Wednesday, August 11 | Thursday, August 12 | Friday, August 13

9:00 a.m.–10:30 a.m.	Wednesday
Opening Remarks, Awards, and Keynote Session Chair: Matt Blaze, University of Pennsylvania Keynote Address: Back to the Future William "Earl" Boebert, Sandia National Laboratory The speaker will review his 30-year association with research into "predictable systems," that is, those that can be reasoned about a priori. Predictablity is the common thread running through security, safety, or reliability. He will cover those approaches that still appear to hold promise, and those which should not be attempted again under any circumstances.
10:30 a.m.–11:00 a.m.   Break
11:00 a.m.–12:30 p.m.	Wednesday
REFEREED PAPERS Attack Containment Session Chair: Angelos Keromytis, Columbia University A Virtual Honeypot Framework Niels Provos, Google, Inc. Collapsar: A VM-Based Architecture for Network Attack Detention Center Xuxian Jiang and Dongyan Xu, Purdue University Very Fast Containment of Scanning Worms Nicholas Weaver, International Computer Science Institute; Stuart Staniford, Nevis Networks; Vern Paxson, International Computer Science Institute and Lawrence Berkeley National Laboratory	INVITED TALKS RFID: Security and Privacy for Five-Cent Computers Ari Juels, Principal Research Scientist, RSA Laboratories RFID tags are microchip-enhanced, next-generation barcodes capable of transmitting a small amount of information over short distances. Poised to play an important role in the commercial world and increasingly to enter the hands of consumers, RFID devices bring a host of potential security and privacy problems in their wake. With a cost target of just several cents apiece, basic RFID tags possess only barebones computing resources. This talk will describe some approaches to security for this especially frugal computing environment.
12:30 p.m.–2:00 p.m.   Lunch (on your own)
2:00 p.m.–3:30 p.m.	Wednesday
REFEREED PAPERS Panel: Capture the Flag Moderator: Tina Bird, Stanford University Panelists: Major Ronald Dodge, United States Military Academy; Marc Dougherty, Northeastern University; Chris Eagle, Naval Postgraduate School; Riley Eller, Special Projects Manager, CoCo Communications Corp. Capture the Flag competitions are a popular mechanism for training new security professionals, for testing security software, and for giving old hands an opportunity to keep their skills honed. But they're surprisingly difficult to orchestrate. In this panel, we'll hear about Capture the Flag competitions from the organizational point of view, in both academic and "real world" environments, and discuss the use of Capture the Flag in training security personnel.	INVITED TALKS Fighting Computer Virus Attacks Peter Szor, Chief Researcher, Symantec Corporation Download Presentation Slides (zipped Powerpoint document, 7.1 MB) Every month, critical vulnerabilities are reported on a wide variety of operating systems and applications. Computer virus attacks are quickly becoming the number one security problem which ranges between large scale social engineering attacks and exploiting critical vulnerabilities. Sophisticated attacks use polymorphism and even metamorphism mixed with cryptographically strong algorithms and self-updating which makes analysis and defense increasingly difficult. This presentation will discuss the state of the art in computer viruses and computer virus defense. I will present some promising host-based prevention techniques that can stop entire classes of fast-spreading worms such W32/Sobig@mm and W32/Mydoom@mm as well as worms using buffer overflow attacks, such as Win32/CodeRed, Linux/Slapper, Win32/Slammer and Win32/Blaster. In-depth worm and exploit analysis are also discussed. It is becoming increasingly important to find ways to bridge the gap between computer virus research and general security research. The primary goal of this presentation is to encourage the fight against computer viruses within the security community.
3:30 p.m.–4:00 p.m.   Break
4:00 p.m.–5:30 p.m.	Wednesday
REFEREED PAPERS Protecting Software I Session Chair: Sotiris Ioannidis, University of Pennsylvania TIED, LibsafePlus: Tools for Runtime Buffer Overflow Protection Kumar Avijit, Prateek Gupta, and Deepak Gupta, IIT Kanpur Privtrans: Automatically Partitioning Programs for Privilege Separation David Brumley and Dawn Song, Carnegie Mellon University Avfs: An On-Access Anti-Virus File System Yevgeniy Miretskiy, Abhijith Das, Charles P. Wright, and Erez Zadok, Stony Brook University	INVITED TALKS I Voted? How the Law Increasingly Restricts Independent Security Research Cindy Cohn, Legal Director, Electronic Frontier Foundation Listen in MP3 format Are our elections secure? Can we trust our insurance companies' websites to secure our medical information? Can I get a free download from an online music store? These questions are increasingly being asked as more of our fundamental activities and commerce move online or to digital technologies. Computer security experts, both professional and amateur, recognize that the best way to make our vital systems secure, and keep them that way, is through an ongoing, scientific cycle of widespread testing, review, attacks, publication and continued system development. Yet the law has increasingly created barriers to this process. The Computer Fraud and Abuse Act, the Digital Millennium Copyright Act, trade secret law and copyright law, for instance, have all created barriers to independent computer security research into some of the most important systems used by the public today. Ms. Cohn will discuss the legal issues facing independent security researchers, using the struggle to test electronic voting machines among other examples.

