CCS 2007


[ Tutorial I || Tutorial II || Tutorial III || Tutorial IV ]

Tutorial I

Forensic Techniques for Content Protection

October 30, Tuesday, 14:00-15:30

Speaker: Hongxia Jin, IBM Almaden Research Center

The success of industries like music and movies hinge on the ability to distribute the content to authorized customers only. Piracy is one of their major concerns. This introductory tutorial teaches security researchers and practitioners the basic key management and forensic techniques to defend
against piracy in content protection. The focus of this tutorial is on entertainment content. We cover from broadcast encryption, revocation, tracing traitors, emerging standards, state-of-the-art and state-of-the-practice forensic approaches. We will go in depth with one of the forensic technologies.

The tutorial is targeted at a beginner to intermediate audience; basic background on cryptography is assumed. The attendees will walk away with an understanding of different types of potential pirate attacks and challenges associated with defending against each attack. Intermediate students will have the opportunity to get summary of existing key management and forensic techniques against different types of pirate attacks. Academic researchers will walk away with an understanding of challenges arising to bring a theoretical solution to practice as well as potential new research directions that have been largely overlooked from academia in this area. Industrial practitioners will walk away with an understanding of real world forensic systems, from design, legal issues, to adoption.

The tutorial handouts will include slides, an annotated bibliography consisting of leading references and landmark papers, and relevant URLs to standards.


- History of content protection systems, DRM
- Standards: 4C and AACS

Key Management Approaches

Broadcast Encryption
- Matrix-based: CPRM
- Tree-based: NNL

Potential attacks
- Pirate decoder attack
- Anonymous attack

Forensic Technologies
- Tracing Traitors for pirate decoder attack
   -- State-of-art and state-of-practice
- Traitor tracing for anonymous attack
   -- State-of-art and state-of-practice
   -- In depth: Sequence Keys for AACS

Emerging models

Future of Content Protection research directions

Speaker Biography:

Hongxia Jin brings expertise in mainstream content protection technologies and first-hand design, implementation and deployment of key generation, management and forensic systems in real world. She obtained her Ph.D. degree in computer science from the Johns Hopkins University in 1999 and worked as a Research Staff Member for IBM research ever since. She is currently at the IBM Almaden Research Center, where she is the leading researcher working on key management, broadcast encryption and traitor tracing technologies. The key management and forensic technologies she developed have been adopted by AACS, a new content protection standards for managing content stored on the next generation of pre-recorded and recorded optical media for consumer use with PCs and consumer electronic devices. She has filed a dozen patents in this area.


Tutorial II

Regulatory Compliant Data Management

October 31, Wednesday, 11:00-12:30

Speakers: Radu Sion, Department of Computer Science, Stony Brook University,
                                                    Marianne Winslett, Department of Computer Science, University of Illinois, Urbana-Champaign


Digital societies and markets increasingly mandate consistent procedures for the access, processing and storage of information. In the United States alone, over 10,000 such regulations can be found in
financial, life sciences, health-care and government sectors, including the Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, and Sarbanes-Oxley Act. A recurrent theme in these regulations is the need for regulatory-compliant data management as an underpinning to ensure data confidentiality, access integrity and authentication; provide audit trails, guaranteed deletion, and data migration; and deliver Write Once Read Many (WORM) assurances, essential for enforcing long-term data retention and life-cycle policies.

In this tutorial, we will discuss achieving strongly compliant data management in realistic adversarial settings. Specifically, we will explore designs for compliant data management systems that offer guaranteed document retention and deletion, quick lookup, and compliant migration, together with support for litigation holds and several key aspects of data confidentiality. Moreover, we will discuss the benefits of the recent advent of tamper-resistant, general-purpose trustworthy hardware which opens the door to fundamentally new assurance paradigms, e.g., by deploying this new hardware running certified code at the data management server. As heat-dissipation concerns greatly limit the performance of tamper-resistant processors, our goal is to investigate and evaluate software architectures for leveraging a secure processor in the server stack with minimal impact on cost and efficiency.

Speakers' Biographies:

Radu Sion is an assistant professor of Computer Science in Stony Brook University and the director of the Network Security and Applied Cryptography Laboratory and the Trusted Hardware Laboratory. His research focuses on data security and information assurance mechanisms. Collaborators and funding partners include IBM Research, IBM Cryptography Group, Motorola Labs, the Center of Excellence in Wireless and Information Technology CEWIT, the Stony Brook Office for the Vice-President for Research and the National Science Foundation.
For more information, please visit the following websites:
and NSAC Lab:

Marianne Winslett received her PhD in Computer Science from Stanford University in 1987. She has been an assistant, associate, full, and adjunct professor in the Department of Computer Science at the University of Illinois. Her research interests are in databases and related areas, especially security in open systems and parallel I/O for high-performance scientific computation. She received a Presidential Young Investigator Award from the National Science Foundation in 1989 and Xerox Awards for Faculty Research in 1990 and 1997. She is currently on the editorial board of ACM Transactions on Database Systems and is a former editor for IEEE Transactions on Knowledge and Data Engineering and the vice-chair of ACM SIGMOD. For more information, please visit speaker's website:


Tutorial III

Privacy in Location Service: State-of-the-art and Research Directions

October 31, Wednesday, 16:00-17:30

Speaker: Mohamed F. Mokbel, Department of Computer Science and Engineering, University of Minnesota


The explosive growth of location-detection devices (e.g., GPS-like devices and handheld devices) along with wireless communications and mobile databases results in realizing location-based applications that deliver specific information to their users based on their current locations. Examples of such applications include location-based store finder, location-based traffic reports, and location-based advertisements. Although location-based services promise safety and convenience, they threaten the privacy and security of users as such services explicitly require users to share private location information with the service and possibly with others. If a user wants to keep her location information private, she has to turn off her location-aware device and temporarily unsubscribe from the service.

