ACSAC2012 Program

Monday, 3 December 2012

7:30-8:30

Breakfast (Cloister)

8:30-12:00

Windsor	Sussex	Knave	Senate/Gallery	Captain/Yeoman/Scribe
M1: Authentication & Authorization Standards for the Cloud Half-Day Hassan Takabi, University of Pittsburgh	M3: Keeping Your Web Apps Secure: The OWASP Top 10 & Beyond Half-Day Robert H'obbes' Zakon, Zakon Group LLC	M5: Contemporary Cryptography CANCELLED Dr. Rolf Oppliger, eSECURITY Technologies	TF1: Tracer FIRE – Adversarial-based, Defensive Forensics Situational Awareness Exercise Kevin Nauer, Benjamin Anderson, and Ted Reed, Sandia National Laboratories	Layered Assurance Workshop (LAW) Workshop Chair: Rance J. DeLong, Santa Clara University Program Chair: Gabriela Ciocarlie, SRI International Panel Chair: Peter G. Neumann, SRI International

12:00-13:30

Lunch (Cloister)

13:30-17:00

Windsor	Sussex	Knave	Senate/Gallery	Captain/Yeoman/Scribe
M2: Software Security Requirements Engineering Half-Day Nancy Mead, Software Engineering Institute	M4: Security Metrics and Risk Analysis of Enterprise Networks: Techniques and Challenges Half-Day Anoop Singhal, NIST and Xinming (Simon) Ou, Kansas State University	M5: Contemporary Cryptography CANCELLED	TF1: Tracer FIRE – Adversarial-based, Defensive Forensics Situational Awareness Exercise (see above)	Layered Assurance Workshop (LAW) (see above)

Tuesday, 4 December 2012

7:30-8:30

Breakfast (Cloister)

8:30-12:00

Windsor	Sussex	Knave	Senate/Gallery	Cambridge	Captain/Yeoman/Scribe
T6: Sophisticated Steganography Full-Day Mr. John A. Ortiz, Crucial Security Inc., Harris Corporation	T7: Software Assurance Methods in Support of Cyber Security Half-Day Dr. Carol Woody, Software Engineering Institute	T9: Windows Digital Forensics and Incident Response Full-Day Ms. Jamie Levy, Terremark Worldwide	TF2: Tracer FIRE – Adversarial-based, Defensive Forensics Situational Awareness Exercise Kevin Nauer, Benjamin Anderson, and Ted Reed, Sandia National Laboratories	Cloud Computing Workshop (CCW)Harvey H. Rubinovitz	Layered Assurance Workshop (LAW) (see above)

12:00-13:30

Lunch (Cloister)

13:30-17:00

Windsor	Sussex	Knave	Senate/Gallery	Cambridge	Captain/Yeoman/Scribe
T6: Sophisticated Steganography (see above)	T8: Systems Resilience and Metrics: A Cyber Security Perspective Half-Day Marco M. Carvalho, Richard Ford, and Liam M. Mayron, Harris Institute for Assured Information, Florida Institute of Technology	T9: Windows Digital Forensics and Incident Response (see above)	TF2: Tracer FIRE – Adversarial-based, Defensive Forensics Situational Awareness Exercise (see above)	Cloud Computing Workshop (CCW) (see above)	Layered Assurance Workshop (LAW) (see above)

18:00-20:00

Reception (Outback Restaurant Patio)

Wednesday, 5 December 2012

7:30-8:30

Breakfast (Hampton Court Assembly)

8:30-8:45

Welcome Session (Ireland B/C)

8:45-10:00

Distinguished Practitioner Keynote (Ireland B/C)

Ron Ross, Fellow, National Institute of Standards and Technology

Opening up a Second Front on Risk Management: Integrating Cyber Security Requirements into Main Stream Organizational Mission and Business Processes

10:00-10:30

Break (Hampton Court Assembly)

