Proceedings Front Matter: Cover, Copyright, ISBN | Title Page, Organizers, Reviewers | Table of Contents | Message from the Program Chair

Complete Proceedings | Proceedings Errata Slip (rev. 7/26/11)

NEW! E-Book Proceedings: Read the proceedings on the go in iPad-friendly EPUB format or Kindle-friendly Mobipocket format. (See the Proceedings Errata Slip in EPUB format or Mobipocket format.)

Opening Remarks, Awards, and Keynote Address

Grand Ballroom

Program Chair: David Wagner, University of California, Berkeley

View the Video

Listen to the MP3

Network Security in the Medium Term: 2061–2561 AD

Charles Stross, Author of award-winning science fiction

View the Video

Listen to the MP3

A science fiction writer takes a look at the medium-term implications the information processing revolution holds for human civilization.

Charles Stross, 46, is a full-time science fiction writer and resident of Edinburgh, Scotland. The winner of two Locus Reader Awards and winner in 2005 and 2010 of the Hugo Award for best novella, Stross's works have been translated into over a dozen languages. Like many writers, Stross has had a variety of careers, occupations, and job-shaped catastrophes in the past, from pharmacist through tech sector journalist to first code monkey on the team of a successful dot-com startup. He has degrees in pharmacy and computer science.

REFEREED PAPERS

Grand Ballroom

Web Security

Session Chair: Helen Wang, Microsoft Research

Fast and Precise Sanitizer Analysis with BEK
Pieter Hooimeijer, University of Virginia; Benjamin Livshits and David Molnar, Microsoft Research; Prateek Saxena, University of California, Berkeley; Margus Veanes, Microsoft Research

Read the Full paper

View the Video

Listen to the MP3

Toward Secure Embedded Web Interfaces
Baptiste Gourdin, LSV ENS-Cachan; Chinmay Soman, Hristo Bojinov, and Elie Bursztein, Stanford University

Read the Full paper

View the Video | Slides

Listen to the MP3

ZOZZLE: Fast and Precise In-Browser JavaScript Malware Detection
Charlie Curtsinger, University of Massachusetts Amherst; Benjamin Livshits and Benjamin Zorn, Microsoft Research; Christian Seifert, Microsoft

Read the Full paper

View the Video

Listen to the MP3

INVITED TALKS

Colonial Room

The Three Cyber-War Fallacies
Dave Aitel, CEO of Immunity, Inc.

View the Video

Listen to the MP3

Many sources for cyber strategy and policy that affects it focus on three facets of the cyber domain:

None of these is true. This talk explains why.

REFEREED PAPERS

Grand Ballroom

Analysis of Deployed Systems

Session Chair: Ian Goldberg, University of Waterloo

Awarded Outstanding Paper!
Why (Special Agent) Johnny (Still) Can't Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System
Sandy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, Kevin Xu, and Matt Blaze, University of Pennsylvania

Read the Full paper

View the Video

Listen to the MP3

Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space
Martin Mulazzani, Sebastian Schrittwieser, Manuel Leithner, Markus Huber, and Edgar Weippl, SBA Research

Read the Full paper (Updated 6/24/11)

View the Video | Slides

Listen to the MP3

Comprehensive Experimental Analyses of Automotive Attack Surfaces
Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage, University of California, San Diego; Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno, University of Washington

Read the Full paper

View the Video

Listen to the MP3

REFEREED PAPERS

Grand Ballroom

Forensic Analysis

Session Chair: William Enck, Pennsylvania State University

Forensic Triage for Mobile Phones with DEC0DE
Robert J. Walls, Erik Learned-Miller, and Brian Neil Levine, University of Massachusetts Amherst

Read the Full paper

View the Video | Slides

Listen to the MP3

mCarve: Carving Attributed Dump Sets
Ton van Deursen, Sjouke Mauw, and Saša Radomirović, University of Luxembourg

Read the Full paper

View the Video | Slides

Listen to the MP3

SHELLOS: Enabling Fast Detection and Forensic Analysis of Code Injection Attacks
Kevin Z. Snow, Srinivas Krishnan, and Fabian Monrose, University of North Carolina at Chapel Hill; Niels Provos, Google

Read the Full paper

View the Video

Listen to the MP3

INVITED TALKS

Colonial Room

Crossing the Chasm: Pitching Security Research to Mainstream Browser Vendors

Collin Jackson, Assistant Research Professor at Carnegie Mellon University

View the Video | Slides

Listen to the MP3

"Why doesn't my browser do X?" Competition among browser vendors is fierce, and it seems that everyone has an idea for how to make Web browsing faster, easier, and more secure. But only a small fraction of the published research on Web security is ever adopted by popular browsers. In this talk we'll discuss what it takes to transition a research idea into a mainstream browser feature and the pitfalls that lie in wait along the way.

