TECHNICAL SESSIONS
Wednesday, August 11 | Thursday, August 12 | Friday, August 13
9:00 a.m.10:30 a.m.
|
Wednesday
|
Opening Remarks, Awards, and Keynote
Session Chair: Matt Blaze, University of Pennsylvania
Keynote Address: Back to the Future
William "Earl" Boebert, Sandia National Laboratory
The speaker will review his 30-year association with research into
"predictable systems," that is, those that can be reasoned about a priori.
Predictablity is the common thread running through security, safety, or
reliability. He will cover those approaches that still appear to hold
promise, and those which should not be attempted again under any
circumstances.
|
10:30 a.m.11:00 a.m. Break
|
|
11:00 a.m.12:30 p.m.
|
Wednesday
|
REFEREED PAPERS
Attack Containment
Session Chair: Angelos Keromytis, Columbia University
A Virtual Honeypot Framework
Niels Provos, Google, Inc.
Collapsar: A VM-Based Architecture for Network Attack Detention Center
Xuxian Jiang and Dongyan Xu, Purdue University
Very Fast Containment of Scanning Worms
Nicholas Weaver, International Computer Science Institute; Stuart Staniford, Nevis Networks; Vern Paxson, International
Computer Science Institute and Lawrence Berkeley National Laboratory
|
INVITED TALKS
RFID: Security and Privacy for Five-Cent Computers
Ari Juels, Principal Research Scientist, RSA Laboratories
RFID tags are microchip-enhanced, next-generation barcodes capable
of transmitting a small amount of information over short distances. Poised
to play an important role in the commercial world and increasingly to enter
the hands of consumers, RFID devices bring a host of potential security and
privacy problems in their wake. With a cost target of just several cents
apiece, basic RFID tags possess only barebones computing resources. This
talk will describe some approaches to security for this especially frugal
computing environment.
|
12:30 p.m.2:00 p.m. Lunch (on your own)
|
|
2:00 p.m.3:30 p.m.
|
Wednesday
|
REFEREED PAPERS
Panel: Capture the Flag
Moderator: Tina Bird, Stanford University
Panelists: Major Ronald Dodge, United States Military Academy; Marc Dougherty, Northeastern University; Chris Eagle, Naval Postgraduate School; Riley Eller, Special Projects Manager, CoCo Communications Corp.
Capture the Flag competitions are a popular mechanism for training new
security professionals, for testing security software, and for giving old
hands an opportunity to keep their skills honed. But they're surprisingly
difficult to orchestrate. In this panel, we'll hear about Capture the
Flag competitions from the organizational point of view, in both academic
and "real world" environments, and discuss the use of Capture the Flag in training
security personnel.
|
INVITED TALKS
Fighting Computer Virus Attacks
Peter Szor, Chief Researcher, Symantec Corporation
Download Presentation Slides (zipped Powerpoint document, 7.1 MB)
Every month, critical vulnerabilities are reported on a wide
variety of operating systems and applications. Computer virus
attacks are quickly becoming the number one security problem
which ranges between large scale social engineering attacks
and exploiting critical vulnerabilities. Sophisticated attacks
use polymorphism and even metamorphism mixed with cryptographically
strong algorithms and self-updating which makes analysis and
defense increasingly difficult.
This presentation will discuss the state of the art in computer
viruses and computer virus defense. I will present some promising
host-based prevention techniques that can stop entire classes of
fast-spreading worms such W32/Sobig@mm and W32/Mydoom@mm as well
as worms using buffer overflow attacks, such as Win32/CodeRed,
Linux/Slapper, Win32/Slammer and Win32/Blaster. In-depth worm
and exploit analysis are also discussed.
It is becoming increasingly important to find ways to bridge the
gap between computer virus research and general security research.
The primary goal of this presentation is to encourage the fight
against computer viruses within the security community.
|
3:30 p.m.4:00 p.m. Break
|
|
4:00 p.m.5:30 p.m.
|
Wednesday
|
REFEREED PAPERS
Protecting Software I
Session Chair: Sotiris Ioannidis, University of Pennsylvania
TIED, LibsafePlus: Tools for Runtime Buffer Overflow Protection
Kumar Avijit, Prateek Gupta, and Deepak Gupta, IIT Kanpur
Privtrans: Automatically Partitioning Programs for Privilege Separation
David Brumley and Dawn Song, Carnegie Mellon University
Avfs: An On-Access Anti-Virus File System
Yevgeniy Miretskiy, Abhijith Das, Charles P. Wright, and Erez Zadok, Stony Brook University
|
INVITED TALKS
I Voted? How the Law Increasingly Restricts Independent Security Research
Cindy Cohn, Legal Director, Electronic Frontier Foundation
Listen in MP3 format
Are our elections secure? Can we trust our insurance companies'
websites to secure our medical information? Can I get a free download
from an online music store? These questions are increasingly being
asked as more of our fundamental activities and commerce move online
or to digital technologies. Computer security experts, both
professional and amateur, recognize that the best way to make our
vital systems secure, and keep them that way, is through an ongoing,
scientific cycle of widespread testing, review, attacks, publication
and continued system development. Yet the law has increasingly created
barriers to this process. The Computer Fraud and Abuse Act, the
Digital Millennium Copyright Act, trade secret law and copyright law,
for instance, have all created barriers to independent computer
security research into some of the most important systems used by the
public today. Ms. Cohn will discuss the legal issues facing
independent security researchers, using the struggle to test
electronic voting machines among other examples.