10:30-12:00

Ireland A	Sapphire	Diamond	Emerald
Web SecurityMichael FranzJSand: Complete Client-Side Sandboxing of Third-Party JavaScript without Browser ModificationsPieter Agten; Steven Van Acker; Yoran Brondsema; Phu H. Phung; Lieven Desmet; Frank PiessensOne Year of SSL Internet MeasurementOlivier Levillain; Arnaud Ébalard; Benjamin Morin; Hervé DebarDissecting Ghost Clicks: Ad Fraud Via Misdirected Human ClicksSumayah A. Alrwais; Christopher W. Dunn; Minaxi Gupta; Alexandre Gerber; Oliver Spatscheck; Eric Osterweil	Case Studies 1 Content Management Systems - the last frontier for Data Loss Prevention Tamer Abuelsaad, IBM Case Study of a Novel Application using the ISO/IEC Software Tagging Standard (ISO/IEC 19770-2) for Software Security Dan Wolf/Ron Ball, Cyber Pack Ventures, Inc. Security Paintings: Creating Useful Security Reports When You Don't Know What's Really Happening Jonathan Grier, Vesaria	Panel: The Future of Application TrustworthinessPeter Neumann Nirav Dave, SRI International Rance DeLong, Santa Clara University Roger Schell, Aesec Olin Sibert, Oxford Systems	TR1: Cybersecurity in the Acquisition Process: The Transformed Lifecycle Risk Management Process Ron Ross, NIST and Daniel Faigin, Aerospace

12:00-13:30

Lunch (England)

13:30-15:00

Ireland A	Sapphire	Diamond	Emerald
Mobile SecurityChristoph SchubaPermission Evolution in the Android EcosystemXuetao Wei; Lorenzo Gomez; Iulian Neamtiu; Michalis FaloutsosPracticality of Accelerometer Side-Channel on SmartphonesAdam J. Aviv; Benjamin Sapp; Matt Blaze; Jonathan M. SmithAnalysis of the Communication between Colluding Applications on Modern SmartphonesClaudio Marforio; Hubert Ritzdorf; Aurélien Francillon; Srdjan Capkun	Hardware SecurityMichael LocastoEnabling Trusted Scheduling in Embedded SystemsRamya Jayaram Masti; Claudio Marforio; Aanjhan Ranganathan; Aurélien Francillon; Srdjan CapkunTRESOR-HUNT: Attacking CPU-Bound EncryptionErik-Oliver Blass; William RobertsonWhen Hardware Meets Software: a Bulletproof Solution to Forensic Memory AcquisitionAlessandro Reina; Aristide Fattori; Fabio Pagani; Lorenzo Cavallaro; Danilo Mauro Bruschi	Panel: Growing the Skills Required for Trustworthy SoftwareIan Bryant Ian Bryant, UK Trustworthy Software Initiative Joe Jarzombek, US Department of Homeland Security Dr Carol Woody, Software Engineering Institute	TR1: Cybersecurity in the Acquisition Process: The Transformed Lifecycle Risk Management Process (see above)

15:00-15:30

Break (Hampton Court Assembly)

15:30-16:30

Ireland A	Sapphire	Diamond	Emerald
PasswordsPatrick TraynorTapas: Design, Implementation, and Usability Evaluation of a Password ManagerDaniel McCarney; David Barrera; Jeremy Clark; Sonia Chiasson; Paul van OorschotOn Automated Image Choice for Secure and Usable Graphical PasswordsPaul Dunphy; Patrick OlivierBuilding Better Passwords using Probabilistic TechniquesShiva Houshmand; Sudhir Aggarwal	BotnetsWei WangCloud-based Push-Styled Mobile Botnets: A Case Study of Exploiting the Cloud to Device Messaging ServiceShuang Zhao; Patrick P. C. Lee; John C. S. Lui; Xiaohong Guan; Xiaobo Ma; Jing TaoDISCLOSURE: Detecting Botnet Command and Control Servers Through Large-Scale NetFlow AnalysisLeyla Bilge; Davide Balzarotti; William Robertson; Engin Kirda; Christopher Kruegel	Panel: The NSPW ExperienceCormac Herley Selections of work from the 2012 New Security Paradigms Workshop Holographic Vulnerability Studies: Vulnerabilities as Fractures in Interpretation as Information Flows Across Abstraction Boundaries Beyond the Blacklist: Modeling Malware Spread and the Effect of Interventions	TR1: Cybersecurity in the Acquisition Process: The Transformed Lifecycle Risk Management Process (see above)

16:30-16:45

Short Break

16:45-17:45

Ireland B/C	Emerald
Works-in-Progress Benjamin Kuperman	TR1: Cybersecurity in the Acquisition Process: The Transformed Lifecycle Risk Management Process (see above)