Wednesday, August 11 | Thursday, August 12 | Friday, August 13

9:00 a.m.–10:30 a.m.	Thursday
REFEREED PAPERS Protecting Software II Session Chair: Adrian Perrig, Carnegie Mellon University Side Effects Are Not Sufficient to Authenticate Software Umesh Shankar, Monica Chew, and J.D. Tygar, UC Berkeley On Gray-Box Program Tracking for Anomaly Detection Debin Gao, Michael K. Reiter, and Dawn Song, Carnegie Mellon University Finding User/Kernel Pointer Bugs with Type Inference Rob Johnson and David Wagner, UC Berkeley	INVITED TALKS Metrics, Economics, and Shared Risk at the National Scale (PDF) Dan Geer, Verdasys, Inc. Listen in MP3 format The more electronically interdependent we are the more risk we share. Daily we have to choose between default deny (safety) and default permit (freedom). If we prefer rational decision making, we will prefer that numbers—and, reflecting our sharing of risk, the Law of Large Numbers—drive our policy decisions at the national level. These numbers do not come from thin air or, if they do, they will merely contribute to the rising fraction of security practitioners who are charlatans. This talk is more challenge than prescription, thus to reflect the state of the art.
10:30 a.m.–11:00 a.m.   Break
11:00 a.m.–12:30 p.m.	Thursday
REFEREED PAPERS The Human Interface Session Chair: Greg Rose, Qualcomm Graphical Dictionaries and the Memorable Space of Graphical Passwords Julie Thorpe and Paul van Oorschot, Carleton University On User Choice in Graphical Password Schemes Darren Davis and Fabian Monrose, Johns Hopkins University; Michael K. Reiter, Carneige Mellon University Design of the EROS Trusted Window System Jonathan S. Shapiro, John Vanderburgh, and Eric Northup, Johns Hopkins University; David Chizmadia, Promia Inc.	INVITED TALKS Exploiting Software (PDF) Gary McGraw, Cigital Software vulnerability and software exploits are the root causes of a majority of computer security problems. But how does software break? How do attackers make software break on purpose? What tools can be used to break software? This talk is about making software beg for mercy. You will learn: Why software exploits will continue to be a serious problem When network security mechanisms fail How attack patterns can be used to build better software Why reverse engineering is an essential skill Why rootkits are the apex of software exploits and how they work Why the only answer is building better software Some may argue that discussing software exploits in public is a bad idea. In fact, it's impossible to protect yourself if you don't know what you're up against. Come find out for yourself.
12:30 p.m.–2:00 p.m.   Lunch (on your own)
2:00 p.m.–3:30 p.m.	Thursday
REFEREED PAPERS Panel: Patch Management Moderator: Patrick McDaniel, AT&T Research Panelists: Crispin Cowan, Immunix; Bob Cowles, Stanford Linear Accelerator; Eric Schultz Much of the damage caused by contemporary viruses and worms is preventable. Administrators can minimize the effects of malicious code if they apply available software patches. Given the obvious payoff of applying patches in current operating systems, why are so many systems still vulnerable? This panel will explore the the complexities and dangers of patch management in current network environments. Panel members will describe their own experiences in dealing with patches and propose solutions for future of vulnerability patching.	INVITED TALKS Military Strategy in CyberSpace Stuart Staniford, Nevis Networks I will discuss basic principals of military strategy and then apply them to cyberspace. I will argue that cyber warfighting forces will eventually be large, well-trained, and operate with military discipline. Traditional strategic ideas such as concentration of force, deception, fog of war will be unchanged in the cyber arena. Ironically, the use of very open networking technologies for critical purposes, in a world where wars are still fought, is likely to lead to strong pressure to militarize civilian infrastructures. I will sketch what a cyberwar campaign might look like.
3:30 p.m.–4:00 p.m.   Break
4:00 p.m.–6:00 p.m.	Thursday
REFEREED PAPERS Security Engineering Session Chair: Carl Ellison, Microsoft Copilot—a Coprocessor-based Kernel Runtime Integrity Monitor Nick L. Petroni, Jr., Timothy Fraser, Jesus Molina, William A. Arbaugh, University of Maryland Fixing Races for Fun and Profit: How to Use access(2) Drew Dean, SRI International; Alan J. Hu, University of British Columbia Network-in-a-Box: How to Set Up a Secure Wireless Network in Under a Minute Dirk Balfanz, Glenn Durfee, Rebecca E. Grinter, Diana K. Smetters, and Paul Stewart, PARC Design and Implementation of a TCG-based Integrity Measurement Architecture Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn, IBM T. J. Watson Research Center	INVITED TALKS What Biology Can (and Can't) Teach Us About Security David Evans, University of Virginia Nature provides an existence proof that complex, robust behavior can be produced from remarkably simple programs. Nearly all species become extinct, but some manage to thrive in hostile environments full of competitors, predators and parasites. I will present some observations about security problems and solutions found in nature. Successful natural solutions provide useful inspiration, but substantial differences between the natural and virtual worlds make it challenging to apply nature's security approaches to computer security problems.
6:30 p.m.–7:30 p.m.   Poster Session and Reception

Wednesday, August 11 | Thursday, August 12 | Friday, August 13

9:00 a.m.–10:30 a.m.	Friday
REFEREED PAPERS Forensics and Response Session Chair: Niels Provos, Google Privacy-Preserving Sharing and Correlation of Security Alerts Patrick Lincoln, Phillip Porras, and Vitaly Shmatikov, SRI Static Disassembly of Obfuscated Binaries Christopher Kruegel, William Robertson, Fredrik Valeur, and Giovanni Vigna, UC Santa Barbara Autograph: Toward Automated, Distributed Worm Signature Detection Hyang-Ah Kim, Carnegie Mellon University, and Brad Karp, Intel Research and Carnegie Mellon University	INVITED TALKS Nuclear Weapons, Permissive Action Links, and the History of Public Key Cryptography (PDF) Steve Bellovin, AT&T Labs—Research Listen in MP3 format From a security perspective, command and control of nuclear weapons presents a challenge. The security mechanisms are supposed to be so good that they're impossible to bypass. But how do they work? Beyond that, there are reports linking these mechanisms to the early history of public key cryptography. We'll explore the documented history of both fields, and speculate on just how permissive action links—the "combination locks" on nuclear weapons—actually work.
10:30 a.m.–11:00 a.m.   Break
11:00 a.m.–12:30 p.m.	Friday
REFEREED PAPERS Data Privacy Session Chair: William Aiello, AT&T Labs—Research Awarded Best Student Paper! Fairplay—A Secure Two-Party Computation System Dahlia Malkhi and Noam Nisan, Hebrew University; Benny Pinkas, HP Labs; Yaron Sella, Hebrew University Tor: The Second-Generation Onion Router Roger Dingledine and Nick Mathewson, The Free Haven Project; Paul Syverson, Naval Research Lab Awarded Best Paper! Understanding Data Lifetime via Whole System Simulation Jim Chow, Ben Pfaff, Tal Garfinkel, Kevin Christopher, and Mendel Rosenblum, Stanford University	INVITED TALKS My Dad's Computer, Microsoft, and the Future of Internet Security William R. Cheswick, Chief Scientist, Lumeta Corporation Microsoft claims that they Really Mean It about their host security. Service Pack 2 is now available. Is it going to help? Are things going to get better? How are we doing on Internet security, and what might improve things? With 13 years of service at Lucent/Bell Labs, Bill Cheswick has worked for nearly 30 years on operating-system security. He is co-author of one of the most highly regarded security books, Firewalls and Internet Security. Prior to Lucent, Cheswick spent nine years with System Computer Technology Corporation.
12:30 p.m.–2:00 p.m.   Lunch (on your own)
2:00 p.m.–4:00 p.m.	Friday
Work-in-Progress Reports (WiPs) & Closing Remarks Session Chair: Erez Zadok, Stony Brook University Click here for a complete list of WiPs and Poster Sessions