Accepted Papers

1. Mitigating DNS DoS Attacks
Hitesh Ballani (Cornell University, USA) and Paul Francis (Cornell University, USA)
2. Constructions of Truly Practical Secure Protocols using Standard Smartcards
Carmit Hazay (Bar-Ilan University, Israel) and Yehuda Lindell (Bar-Ilan University, Israel)
3. Traitor Tracing with Constant Size Ciphertext
Dan Boneh (Stanford University, USA) and Moni Naor (Weizmann Institute, Israel)
4. Machine Learning Attacks Against the ASIRRA CAPTCHA
Philippe Golle (Palo Alto Research Center, USA)
5. Efficient and Extensible Security Enforcement Using Dynamic Data Flow Analysis
Walter Chang (The University of Texas at Austin, USA), Brandon Streiff (The University of Texas at Austin, USA) and Calvin Li (The University of Texas at Austin, USA)
6. Revocation Games in Ephemeral Networks
Maxim Raya (EPFL, Switzerland), Mohammad Hossein Manshaei ((EPFL, Switzerland),
Mark Felegyhazi ( University of California, Berkeley, USA), Jean-Pierre Hubaux ((EPFL, Switzerland)
7. Trust Management for Secure Information Flows
Shane Balfe (Royal Holloway, University of London, UK), Mudhakar Srivatsa (IBM T.J. Watson Research Center, USA), Kenneth Paterson (Royal Holloway, University of London, UK), and Pankaj Rohatgi (IBM T.J. Watson Research Center, USA)
8. Robust Defenses for Cross-Site Request Forgery
Adam Barth (Stanford University, USA), Collin Jackson (Stanford University, USA) and John C. Mitchell (Stanford University, USA)
9. Multi-Use Unidirectional Proxy Re-Signatures
Benoit Libert (UCL Crypto Group, Belgium) and Damien Vergnau (Ecole Normale Superieure, CNRS-INRIA, France)
10. Dependent Link Padding Algorithms for Low Latency Anonymity Systems
Wei Wang (National University of Singapore, Singapore), Mehul Motani (National University of Singapore, Singapore), and Vikram Srinivasan (Bell Labs Research, India)
11. Computational soundness of observational equivalence
Hubert Comon-Lundh (ENS Cachan, France and AIST, Japan) and Veronique Cortier (CNRS, Loria, France)
12. Efficient Security Primitives Derived from a Secure Aggregation Algorithm
Haowen Chan (Carnegie Mellon University, USA) and Adrian Perrig (Carnegie Mellon University, USA)
13. A Low-cost Attack on a Microsoft CAPTCHA
Jeff Yan (Newcastle University, UK) and Ahmad Salah El Ahmad (Newcastle University, UK)
14. Location Privacy of Distance Bounding Protocols
Kasper Bonne Rasmussen (ETH Zurich, Switzerland) and Srdjan Capkun (ETH Zurich, Switzerland)
15. Enforcing Authorization Policies using Transactional Memory Introspection
Arnar Birgisson (Reykjavik University, Iceland), Mohan Dhawan (Rutgers University, USA), Ulfar Erlingsson (Reykjavik University, Iceland), Vinod Ganapathy (Rutgers University, USA), and Liviu Iftode (Rutgers University, USA)
16. EON: Modeling and Analyzing Dynamic Access Control Systems with Logic Programs
Avik Chaudhuri (UC, Santa Cruz, USA), Prasad Naldurg (Microsoft Research, India), Sriram Rajamani (Microsoft Research, India), Ganesan Ramalingam (Microsoft Research, India), and Lakshmisubrahmanyam Velaga (Indian Institute of Management Bangalore, India)
17. Unbounded Verification, Falsification, and Characterization of Security Protocols by Pattern Refinement
C.J.F. Cremers (ETH Zurich, Switzerland)
18. Efficient Attributes for Anonymous Credentials
Jan Camenisch (IBM Research, Zurich Research Laboratory, Switzerland) and Thomas Gross (IBM Research, Switzerland)
19. FairplayMP -- A System for Secure Multi-Party Computation
Assaf Ben-David (Hebrew University, Israel), Noam Nisan (Hebrew University, Israel), and Benny Pinkas (University of Haifa, Israel)
20. A Class of Probabilistic Models for Role Engineering
Mario Frank (ETH, Zurich, Switzerland), David Basin (ETH, Zurich, Switzerland), and Joachim M. Buhmann (ETH, Zurich, Switzerland)
