Technical Program Features and Organization

Track A and B sessions consist of technical papers, panels, and fora. All technical papers have undergone an anonymous peer review process and describe the latest developments in security implementations and applications-oriented research. Panel sessions are tailored to stimulate discussion of today's pressing issues. The fora sessions provide different perspectives on a single topic of interest or report the results of implementation activities.

Track C presentations allow providers of products and/or services an opportunity to describe the innovative ways in which their products or services are being used to implement secure systems. The Case Studies will include presentations on capabilities and applications of information security products to realistic civil, defense, and commercial problems. This track will feature system integrators, designer, and architects from the government and private sector.

7:30 Registration

8:30 Opening Remarks Daniel Faigin, Conference Chair, The Aerospace Corporation, USA

Welcome to Tucson Hotel Manager

Distinguished Practitioner Steven B. Lipner, Microsoft Corporation, USA
Practical Assurance: Evolution of a Security Development Lifecycle

Technical Program Introduction Daniel Thomsen, Program Chair, Tresys Technology, USA

10:00 BREAK
TRACK A TRACK B TRACK C

10:30 Intrusion Detection
Chair: Christoph Schuba, Sun Microsystems, Inc., USA

An Intrusion Detection Tool for AODV-based Ad hoc Wireless Networks^§, Giovanni Vigna, Sumit Gwalani, Kavitha Srinivasan, Elizabeth Belding-Royer and Richard Kemmerer, University of California Santa Barbara, USA

Automatic Generation and Analysis of NIDS Attacks^§, Shai Rubin, Somesh Jha and Barton Miller, University of Wisconsin, Madison, USA

Reasoning about Complementary Intrusion Evidence^§, Yan Zhai, Peng Ning, Purush Iyer and Douglas Reeves, North Carolina State Unversity, USA

Start Seeing Security
Chair: Dr. John McHugh, SEI/CERT, USA

Towards Secure Design Choices For Implementing Graphical Passwords^§, Julie Thorpe and Paul van Oorschot, Carleton University, CANADA

Visualizing and Identifying Intrusion Context from System Calls Trace^§, Zhuowei Li and Amitabha Das, Nanyang Technological University, SINGAPORE

VIsualizing Enterprise-Wide Security (VIEWS)^§, J.J. Brennan, Don Faatz, Mindy Rudell and Carson Zimmerman, The MITRE Corporation, USA

Data Protection
Chair: Bill Stewart, Booz Allen Hamilton, USA

Disposable/Deployable Security Technology, Gary Wright, Futures Inc., USA

Improved Protection of Sensitive Electronic Records Archives on the Web Using Government-Validated Security Products, Binh Nguyen, U.S. Army Research Lab, USA

Security Concerns in Outbound Communication as Vital to the Business Enterprise, Assaf Litai, Vidius, Inc., USA

12:00 LUNCH

1:30 Software Safety
Chair: Patrick McDaniel, Pennsylvania State University, USA

A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors)^§, Martin Rinard, Cristian Cadar, Daniel Roy and Daniel Dumitran, MIT CSAIL, USA

Detecting Kernel-Level Rootkits Through Binary Analysis^§, Christopher Kruegel, TU Vienna, Austria, William Robertson and Giovanni Vigna, University of California Santa Barbara, USA

Detecting Exploit Code Execution in Loadable Kernel Modules^§, Haizhi Xu, Steve Chapin and Wenliang Du, Syracuse University, USA

PANEL - Debate: The Relationship of System & Product Specifications & Evaluations
Chair: Marshall Abrams, MITRE Corporation, USA

Stu Katzke, NIST, USA
Jean Schaffer, NSA, USA
Mary Ellen Zurko, IBM, USA
Wireless Security
Chair: Bruce Potter, Booz Allen Hamilton, USA

Identity Theft and Prevention Management, Peter Tapling, Authentify, USA

Collective Decisions, Error and Trust in Wireless Networks, Arnold Urken, Stevens Institute of Technology, USA

Mobile Instant-Secure Role Based Access Control (MIS Ro BAC) Network, Terry House, Nova Southeastern University, USA