Collin Jackson is an Assistant Research Professor at Carnegie Mellon University, based on the Silicon Valley campus. His Web security proposals have been adopted by many popular browsers, including Internet Explorer, Firefox, Google Chrome, Safari, and Opera. He has also proposed plenty of ideas that have gone absolutely nowhere.

USENIX Security '11 Reception

California East/West

Don't miss the USENIX Security '11 Reception, featuring dinner, drinks, and the chance to connect with other attendees, speakers, and conference organizers.

USENIX Security '11 Rump Session

Grand Ballroom

Rump Session Chair: Matt Blaze, University of Pennsylvania

Building on last's year success, we will host a rump session on the evening of Wednesday, August 10, 2011. This is intended as an informal session for short and engaging presentations on recent unpublished results, work in progress, or other topics of interest to the USENIX Security attendees. To submit a rump session talk, email sec11rump@usenix.org by Wednesday, August 10, 2011, at 11:59 a.m. PDT.

REFEREED PAPERS

Grand Ballroom

Static and Dynamic Analysis

Session Chair: Sam King, University of Illinois at Urbana-Champaign

MACE: Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability Discovery
Chia Yuan Cho, University of California, Berkeley, and DSO National Labs; Domagoj Babić, University of California, Berkeley; Pongsin Poosankam, University of California, Berkeley, and Carnegie Mellon University; Kevin Zhijie Chen, Edward XueJun Wu, and Dawn Song, University of California, Berkeley

Read the Full paper

View the Video | Slides

Listen to the MP3

Static Detection of Access Control Vulnerabilities in Web Applications
Fangqi Sun, Liang Xu, and Zhendong Su, University of California, Davis

Read the Full paper

View the Video | Slides

Listen to the MP3

ADsafety: Type-Based Verification of JavaScript Sandboxing
Joe Gibbs Politz, Spiridon Aristides Eliopoulos, Arjun Guha, and Shriram Krishnamurthi, Brown University

Read the Full paper

View the Video | Slides

Listen to the MP3

INVITED TALKS

Colonial Room

I'm from the Government and I'm Here to Help: Perspectives from a Privacy Tech Wonk
Tara Whalen, Office of the Privacy Commissioner of Canada

View the Video

Listen to the MP3

Security research has often had a major impact on technology policy...and vice versa. Within the privacy space, issues such as location privacy, lawful intercept, and online tracking have been the subject of considerable debate. As a "tame technologist" within the Canadian civil service, I've been deeply engaged in these subjects at a practical level. In this talk, I will outline some of the ways in which the spheres of technology, policy, and law intersect, illustrated with recent real-world examples from the privacy domain.

Tara Whalen joined the Office of the Privacy Commissioner of Canada (OPC) in 2009, where she works as an IT Research Analyst. Prior to joining the OPC, she conducted post-doctoral research in computer security at Carleton University. She has a PhD in Computer Science from Dalhousie University. Tara has over 15 years of experience in the information security and privacy fields, including roles in research labs, academia, federal government institutions, and the private sector. In addition to privacy, her research interests include the human factors of security and the social implications of technology.

REFEREED PAPERS

Grand Ballroom

Understanding the Underground Economy

Session Chair: Yinglian Xie, Microsoft Research

Awarded Outstanding Paper!
Measuring Pay-per-Install: The Commoditization of Malware Distribution
Juan Caballero, IMDEA Software Institute; Chris Grier, Christian Kreibich, and Vern Paxson, University of California, Berkeley, and ICSI

Read the Full paper

View the Video | Slides

Listen to the MP3

Dirty Jobs: The Role of Freelance Labor in Web Service Abuse
Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, University of California, San Diego

Read the Full paper

View the Video | Slides

Listen to the MP3

Show Me the Money: Characterizing Spam-advertised Revenue
Chris Kanich, University of California, San Diego; Nicholas Weaver, International Computer Science Institute; Damon McCoy and Tristan Halvorson, University of California, San Diego; Christian Kreibich, International Computer Science Institute; Kirill Levchenko, University of California, San Diego; Vern Paxson, International Computer Science Institute and University of California, Berkeley; Geoffrey M. Voelker and Stefan Savage, University of California, San Diego

Read the Full paper

View the Video | Slides

Listen to the MP3

INVITED TALKS

Colonial Room

Privacy in the Age of Augmented Reality
Alessandro Acquisti, Associate Professor of Information Technology and Public Policy at Heinz College, Carnegie Mellon University

View the Video | Slides

Listen to the MP3

In this talk, I will link two of my favorite research streams: (1) the behavioral economics of privacy, and (2) mining of data from online social networks for privacy and security risks associated with online disclosures. I will highlight how research in behavioral economics can help us make sense of apparent inconsistencies in privacy (and security) decision-making and will present results from a variety of experiments conducted at Carnegie Mellon University. Then I will discuss the technical feasibility and privacy implications of combining publicly available Web 2.0 images with off-the-shelf face recognition technology, for the purpose of large-scale, automated individual re-identification. Combined, the results highlight the behavioral, technological, and legal issues raised by the convergence of mining technologies and online social networks and illuminate the future of privacy in an augmented reality world.

Alessandro Acquisti is an Associate Professor of Information Systems and Public Policy at the Heinz College, Carnegie Mellon University, and the co-director of the CMU Center for Behavioral Decision Research (CBDR). Alessandro has been the recipient of many awards, and his research on privacy has been published in leading journals across multiple disciplines and featured in media outlets such as the New York Times, the Wall Street Journal, the Washington Post, CNN, and NPR. His 2009 study on the predictability of Social Security numbers contributed to the change in the assignment scheme of SSNs that was announced in 2011 by the US Social Security Administration.

REFEREED PAPERS

Grand Ballroom

2:00 p.m.–3:30 p.m.

Defenses and New Directions

Session Chair: Tara Whalen, Office of the Privacy Commissioner of Canada

Secure In-Band Wireless Pairing
Shyamnath Gollakota, Nabeel Ahmed, Nickolai Zeldovich, and Dina Katabi, Massachusetts Institute of Technology

Read the Full paper

View the Video | Slides (PPTX)

Listen to the MP3

TRESOR Runs Encryption Securely Outside RAM
Tilo Müller and Felix C. Freiling, University of Erlangen; Andreas Dewald, University of Mannheim

Read the Full paper

View the Video | Slides

Listen to the MP3

Bubble Trouble: Off-Line De-Anonymization of Bubble Forms
Joseph A. Calandrino, William Clarkson, and Edward W. Felten, Princeton University

Read the Full paper

View the Video

Listen to the MP3

REFEREED PAPERS

Colonial Room

2:00 p.m.–3:00 p.m.

Securing Search

Session Chair: Wenyuan Xu, University of South Carolina

Measuring and Analyzing Search-Redirection Attacks in the Illicit Online Prescription Drug Trade
Nektarios Leontiadis, Carnegie Mellon University; Tyler Moore, Harvard University; Nicolas Christin, Carnegie Mellon University

Read the Full paper

View the Video | Slides

Listen to the MP3

deSEO: Combating Search-Result Poisoning
John P. John, University of Washington; Fang Yu and Yinglian Xie, MSR Silicon Valley; Arvind Krishnamurthy, University of Washington; Martín Abadi, MSR Silicon Valley

Read the Full paper

View the Video | Slides

Listen to the MP3

REFEREED PAPERS

Grand Ballroom

Securing Smart Phones

Session Chair: David Evans, University of Virginia

A Study of Android Application Security
William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri, The Pennsylvania State University

Read the Full paper

View the Video | Slides

Listen to the MP3

Permission Re-Delegation: Attacks and Defenses
Adrienne Porter Felt, University of California, Berkeley; Helen J. Wang and Alexander Moshchuk, Microsoft Research; Steve Hanna and Erika Chin, University of California, Berkeley

Read the Full paper

View the Video

Listen to the MP3

QUIRE: Lightweight Provenance for Smart Phone Operating Systems
Michael Dietz, Shashi Shekhar, Yuliy Pisetsky, Anhei Shu, and Dan S. Wallach, Rice University

Read the Full paper (updated 7/26/11)

View the Video

Listen to the MP3

INVITED TALKS

Colonial Room

Deport on Arrival: Adventures in Technology, Politics, and Power
J. Alex Halderman, Assistant Professor, Computer Science and Engineering, The University of Michigan

View the Video

Listen to the MP3

Last year, my colleagues and I were accused by unnamed intelligence officials of being a "foreign conspiracy" to destabilize a major democracy and narrowly escaped being thrown onto an airplane and deported from that country—all for publishing a research paper (Wolchok et al., CCS 2010). In this talk I will share this story and other research adventures from my work in DRM, electronic voting, and Internet censorship—areas that lie at the intersection of technology and political power. These topics touch on computer security issues that affect the relationship between individuals and government, and scientists working to understand these issues have an obligation not only to speak truth to power but also to explain technical realities directly to the people. We will travel from Manhattan alleyways to Mumbai jail cells, meeting powerful foes and making lasting friendships along the way.

J. Alex Halderman is an assistant professor of computer science and engineering at the University of Michigan. His research spans applied computer security and tech-centric public policy, including topics such as software security, data privacy, electronic voting, censorship resistance, digital rights management, and cybercrime, as well as technological aspects of intellectual property law and government regulation.

Poster Session & Pizza Party

California East/West

Poster Session Chair: Patrick Traynor, Georgia Institute of Technology

Don't miss the cool new ideas and the latest preliminary research on display at the Poster Session. Take part in discussions with your colleagues over complimentary drinks, pizza, and salad. Check out the list of accepted posters.

REFEREED PAPERS

Grand Ballroom

Understanding Attacks

Session Chair: Hovav Shacham, University of California, San Diego

SMS of Death: From Analyzing to Attacking Mobile Phones on a Large Scale
Collin Mulliner, Nico Golde, and Jean-Pierre Seifert, Technische Universität Berlin and Deutsche Telekom Laboratories

Read the Full paper

View the Video | Slides

Listen to the MP3

Q: Exploit Hardening Made Easy
Edward J. Schwartz, Thanassis Avgerinos, and David Brumley, Carnegie Mellon University

Read the Full paper

View the Video | Slides

Listen to the MP3

Cloaking Malware with the Trusted Platform Module
Alan M. Dunn, Owen S. Hofmann, Brent Waters, and Emmett Witchel, The University of Texas at Austin

Read the Full paper

View the Video | Slides

Listen to the MP3

INVITED TALKS

Colonial Room

The (Decentralized) SSL Observatory
Peter Eckersley, Senior Staff Technologist for the Electronic Frontier Foundation, and Jesse Burns, Founding Partner, iSEC Partners

View the Slides

The EFF SSL Observatory project collects and publishes comprehensive datasets of the TLS/SSL certificates used by servers on the public Internet. These datasets provide numerous insights into the ways cryptography is used on the Web and the collective role of Certificate Authorities (CAs) in authenticating Web servers. This talk will review previous findings from the project's scans of port 443 in IPv4 address space and will present several new results. It will also describe the design and initial findings from the new, decentralized version of the Observatory.

Peter Eckersley is a Senior Staff Technologist at the Electronic Frontier Foundation. His work at EFF has included privacy and security projects, such as Panopticlick, HTTPS Everywhere, Surveillance Self-Defense International, and the SSL Observatory, and running the first controlled tests to confirm that Comcast was using forged reset packets to interfere with P2P protocols. Peter's PhD at the University of Melbourne was on digital copyright and alternatives to digital copyright.

Jesse Burns is a Principal Partner at iSec Partners, an application security consulting firm. His clients include many of the world's largest technology, telecommunications, and financial services firms.

REFEREED PAPERS

Grand Ballroom

Dealing with Malware and Bots

Session Chair: Niels Provos, Google, Inc.

Detecting Malware Domains at the Upper DNS Hierarchy
Manos Antonakakis, Damballa Inc. and Georgia Institute of Technology; Roberto Perdisci, University of Georgia; Wenke Lee, Georgia Institute of Technology; Nikolaos Vasiloglou II, Damballa Inc.; David Dagon, Georgia Institute of Technology

Read the Full paper

View the Video | Slides

Listen to the MP3

BOTMAGNIFIER: Locating Spambots on the Internet
Gianluca Stringhini, University of California, Santa Barbara; Thorsten Holz, Ruhr-University Bochum; Brett Stone-Gross, Christopher Kruegel, and Giovanni Vigna, University of California, Santa Barbara

Read the Full paper

View the Video | Slides

Listen to the MP3

JACKSTRAWS: Picking Command and Control Connections from Bot Traffic
Gregoire Jacob, University of California, Santa Barbara; Ralf Hund, Ruhr-University Bochum; Christopher Kruegel, University of California, Santa Barbara; Thorsten Holz, Ruhr-University Bochum

Read the Full paper

View the Video | Slides

Listen to the MP3

PANEL

Colonial Room

SSL/TLS Certificates: Threat or Menace?