21. Information Leaks in Structured Peer-to-peer Anonymous Communication Systems
Prateek Mittal (University of Illinois at Urbana-Champaign, USA), and Nikita Borisov (University of Illinois at Urbana-Champaign, USA)
22. Privacy Oracle: a System for Finding Application Leaks with Black Box Differential Testing
Jaeyeon Jung (Intel Research, USA), Anmol Sheth (Intel Research, USA), Ben Greenstein (Intel Research, USA), David Wetherall (Intel Research, USA), Gabriel Maganis (University of Washington,USA), and Yoshi Kohno (University of Washington, USA)
23. Towards Practical Biometric Key Generation with Randomized Biometric Templates
Lucas Ballard (Google, USA), Seny Kamara (Microsoft Research, USA), Fabian Monrose (University of North Carolina at Chapel Hill, USA), and Michael K. Reiter (University of North Carolina at Chapel Hill, USA)
24. When Good Instructions Go Bad: Generalizing Return-Oriented Programming to RISC
Erik Buchanan (UCSD, USA), Ryan Roemer (UCSD, USA), Hovav Shacham (UCSD, USA), and Stefan Savage (UCSD, USA)
25. Reducing Protocol Analysis with XOR to the XOR-free Case in the Horn Theory Based Approach
Ralf Kuesters (University of Trier, Germany) and Tomasz Truderung (University of Trier, Germany)
26. Towards Automatic Reverse Engineering of Software Security Configuration
Rui Wang (Indiana University at Bloomington, USA), XiaoFeng Wang (Indiana University at Bloomington, USA), Kehuan Zhang (IUB, USA and Hunan University, China), and Zhuowei Li (Center for Software Excellence, Microsoft, USA)
27. Building Castles out of Mud: Practical Access Pattern Privacy and Correctness on Untrusted Storage
Peter Williams (Stony Brook University, USA), Radu Sion (Stony Brook University, USA), and Bogdan Carbunar (Motorola Labs, USA)
28. Tupni: Automatic Reverse Engineering of Input Formats
Weidong Cui (Microsoft Research, USA), Marcus Peinado (Microsoft Corporation, USA), Karl Chen (University of California, Berkeley, USA), Helen Wang (Microsoft Research, USA), and Luis Irun-Briz (Microsoft Corporation, USA)
29. Identity-based Encryption with Efficient Revocation
Alexandra Boldyreva (Georgia Institute of Technology, USA), Vipul Goyal (UCLA, USA), and Virendra Kumar (Georgia Institute of Technology, USA)
30. BootJacker: Compromising Computers using Forced Restarts
Ellick M. Chan (University of Illinois at Urbana-Champaign, USA), Jeffrey C. Carlyle (University of Illinois at Urbana-Champaign, USA), Francis M. David (University of Illinois at Urbana-Champaign, USA), Reza Farivar (University of Illinois at Urbana-Champaign, USA), and Roy H. Campbell (University of Illinois at Urbana-Champaign, USA)
31. Increased DNS Forgery Resistance Through 0x20-Bit Encoding
David Dagon (Georgia Institute of Technology, USA), Manos Antonakakis (Georgia Institute of Technology, USA), Paul Vixie (Internet Systems Consortium, USA), Jinmei Tatuya (Internet Systems Consortium, Japan), and Wenke Lee (Georgia Institute of Technology, USA)
32. SOMA: Mutual Approval for Included Content in Web Pages
Terri Oda (Carleton University, Canada) , Glenn Wurster (Carleton University, Canada), Paul Van Oorschot (Carleton University, Canada), and Anil Somayaji (Carleton University, Canada)
33. Ether: Malware Analysis via Hardware Virtualization Extensions
Artem Dinaburg (Georgia Institute of Technology and Damballa, USA), Paul Royal (Damballa and Georgia Institute of Technology, USA), Monirul Sharif (Georgia Institute of Technology and Damballa, USA), and Wenke Lee (Damballa and Georgia Institute of Technology, USA)
34. Rootkit-Resistant Disks
Kevin Butler (Pennsylvania State University, USA), Stephen McLaughlin (Pennsylvania State University, USA), and Patrick McDaniel (Pennsylvania State University, USA)
35. A Framework for Reflective Database Access Control Policies
