Technical Program – Wednesday

Technical Program Features and Organization

Track A and B sessions consist of technical papers, panels, and fora. All technical papers have undergone an anonymous peer review process and describe the latest developments in security implementations and applications-oriented research. Panel sessions are tailored to stimulate discussion of today's pressing issues. The fora sessions provide different perspectives on a single topic of interest or report the results of implementation activities. Track C presentations allow providers of products and/or services an opportunity to describe the innovative ways in which their products or services are being used to implement secure systems. The Case Studies will include presentations on capabilities and applications of information security products to realistic civil, defense, and commercial problems. This track will feature system integrators, designer, and architects from the government and private sector.

7:30 Registration
8:30 Opening Remarks Daniel Faigin, Conference Chair, The Aerospace Corporation, USA
Welcome to Tucson Hotel Manager
Distinguished Practitioner Steven B. Lipner, Microsoft Corporation, USA
Practical Assurance: Evolution of a Security Development Lifecycle
Technical Program Introduction Daniel Thomsen, Program Chair, Tresys Technology, USA
10:00 BREAK
10:30 Intrusion Detection
Chair: Christoph Schuba, Sun Microsystems, Inc., USA

  • An Intrusion Detection Tool for AODV-based Ad hoc Wireless Networks§, Giovanni Vigna, Sumit Gwalani, Kavitha Srinivasan, Elizabeth Belding-Royer and Richard Kemmerer, University of California Santa Barbara, USA
  • Automatic Generation and Analysis of NIDS Attacks§, Shai Rubin, Somesh Jha and Barton Miller, University of Wisconsin, Madison, USA
  • Reasoning about Complementary Intrusion Evidence§, Yan Zhai, Peng Ning, Purush Iyer and Douglas Reeves, North Carolina State Unversity, USA
  • Start Seeing Security
    Chair: Dr. John McHugh, SEI/CERT, USA

  • Towards Secure Design Choices For Implementing Graphical Passwords§, Julie Thorpe and Paul van Oorschot, Carleton University, CANADA
  • Visualizing and Identifying Intrusion Context from System Calls Trace§, Zhuowei Li and Amitabha Das, Nanyang Technological University, SINGAPORE
  • VIsualizing Enterprise-Wide Security (VIEWS)§, J.J. Brennan, Don Faatz, Mindy Rudell and Carson Zimmerman, The MITRE Corporation, USA
  • Data Protection
    Chair: Bill Stewart, Booz Allen Hamilton, USA

  • Disposable/Deployable Security Technology, Gary Wright, Futures Inc., USA
  • Improved Protection of Sensitive Electronic Records Archives on the Web Using Government-Validated Security Products, Binh Nguyen, U.S. Army Research Lab, USA
  • Security Concerns in Outbound Communication as Vital to the Business Enterprise, Assaf Litai, Vidius, Inc., USA
  • 12:00 LUNCH
    1:30 Software Safety
    Chair: Patrick McDaniel, Pennsylvania State University, USA

  • A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors)§, Martin Rinard, Cristian Cadar, Daniel Roy and Daniel Dumitran, MIT CSAIL, USA
  • Detecting Kernel-Level Rootkits Through Binary Analysis§, Christopher Kruegel, TU Vienna, Austria, William Robertson and Giovanni Vigna, University of California Santa Barbara, USA
  • Detecting Exploit Code Execution in Loadable Kernel Modules§, Haizhi Xu, Steve Chapin and Wenliang Du, Syracuse University, USA
  • PANEL - Debate: The Relationship of System & Product Specifications & Evaluations
    Chair: Marshall Abrams, MITRE Corporation, USA

  • Stu Katzke, NIST, USA
  • Jean Schaffer, NSA, USA
  • Mary Ellen Zurko, IBM, USA
  • Wireless Security
    Chair: Bruce Potter, Booz Allen Hamilton, USA

  • Identity Theft and Prevention Management, Peter Tapling, Authentify, USA
  • Collective Decisions, Error and Trust in Wireless Networks, Arnold Urken, Stevens Institute of Technology, USA
  • Mobile Instant-Secure Role Based Access Control (MIS Ro BAC) Network, Terry House, Nova Southeastern University, USA
  • 3:00 BREAK
    3:30 Malware
    Chair: Charlie Payne, Adventium Labs, USA

  • Using Predators to combat Worms and Viruses - a Simulation based study§, Ajay Gupta and Daniel C. DuVarney, Stony Brook University, USA
  • High-Fidelity Modeling of Computer Network Worms§, Kalyan Perumalla and Srikanth Sundaragopalan, Georgia Institute of Technology, USA
  • Worm Detection, Early Warning and Response Based on Local Victim Information§, Guofei Gu, Monirul Sharif, Xinzhou Qin, David Dagon, Wenke Lee, and George Riley, Georgia Institute of Technology, USA
  • Cozilet: Transparent Encapsulation for Preventing Abuse of Trusted Applets§, Hisashi Kojima, Ikuya Morikawa, Yuko Nakayama and Yuji Yamaoka, Fujitsu Laboratories Limited, JAPAN
  • Audit Analysis
    Chair: Peng Liu, Pennsylvania State University, USA

  • Extracting attack manifestations to determine log data requirements for intrusion detection§, Emilie Lundin Barse and Erland Jonsson, Chalmers University of Technology, SWEDEN
  • Detecting Attacks That Exploit Application-Logic Errors Through Application-Level Auditing§, Jingyu Zhou and Giovanni Vigna, University of California Santa Barbara, USA
  • Design, Implementation, and Evaluation of A Repairable Database Management System§, Tzi-cker Chiueh, Rether Networks Inc., USA and Dhruv Pilania, Stony Brook University, USA
  • RACOON: Rapidly Generating User Command Data For Anomaly Detection From Customizable Templates§, Ramkumar Chinchani, Aarthie Muthukrishnan, Madhusudhanan Chandrasekaran and Shambhu Upadhyaya, University at Buffalo-SUNY, USA
  • Building Secure Systems
    Chair: Rick Wilson, National Security Agency, USA

  • Integrating Information Assurance into C4ISR/DoDAF Architectures, Ed Rodriguez, Booz Allen Hamilton, USA
  • Security Decision Making for Leaders, Alan Forbes, Certico Consulting, USA
  • Security Tools and Defense, Jeff Huberty, Business Information Technology Solutions (BITS), USA
  • Issues to Consider in Building Secure Computer Network Defense Systems, John Sturm, NuParadigm Government Systems, Inc., USA
  • 5:30 ADJOURN
    Chair: Christoph Schuba, Sun Microsystems, Inc., USA
    § This symbol indicates papers that were anonymously peer reviewed by four or more reviewers before acceptance.

    [ Thursday ] [ Friday ]