Technical Program

Technical Program Features and Organization

Track A and B sessions consist of technical papers, panels, and fora. All technical papers have undergone an anonymous peer review process and describe the latest developments in security implementations and applications-oriented research. Panel sessions are tailored to stimulate discussion of today's pressing issues. The fora sessions provide different perspectives on a single topic of interest or report the results of implementation activities. Track C presentations allow providers of products and/or services an opportunity to describe the innovative ways in which their products or services are being used to implement secure systems. The Case Studies will include presentations on capabilities and applications of information security products to realistic civil, defense, and commercial problems. This track will feature system integrators, designer, and architects from the government and private sector.

Wednesday, December 10, 2003
General Session

7:30 Registration
8:30 Opening Remarks Daniel Faigin, Conference Chair, The Aerospace Corporation, USA
8:35 Welcome to Las Vegas Hotel Manager
8:40 Distinguished Practitioner Clark Weissman, Northrup Grumman Corporation, USA
MLS-PCA: A High Assurance Security Architecture for Future Avionics
9:50 Technical Program Introduction Daniel Thomsen, Program Co-Chair, Tresys Technology, USA
10:00 BREAK
10:30 Intrusion Detection I
Chair: Christoph Schuba, Sun Microsystems, Inc., USA

  • Bayesian Event Classification for Intrusion Detection§, Christopher Kruegel, Darren Mutz, William Robertson and Fredrik Valeur, University of California, Santa Barbara, USA
  • Intrusion Detection: A Bio-Informatics Approach§, Scott Coull, Joel Branch and Boleslaw Szymanski, Rensselaer Polytechnic Institute, USA; Eric Breimer, Siena College, USA
  • A Stateful Intrusion Detection System forWorld-WideWeb Servers§, Giovanni Vigna, William Robertson, Vishal Kher and Richard A. Kemmerer, University of California, Santa Barbara, USA
  • Network Security
    Chair: John Viega, Virginia Polytechnic Institute, USA

  • Behavioral Authentication of Server Flows§, James P. Early, Carla E. Brodley and Catherine Rosenberg, Purdue University, USA
  • A Multi-View Tool for Checking the Security Semantics of Router Configurations§, Holger Peine and Reinhard Schwarz, Fraunhofer IESE Research Institute, GERMANY
  • S-ARP: A Secure Address Resolution Protocol§, Danilo Bruschi, Alberto Ornaghi and Emilia Rosti, Universita Degli Studi di Milano, ITALY
  • Java Security
    Chair: Mike Jacobs, SRA International, USA

  • Pure Java Server Signature Modules, Peter Lipp, IAIK - Graz University of Technology, AUSTRIA
  • Input Validation Filter for Java Servlet, Ikuya Morikawa, Fujitsu Laboratories, JAPAN
  • A Novel Approach for Creating Secure Java Based Enterprise Applications, Yekesa Kosuru, Oracle, USA
  • 12:00 LUNCH
    1:30 Defensive Information Warfare
    Chair: Thomas Daniels, Iowa State University, USA

  • Design, Implementation and Test of an Email Virus Throttle§, Matthew Williamson, Hewlett-Packard Labs, UK
  • Efficient Minimum-Cost Network Hardening via Exploit Dependency Graphs §, Steven Noel, Sushil Jajodia, Brian O'Berry and Michael Jacobs, George Mason University, USA
  • An IP Traceback Technique against Denial-of-Service Attacks§, Zhaole Chen and Moon-Chuen Lee, The Chinese University of Hong Kong, CHINA
  • PANEL - Security for Wireless Sensor Networks
    Chair: Ronald Watro, BBN Technologies, USA

  • David Carman, Network Associates Laboratories, USA
  • Daniel Coffin, BBN Technologies, USA
  • Bruno Duerte, SRI, USA
  • Vipin Swarup, The MITRE Corporation, USA
  • Network Management
    Chair: Tom Russell, Booz Allen Hamilton, USA

  • Tools and Techniques for Analyzing Type Enforcement Policies in Security Enhanced Linux, Frank Mayer, Tresys Technology, USA
  • High Assurance In-line Network Encryption - A Discussion of Management Requirements in Today's Network Architectures, Stephen Lewis, AEP Systems, USA
  • Highly Auditable Self-Service Life-Cycle Management for Electronic Security Credentials, Peter Tapling, USA
  • 3:00 BREAK
    3:30 Applied Cryptography
    Chair: Vipin Swarup, The MITRE Corporation, USA

  • An Intrusion-Tolerant Password Authentication System§, Xunhua Wang and M. Hossain Heydari, James Madison University, USA, and Hua Lin, PFPC Inc., USA
  • Modeling of Multiple Agent-based Cryptographic Key Recovery Protocol§, Shinyoung Lim, Sangseung Kang and Joochan Sohn, Electronics & Telecommunications Research Institute, KOREA
  • Practical Random Number Generation in Software§, John Viega, Virginia Polytechnic Institute, USA
  • Recovery and Forensics
    Chair: Eugene Spafford, Purdue University, USA

  • Multi-Version Attack Recovery for Workflow Systems§, Meng Yu, Peng Liu and Wanyu Zang, School of Information Sciences and Technology, Pennsylvania State University, USA
  • Automatic Reassembly of Document Fragments via Context-Based Statistical Models§, Kulesh Shanmugasundaram and Nasir Memon, Polytechnic University, USA
  • Automated Analysis for Digital Forensic Science: Semantic Integrity Checking§, Tye Stallard and Karl Levitt, University of California, Davis, USA
  • Authentication
    Chair: Rick Wilson, National Security Agency, USA

  • Non-Signature Based IDS, Dameon Packer, Mazu Networks, USA
  • Federated Identity in OneHealthPort, Ravi Sandhu, NSD Security, USA
  • HYDRA -The Unhackable Server, Eric Uner, Bodacion Technologies, Inc., USA
  • 5:00 ADJOURN
    § This symbol indicates papers that were anonymously peer reviewed by four or more reviewers before acceptance.

    [ Thursday ] [ Friday ]