Check out the new USENIX Web site.
10th USENIX Security Symposium, August 13-17, 2001, Washington, D.C.
Sec '01 Home At a Glance Register/Hotel Tutorials Tech Sessions Organizers Activities/BoFs

Technical Sessions    [Wednesday, August 15]    [Thursday, August 16]    [Friday, August 17]

WEDNESDAY, AUGUST 15, 2001
9:00 am - 10:30 am    (Grand Ballroom, Salons II/III/IV)
Opening Remarks, Awards, and Keynote

Keynote Address: Web-Enabled Gadgets: Can We Trust Them?
Richard M. Smith, CTO of the Privacy Foundation

The new frontier for consumer electronic devices is the Internet. We are now seeing devices for the home--TV digital recorders, digital picture frames, two-way cable settop boxes--that offer new levels of convenience by connecting to Internet services. But can we trust these devices in our homes? Will manufacturers use them to collect even more data about us for marketing purposes? Will the Internet connections control how we are allowed to use these products? Will security holes in these devices create new backdoors for breaking into our home PCs? Richard Smith will try to answer these questions about this brave new world of consumer electronic devices. Much of the talk will be based on research conducted by the Privacy Foundation on the first wave of Web-enabled devices such as Tivo, UltimateTV, and digital picture frames.

10:30 am - 11:00 am   Break
11:00 am - 12:30 pm
REFEREED PAPER TRACK
Capitol Ballroom, Salons F/G

Denial of Service
Session Chair: Steve Bellovin, AT&T Labs - Research

Using Client Puzzles to Protect TLS
Drew Dean, Xerox PARC, and Adam Stubblefield, Rice University

Inferring Internet Denial-of-Service Activity
David Moore, CAIDA; Geoffrey M. Voelker and Stefan Savage, University of California, San Diego

MULTOPS: A Data-Structure for Bandwidth Attack Detection
Thomer M. Gil, Vrije Universiteit/M.I.T., and Massimiliano Poletto, M.I.T.

INVITED TALKS
Grand Ballroom, Salons I/II

A Maze of Twisty Little Statutes, All Alike: The Electronic Communications Privacy Act of 1986
(and Its Application to Network Service Providers)

Mark Eckenwiler, U.S. Department of Justice
View the presentation in HTML form.

In the United States, the Electronic Communications Privacy Act of 1986 (ECPA) governs the acquisition and disclosure of information--e.g., electronic mail, logs, subscriber identity--that lies at the core of computer network privacy. Unfortunately, ECPA's intricacies have bedeviled commentators, leading one appeals court to call ECPA "famous (if not infamous) for its lack of clarity." This introduction for laypeople will examine ECPA's rules by category (e.g., contents vs. transactional/account records), focusing especially on the rules governing law enforcement access to customer information.

12:30 pm - 2:00 pm   Lunch (on your own)
2:00 pm - 3:30 pm
REFEREED PAPER TRACK
Capitol Ballroom, Salons F/G

Hardware
Session Chair: Dirk Balfanz, Xerox PARC

Data Remanence in Semiconductor Devices
Peter Gutmann, IBM T.J.Watson Research Center

StackGhost: Hardware Facilitated Stack Protection
Mike Frantzen, CERIAS, and Mike Shuey, Engineering Computer Network

Improving DES Coprocessor Throughput for Short Operations
Mark Lindemann, IBM T.J. Watson Research Center, and Sean W. Smith, Dartmouth College

INVITED TALKS
Grand Ballroom, Salons I/II

Loaning Your Soul to the Devil: Influencing Policy Without Selling Out
Matt Blaze, AT&T Labs - Research

All of a sudden, it seems, computer security and cryptology have become important not only as technical problems but as public policy issues. More to the point, we practitioners and researchers in computer security and cryptology often now find ourselves sought out not only for technical expertise but also by policymakers, lobbyists, and the media. Unfortunately, we're often surprised at just how ill-prepared we are for the public policy culture, and we risk finding ourselves misused, misunderstood or misquoted. It doesn't have to be that way. This talk will present a personal view of the relationship between science and public policy, focusing on the different value systems, protocols, and expectations found in the two worlds. It really is possible to maintain one's integrity while making a difference, even inside the Beltway.

3:30 pm - 4:00 pm   Break
4:00 pm - 5:30 pm
REFEREED PAPER TRACK
Capitol Ballroom, Salons F/G

Firewalls/Intrusion Detection
Session Chair: Mudge, @stake

Architecting the Lumeta Firewall Analyzer
Avishai Wool, Lumeta Corporation

Transient Addressing for Related Processes: Improved Firewalling by Using IPV6 and Multiple Addresses per Host
Peter M. Gleitz and Steven M. Bellovin, AT&T Labs–Research

Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics
Mark Handley and Vern Paxson, ACIRI; Christian Kreibich, Technische Universität München

INVITED TALKS
Grand Ballroom, Salons I/II

Cops Are from Mars, Sysadmins Are from Pluto: Dealing with Law Enforcement
Tom Perrine, San Diego Supercomputer Center
View the presentation in PDF format.