3:00 BREAK

3:30 Malware
Chair: Charlie Payne, Adventium Labs, USA

Using Predators to combat Worms and Viruses - a Simulation based study^§, Ajay Gupta and Daniel C. DuVarney, Stony Brook University, USA

High-Fidelity Modeling of Computer Network Worms^§, Kalyan Perumalla and Srikanth Sundaragopalan, Georgia Institute of Technology, USA

Worm Detection, Early Warning and Response Based on Local Victim Information^§, Guofei Gu, Monirul Sharif, Xinzhou Qin, David Dagon, Wenke Lee, and George Riley, Georgia Institute of Technology, USA

Cozilet: Transparent Encapsulation for Preventing Abuse of Trusted Applets^§, Hisashi Kojima, Ikuya Morikawa, Yuko Nakayama and Yuji Yamaoka, Fujitsu Laboratories Limited, JAPAN

Audit Analysis
Chair: Peng Liu, Pennsylvania State University, USA

Extracting attack manifestations to determine log data requirements for intrusion detection^§, Emilie Lundin Barse and Erland Jonsson, Chalmers University of Technology, SWEDEN

Detecting Attacks That Exploit Application-Logic Errors Through Application-Level Auditing^§, Jingyu Zhou and Giovanni Vigna, University of California Santa Barbara, USA

Design, Implementation, and Evaluation of A Repairable Database Management System^§, Tzi-cker Chiueh, Rether Networks Inc., USA and Dhruv Pilania, Stony Brook University, USA

RACOON: Rapidly Generating User Command Data For Anomaly Detection From Customizable Templates^§, Ramkumar Chinchani, Aarthie Muthukrishnan, Madhusudhanan Chandrasekaran and Shambhu Upadhyaya, University at Buffalo-SUNY, USA

Building Secure Systems
Chair: Rick Wilson, National Security Agency, USA

Integrating Information Assurance into C4ISR/DoDAF Architectures, Ed Rodriguez, Booz Allen Hamilton, USA

Security Decision Making for Leaders, Alan Forbes, Certico Consulting, USA

Security Tools and Defense, Jeff Huberty, Business Information Technology Solutions (BITS), USA

Issues to Consider in Building Secure Computer Network Defense Systems, John Sturm, NuParadigm Government Systems, Inc., USA

5:30 ADJOURN

5:45
-
7:00 WORKS IN PROGRESS
Chair: Christoph Schuba, Sun Microsystems, Inc., USA

§ This symbol indicates papers that were anonymously peer reviewed by four or more reviewers before acceptance.

