26. ACSAC 2010: Austin, Texas, USA

Carrie Gates, Michael Franz, John P. McDermott (Eds.): Twenty-Sixth Annual Computer Security Applications Conference, ACSAC 2010, Austin, Texas, USA, 6-10 December 2010. ACM 2010, ISBN 978-1-4503-0133-6

Social networks

Gianluca Stringhini, Christopher Kruegel, Giovanni Vigna:
Detecting spammers on social networks. 1-9
Wei Xu, Fangfang Zhang, Sencun Zhu:
Toward worm detection in online social networks. 11-20
Zi Chu, Steven Gianvecchio, Haining Wang, Sushil Jajodia:
Who is tweeting on Twitter: human, bot, or cyborg? 21-30

Software defenses

Konrad Rieck, Tammo Krueger, Andreas Dewald:
Cujo: efficient detection and prevention of drive-by-download attacks. 31-39
Georgios Portokalidis, Angelos D. Keromytis:
Fast and practical instruction-set randomization for commodity systems. 41-48
Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, Engin Kirda:
G-Free: defeating return-oriented programming through gadget-less binaries. 49-58

Authentication

Yanjiang Yang, Jianying Zhou, Jun Wen Wong, Feng Bao:
Towards practical anonymous password authentication. 59-68
Chengfang Fang, Ee-Chien Chang:
Securing interactive sessions using mobile device through visual channel and visual inspection. 69-78
Elizabeth Stobert, Alain Forget, Sonia Chiasson, Paul C. van Oorschot, Robert Biddle:
Exploring usability effects of increasing security in click-based graphical passwords. 79-88

Vulnerability assessment of embedded devices

Benjamin Rodes, Xunhua Wang:
Security analysis of a fingerprint-protected USB drive. 89-96
Ang Cui, Salvatore J. Stolfo:
A quantitative analysis of the insecurity of embedded network devices: results of a wide-area scan. 97-106
Stephen E. McLaughlin, Dmitry Podkuiko, Sergei Miadzvezhanka, Adam Delozier, Patrick Drew McDaniel:
Multi-vendor penetration testing in the advanced metering infrastructure. 107-116

Classic paper I

Giovanni Vigna:
Network intrusion detection: dead or alive? 117-126

Invited essayist

Tom Longstaff, David M. Balenson, Mark Matties:
Barriers to science in security. 127-129

Botnets

Baris Coskun, Sven Dietrich, Nasir D. Memon:
Friends of an enemy: identifying local members of peer-to-peer botnets using mutual contacts. 131-140
Joan Calvet, Carlton R. Davis, José M. Fernandez, Jean-Yves Marion, Pier-Luc St-Onge, Wadie Guizani, Pierre-Marc Bureau, Anil Somayaji:
The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet. 141-150
Seungwon Shin, Guofei Gu:
Conficker and beyond: a large-scale empirical study. 151-160

Email, e-commerce, and web 2.0

Andrew G. West, Adam J. Aviv, Jian Chang, Insup Lee:
Spam mitigation using spatio-temporal reputations from blacklist history. 161-170
Shujun Li, S. Amier Haider Shah, M. Asad Usman Khan, Syed Ali Khayam, Ahmad-Reza Sadeghi, Roland Schmitz:
Breaking e-banking CAPTCHAs. 171-180
Zhou Li, XiaoFeng Wang:
FIRM: capability-based inline mediation of Flash behaviors. 181-190

Hardware-assisted security

Roberto Gallo, Henrique Kawakami, Ricardo Dahab, Rafael Azevedo, Saulo Lima, Guido Araujo:
T-DRE: a hardware trusted computing base for direct recording electronic vote machines. 191-198
Jonathan Valamehr, Mohit Tiwari, Timothy Sherwood, Ryan Kastner, Ted Huffmire, Cynthia E. Irvine, Timothy E. Levin:
Hardware assistance for trustworthy systems through 3-D integration. 199-210
Stefan Tillich, Mario Kirschbaum, Alexander Szekely:
SCA-resistant embedded processors: the next generation. 211-220

Security protocols and portable storage

Machigar Ongtang, Kevin R. B. Butler, Patrick Drew McDaniel:
Porscha: policy oriented secure content handling in Android. 221-230
Kevin R. B. Butler, Stephen E. McLaughlin, Patrick Drew McDaniel:
Kells: a protection framework for portable data. 231-240
Christina Pöpper, David A. Basin, Srdjan Capkun, Cas J. F. Cremers:
Keeping data secret under full compromise using porter devices. 241-250

Model checking and vulnerability analysis

Sandy Clark, Stefan Frei, Matt Blaze, Jonathan M. Smith:
Familiarity breeds contempt: the honeymoon effect and the role of legacy code in zero-day vulnerabilities. 251-260
Jonathan Heusser, Pasquale Malacaria:
Quantifying information leaks in software. 261-269
Siarhei Liakh, Michael C. Grace, Xuxian Jiang:
Analyzing and improving Linux kernel memory protection: a model checking approach. 271-280

Classic paper II

William R. Cheswick:
Back to Berferd. 281-286

Intrusion detection and live forensics

Michalis Polychronakis, Kostas G. Anagnostakis, Evangelos P. Markatos:
Comprehensive shellcode detection using runtime heuristics. 287-296
Shengzhi Zhang, Xiaoqi Jia, Peng Liu, Jiwu Jing:
Cross-layer comprehensive intrusion harm analysis for production workload server systems. 297-306
Ellick Chan, Shivaram Venkataraman, Francis M. David, Amey Chaugule, Roy H. Campbell:
Forenscope: a framework for live forensics. 307-316

Distributed systems and operating systems

Jin Han, Meng Pan, Debin Gao, HweeHwa Pang:
A multi-user steganographic file system on untrusted shared storage. 317-326
Yu Ding, Tao Wei, Tielei Wang, Zhenkai Liang, Wei Zou:
Heap Taichi: exploiting memory allocation granularity in heap-spraying attacks. 327-336
Liang Gu, Yao Guo, Anbang Ruan, Qingni Shen, Hong Mei:
SCOBA: source code based attestation on custom software. 337-346

Mobile and wireless

Georgios Portokalidis, Philip Homburg, Kostas Anagnostakis, Herbert Bos:
Paranoid Android: versatile protection for smartphones. 347-356
Zhaohui Wang, Angelos Stavrou:
Exploiting smart-phone USB connectivity for fun and profit. 357-366
An Liu, Peng Ning, Huaiyu Dai, Yao Liu, Cliff Wang:
Defending DSSS-based broadcast communication against insider jammers via delayed seed-disclosure. 367-376

Security engineering and management

Wu Zhou, Peng Ning, Xiaolan Zhang, Glenn Ammons, Ruowen Wang, Vasanth Bala:
Always up-to-date: scalable offline patching of VM images in a compute cloud. 377-386
Jeffrey S. Dwoskin, Mahadevan Gomathisankaran, Yu-Yuan Chen, Ruby B. Lee:
A framework for testing hardware-software security architectures. 387-397
Trajce Dimkov, Wolter Pieters, Pieter H. Hartel:
Two methodologies for physical penetration testing using social engineering. 399-408

Last update Sat May 25 17:19:14 2013 CET by the DBLP Team —

Data released under the ODC-BY 1.0 license — See also our legal information page