In today's Internet, it is inevitable that system administrators and security managers will have to interact with law enforcement. Both these groups are different from the mainstream, having their own goals, culture, language, and assumptions. This talk will show how these two cultures can communicate and interact to deal with intruders, abusers, SPAMers and other net denizens. It includes real-world experiences and stories drawn from eight years of security activities at a national laboratory and a university.

5:30 pm - 6:00 pm   Break
6:00 pm - 6:30 pm    (Grand Ballroom, Salons II/III/IV)
REFEREED PAPER TRACK

Reading Between the Lines: Lessons from the SDMI Challenge
You can view this paper in PDF form.

Scott A. Craver, Min Wu, and Bede Liu, Princeton University; Adam Stubblefield, Ben Swartzlander, and Dan S. Wallach, Rice University; Drew Dean; and Edward W. Felten, Princeton University

INVITED TALKS

This is a joint session with the General Track (see to left).

6:30 pm - 7:30 pm    (Grand Ballroom, Salons II/III/IV)
REFEREED PAPER TRACK

Panel Discussion on SDMI/DMCA

Moderator: Dan Wallach, Rice University
Panelists: Edward W. Felten, Princeton University; Cindy Cohn, EFF; and Peter Jaszi, American University

INVITED TALKS

This is a joint session with the General Track (see to left).

THURSDAY, AUGUST 16, 2001
9:00 am - 10:30 am
REFEREED PAPER TRACK
Grand Ballroom, Salons I/II

Operating Systems
Session Chair: Teresa Lunt, Xerox PARC

Security Analysis of the Palm Operating System and its Weaknesses Against Malicious Code Threats
Kingpin and Mudge, @stake, Inc.

Secure Data Deletion for Linux File Systems
Steven Bauer and Nissanka B. Priyantha, MIT

RaceGuard: Kernel Protection From Temporary File Race Vulnerabilities
Crispin Cowan, Steve Beattie, Chris Wright, and Greg Kroah-Hartman, WireX Communications, Inc.

INVITED TALKS
Grand Ballroom, Salons III/IV

Changes in Deployment of Cryptography, and Possible Causes
Eric Murray, SecureDesign LLC
View the slide presentation in HTML form.

SSL/TLS is arguably the most widely deployed cryptographic protocol and is readily characterized. Last year my survey of over 8,000 SSL servers found that about 25% of them used only weak "export"-level keys and cipher suites. With the wider deployment of TLS, more high-speed cryptographic hardware, and another year since the U.S. liberalized crypto export regulations, more sites have deployed strong crypto. This talk will discuss the results of this year's survey, the changes in crypto deployment that have occurred in the last year, and the possible causes of those changes.

10:30 am - 11:00 am   Break
11:00 am - 12:30 pm
REFEREED PAPER TRACK
Grand Ballroom, Salons I/II

Managing Code
Session Chair: Trent Jaeger, IBM T.J. Watson Research Center

Statically Detecting Likely Buffer Overflow Vulnerabilities
David Larochelle and David Evans, University of Virginia

FormatGuard: Automatic Protection From printf Format String Vulnerabilities
Crispin Cowan, Matt Barringer, Steve Beattie, and Greg Kroah-Hartman, WireX Communications, Inc.; Mike Frantzen, Purdue University; and Jamie Lokier, CERN

Detecting Format String Vulnerabilities with Type Qualifiers
Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, and David Wagner, University of California at Berkeley

INVITED TALKS
Grand Ballroom, Salons III/IV

Reversing the Panopticon
John Young, Cryptome.org, and Deborah Natsios, Cartome.org

Cryptome welcomes documents for publication that are prohibited by governments worldwide--in particular, material on cryptology; dual-use technologies; and national security and intelligence open, secret, and classified documents. Cartome, a newly inaugurated companion site to Cryptome, is an archive of spatial and geographic documents on privacy, cryptography, dual-use technologies, and national security and intelligence communicated by imagery systems: cartography, photography, photogrammetry, steganography, climatography, seismography, geography, camouflage, maps, images, drawings, charts, diagrams, imagery intelligence (IMINT), and their reverse-panopticon and counter-deception potential.

