Full papers
(1) Security Analysis of India's Electronic Voting MachinesScott Wolchok, Erik Wustrow, J. Alex Halderman , Hari Prasad , Rop Gonggrijp
(2) Dissecting One Click Frauds
Nicolas Christin , Sally S. Yanagihara, Keisuke Kamataki
(3) @spam: The Underground on 140 Characters or Less
Chris Grier , Kurt Thomas , Vern Paxson , Michael Zhang
(4) HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity
Ahmed M. Azab, Peng Ning, Zhi Wang, Xuxian Jiang , Xiaolan Zhang , Nathan C. Skalsky
(5) Trail of Bytes: Efficient Support for Forensic Analysis
Srinivas Krishnan, Kevin Z. Snow, Fabian Monrose
(6) Survivable Key Compromise in Software Update Systems
Justin Samuel , Nick Mathewson, Justin Cappos , Roger Dingledine
(7) A Methodology for Empirical Analysis of the Permission-Based Security Models and its Application to Android
David Barrera, H. Gunes Kayacik, Paul C. van Oorschot, Anil Somayaji
(8) Mobile Location Tracking in Metropolitan Areas: malnets and others
Nathanial Husted, Steve Myers
(9) On Pairing Constrained Wireless Devices Based on Secrecy of Auxiliary Channels: The Case of Acoustic Eavesdropping
Tzipora Halevi, Nitesh Saxena
(10) PinDr0p: Using Single-Ended Audio Features to Determine Call Provenance
Vijay A. Balasubramaniyan, Aamir Poonawalla, Mustaque Ahamad, Michael T. Hunter, Patrick Traynor
(11) Building Efficient Fully Collusion-Resilient Traitor Tracing and Revocation Schemes
Sanjam Garg, Abishek Kumarasubramanian, Amit Sahai , Brent Waters
(12) Algebraic Pseudorandom Functions with Improved Efficiency from the Augmented Cascade
Dan Boneh, Hart Montgomery, Ananth Raghunathan
(13) Practical Leakage-Resilient Pseudorandom Generators
Yu Yu, Francois-Xavier Standaert, Olivier Pereira , Moti Yung
(14) Practical Leakage-Resilient Identity-Based Encryption from Simple Assumptions
Sherman S.M. Chow, Yevgeniy Dodis, Yannis Rouselakis, Brent Waters
(15) Testing Metrics for Password Creation Policies by Attacking Large Sets of Revealed Passwords
Matt Weir, Sudhir Aggarwal , Michael Collins , Henry Stern
(16) The Security of Modern Password Expiration: An Algorithmic Framework and Empirical Analysis
Yinqian Zhang, Fabian Monrose, Michael K. Reiter (
(17) Attacks and Design of Image Recognition CAPTCHAs
Bin Zhu , Jeff Yan , Chao Yang, Qiujie Li , Jiu Liu , Ning Xu , Meng Yi
(18) Robusta: Taming the Native Beast of the JVM
Joseph Siefers, Gang Tan, Greg Morrisett
(19) Retaining Sandbox Containment Despite Bugs in Privileged Memory-Safe Code
Justin Cappos, Armon Dadgar, Jeff Rasley, Justin Samuel, Ivan Beschastnikh, Cosmin Barsan, Arvind Krishnamurthy, Thomas Anderson
(20) A Control Point for Reducing Root Abuse of File-System Privileges
Glenn Wurster, Paul C. van Oorschot
(21) Modeling Attacks on Physical Unclonable Functions
Ulrich Ruehrmair, Frank Sehnke, Jan Soelter , Gideon Dror , Srinivas Devadas , Juergen Schmidhuber
(22) Dismantling SecureMemory, CryptoMemory and CryptoRF
Flavio D. Garcia, Peter van Rossum, Roel Verdult, Ronny Wichers Schreur
(23) Attacking and Fixing PKCS#11 Security Tokens
Matteo Bortolozzo, Matteo Centenaro, Riccardo Focardi , Graham Steel
(24) An Empirical Study of Privacy-Violating Information Flows in JavaScript Web Applications
Dongseok Jang, Ranjit Jhala, Sorin Lerner, Hovav Shacham
(25) DIFC Programs by Automatic Instrumentation
William Harris, Somesh Jha, Thomas Reps
(26) Predictive Black-box Mitigation of Timing Channels
