-to-Peer Botnets by Tracking Conversations (PDF)

Pratik Narang , Dept. of Comput. Sci. & Inf. Syst., Birla Inst. of Technol. & Sci.-Pilani, Hyderabad, India
Subhajit Ray , Dept. of Comput. Sci. & Inf. Syst., Birla Inst. of Technol. & Sci.-Pilani, Hyderabad, India
Chittaranjan Hota , Dept. of Comput. Sci. & Inf. Syst., Birla Inst. of Technol. & Sci.-Pilani, Hyderabad, India
Venkat Venkatakrishnan , Dept. of Comput. Sci., Univ. of Illinois at Chicago, Chicago, IL, USA
pp. 108-115

Automatic Identification of Replicated Criminal Websites Using Combined Clustering (PDF)

Jake Drew , Comput. Sci. & Eng. Dept., Southern Methodist Univ., Dallas, TX, USA
Tyler Moore , Comput. Sci. & Eng. Dept., Southern Methodist Univ., Dallas, TX, USA
pp. 116-123

iCOP: Automatically Identifying New Child Abuse Media in P2P Networks (PDF)

Claudia Peersman , Security Lancaster Res. Centre, Lancaster Univ., Lancaster, UK
Christian Schulze , German Res. Center for Artificial Intell. (DFKI), Kaiserslautern, Germany
Awais Rashid , Security Lancaster Res. Centre, Lancaster Univ., Lancaster, UK
Margaret Brennan , Sch. of Appl. Psychol., Univ. Coll. Cork, Cork, Ireland
Carl Fischer , Security Lancaster Res. Centre, Lancaster Univ., Lancaster, UK
pp. 124-131

Can We Identify NAT Behavior by Analyzing Traffic Flows? (PDF)

Yasemin Gokcen , Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
Vahid Aghaei Foroushani , Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
A. Nur Zincir Heywood , Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
pp. 132-139

LEGO(TM) Bricks for Reactive Programming (PDF)

Dennis Volpano , Comput. Sci. Dept., Naval Postgrad. Sch., Monterey, CA, USA
pp. 152-157

Ethos' Deeply Integrated Distributed Types (PDF)

W. Michael Petullo , Dept. of Electr. Eng. & Comput. Sci., United States Mil. Acad., West Point, NY, USA
Wenyuan Fei , Dept. of Comput. Sci., Univ. of Illinois at Chicago, Chicago, IL, USA
Jon A. Solworth , Dept. of Comput. Sci., Univ. of Illinois at Chicago, Chicago, IL, USA
Pat Gavlin , Microsoft Redmond, Redmond, WA, USA
pp. 167-180

Finite State Machine Parsing for Internet Protocols: Faster Than You Think (PDF)

Peter C. Johnson , Dept. of Comput. Sci., Dartmouth Coll., Hanover, NH, USA
pp. 185-190

The Pitfalls of Protocol Design: Attempting to Write a Formally Verified PDF Parser (PDF)

Andreas Bogk , Principal Security Architect, HERE, Berlin, Germany
Marco Schopl , Inst. fur Inf. Humboldt-Univ. Berlin, Berlin, Germany
pp. 198-203

The Weird Machines in Proof-Carrying Code (PDF)

Julien Vanegue , Bloomberg L.P., New York, NY, USA
pp. 209-213

Understanding Insider Threat: A Framework for Characterising Attacks (PDF)

Jason R. C. Nurse , Dept. of Comput. Sci., Univ. of Oxford, Oxford, UK
Oliver Buckley , Dept. of Comput. Sci., Univ. of Oxford, Oxford, UK
Philip A. Legg , Dept. of Comput. Sci., Univ. of Oxford, Oxford, UK
Michael Goldsmith , Dept. of Comput. Sci., Univ. of Oxford, Oxford, UK
Sadie Creese , Dept. of Comput. Sci., Univ. of Oxford, Oxford, UK
Gordon R. T. Wright , Dept. of Media & Commun., Univ. of Leicester, Leicester, UK
Monica Whitty , Dept. of Media & Commun., Univ. of Leicester, Leicester, UK
pp. 214-228

Analysis of Unintentional Insider Threats Deriving from Social Engineering Exploits (PDF)

Frank L. Greitzer , PsyberAnalytix, Richland, WA, USA
Jeremy R. Strozer , Software Eng. Inst., Carnegie Mellon Univ., Pittsburgh, PA, USA
Sholom Cohen , Software Eng. Inst., Carnegie Mellon Univ., Pittsburgh, PA, USA
Andrew P. Moore , Software Eng. Inst., Carnegie Mellon Univ., Pittsburgh, PA, USA
David Mundie , Software Eng. Inst., Carnegie Mellon Univ., Pittsburgh, PA, USA
Jennifer Cowley , Software Eng. Inst., Carnegie Mellon Univ., Pittsburgh, PA, USA
pp. 236-250

Insider Threat Identification by Process Analysis (PDF)

Matt Bishop , Dept. of Comput. Sci., Univ. of California at Davis, Davis, CA, USA
Heather M. Conboy , Dept. of Comput. Sci., Univ. of Massachusetts Amherst, Amherst, MA, USA
Huong Phan , Dept. of Comput. Sci., Univ. of Massachusetts Amherst, Amherst, MA, USA
Borislava I. Simidchieva , Dept. of Comput. Sci., Univ. of Massachusetts Amherst, Amherst, MA, USA
George S. Avrunin , Dept. of Comput. Sci., Univ. of Massachusetts Amherst, Amherst, MA, USA
Lori A. Clarke , Dept. of Comput. Sci., Univ. of Massachusetts Amherst, Amherst, MA, USA
Leon J. Osterweil , Dept. of Comput. Sci., Univ. of Massachusetts Amherst, Amherst, MA, USA
Sean Peisert , Dept. of Comput. Sci., Univ. of California at Davis, Davis, CA, USA
pp. 251-264

Insider Attack Identification and Prevention Using a Declarative Approach (PDF)

Anandarup Sarkar , Univ. of California, Davis, Davis, CA, USA
Sven Kohler , Univ. of California, Davis, Davis, CA, USA
Sean Riddle , Univ. of California, Davis, Davis, CA, USA
Bertram Ludaescher , Univ. of California, Davis, Davis, CA, USA
Matt Bishop , Univ. of California, Davis, Davis, CA, USA
pp. 265-276

Detecting Unknown Insider Threat Scenarios (PDF)

William T. Young , Leidos, Inc., Arlington, VA, USA
Alex Memory , Leidos, Inc., Arlington, VA, USA
Henry G. Goldberg , Leidos, Inc., Arlington, VA, USA
Ted E. Senator , Leidos, Inc., Arlington, VA, USA
pp. 277-288

Author index (PDF)

pp. 289-290
92 ms
(Ver 3.3 (11022016))