23. ACSAC 2007: Miami Beach, Florida, USA

23rd Annual Computer Security Applications Conference (ACSAC 2007), December 10-14, 2007, Miami Beach, Florida, USA. IEEE Computer Society 2007

Distinguished Practitioner

Luke St. Clair, Joshua Schiffman, Trent Jaeger, Patrick McDaniel:
Establishing and Sustaining System Integrity via Root of Trust Installation. 19-29
Aggelos Kiayias, Laurent Michel, Alexander Russell, Narasimha Shashidhar, Andrew See, Alexander A. Shvartsman, Seda Davtyan:
Tampering with Special Purpose Trusted Computing Devices: A Case Study in Optical Scan E-Voting. 30-39
Rance J. DeLong, Thuy D. Nguyen, Cynthia E. Irvine, Timothy E. Levin:
Toward a Medium-Robustness Separation Kernel Protection Profile. 40-51

Christopher Kruegel, Davide Balzarotti, William K. Robertson, Giovanni Vigna:
Improving Signature Testing through Dynamic Data Flow Analysis. 53-63
Mengjun Xie, Zhenyu Wu, Haining Wang:
HoneyIM: Fast Detection and Suppression of Instant Messaging Malware in Enterprise-Like Networks. 64-73
Matthew Van Gundy, Hao Chen, Zhendong Su, Giovanni Vigna:
Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms. 74-85

Kevin S. Killourhy, Roy A. Maxion:
Toward Realistic and Artifact-Free Insider-Threat Data. 87-96
Meng Yu, Wanyu Zang, Peng Liu:
Database Isolation and Filtering against Data Corruption Attacks. 97-106
Yuji Kosuga, Kenji Kono, Miyuki Hanaoka, Miho Hishiyama, Yu Takahama:
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Injection. 107-117

Carlos Aguilar Melchor, Yves Deswarte, Julien Iguchi-Cartigny:
Closed-Circuit Unobservable Voice over IP. 119-128
Adam J. Aviv, Michael E. Locasto, Shaya Potter, Angelos D. Keromytis:
SSARES: Secure Searchable Automated Remote Email Storage. 129-139

Sudhir Aggarwal, Jasbinder Bali, Zhenhai Duan, Leo Kermes, Wayne Liu, Shahank Sahai, Zhenghui Zhu:
The Design and Development of an Undercover Multipurpose Anti-spoofing Kit (UnMask). 141-150
Michael Meier, Ulrich Flegel, Sebastian Schmerl:
Efficiency Issues of Rete-Based Expert Systems for Misuse Detection. 151-160
David Whyte, Paul C. van Oorschot, Evangelos Kranakis:
Tracking Darkports for Network Defense. 161-171

Daniel J. Weitzner:
Personal Privacy without Computational Obscurity: Rethinking Privacy Protection Strategies for Open Information Networks. 173-175

Brian Randell, John M. Rushby:
Distributed Secure Systems: Then and Now. 177-199

Phillip L. Hellewell, Kent E. Seamons:
Extensible Pre-authentication Kerberos. 201-210
Manigandan Radhakrishnan, Jon A. Solworth:
Quarantining Untrusted Entities: Dynamic Sandboxing Using LEAP. 211-220
Enriquillo Valdez, Reiner Sailer, Ronald Perez:
Retrofitting the IBM POWER Hypervisor to Support Mandatory Access Control. 221-231

Iulia Ion, Boris Dragovic, Bruno Crispo:
Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices. 233-242
Daniel Sterne, Geoffrey Lawler, Richard Gopaul, Brian Rivera, Kelvin Marcus, Peter Kruus:
Countering False Accusations and Collusion in the Detection of In-Band Wormholes. 243-256
Bo Zhu, Venkata Gopala Krishna Addada, Sanjeev Setia, Sushil Jajodia, Sankardas Roy:
Efficient Distributed Detection of Node Replication Attacks in Sensor Networks. 257-267

Audun Jøsang, Bander AlFayyadh, Tyrone Grandison, Mohammed Al Zomai, Judith McNamara:
Security Usability Principles for Vulnerability Analysis and Risk Assessment. 269-278
Jeff Yan, Ahmad Salah El Ahmad:
Breaking Visual CAPTCHAs with Naive Pattern Recognition Algorithms. 279-291
Paolina Centonze, Robert J. Flynn, Marco Pistoia:
Combining Static and Dynamic Analysis for Automatic Identification of Precise Access-Control Policies. 292-303

Nathan S. Evans, Chris GauthierDickey, Christian Grothoff:
Routing in the Dark: Pitch Black. 305-314
Nathalie Tsybulnik, Kevin W. Hamlen, Bhavani M. Thuraisingham:
Centralized Security Labels in Decentralized P2P Networks. 315-324
David Dagon, Guofei Gu, Christopher P. Lee, Wenke Lee:
A Taxonomy of Botnet Structures. 325-339

Duncan A. Grove, Toby C. Murray, C. A. Owen, Chris J. North, J. A. Jones, M. R. Beaumont, B. D. Hopkins:
An Overview of the Annex System. 341-352
Baris Coskun, Nasir D. Memon:
Efficient Detection of Delay-Constrained Relay Nodes. 353-362
Ashish Gehani, Ulf Lindqvist:
Bonsai: Balanced Lineage Authentication. 363-373

Martin Szydlowski, Christopher Kruegel, Engin Kirda:
Secure Input for Web Applications. 375-384
Bryan D. Payne, Wenke Lee:
Secure and Flexible Monitoring of Virtual Machines. 385-397
Wei Li, Tzi-cker Chiueh:
Automated Format String Attack Prevention for Win32/X86 Binaries. 398-409

Qinghua Zhang, Douglas S. Reeves:
MetaAware: Identifying Metamorphic Malware. 411-420
Andreas Moser, Christopher Kruegel, Engin Kirda:
Limits of Static Analysis for Malware Detection. 421-430
Lorenzo Martignoni, Mihai Christodorescu, Somesh Jha:
OmniUnpack: Fast, Generic, and Safe Unpacking of Malware. 431-441

Boniface Hicks, Tim Misiak, Patrick McDaniel:
Channels: Runtime System Infrastructure for Security-Typed Languages. 443-452
Chongkyung Kil, Emre Can Sezer, Peng Ning, Xiaolan Zhang:
Automated Security Debugging Using Program Structural Constraints. 453-462
Deepak Chandra, Michael Franz:
Fine-Grained Information Flow Analysis and Enforcement in a Java Virtual Machine. 463-475

Sherri Sparks, Shawn Embleton, Ryan Cunningham, Cliff Changchun Zou:
Automated Vulnerability Analysis: Leveraging Control Flow for Evolutionary Input Crafting. 477-486
Asia Slowinska, Herbert Bos:
The Age of Data: Pinpointing Guilty Bytes in Polymorphic Buffer Overflows on Heap or Stack. 487-500
Kevin Borders, Atul Prakash, Mark Zielinski:
Spector: Automatically Analyzing Shell Code. 501-514