Annual Computer Security Applications Conference (ACSAC) 2012

Papers Proceedings

Abusing Cloud-based Browsers for Fun and Profit
Vasant Tendulkar, Joe Pletcher, Ashwin Shashidharan, Ryan Snyder, Kevin Butler, William Enck

All Your Faces Are Belong to Us: Breaking Facebook's Social Authentication
Jason Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, Sotiris Ioannidis, Angelos D. Keromytis, Stefano Zanero

Analysis of the Communication between Colluding Applications on Modern Smartphones
Claudio Marforio, Hubert Ritzdorf, Aurélien Francillon, Srdjan Capkun

Augmenting Vulnerability Analysis of Binary Code
Sean Heelan, Agustin Gianni

BetterAuth: Web Authentication Revisited
Martin Johns, Sebastian Lekies, Bastian Braun, Benjamin Flesch

Biometric Authentication on a Mobile Device: A Study of User Effort, Error and Task Disruption
Shari Trewin, Cal Swart, Larry Koved, Jacquelyn Martino, Kapil Singh, Shay Ben-David

Building Better Passwords using Probabilistic Techniques
Shiva Houshmand, Sudhir Aggarwal

Cloud-based Push-Styled Mobile Botnets: A Case Study of Exploiting the Cloud to Device Messaging Service
Shuang Zhao, Patrick P. C. Lee, John C. S. Lui, Xiaohong Guan, Xiaobo Ma, Jing Tao

Code Shredding: Byte-Granular Randomization of Program Layout for Detecting Code-Reuse Attacks
Eitaro Shioji, Yuhei Kawakoya, Makoto Iwamura, Takeo Hariu

CodeShield: Towards Personalized Application Whitelisting
Christopher Gates, Ninghui Li, Jing Chen, Robert Proctor

DISCLOSURE: Detecting Botnet Command and Control Servers Through Large-Scale NetFlow Analysis
Leyla Bilge, Davide Balzarotti, William Robertson, Engin Kirda, Christopher Kruegel

Dissecting Ghost Clicks: Ad Fraud Via Misdirected Human Clicks
Sumayah A. Alrwais, Christopher W. Dunn, Minaxi Gupta, Alexandre Gerber, Oliver Spatscheck, Eric Osterweil

Distributed Application Tamper Detection Via Continuous Software Updates
Christian Collberg, Sam Martin, Jonathan Myers, Jasvir Nagra

Down to the Bare Metal: Using Processor Features for Binary Analysis
Carsten Willems, Ralf Hund, Andreas Fobian, Dennis Felsch, Thorsten Holz, Amit Vasudevan

Efficient Protection of Kernel Data Structures via Object Partitioning
Abhinav Srivastava, Jonathon Giffin

Enabling Private Conversations on Twitter
Indrajeet Singh, Michael Butkiewicz, Harsha Madhyastha, Srikanth V. Krishnamurthy, Sateesh Addepalli

Enabling Trusted Scheduling in Embedded Systems
Ramya Jayaram Masti, Claudio Marforio, Aanjhan Ranganathan, Aurélien Francillon, Srdjan Capkun

Generalized Vulnerability Extrapolation using Abstract Syntax Trees
Fabian Yamaguchi, Markus Lottmann, Konrad Rieck

Hi-Fi: Collecting High-Fidelity Whole-System Provenance
Devin Pohly, Stephen McLaughlin, Patrick McDaniel, Kevin Butler

Iris: A Scalable Cloud File System with Efficient Integrity Checks
Emil Stefanov, Marten van Dijk, Ari Juels, Alina Oprea

Jarhead: Analysis and Detection of Malicious Java Applets
Johannes Schlumberger, Christopher Kruegel, Giovanni Vigna

JSand: Complete Client-Side Sandboxing of Third-Party JavaScript without Browser Modifications
Pieter Agten, Steven Van Acker, Yoran Brondsema, Phu H. Phung, Lieven Desmet, Frank Piessens

Lines of Malicious Code: Insights Into the Malicious Software Industry
Martina Lindorfer, Alessandro Di Federico, Federico Maggi, Paolo Milani Comparetti, Stefano Zanero

Malicious PDF Detection Using Metadata and Structural Features
Charles Smutz, Angelos Stavrou

On Automated Image Choice for Secure and Usable Graphical Passwords
Paul Dunphy, Patrick Olivier

One Year of SSL Internet Measurement
Olivier Levillain, Arnaud Ébalard, Benjamin Morin, Hervé Debar

Permission Evolution in the Android Ecosystem
Xuetao Wei, Lorenzo Gomez, Iulian Neamtiu, Michalis Faloutsos

Practicality of Accelerometer Side-Channel on Smartphones
Adam J. Aviv, Benjamin Sapp, Matt Blaze, Jonathan M. Smith

Securing Untrusted Code via Compiler-Agnostic Binary Rewriting
Richard Wartell, Vishwath Mohan, Kevin W. Hamlen, Zhiqiang Lin

Security Economics - A Personal Perspective
Ross Anderson

Self-healing Multitier Architectures using Cascading Rescue Points
Angeliki Zavou, Georgios Portokalidis, Angelos D. Keromytis

SensorSift: Balancing Sensor Data Privacy and Utility in Automated Face Understanding
Miro Enev, Jaeyeon Jung, Liefeng Bo, Xiaofeng Ren, Tadayoshi Kohno

Separation Virtual Machine Monitors
John McDermott, Bruce Montrose, Myong Kang, Margery Li, James Kirby

Tapas: Design, Implementation, and Usability Evaluation of a Password Manager
Daniel McCarney, David Barrera, Jeremy Clark, Sonia Chiasson, Paul van Oorschot

ThinAV: Truly Lightweight Mobile Cloud-based Anti-malware
Chris Jarabek, David Barrera, John Aycock

Towards Network Containment in Malware Analysis Systems
Mariano Graziano, Corrado Leita, Davide Balzarotti

Transforming Commodity Security Policies to Enforce Clark-Wilson Integrity
Divya Muthukumaran, Sandra Rueda, Nirupama Talele, Hayawardh Vijayakumar, Jason Teutsch, Trent Jaeger

TRESOR-HUNT: Attacking CPU-Bound Encryption
Erik-Oliver Blass, William Robertson

TrueErase: Per-file Secure Deletion for the Storage Data Path
Sarah Diesburg, Christopher Meyers, Mark Stanovich, Michael Mitchell, Justin Marshall, Julia Gould, An-I Andy Wang, Geoff Kuenning

Trust Engineering - Rejecting the Tyranny of the Weakest Link
Susan Alexander

Twitter Games: How Successful Spammers Pick Targets
Vasumathi Sridharan, Vaibhav Shankar, Minaxi Gupta

Using Automated Model Analysis for Reasoning about Security of Web Protocols
Apurva Kumar

Using Memory Management to Detect and Extract Illegitimate Code for Malware Analysis
Carsten Willems, Felix C. Freiling, Thorsten Holz

VAMO: Towards a Fully Automated Malware Clustering Validity Analysis
Roberto Perdisci, ManChon U

When Hardware Meets Software: a Bulletproof Solution to Forensic Memory Acquisition
Alessandro Reina, Aristide Fattori, Fabio Pagani, Lorenzo Cavallaro, Danilo Mauro Bruschi

XIAO: Tuning Code Clones at Hands of Engineers in Practice
Yingnong Dang, Dongmei Zhang, Song Ge, Chengyun Chu, Yingjun Qiu, Tao Xie

 

Powered by OpenConf®
Copyright ©2002-2012 Zakon Group LLC