This tutorial aims to provide practitioners, researchers, and graduate students with the state of the art and major research issues in the important and practical research area of location privacy. The tutorial is divided into four main parts. The first part is concerned about legislatives issues and user perception of location privacy. In the second part, we provide a comprehensive survey of the state-of-the-art system architectures and techniques in protecting location information in mobile environments. The third part overviews several techniques that an adversary can use to reveal the location privacy information along with a brief overview of how to avoid such privacy attacks. In the fourth part, we introduce the newly developing research area of privacy-aware query processors that enable users to obtain location-based services without sacrificing their privacy.

Speaker Biography:

Mohamed F. Mokbel (Ph.D., Purdue University, 2005) is an assistant professor in the Department of Computer Science and Engineering, University of Minnesota. His main research interests focus on advancing the state of the art in the design and implementation of database engines to cope with the requirements of emerging applications (e.g., location-based applications). Recently, he has led the efforts in incorporating location privacy in location-based applications. Dr. Mokbel is also interested in indexing, adaptive query processors, object-based storage devices, and geographic information systems. Mohamed has joined Lawrence Livermore National Lab, Microsoft Research, and Hong Kong Polytechnic University at summers 2002, 2004, and 2006, respectively. He is an ACM and IEEE member. For more information, please visit


Tutorial IV

Research Challenges in Securing VoIP

November 1, Thursday, 8:30-10:30

Speaker: Xinyuan Wang, Department of Information and Software Engineering, George Mason University


VoIP is a key component of the critical information infrastructure. Due to its advantages in cost and functionality over the Plain Old Telephone System (POTS), VoIP is becoming increasingly popular, and more and more people are using VoIP for their daily voice communication. IDC predicted that the number of US residential VoIP subscribers will grow from 10.3 million in 2006 to 44 million by 2010. A recent study by ABI predicted that the number of residential VoIP subscribers worldwide will increase from current 38 million to more than 267 million by 2012.

One of the most basic requirements of any VoIP services is that they must be reliable and trustworthy. Specifically, when people make calls via VoIP, they would expect that their calls will actually reach the intended callee once connected. When people receive calls, they would expect that the caller ID of the incoming calls is authentic. In addition, VoIP subscribers expect that no one but themselves will receive calls to them. Furthermore, VoIP subscribers would expect they only pay for the calls they have made and for the duration they have called. Lastly, VoIP should not introduce new security threats to the VoIP users. Despite the fact that tens of millions of people are using VoIP daily, the security of VoIP has not received enough attention from the research community and VoIP vendors. In fact, existing VoIP systems are vulnerable to a number of VoIP specific exploits in addition to well-known attacks (e.g., DNS cache poisoning) that are generic to the Internet and its applications.

This tutorial aims to bring the attention of the research community as well as VoIP industry to the largely overlooked VoIP security problems, and lay down the technical challenges and open research problems in securing VoIP. We will first overview existing VoIP security mechanisms, analyze the vulnerabilities of SIP-based VoIP systems, and then describe a number of exploits of existing VoIP systems that would compromise the reliability and trustworthiness of VoIP. We will discuss possible mitigations to the exploits of exiting VoIP systems and technical challenges. We hope this tutorial will bring more attention from a wider community of security researchers and practitioners and inspire more active researches in securing VoIP.

Tentative Outline:

. Call eavesdropping
. Call hijacking
. Unauthorized call redirection
. CallerID spoofing
. Nuisance calls
. Voice mail hijacking
. VoIP billing attacks
. Voice spam
. Phone phishing
. Open problems and technical challenges

Speaker Biography:

 Xinyuan Wang is currently an Assistant Professor in the Department of Information and Software Engineering/ Computer Science at George Mason University. He received his BS and MS in Computer Science from Peking University and Chinese Academy of Space Technology respectively. He received his PhD in Computer Science from North Carolina State University in 2004 after years professional experience in networking industry. His main research interests are around computer network and system security - including intrusion source tracing, anonymity and privacy, VoIP security, virus and worm, botnet. He developed the first network flow watermarking technique, which won him the 3rd place in graduate category of the 2004 ACM International Student Research Competition Grand Finals. He is the first to demonstrate that it is feasible to track encrypted, anonymous, peer-to-peer VoIP call on the Internet. He developed the first practical attack that has "penetrated" the Total Net Shield - the "ultimate solution in online identity protection" of For information, please visit speaker's web page: