CCS 2004

Advance Program (Research Track)


 

Conference Program

Tuesday October 26, 2004

 

Session I: Keynote, John McLean, Naval Research Laboratory, Session Chair: Sushil Jajodia

 

Session II: Network intrusions

Operational Experiences with High-Volume Network Intrusion Detection

Holger Dreger, Anja Feldmann, Vern Paxson and Robin Sommer

 

On the Difficulty of Scalably Detecting Network Attacks

Kirill Levchenko, Ramamohan Paturi and George Varghese

 

Testing Intrusion Detection Signatures Using Mutant Exploits

Giovanni Vigna, Will Robertson and Davide Balzarotti

 

Payload Attribution via Hierarchical Bloom Filters

Kulesh Shanmugasundaram, Herve Bronnimann and Nasir Memon

 

 

Session III: Access Control

On Mutually-Exclusive Roles and Separation of Duty

Ninghui Li, Ziad Bizri and Mahesh V. Tripunitara

 

KNOW Why Your Access was Denied: Regulating Feedback for Usable Security

Apu Kapadia, Geetanjali Sampemane and Roy H. Campbell

 

Comparing the Expressive Power of Access Control Models

Mahesh V. Tripunitara and Ninghui Li

 

 

Session IV: Applied cryptography

Attacking and Repairing the WinZip Encryption Scheme

Tadayoshi Kohno

 

Reusable Cryptographic Fuzzy Extractors

Xavier Boyen

 

Cryptanalysis of a Provably Secure CRT-RSA Algorithm

David Wagner

 

 


Wednesday October 27, 2004

 

Session I: Network security

Pong-Cache Poisoning in GUESS

Neil Daswani and Hector Garcia-Molina

 

Web Tap: Detecting Covert Web Traffic

Kevin Borders, Atul Prakash

 

On Achieving Software Diversity for Improved Network Security using Distributed Coloring Algorithms

Adam O'Donnell and Harish Sethu

 

 

Session II: Credentials

Direct Anonymous Attestation

Ernie Brickell, Jan Camenisch and Liqun Chen

 

Concealing Complex Policies in Hidden Credentials

Robert W. Bradshaw, Jason E. Holt and Kent E. Seamons

 

k-Anonymous Secret Handshakes with Reusable Credentials

Shouhuai Xu and Moti Yung

 

Group Signatures with Verifier-Local Revocation

Dan Boneh and Hovav Shacham

 

 

Session III: Information flow

IP Covert Timing Channels: An Initial Exploration

Serdar Cabuk, Carla E. Brodley, Rui Miguel Forte and Clay Shields

 

Private Inference Control

Jessica Staddon and David Woodruff

 

Security Policies for Downgrading

Stephen Chong and Andrew Myers

 

 

Session VI: Privacy

Privacy and Security in Library RFID: Issues, Practices, and Architectures

David Molnar and David Wagner

 

Parallel Mixing

Philippe Golle and Ari Juels

 

Fragile Mixing

Mike Reiter and XiaoFeng Wang

 

 

 

Thursday October 28, 2004

 

Session I: Puzzles and users

A PIN-Entry Method Resilient Against Shoulder Surfing

Volker Roth, Kai Richter and Rene Freidinger

 

New Client Puzzle Outsourcing Techniques for DoS Resistancestems

Brent Waters, Ari Juels, J. Alex Halderman and Edward W. Felten

 

Mitigating Bandwidth-Exhaustion Attacks using Congestion Puzzles

XiaoFeng Wang and Mike Reiter

 

 

Session II: Applications of formal methods

Verifying Policy-Based Security for Web Services

Karthikeyan Bhargavan, Cedric Fournet and Andrew D. Gordon

 

A Decision Procedure for the Verification of Security Protocols with Explicit Destructors

Stephanie Delaune and Florent Jacquemard

 

Using Build-Integrated Static Checking to Preserve Correctness Invariants

Hao Chen and Jonathan S. Shapiro

 

 

 

Session III: Operating systems security

On the Effectiveness of Address Space Randomization

Hovav Shacham, Mattew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu and Dan Boneh

 

Attestation-based Policy Enforcement for Remote Access

Reiner Sailer, Trent Jaeger, Xiaolan Zhang and Leendert van Doorn

 

Gray-Box Extraction of Execution Graphs for Anomaly Detection

Debin Gao, Michael K. Reiter and Dawn Song

 

 

 

Session IV: Cryptographic tools

The Dual Receiver Cryptogram and Its Applications

Homin Lee, Ted Diament, Angelos D. Keromytis and Moti Yung

 

Versatile Padding Schemes for Joint Signature and Encryption

Yevgeniy Dodis, Michael J. Freedman, Stanislaw Jarecki, Shabsi Walfish

 

ID-Based Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption

Danfeng Yao, Nelly Fazio, Yevgeniy Dodis and Anna Lysyanskaya