23. ACSAC 2007: Miami Beach, Florida, USA

23rd Annual Computer Security Applications Conference (ACSAC 2007), December 10-14, 2007, Miami Beach, Florida, USA. IEEE Computer Society 2007 BibTeX

Distinguished Practitioner

Richard A. Kemmerer:
So You Think You Can Dance? 3-17
Electronic Edition (link) BibTeX

Operating Systems Security and Trusted Computing

Luke St. Clair, Joshua Schiffman, Trent Jaeger, Patrick McDaniel:
Establishing and Sustaining System Integrity via Root of Trust Installation. 19-29
Electronic Edition (link) BibTeX
Aggelos Kiayias, Laurent Michel, Alexander Russell, Narasimha Shashidhar, Andrew See, Alexander A. Shvartsman, Seda Davtyan:
Tampering with Special Purpose Trusted Computing Devices: A Case Study in Optical Scan E-Voting. 30-39
Electronic Edition (link) BibTeX
Rance J. DeLong, Thuy D. Nguyen, Cynthia E. Irvine, Timothy E. Levin:
Toward a Medium-Robustness Separation Kernel Protection Profile. 40-51
Electronic Edition (link) BibTeX

Malware and Intrusion Detection

Christopher Kruegel, Davide Balzarotti, William K. Robertson, Giovanni Vigna:
Improving Signature Testing through Dynamic Data Flow Analysis. 53-63
Electronic Edition (link) BibTeX
Mengjun Xie, Zhenyu Wu, Haining Wang:
HoneyIM: Fast Detection and Suppression of Instant Messaging Malware in Enterprise-Like Networks. 64-73
Electronic Edition (link) BibTeX
Matthew Van Gundy, Hao Chen, Zhendong Su, Giovanni Vigna:
Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms. 74-85
Electronic Edition (link) BibTeX

Database Security

Kevin S. Killourhy, Roy A. Maxion:
Toward Realistic and Artifact-Free Insider-Threat Data. 87-96
Electronic Edition (link) BibTeX
Meng Yu, Wanyu Zang, Peng Liu:
Database Isolation and Filtering against Data Corruption Attacks. 97-106
Electronic Edition (link) BibTeX
Yuji Kosuga, Kenji Kono, Miyuki Hanaoka, Miho Hishiyama, Yu Takahama:
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Injection. 107-117
Electronic Edition (link) BibTeX

Applied Cryptography

Carlos Aguilar Melchor, Yves Deswarte, Julien Iguchi-Cartigny:
Closed-Circuit Unobservable Voice over IP. 119-128
Electronic Edition (link) BibTeX
Adam J. Aviv, Michael E. Locasto, Shaya Potter, Angelos D. Keromytis:
SSARES: Secure Searchable Automated Remote Email Storage. 129-139
Electronic Edition (link) BibTeX

Misuse Detection and Forensics

Sudhir Aggarwal, Jasbinder Bali, Zhenhai Duan, Leo Kermes, Wayne Liu, Shahank Sahai, Zhenghui Zhu:
The Design and Development of an Undercover Multipurpose Anti-spoofing Kit (UnMask). 141-150
Electronic Edition (link) BibTeX
Michael Meier, Ulrich Flegel, Sebastian Schmerl:
Efficiency Issues of Rete-Based Expert Systems for Misuse Detection. 151-160
Electronic Edition (link) BibTeX
David Whyte, Paul C. van Oorschot, Evangelos Kranakis:
Tracking Darkports for Network Defense. 161-171
Electronic Edition (link) BibTeX

Invited Essayist

Daniel J. Weitzner:
Personal Privacy without Computational Obscurity: Rethinking Privacy Protection Strategies for Open Information Networks. 173-175
Electronic Edition (link) BibTeX

Classic Paper

Brian Randell, John M. Rushby:
Distributed Secure Systems: Then and Now. 177-199
Electronic Edition (link) BibTeX

Access Control

Phillip L. Hellewell, Kent E. Seamons:
Extensible Pre-authentication Kerberos. 201-210
Electronic Edition (link) BibTeX
Manigandan Radhakrishnan, Jon A. Solworth:
Quarantining Untrusted Entities: Dynamic Sandboxing Using LEAP. 211-220
Electronic Edition (link) BibTeX
Enriquillo Valdez, Reiner Sailer, Ronald Perez:
Retrofitting the IBM POWER Hypervisor to Support Mandatory Access Control. 221-231
Electronic Edition (link) BibTeX

