NDSS 2009: San Diego, California, USA

Proceedings of the Network and Distributed System Security Symposium, NDSS 2009, San Diego, California, USA, 8th February - 11th February 2009. The Internet Society 2009

Session 1: Web Security

• Yacin Nadji, Prateek Saxena, Dawn Song:
  Document Structure Integrity: A Robust Basis for Cross-site Scripting Defense.
  
• R. Sekar:
  An Efficient Black-box Technique for Defeating Web Application Attacks.
  
• Matthew Van Gundy, Hao Chen:
  Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks.
  

Session 2: Distributed Systems

• Peter Williams, Radu Sion, Dennis Shasha:
  The Blind Stone Tablet: Outsourcing Durability to Untrusted Parties.
  
• Sherman S. M. Chow, Jie-Han Lee, Lakshminarayanan Subramanian:
  Two-Party Computation Model for Privacy-Preserving Queries over Distributed Databases.
  
• George Danezis, Prateek Mittal:
  SybilInfer: Detecting Sybil Nodes using Social Networks.
  

Session 3: Intrusion Detection

• Yingbo Song, Angelos D. Keromytis, Salvatore J. Stolfo:
  Spectrogram: A Mixture-of-Markov-Chains Model for Anomaly Detection in Web Traffic.
  
• Nicholas Weaver, Robin Sommer, Vern Paxson:
  Detecting Forged TCP Reset Packets.
  
• Carrie Gates:
  Coordinated Scan Detection.
  

Session 4: Malware

• Xin Hu, Matthew Knysz, Kang G. Shin:
  RB-Seeker: Auto-detection of Redirection Botnets.
  
• Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Krügel, Engin Kirda:
  Scalable, Behavior-Based Malware Clustering.
  
• Andrea Lanzi, Monirul I. Sharif, Wenke Lee:
  K-Tracer: A System for Extracting Kernel Malware Behavior.
  

Session 5: Traffic Protection and Infrastructure Security

• Amir Houmansadr, Negar Kiyavash, Nikita Borisov:
  RAINBOW: A Robust And Invisible Non-Blind Watermark for Network Flows.
  
• Charles V. Wright, Scott E. Coull, Fabian Monrose:
  Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis.
  
• David Dagon, Manos Antonakakis, Kevin Day, Xiapu Luo, Christopher P. Lee, Wenke Lee:
  Recursive DNS Architectures and Vulnerability Implications.
  

Session 6: Host Security

• Hong Chen, Ninghui Li, Ziqing Mao:
  Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems.
  
• Tielei Wang, Tao Wei, Zhiqiang Lin, Wei Zou:
  IntScope: Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution.
  

Session 7: Authentication and Accountability

• Jonathan M. McCune, Adrian Perrig, Michael K. Reiter:
  Safe Passage for Passwords and Other Sensitive Data.
  
• Chris Karlof, J. Doug Tygar, David Wagner:
  Conditioned-safe Ceremonies and a User Study of an Application to Web Authentication.
  
• Michael Backes, Peter Druschel, Andreas Haeberlen, Dominique Unruh:
  CSAR: A Practical and Provable Technique to Make Randomized Systems Accountable.