Aslan Askarov, Danfeng Zhang, Andrew Myers
(27) In Search of an Anonymous and Secure Lookup: Attacks on Structured Peer-to-peer Anonymous Communication Systems
Qiyan Wang, Prateek Mittal, Nikita Borisov
(28) Recruiting New Tor Relays with BRAIDS
Rob Jansen, Nicholas Hopper, Yongdae Kim
(29) An Improved Algorithm for Tor Circuit Scheduling
Can Tang, Ian Goldberg
(30) Dissent: Accountable Anonymous Group Messaging
Henry Corrigan-Gibbs, Bryan Ford
(31) Abstraction by Set-Membership --- Verifying Security Protocols and Web Services with Databases
Sebastian Moedersheim
(32) Developing Security Protocols by Refinement
Christoph Sprenger, David Basin
(33) Computational Indistinguishability Logic
Gilles Barthe , Marion Daubignard , Bruce Kapron , Yassine Lakhnech
(34) Computationally Sound Verification of Source Code
Michael Backes , Matteo Maffei, Dominique Unruh
(35) AccessMiner: Using System-Centric Models for Malware Protection
Andrea Lanzi, Davide Balzarotti , Christopher Kruegel, Mihai Christodorescu , Engin Kirda
(36) Input Generation via Decomposition and Re-Stitching: Finding Bugs in Malware
Juan Caballero, Pongsin Poosankam , Stephen McCamant, Domagoj Babic, Dawn Song
(37) Inference and Analysis of Formal Models of Botnet Command and Control Protocols
Chia Yuan Cho, Domagoj Babic, Eui Chul Richard Shin, Dawn Song
(38) BLADE: An Attack-Agnostic Approach for Preventing Drive-By Malware Infections
Long Lu , Vinod Yegneswaran, Phillip Porras , Wenke Lee
(39) TASTY: Tool for Automating Secure Two-partY computations
Wilko Henecka, Stefan Koegl, Ahmad-Reza Sadeghi, Thomas Schneider, Immo Wehrenberg
(40) Worry-Free Encryption: Functional Encryption with Public Keys
Hakan Seyalioglu, Amit Sahai
(41) Synchronized Aggregate Signatures
Jae Hyun Ahn, Matthew Green, Susan Hohenberger
(42) Secure Text Processing with Applications to Private DNA Matching
Lior Malka, Jonathan Katz
(43) On the (In)Security of IPsec in MAC-then-Encrypt Configurations
Jean Paul Degabriele, Kenneth G. Paterson
(44) On the Soundness of Authenticate-then-Encrypt: Formalizing the Malleability of Symmetric Encryption
Ueli Maurer, Bjoern Tackmann
(45) A New Framework for Efficient Password-Based Authenticated Key Exchange
Adam Groce, Jonathan Katz
(46) Accountability: Definition and Relationship to Verifiability
Ralf Kuesters, Tomasz Truderung, Andreas Vogt
(47) Mimimorphism: A New Approach to Binary Code Obfuscation
Zhenyu Wu, Steven Gianvecchio, Mengjun Xie, Haining Wang
(48) Platform-Independent Program
Sang Kil Cha, Brian Pak, David Brumley Richard J. Lipton
(49) Return-Oriented Programming Without Returns
Stephen Checkoway , Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi , Hovav Shacham , Marcel Winandy
(50) DieHarder: Securing the Heap
Gene Novark, Emery D. Berger
(51) Symbolic Security Analysis of Ruby-on-Rails Web Applications
Avik Chaudhuri, Jeffrey S. Foster
(52) Sidebuster: Automated Detection and Quantification of Side-Channel Leaks in Web Application Development
Kehuan Zhang, Zhou Li, Rui Wang, XiaoFeng Wang, Shuo Chen
(53) NoTamper: Automated Blackbox Detection of Parameter Tampering Opportunities in Web Applications
Prithvi Bisht , Timothy Hinrichs, Nazari Skrupsky, Radoslaw Bobrowicz, V.N. Venkatakrishnan
(54) Protecting Browsers from Cross-Origin CSS Attacks
Lin-Shung Huang , Zack Weinberg , Chris Evans, Collin Jackson
Last modified: 2010-08-10 16:34:18 EDT