7:30	Registration
8:30	Opening Remarks	Daniel Faigin, Conference Chair, The Aerospace Corporation, USA
	Welcome to Tucson	Hotel Manager
	Distinguished Practitioner	Steven B. Lipner, Microsoft Corporation, USA Practical Assurance: Evolution of a Security Development Lifecycle
	Technical Program Introduction	Daniel Thomsen, Program Chair, Tresys Technology, USA
10:00	BREAK
	TRACK A	TRACK B	TRACK C
10:30	Intrusion Detection Chair: Christoph Schuba, Sun Microsystems, Inc., USA An Intrusion Detection Tool for AODV-based Ad hoc Wireless Networks^§, Giovanni Vigna, Sumit Gwalani, Kavitha Srinivasan, Elizabeth Belding-Royer and Richard Kemmerer, University of California Santa Barbara, USA Automatic Generation and Analysis of NIDS Attacks^§, Shai Rubin, Somesh Jha and Barton Miller, University of Wisconsin, Madison, USA Reasoning about Complementary Intrusion Evidence^§, Yan Zhai, Peng Ning, Purush Iyer and Douglas Reeves, North Carolina State Unversity, USA	Start Seeing Security Chair: Dr. John McHugh, SEI/CERT, USA Towards Secure Design Choices For Implementing Graphical Passwords^§, Julie Thorpe and Paul van Oorschot, Carleton University, CANADA Visualizing and Identifying Intrusion Context from System Calls Trace^§, Zhuowei Li and Amitabha Das, Nanyang Technological University, SINGAPORE VIsualizing Enterprise-Wide Security (VIEWS)^§, J.J. Brennan, Don Faatz, Mindy Rudell and Carson Zimmerman, The MITRE Corporation, USA	Data Protection Chair: Bill Stewart, Booz Allen Hamilton, USA Disposable/Deployable Security Technology, Gary Wright, Futures Inc., USA Improved Protection of Sensitive Electronic Records Archives on the Web Using Government-Validated Security Products, Binh Nguyen, U.S. Army Research Lab, USA Security Concerns in Outbound Communication as Vital to the Business Enterprise, Assaf Litai, Vidius, Inc., USA
12:00	LUNCH
1:30	Software Safety Chair: Patrick McDaniel, Pennsylvania State University, USA A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors)^§, Martin Rinard, Cristian Cadar, Daniel Roy and Daniel Dumitran, MIT CSAIL, USA Detecting Kernel-Level Rootkits Through Binary Analysis^§, Christopher Kruegel, TU Vienna, Austria, William Robertson and Giovanni Vigna, University of California Santa Barbara, USA Detecting Exploit Code Execution in Loadable Kernel Modules^§, Haizhi Xu, Steve Chapin and Wenliang Du, Syracuse University, USA	PANEL - Debate: The Relationship of System & Product Specifications & Evaluations Chair: Marshall Abrams, MITRE Corporation, USA Stu Katzke, NIST, USA Jean Schaffer, NSA, USA Mary Ellen Zurko, IBM, USA	Wireless Security Chair: Bruce Potter, Booz Allen Hamilton, USA Identity Theft and Prevention Management, Peter Tapling, Authentify, USA Collective Decisions, Error and Trust in Wireless Networks, Arnold Urken, Stevens Institute of Technology, USA Mobile Instant-Secure Role Based Access Control (MIS Ro BAC) Network, Terry House, Nova Southeastern University, USA
3:00	BREAK
3:30	Malware Chair: Charlie Payne, Adventium Labs, USA Using Predators to combat Worms and Viruses - a Simulation based study^§, Ajay Gupta and Daniel C. DuVarney, Stony Brook University, USA High-Fidelity Modeling of Computer Network Worms^§, Kalyan Perumalla and Srikanth Sundaragopalan, Georgia Institute of Technology, USA Worm Detection, Early Warning and Response Based on Local Victim Information^§, Guofei Gu, Monirul Sharif, Xinzhou Qin, David Dagon, Wenke Lee, and George Riley, Georgia Institute of Technology, USA Cozilet: Transparent Encapsulation for Preventing Abuse of Trusted Applets^§, Hisashi Kojima, Ikuya Morikawa, Yuko Nakayama and Yuji Yamaoka, Fujitsu Laboratories Limited, JAPAN	Audit Analysis Chair: Peng Liu, Pennsylvania State University, USA Extracting attack manifestations to determine log data requirements for intrusion detection^§, Emilie Lundin Barse and Erland Jonsson, Chalmers University of Technology, SWEDEN Detecting Attacks That Exploit Application-Logic Errors Through Application-Level Auditing^§, Jingyu Zhou and Giovanni Vigna, University of California Santa Barbara, USA Design, Implementation, and Evaluation of A Repairable Database Management System^§, Tzi-cker Chiueh, Rether Networks Inc., USA and Dhruv Pilania, Stony Brook University, USA RACOON: Rapidly Generating User Command Data For Anomaly Detection From Customizable Templates^§, Ramkumar Chinchani, Aarthie Muthukrishnan, Madhusudhanan Chandrasekaran and Shambhu Upadhyaya, University at Buffalo-SUNY, USA	Building Secure Systems Chair: Rick Wilson, National Security Agency, USA Integrating Information Assurance into C4ISR/DoDAF Architectures, Ed Rodriguez, Booz Allen Hamilton, USA Security Decision Making for Leaders, Alan Forbes, Certico Consulting, USA Security Tools and Defense, Jeff Huberty, Business Information Technology Solutions (BITS), USA Issues to Consider in Building Secure Computer Network Defense Systems, John Sturm, NuParadigm Government Systems, Inc., USA
5:30	ADJOURN
5:45 - 7:00	*WORKS IN PROGRESS* Chair: Christoph Schuba, Sun Microsystems, Inc., USA

Technical Program Features and Organization

[ Thursday ] [ Friday ]