CCS 2005

Advance Program (Research Track)


 

Conference Program

Tuesday November 8, 2005

 

Welcoming Remarks by General Chair and Program Chair
Remarks on SIGSAC status by SIGSAC Chair

 

Keynote - Homeland Security: Cyber Security R&D Initiatives
                 Douglas Maughan, Department of Homeland Security
                 Chair: Catherine Meadows

 

Session I: Formal Analysis of Crypto Protocols
                  Chair: Andre Scedrov

A Modular Correctness Proof of IEEE 802.11i and TLS

Changhua He, Mukund Sundararajan, Anupam Datta, Ante Derek, and John C. Mitchell

 

Deciding security of protocols against off-line guessing attacks

Mathieu Baudet

 

Secrecy Types for a Simulatable Cryptographic Library

Peeter Laud

 

 

 

Session II: Trust Management
                 Chair: Marianne WInslett

Prevent Attribute Information Leakage in Automated Trust Negotiation

Keith Irwin and Ting Yu

 

Automated Trust Negotiation Using Cryptographic Credentials

Jiangtao Li, Ninghui Li, and William H. Winsborough

 

Secure Collaboration in Mediator-Free Environments

Mohamed Shehab, Elisa Bertino, and Arif Ghafoor

 

 

Session III: Privacy and Anonymity
                 Chair: Rebecca Wright

Applications of Secure Electronic Voting to Automated Privacy-Preserving Troubleshooting

Qiang Huang, David Jao, and Helen Wang

 

Tracking Anonymous Peer-to-Peer VoIP Calls on the Internet

Xinyuan Wang, Shiping Chen, and Sushil Jajodia

 

Untraceable RFID Tags via Insubvertible Encryption

Giuseppe Ateniese, Jan Camenisch, and Breno de Medeiros

 

Obfuscated Databases and Group Privacy

Arvind Narayanan and Vitaly Shmatikov

 

 

Wednesday November 9, 2005

 

Session IV: Authentication
                 Chair: Jonathan Katz

New Approaches for Deniable Authentication

Mario Di Raimondo and Rosario Gennaro

 

On authenticated computing and RSA-based authentication

Jean-Pierre Seifert

 

Aggregated Path Authentication for Efficient BGP Security

Meiyuan Zhao, Sean Smith, and David Nicol

 

Improving Brumley and Boneh Timing Attack on Unprotected SSL Implementations

Onur AciiÇmez, Werner Schindler, and Çetin Kaya KoÇ

 

 

Session V: Access Control
                 Chair: Paul Syverson

CPOL: High-Performance Policy Evaluation

Kevin Borders, Xin Zhao, and Atul Prakash

 

Understanding and developing role-based administrative models

Jason Crampton

 

PeerAccess: A Logic for Distributed Authorization

Marianne Winslett, Charles Zhang, and Piero Andrea Bonatti

 

 

Session VI: Key Management , Key Exchange, and Pseudo-Random Generation
                 Chair: Joan Feigenbaum

Modeling Insider Attacks on Group Key-Exchange Protocols

Jonathan Katz and Ji Sun Shin

 

Dynamic and Efficient Key Management for Access Hierarchies

Mikhail Atallah, Keith Frikken, and Marina Blanton

 

An architecture for robust pseudo-random generation and Applications to /dev/random

Boaz Barak and Shai Halevi

 

 

Session VII: Intrusion Detection and Prevention
                 Chair: Somesh Jha

Fast and Automated Generation of Attack Signatures: A Basis for Building Self-Protecting Servers

Zhenkai Liang and R. Sekar

 

Automatic Diagnosis and Response to Memory Corruption Vulnerabilities?

Jun Xu, Peng Ning, Chongkyung Kil, Yan Zhai, and Chris Bookholt

 

On Deriving Unknown Vulnerabilities from Zero-Day Polymorphic and Metamorphic Worm Exploits

Jedidiah R. Crandall, Zhendong Su, S. Felix Wu, and Frederic T. Chong

 

Countering DoS Attacks With Stateless Multipath Overlays

Angelos Stavrou and Angelos D. Keromytis

 

 

Thursday November 10, 2005

 

Session VIII: Security for Diffuse Computing
                 Chair: Joshua Guttman

A Framework for Concrete Reputation-Systems with Applications to History-Based Access Control

Karl Krukow, Mogens Nielsen, and Vladimiro Sassone

 

Anomaly Detection as a Reputation System for Online Auctioning

Shai Rubin, Mihai Christodorescu, Vinod Ganapathy, Jonathon Giffin, Nicholas Kidd, Louis Kruger, and Hao Wang

 

On the Cost-Ineffectiveness of Redundancy in Commercial P2P Computing

Matthew Yurkewych, Brian N. Levine, and Arnold L. Rosenberg

 

Securing Publish-Subscribe Overlay Services with EventGuard

Mudhakar Srivatsa and Ling Liu

 

 

Session IX: Cryptography
                 Chair: Rei Safavi-Naini

Password Authenticated Key Exchange Using Hidden Smooth Subgroups

Craig Gentry, Philip MacKenzie, and Zulfikar Ramzan

 

Proxy Re-Signatures: New Definitions, Algorithms, and Applications

Giuseppe Ateniese and Susan Hohenberger

 

Direct Chosen Ciphertext Security from Identity-Based Techniques

Xavier Boyen, Qixiang Mei, and Brent Waters

 

 

Session X: Automated Analysis
                 Chair: Ninghui Li

Automatic Placement of Authorization Hooks in the Linux Security Modules Framework

Vinod Ganapathy, Trent Jaeger, and Somesh Jha

 

Control-Flow Integrity: Principles, Implementations, and Applications

Martin Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti

 

Preventing Format-String Attacks via Automatic and Efficient Dynamic Checking

Michael F. Ringenburg and Dan Grossman

 

 

Session XI: Attacking passwords and bringing down the network
                 Chair: Catherine Meadows

Fast Dictionary Attacks on Human-Memorable Passwords Using Time-Space Tradeoff

Arvind Narayanan and Vitaly Shmatikov

 

Keyboard Acoustic Emanations Revisited

Li Zhuang, Feng Zhou, and J. D. Tygar

 

Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse

Rob Sherwood, Bobby Bhattacharjee, and Ryan Braud

 

Exploiting Open Functionality in SMS-Capable Cellular Networks

Patrick Traynor, William Enck, Tom La Porta, and Patrick McDaniel