CCS 2004

Advance Program (Research Track)


Conference Program

Tuesday October 26, 2004


Session I: Keynote, John McLean, Naval Research Laboratory, Session Chair: Sushil Jajodia


Session II: Network intrusions

Operational Experiences with High-Volume Network Intrusion Detection

Holger Dreger, Anja Feldmann, Vern Paxson and Robin Sommer


On the Difficulty of Scalably Detecting Network Attacks

Kirill Levchenko, Ramamohan Paturi and George Varghese


Testing Intrusion Detection Signatures Using Mutant Exploits

Giovanni Vigna, Will Robertson and Davide Balzarotti


Payload Attribution via Hierarchical Bloom Filters

Kulesh Shanmugasundaram, Herve Bronnimann and Nasir Memon



Session III: Access Control

On Mutually-Exclusive Roles and Separation of Duty

Ninghui Li, Ziad Bizri and Mahesh V. Tripunitara


KNOW Why Your Access was Denied: Regulating Feedback for Usable Security

Apu Kapadia, Geetanjali Sampemane and Roy H. Campbell


Comparing the Expressive Power of Access Control Models

Mahesh V. Tripunitara and Ninghui Li



Session IV: Applied cryptography

Attacking and Repairing the WinZip Encryption Scheme

Tadayoshi Kohno


Reusable Cryptographic Fuzzy Extractors

Xavier Boyen


Cryptanalysis of a Provably Secure CRT-RSA Algorithm

David Wagner



Wednesday October 27, 2004


Session I: Network security

Pong-Cache Poisoning in GUESS

Neil Daswani and Hector Garcia-Molina


Web Tap: Detecting Covert Web Traffic

Kevin Borders, Atul Prakash


On Achieving Software Diversity for Improved Network Security using Distributed Coloring Algorithms

Adam O'Donnell and Harish Sethu



Session II: Credentials

Direct Anonymous Attestation

Ernie Brickell, Jan Camenisch and Liqun Chen


Concealing Complex Policies in Hidden Credentials

Robert W. Bradshaw, Jason E. Holt and Kent E. Seamons


k-Anonymous Secret Handshakes with Reusable Credentials

Shouhuai Xu and Moti Yung


Group Signatures with Verifier-Local Revocation

Dan Boneh and Hovav Shacham



Session III: Information flow

IP Covert Timing Channels: An Initial Exploration

Serdar Cabuk, Carla E. Brodley, Rui Miguel Forte and Clay Shields


Private Inference Control

Jessica Staddon and David Woodruff


Security Policies for Downgrading

Stephen Chong and Andrew Myers



Session VI: Privacy

Privacy and Security in Library RFID: Issues, Practices, and Architectures

David Molnar and David Wagner


Parallel Mixing

Philippe Golle and Ari Juels


Fragile Mixing

Mike Reiter and XiaoFeng Wang




Thursday October 28, 2004


Session I: Puzzles and users

A PIN-Entry Method Resilient Against Shoulder Surfing

Volker Roth, Kai Richter and Rene Freidinger


New Client Puzzle Outsourcing Techniques for DoS Resistancestems

Brent Waters, Ari Juels, J. Alex Halderman and Edward W. Felten


Mitigating Bandwidth-Exhaustion Attacks using Congestion Puzzles

XiaoFeng Wang and Mike Reiter



Session II: Applications of formal methods

Verifying Policy-Based Security for Web Services

Karthikeyan Bhargavan, Cedric Fournet and Andrew D. Gordon


A Decision Procedure for the Verification of Security Protocols with Explicit Destructors

Stephanie Delaune and Florent Jacquemard


Using Build-Integrated Static Checking to Preserve Correctness Invariants

Hao Chen and Jonathan S. Shapiro




Session III: Operating systems security

On the Effectiveness of Address Space Randomization

Hovav Shacham, Mattew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu and Dan Boneh


Attestation-based Policy Enforcement for Remote Access

Reiner Sailer, Trent Jaeger, Xiaolan Zhang and Leendert van Doorn


Gray-Box Extraction of Execution Graphs for Anomaly Detection

Debin Gao, Michael K. Reiter and Dawn Song




Session IV: Cryptographic tools

The Dual Receiver Cryptogram and Its Applications

Homin Lee, Ted Diament, Angelos D. Keromytis and Moti Yung


Versatile Padding Schemes for Joint Signature and Encryption

Yevgeniy Dodis, Michael J. Freedman, Stanislaw Jarecki, Shabsi Walfish


ID-Based Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption

Danfeng Yao, Nelly Fazio, Yevgeniy Dodis and Anna Lysyanskaya