12:30 pm - 2:00 pm   Lunch
2:00 pm - 3:30 pm
REFEREED PAPER TRACK
Grand Ballroom, Salons I/II

Authorization
Session Chair: Carl Ellison, Intel Corporation

Capability File Names: Separating Authorisation From User Management in an Internet File System
Jude T. Regan and Christian D. Jensen, Trinity College Dublin

Kerberized Credential Translation: A Solution to Web Access Control
Olga Kornievskaia, Peter Honeyman, Bill Doster, and Kevin Coffman, CITI, University of Michigan

The Dos and Don'ts of Client Authentication on the Web
Kevin Fu, Emil Sit, Kendra Smith, and Nick Feamster, MIT

INVITED TALKS
Grand Ballroom, Salons III/IV

Designing Against Traffic Analysis
Paul Syverson, U.S. Naval Research Laboratory

Traffic analysis reveals who is communicating with whom and in what way. Thus, traffic-analysis-resistant communication is an essential building block for any technical guarantee of many aspects of privacy. This talk will describe some of the traffic analysis threats to communicants on the Internet and some of the systems that have been implemented to resist traffic analysis. The focus will be primarily on systems for connection-based communication, for example, the Anonymizer, Crowds, Freedom, and in particular Onion Routing. We will define security goals for such systems and look at how the systems meet those goals.

3:30 pm - 4:00 pm   Break
4:00 pm - 5:30 pm
REFEREED PAPER TRACK
Grand Ballroom, Salons I/II

Key Management
Session Chair: Peter Gutmann, University of Aukland

SC-CFS: Smartcard Secured Cryptographic File System
Naomaru Itoi, CITI, University of Michigan

Secure Distribution of Events in Content-Based Publish Subscribe Systems
Lukasz Opyrchal and Atul Prakash, University of Michigan

A Method for Fast Revocation of Public Key Certificates and Security Capabilities
Dan Boneh, Stanford University; Xuhua Ding and Gene Tsudik, University of California, Irvine; and Chi Ming Wong, Stanford University

INVITED TALKS
Grand Ballroom, Salons III/IV

Countering SYN Flood Denial-of-Service (DoS) Attacks
Ross Oliver, Tech Mavens
View the presentation in PDF format.

A great deal of attention has been focused on DoS attacks in the past year, but effective solutions have been slow in coming. This presentation will highlight the technical issues involved in combatting SYN floods and will describe three different defense methods: SynDefender, as implemented in Checkpoint's Firewall-1; syn proxying, as implemented by the Netscreen 100 firewall appliance; and syn cookies, as implemented in the Linux OS. A test configuration used to compare the effectiveness of these techniques will be described and will show the performance of these methods under an actual SYN flood attack.

FRIDAY, AUGUST 17, 2001
9:00 am - 10:30 am
REFEREED PAPER TRACK
Grand Ballroom, Salons I/II

Math Attacks!
Session Chair: Ian Goldberg, Zero Knowledge Systems

PDM: A New Strong Password-Based Protocol
Charlie Kaufman, Iris Associates, and Radia Perlman, Sun Microsystems Laboratories

You can view this slide presentation in PDF form.

Defending Against Statistical Steganalysis
Niels Provos, CITI, University of Michigan

Timing Analysis of Keystrokes and Timing Attacks on SSH
Dawn Xiaodong Song, David Wagner, and Xuqing Tian, University of California, Berkeley

INVITED TALKS
Grand Ballroom, Salons III/IV

Real Stateful TCP Packet Filtering in Ip-filter
Guido van Rooij, Madison Gurkha BV
View the presentation in PDF format.

Ip-filter, an open-source packet-filtering engine, is available for a number of operating systems. Ip-filter comes with stateful packet filtering. In the TCP case, the state engine not only inspects the presence of ACK flags or looks at source and destination ports, but includes sequence numbers and window sizes in its filtering decision. This greatly reduces the window of opportunity for malicious packets to be passed through the packet filter. This talk will briefly discuss problems with the original state engine and then move on to the design of the new state engine and some implementation consequences. It will conclude with experiences with the state code and future work.

10:30 am - 11:00 am   Break
11:00 am - 12:30 pm    (Grand Ballroom, Salons II/III/IV)
Work-in-Progress Reports (WiPs)
Session Chair: Patrick McDaniel, University of Michigan

Short, pithy, and fun, Work-in-Progress Reports introduce interesting new or ongoing work. If you have work you would like to share or a cool idea that's not quite ready for publication, send a one- or two-paragraph summary to sec01wips@usenix.org. We are particularly interested in presenting students' work. A schedule of presentations will be posted at the conference, and the speakers will be notified in advance. Work-in-Progress reports are five-minute presentations; the time limit will be strictly enforced.

View the WiPs in HTML.


?Need help? Use our Contacts page.
Last changed: 29 Aug. 2001 ml
Security '01 Home
Events calendar
USENIX home