17:45-18:45

Classic Book Keynote (Ireland B/C)

Ross Anderson, Author and Professor, University of Cambridge, UK

Security Economics - A Personal Perspective

Security Economics - A Personal PerspectiveRoss Anderson

19:15-22:00

Conference Dinner (20Seven)

Thursday, 6 December 2012

7:30-8:30

Breakfast (Hampton Court Assembly)

8:30-8:45

Opening Remarks (Ireland B/C)

8:45-10:00

Invited Essayist Keynote (Ireland B/C)

Susan Alexander, Director, Safe and Secure Operations, IARPA

Trust Engineering — Rejecting the Tyranny of the Weakest Link

Trust Engineering - Rejecting the Tyranny of the Weakest LinkSusan Alexander

10:00-10:30

Break (Hampton Court Assembly)

10:30-12:00

Ireland A	Sapphire	Diamond	Emerald
AuthenticationEdward "Ed" Schneider SensorSift: Balancing Sensor Data Privacy and Utility in Automated Face UnderstandingMiro Enev; Jaeyeon Jung; Liefeng Bo; Xiaofeng Ren; Tadayoshi KohnoBiometric Authentication on a Mobile Device: A Study of User Effort, Error and Task DisruptionShari Trewin; Cal Swart; Larry Koved; Jacquelyn Martino; Kapil Singh; Shay Ben-DavidBetterAuth: Web Authentication RevisitedMartin Johns; Sebastian Lekies; Bastian Braun; Benjamin Flesch	Code Analysis TechniquesArt FriedmanUsing Memory Management to Detect and Extract Illegitimate Code for Malware AnalysisCarsten Willems; Felix C. Freiling; Thorsten HolzDown to the Bare Metal: Using Processor Features for Binary AnalysisCarsten Willems; Ralf Hund; Andreas Fobian; Dennis Felsch; Thorsten Holz; Amit VasudevanAugmenting Vulnerability Analysis of Binary CodeSean Heelan; Agustin Gianni	Case Studies 2 Mobile Attacks Survey and Taxonomy Wei Wang and Cristina Serban, AT&T Forensically Important Artifacts Resulting from Usage of Cloud Client Services Dr. Gaurav Gupta, Indraprastha Institute of Information Technology Test and Evaluation of the PEASOUP security prototpe Dr. David Melski, GrammaTech, Inc.	TR2: Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53 Revision 4 Ron Ross, NIST

12:00-13:30

Lunch (England)

13:30-15:00

Ireland A	Sapphire	Diamond	Emerald
Cloud SecurityThomas MoyerThinAV: Truly Lightweight Mobile Cloud-based Anti-malwareChris Jarabek; David Barrera; John AycockAbusing Cloud-based Browsers for Fun and ProfitVasant Tendulkar; Joe Pletcher; Ashwin Shashidharan; Ryan Snyder; Kevin Butler; William EnckIris: A Scalable Cloud File System with Efficient Integrity ChecksEmil Stefanov; Marten van Dijk; Ari Juels; Alina Oprea	Intrusion DetectionGabriela CiocarlieMalicious PDF Detection Using Metadata and Structural FeaturesCharles Smutz; Angelos StavrouJarhead: Analysis and Detection of Malicious Java AppletsJohannes Schlumberger; Christopher Kruegel; Giovanni VignaHi-Fi: Collecting High-Fidelity Whole-System ProvenanceDevin Pohly; Stephen McLaughlin; Patrick McDaniel; Kevin Butler	Panel: Software Assurance Technology GapsDavid Wheeler David Wheeler, Institute for Defense Analyses Kris Britton, NSA Jeremy Epstein, National Science Foundation Ian Bryant, UK Trustworthy Software Initiative	TR3: Risk Assessment using NIST SP 800-30 and SP 800-39 Marshall Abrams, MITRE

15:00-15:30

Break (Hampton Court Assembly)