Moderator: Eric Rescorla, RTFM, Inc.
Panelists: Adam Langley, Google; Brian Smith, Mozilla; Stephen Schultze, Princeton University; Steve Kent, BBN Technologies

View the Video

Listen to the MP3

The security of SSL/TLS as used in practice depends on the security of the certificate hierarchy used to authenticate the servers. However, recent events have called the adequacy of that system into question: typical browsers trust a large number of root certificate authorities (trust anchors), and compromise of any of those anchors leads to the ability to impersonate more or less any server, as was demonstrated by the recent Comodo incident. Our panelists will talk about the state of the SSL/TLS authentication system, its future, and the various proposals for improvement and/or replacement.

REFEREED PAPERS

Grand Ballroom

Privacy- and Freedom-Enhancing Technologies

Session Chair: Matthew Green, Johns Hopkins University

Telex: Anticensorship in the Network Infrastructure
Eric Wustrow and Scott Wolchok, The University of Michigan; Ian Goldberg, University of Waterloo; J. Alex Halderman, The University of Michigan

Read the Full paper

View the Video | Slides

Listen to the MP3

PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval
Prateek Mittal, University of Illinois at Urbana-Champaign; Femi Olumofin, University of Waterloo; Carmela Troncoso, K.U.Leuven/IBBT; Nikita Borisov, University of Illinois at Urbana-Champaign; Ian Goldberg, University of Waterloo

Read the Full paper

View the Video | Slides (PPTX)

Listen to the MP3

The Phantom Tollbooth: Privacy-Preserving Electronic Toll Collection in the Presence of Driver Collusion
Sarah Meiklejohn, Keaton Mowery, Stephen Checkoway, and Hovav Shacham, University of California, San Diego

Read the Full paper

View the Video | Slides

Listen to the MP3

INVITED TALKS

Colonial Room

Pico: No More Passwords!
Frank Stajano, University of Cambridge

View the Video

Listen to the MP3

Passwords are no longer acceptable as a security mechanism. Memorable, unguessable, high entropy, regularly changed, never written down, and all different . . . a contradictory and unsatisfiable set of requests! Solutions have been offered for Web authentication; to users, though, non-Web passwords are just as annoying. I propose a portable gadget called Pico to get rid of passwords everywhere, not just online, transforming "what you know" into "what you have." Maybe your gut reaction to the controversial Pico will be "it'll never work," but I believe we have a duty to come up with something more usable than passwords.

REFEREED PAPERS

Grand Ballroom

Applied Cryptography

Session Chair: Diana Smetters, Google, Inc.

Differential Privacy Under Fire
Andreas Haeberlen, Benjamin C. Pierce, and Arjun Narayan, University of Pennsylvania

Read the Full paper

View the Video | Slides (PDF) (PPTX)

Listen to the MP3

Outsourcing the Decryption of ABE Ciphertexts
Matthew Green and Susan Hohenberger, Johns Hopkins University; Brent Waters, University of Texas at Austin

Read the Full paper (Updated 6/14/11)

View the Video | Slides

Listen to the MP3

Faster Secure Two-Party Computation Using Garbled Circuits
Yan Huang and David Evans, University of Virginia; Jonathan Katz, University of Maryland; Lior Malka, Intel

Read the Full paper

View the Video | Slides

Listen to the MP3

INVITED TALKS

Colonial Room

The Cloud-y Future of Security Technologies
Adam O'Donnell, Co-founder & Director, Cloud Engineering Immunet

View the Video | Slides

Listen to the MP3

With a healthy dose of technologies and techniques borrowed from big-data companies such as Google and Facebook, engineers in the security industry have led a sea change in how security products are designed and implemented. Rather than rely upon ad hoc threat detection networks and loose partnerships with other security firms to detect new threats, security firms are moving to cloud-based product models, where threat information for malicious network traffic, malware, and various forms of attacks is centrally aggregated and processed from endpoints. Large teams of analysts-focused manual identification of threats are now being displaced by data mining and machine learning, pushing the effective time to live of an attack from weeks to hours. In this talk I will show you how it's been done.