Papers Proceedings

A Survey to Guide Group Key Protocol Development
Ahren Studer, Christina Johns, Jaanus Kase, Kyle O'Meara, Lorrie Cranor

Addressing Low Base Rates in Intrusion Detection via Uncertainty-Bounding Multi-Step Analysis
Robert Cole, Peng Liu

Analyzing the performance of security operations to reduce vulnerability exposure windows
Yolanta Beres, Jonathan Griffin, Simon Shiu, Max Heitman, David Markle

Anti-Phishing in Offense and Defense
Chuan Yue, Haining Wang

Assessing Quality of Policy Properties in Verification of Access Control Policies
Evan Martin, JeeHyun Hwang, Tao Xie, Vincent Hu

Attack Grammar: A New Approach to Modeling and Analyzing Network Attack Sequences
Yinqian Zhang, Xun Fan, Yijun Wang, Zhi Xue

Automatic Inference and Enforcement of Kernel Data Structure Invariants
Arati Baliga, Vinod Ganapathy, Liviu Iftode

Behavior-Profile Clustering For False Alert Reduction in Anomaly Detection Sensors
Vanessa Frias-Martinez, Salvatore J. Stolfo, Angelos D. Keromytis

Bridging the Gap between Data-flow and Control-flow Analysis for Anomaly Detection
Peng Li, Hyundo Park, Debin Gao, Jianming Fu

DARE: A FRAMEWORK FOR DYNAMIC AUTHENTICATION OF REMOTE EXECUTIONS
Erdem Aktas, Kanad Ghose

Defending Against Attacks on Main Memory Persistence
William Enck, Kevin Butler, Thomas Richardson, Patrick McDaniel, Adam Smith

Design and Implementation of an Open Framework for Secure Communication in Mashup
Saman Zarandioon, Danfeng Yao, Vinod Ganapathy

Execution Trace-Driven Automated Attack Signature Generation
Susanta Nanda, Tzi-cker Chiueh

Host-Centric Model Checking for Network Vulnerability Analysis
Rattikorn Hewett, Phongphun Kijsanayothin

Implementing ACL-based Policies in XACML
Guenter Karjoth, Andreas Schade, Els Van Herreweghen

Improving Security Visualization with Exposure Map Filtering
David Barrera, Mansour Alsaleh, Paul van Oorschot

Improving the Efficiency of Capture-resistant Biometric Authentication based on Set Intersection
Xunhua Wang, Philip Huff, Brett Tjaden

Instruction Set Extensions for Enhancing the Performance of Symmetric-Key Cryptography
Sean O'Melia, Adam Elbirt

MalTRAK: Tracking and Eliminating Unknown Malware
Amit Vasudevan

McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables
Roberto Perdisci, Andrea Lanzi, Wenke Lee

Network-Based Bluetooth Misuse Detection
Terrence OConnor, Douglas Reeves

New Side Channels Targeted at Passwords
Albert Tannous, Jonathan Trostle, Mohamed Hassan, Stephen McLaughlin, Trent Jaeger

On Purely Automated Attacks and Click-Based Graphical Passwords
Amirali Salehi-Abari, Julie Thorpe, Paul Van Oorschot

PAS: Predicate-based Authentication Services Against Powerful Passive Adversaries
Xiaole Bai, Wenjun Gu, Xun Wang , Sriram Chellappan, Dong Xuan

Permission Set Mining: Discovering Practical and Useful Roles
Dana Zhang, Kotagiri Ramamohanarao, Tim Ebringer, Trevor Yann

PinUP: Pinning User Files to Known Applications
William Enck, Patrick McDaniel, Trent Jaeger

Please Permit Me: Stateless Delegated Authorization in Mashups
Ragib Hasan, Richard Conlan, Brian Slesinsky, Nandu Ramani, Marianne Winslett

Practical Applications of Bloom filters to the NIST RDS, hard drive triage, and data mining.
Paul Farrell, Simson Garfinkel

Preventing information leaks through shadow execution
Capizzi Roberto, Antonio Longo, V.N. Venkatakrishnan, A. Prasad Sistla

Privacy-aware Biometrics: Design and Implementation of a Multimodal Verification System
Stelvio Cimato, Marco Gamassi, Vincenzo Piuri, Roberto Sassi, Fabio Scotti

ProActive Access Control for Business Process-driven Environments
Mathias Kohler, Andreas Schaad

pwdArmor: Protecting Conventional Password-based Authentications
Timothy van der Horst, Kent Seamons

Soft-Timer Driven Transient Kernel Control Flow Attacks and Defense
Jinpeng Wei, Bryan Payne, Jon Giffin, Calton Pu

STILL: Exploit Code Detection via Static Taint and Initialization
Xinran Wang, Yoon-Chan Jhi, Sencun Zhu, Peng Liu

Systematic Signature Engineering by Re-use of Snort Signatures
Sebastian Schmerl, Hartmut Koenig, Ulrich Flegel, Michael Meier, René Rietz

The Role Hierarchy Mining Problem: Discovery of Optimal Role Hierarchies
Qi Guo, Jaideep Vaidya, Vijayalakshmi Atluri

Toward Automatic Generation of Intrusion Detection System Verification Rules
Frédéric Massicotte, Yvan Labiche, Lionel Briand

Towards Enforcing Role-Based Access Control Policies in Web Services with UML and OCL
Sohr Karsten, Mustafa Tanveer, Ahn Gail-Joon, Xinyu Bao

Transaction oriented text messaging with Trusted-SMS
Antonio Grillo, Alessandro Lentini, Gianluigi Me, Giuseppe F. Italiano

VICI--Virtual Machine Introspection for Cognitive Immunity
Timothy Fraser, Matthew Evenson, William Arbaugh

XSSDS: Server-side detection of cross-site scripting attacks
Martin Johns, Engelmann Bjoern, Joachim Posegga

YAGP: Yet Another Graphical Password Strategy
Haichang Gao, Xuewu Guo, Xiaoping Chen, Liming Wang, Xiyang Liu