15:30-16:50

Ireland A	Sapphire	Diamond	Emerald
PolicyHassan TakabiTransforming Commodity Security Policies to Enforce Clark-Wilson IntegrityDivya Muthukumaran; Sandra Rueda; Nirupama Talele; Hayawardh Vijayakumar; Jason Teutsch; Trent JaegerCodeShield: Towards Personalized Application WhitelistingChristopher Gates; Ninghui Li; Jing Chen; Robert ProctorUsing Automated Model Analysis for Reasoning about Security of Web ProtocolsApurva Kumar	Protection MechanismsSecuring Untrusted Code via Compiler-Agnostic Binary RewritingRichard Wartell; Vishwath Mohan; Kevin W. Hamlen; Zhiqiang LinCode Shredding: Byte-Granular Randomization of Program Layout for Detecting Code-Reuse AttacksEitaro Shioji; Yuhei Kawakoya; Makoto Iwamura; Takeo HariuDistributed Application Tamper Detection Via Continuous Software UpdatesChristian Collberg; Sam Martin; Jonathan Myers; Jasvir Nagra	Panel: Security and Privacy: Are they Two Sides of the Same Coin? Lillie Coney Christopher Clifton, Perdue University David Farber, U. of Pennsylvania Sherry Burs-Howard, MITRE	TR3: Risk Assessment using NIST SP 800-30 and SP 800-39 (see above)

16:50-17:00

Short Break

17:00-18:00

Industry Keynote (Ireland B/C)

Eran Feigenbaum, Director of Security, Google Enterprise

Is Cloud Computing the End of Security and Privacy As We Know It?

18:15-21:00

Reception and Poster Session (20Seven)

Friday, 7 December 2012

7:30-8:30

Breakfast (Outback Restaurant Patio)

8:30-10:00

Captain	Yeoman	Scribe
Malware Analysis and ClassificationBenjamin KupermanVAMO: Towards a Fully Automated Malware Clustering Validity AnalysisRoberto Perdisci; ManChon UTowards Network Containment in Malware Analysis SystemsMariano Graziano; Corrado Leita; Davide BalzarottiLines of Malicious Code: Insights Into the Malicious Software IndustryMartina Lindorfer; Alessandro Di Federico; Federico Maggi; Paolo Milani Comparetti; Stefano Zanero	Software SecurityCristina SerbanGeneralized Vulnerability Extrapolation using Abstract Syntax TreesFabian Yamaguchi; Markus Lottmann; Konrad RieckXIAO: Tuning Code Clones at Hands of Engineers in PracticeYingnong Dang; Dongmei Zhang; Song Ge; Chengyun Chu; Yingjun Qiu; Tao XieSelf-healing Multitier Architectures using Cascading Rescue PointsAngeliki Zavou; Georgios Portokalidis; Angelos D. Keromytis	TR4: Continuous Assessment

10:00-10:30

Break (Cloister/Lobby)

10:30-12:00

Captain	Yeoman	Scribe
Social Networking SecurityRaheem A. BeyahTwitter Games: How Successful Spammers Pick TargetsVasumathi Sridharan; Vaibhav Shankar; Minaxi GuptaAll Your Faces Are Belong to Us: Breaking Facebook's Social AuthenticationJason Polakis; Marco Lancini; Georgios Kontaxis; Federico Maggi; Sotiris Ioannidis; Angelos D. Keromytis; Stefano ZaneroEnabling Private Conversations on TwitterIndrajeet Singh; Michael Butkiewicz; Harsha Madhyastha; Srikanth V. Krishnamurthy; Sateesh Addepalli	Systems SecurityCharles PayneSeparation Virtual Machine MonitorsJohn McDermott; Bruce Montrose; Myong Kang; Margery Li; James KirbyEfficient Protection of Kernel Data Structures via Object PartitioningAbhinav Srivastava; Jonathon GiffinTrueErase: Per-file Secure Deletion for the Storage Data PathSarah Diesburg; Christopher Meyers; Mark Stanovich; Michael Mitchell; Justin Marshall; Julia Gould; An-I Andy Wang; Geoff Kuenning	"On The Horizon" Panel Michael McEvilley, MITRE Corp. Ron Ross, NIST Daniel Faigin, Aerospace Corp.

12:00-12:30

Closing and Awards (Cloister)

Giveaways too, so don't plan on leaving early!

12:30-17:15

Free TimeExplore Downtown Disney or just hang out by the pool

17:30-19:30

Social Event: Cirque du Soleil's "La Nouba"

Show seating is at 5:30pm. The Cirque du Soleil theatre is located on the far side of Downtown Disney - across the street from the hotel.

Pre-purchased tickets may be picked up at the ACSAC registration desk.