Wireless and Mobile Systems Security

Iulia Ion, Boris Dragovic, Bruno Crispo:
Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices. 233-242
Electronic Edition (link) BibTeX
Daniel Sterne, Geoffrey Lawler, Richard Gopaul, Brian Rivera, Kelvin Marcus, Peter Kruus:
Countering False Accusations and Collusion in the Detection of In-Band Wormholes. 243-256
Electronic Edition (link) BibTeX
Bo Zhu, Venkata Gopala Krishna Addada, Sanjeev Setia, Sushil Jajodia, Sankardas Roy:
Efficient Distributed Detection of Node Replication Attacks in Sensor Networks. 257-267
Electronic Edition (link) BibTeX

Security Engineering

Audun Jøsang, Bander AlFayyadh, Tyrone Grandison, Mohammed AlZomai, Judith McNamara:
Security Usability Principles for Vulnerability Analysis and Risk Assessment. 269-278
Electronic Edition (link) BibTeX
Jeff Yan, Ahmad Salah El Ahmad:
Breaking Visual CAPTCHAs with Naive Pattern Recognition Algorithms. 279-291
Electronic Edition (link) BibTeX
Paolina Centonze, Robert J. Flynn, Marco Pistoia:
Combining Static and Dynamic Analysis for Automatic Identification of Precise Access-Control Policies. 292-303
Electronic Edition (link) BibTeX

Security in P2P Systems

Nathan S. Evans, Chris GauthierDickey, Christian Grothoff:
Routing in the Dark: Pitch Black. 305-314
Electronic Edition (link) BibTeX
Nathalie Tsybulnik, Kevin W. Hamlen, Bhavani M. Thuraisingham:
Centralized Security Labels in Decentralized P2P Networks. 315-324
Electronic Edition (link) BibTeX
David Dagon, Guofei Gu, Christopher P. Lee, Wenke Lee:
A Taxonomy of Botnet Structures. 325-339
Electronic Edition (link) BibTeX

Distributed Systems Security

Duncan A. Grove, Toby C. Murray, C. A. Owen, Chris J. North, J. A. Jones, M. R. Beaumont, B. D. Hopkins:
An Overview of the Annex System. 341-352
Electronic Edition (link) BibTeX
Baris Coskun, Nasir D. Memon:
Efficient Detection of Delay-Constrained Relay Nodes. 353-362
Electronic Edition (link) BibTeX
Ashish Gehani, Ulf Lindqvist:
Bonsai: Balanced Lineage Authentication. 363-373
Electronic Edition (link) BibTeX

Software and Applications Security

Martin Szydlowski, Christopher Kruegel, Engin Kirda:
Secure Input for Web Applications. 375-384
Electronic Edition (link) BibTeX
Bryan D. Payne, Wenke Lee:
Secure and Flexible Monitoring of Virtual Machines. 385-397
Electronic Edition (link) BibTeX
Wei Li, Tzi-cker Chiueh:
Automated Format String Attack Prevention for Win32/X86 Binaries. 398-409
Electronic Edition (link) BibTeX

Malware

Qinghua Zhang, Douglas S. Reeves:
MetaAware: Identifying Metamorphic Malware. 411-420
Electronic Edition (link) BibTeX
Andreas Moser, Christopher Kruegel, Engin Kirda:
Limits of Static Analysis for Malware Detection. 421-430
Electronic Edition (link) BibTeX
Lorenzo Martignoni, Mihai Christodorescu, Somesh Jha:
OmniUnpack: Fast, Generic, and Safe Unpacking of Malware. 431-441
Electronic Edition (link) BibTeX

Assurance

Boniface Hicks, Tim Misiak, Patrick McDaniel:
Channels: Runtime System Infrastructure for Security-Typed Languages. 443-452
Electronic Edition (link) BibTeX
Chongkyung Kil, Emre Can Sezer, Peng Ning, Xiaolan Zhang:
Automated Security Debugging Using Program Structural Constraints. 453-462
Electronic Edition (link) BibTeX
Deepak Chandra, Michael Franz:
Fine-Grained Information Flow Analysis and Enforcement in a Java Virtual Machine. 463-475
Electronic Edition (link) BibTeX

Software Security

Sherri Sparks, Shawn Embleton, Ryan Cunningham, Cliff Changchun Zou:
Automated Vulnerability Analysis: Leveraging Control Flow for Evolutionary Input Crafting. 477-486
Electronic Edition (link) BibTeX
Asia Slowinska, Herbert Bos:
The Age of Data: Pinpointing Guilty Bytes in Polymorphic Buffer Overflows on Heap or Stack. 487-500
Electronic Edition (link) BibTeX
Kevin Borders, Atul Prakash, Mark Zielinski:
Spector: Automatically Analyzing Shell Code. 501-514
Electronic Edition (link) BibTeX