Lars E. Olson (University of Illinois at Urbana-Champaign, USA), Carl A. Gunter (University of Illinois at Urbana-Champaign, USA), and Madhusudan Parthasarathy (University of Illinois at Urbana-Champaign, USA)
36. Type-checking Zero-knowledge
Michael Backes (Saarland University and MPI-SWS, Germany), Catalin Hritcu (Saarland University, Germany), and Matteo Maffei (Saarland University, Germany)
37. PEREA: Towards Practical TTP-Free Revocation in Anonymous Authentication
Patrick P. Tsang (Dartmouth College, USA), Man Ho Au (University of Wollongong, Australia), Apu Kapadia (Dartmouth College, USA), and Sean Smith (Dartmouth College, USA)
38. Extending Logical Attack Graphs for Efficient Vulnerability Analysis
Diptikalyan Saha (Motorola India Research Lab, India)
39. A Look In the Mirror: Attacks on Package Managers
Justin Cappos (University of Arizona, USA), Justin Samuel (University of Arizona, USA), Scott Baker (University of Arizona, USA), and John Hartman (University of Arizona, USA)
40. Verifiable functional purity in Java
Matthew Finifter (UC, Berkeley, USA), Adrian Mettler (UC, Berkeley, USA), Naveen Sastry (UC, Berkeley, USA), and David Wagner (UC, Berkeley, USA)
41. Towards Automated Proofs of Asymmetric Encryption Schemes in the Random Oracle Model
Pascal Lafourcade (University of Grenoble, France), Yassine Lakhnech (University of Grenoble, France), Cristian Ene (University of Grenoble, France) , Judicaël Courant (University of Grenoble, France) , and Marion Daubignard (University of Grenoble, France)
42. Reconsidering Physical Key Secrecy: Teleduplication via Optical Decoding
Benjamin Laxton (UCSD, USA), Kai Wang(UCSD, USA), and Stefan Savage (UCSD, USA)
43. Authenticated Hash Tables
Charalampos Papamanthou (Brown University, USA), Roberto Tamassia (Brown University, USA), and Nikos Triandopoulos (University of Aarhus, Denmark)
44. Black Box Accountable Authority Identity-Based Encryption
Vipul Goyal (UCLA, USA), Steve Lu (UCLA, USA), Amit Sahai (UCLA, USA), Brent Waters (SRI International, USA)
45. Multisignatures Secure under the Discrete Logarithm Assumption and a Generalized Forking Lemma
Stanislaw Jarecki (UC, Irvine, USA), Ali Bagherzandi (UC, Irvine, USA), and Jung Hee Cheon (Seoul National University, South Korea)
46. OMash: Enabling Secure Web Mashups via Object Abstractions
Steven Crites (UC Davis, USA), Francis Hsu (UC Davis, USA), and Hao Chen (UC Davis, USA)
47. Spamalytics: An Empirical Analysis of Spam Marketing Conversion
Chris Kanich (UC San Diego, USA), Christian Kreibich (ICSI, USA), Kirill Levchenko (UC San Diego, USA), Brandon Enright (UC San Diego, USA), Geoff Voelker (UC San Diego, USA), Vern Paxson (ICSI, USA), and Stefan Savage (UC San Diego, USA)
48. Code Injection Attacks on Harvard-Architecture Devices
Aurelien Francillon (INRIA, France) and Claude Castelluccia (INRIA, France)
49. Assessing Query Privileges via Safe and Efficient Permission Composition
Sabrina De Capitani di Vimercati (DTI - Universita' degli Studi di Milano, Italy), Sara Foresti (DTI - Universita' degli Studi di Milano, Italy), Sushil Jajodia (George Mason University, USA), Stefano Paraboschi (Universit-di Bergamo, Italy) and Pierangela Samarati (Universita' degli Studi di Milano, Italy)
50. Cryptographically Verified Implementations for TLS
Karthikeyan Bhargavan (Microsoft Research Cambridge, UK), Ricardo Corin (MSR-INRIA Joint Centre, France), Cédric Fournet (Microsoft Research, UK), and Eugen Zalinescu (MSR-INRIA Joint Centre, France)
51. RFIDS and Secret Handshakes: Defending Against Ghost-and-Leech Attacks and Unauthorized Reads with Context-Aware Communications
Alexei Czeskis (University of Washington, USA), Karl Koscher (University of Washington, USA), Joshua R. Smith (Intel Research, USA), and Tadayoshi Kohno (University of Washington, USA)