|
Wednesday, August 11 | Thursday, August 12 | Friday, August 13
9:00 a.m.10:30 a.m.
|
Thursday
|
REFEREED PAPERS
Protecting Software II
Session Chair: Adrian Perrig, Carnegie Mellon University
Side Effects Are Not Sufficient to Authenticate Software
Umesh Shankar, Monica Chew, and J.D. Tygar, UC Berkeley
On Gray-Box Program Tracking for Anomaly Detection
Debin Gao, Michael K. Reiter, and Dawn Song, Carnegie Mellon University
Finding User/Kernel Pointer Bugs with Type Inference
Rob Johnson and David Wagner, UC Berkeley
|
INVITED TALKS
Metrics, Economics, and Shared Risk at the
National Scale (PDF)
Dan Geer, Verdasys, Inc.
Listen in MP3 format
The more electronically interdependent we are the
more risk we share. Daily we have to choose between
default deny (safety) and default permit (freedom).
If we prefer rational decision making, we will
prefer that numbersand, reflecting our sharing
of risk, the Law of Large Numbersdrive our
policy decisions at the national level. These
numbers do not come from thin air or, if they do,
they will merely contribute to the rising fraction
of security practitioners who are charlatans. This
talk is more challenge than prescription, thus to
reflect the state of the art.
|
10:30 a.m.11:00 a.m. Break
|
|
11:00 a.m.12:30 p.m.
|
Thursday
|
REFEREED PAPERS
The Human Interface
Session Chair: Greg Rose, Qualcomm
Graphical Dictionaries and the Memorable Space of Graphical Passwords
Julie Thorpe and Paul van Oorschot, Carleton University
On User Choice in Graphical Password Schemes
Darren Davis and Fabian Monrose, Johns Hopkins University; Michael K. Reiter, Carneige Mellon University
Design of the EROS Trusted Window System
Jonathan S. Shapiro, John Vanderburgh, and Eric Northup, Johns
Hopkins University; David Chizmadia, Promia Inc.
|
INVITED TALKS
Exploiting Software (PDF)
Gary McGraw, Cigital
Software vulnerability and software exploits are the root causes of a
majority of computer security problems. But how does software break?
How do attackers make software break on purpose? What tools can be used
to break software? This talk is about making software beg for mercy.
You will learn:
- Why software exploits will continue to be a serious problem
- When network security mechanisms fail
- How attack patterns can be used to build better software
- Why reverse engineering is an essential skill
- Why rootkits are the apex of software exploits and how they work
- Why the only answer is building better software
Some may argue that discussing software exploits in public is a bad idea.
In fact, it's impossible to protect yourself if you don't know what
you're up against. Come find out for yourself.
|
12:30 p.m.2:00 p.m. Lunch (on your own)
|
|
2:00 p.m.3:30 p.m.
|
Thursday
|
REFEREED PAPERS
Panel: Patch Management
Moderator: Patrick McDaniel, AT&T Research
Panelists: Crispin Cowan, Immunix; Bob Cowles, Stanford Linear
Accelerator; Eric Schultz
Much of the damage caused by contemporary viruses and worms is
preventable. Administrators can minimize the effects of malicious code
if they apply available software patches. Given the obvious payoff of
applying patches in current operating systems, why are so many systems
still vulnerable? This panel will explore the the complexities and
dangers of patch management in current network environments. Panel
members will describe their own experiences in dealing with patches
and propose solutions for future of vulnerability patching.
|
INVITED TALKS
Military Strategy in CyberSpace
Stuart Staniford, Nevis Networks
I will discuss basic principals of military strategy and then apply
them to cyberspace. I will argue that cyber warfighting forces
will eventually be large, well-trained, and operate with military
discipline. Traditional strategic ideas such as concentration of
force, deception, fog of war will be unchanged in the cyber arena.
Ironically, the use of very open networking technologies for
critical purposes, in a world where wars are still fought, is likely
to lead to strong pressure to militarize civilian infrastructures.
I will sketch what a cyberwar campaign might look like.
|
3:30 p.m.4:00 p.m. Break
|
|
4:00 p.m.6:00 p.m.
|
Thursday
|
REFEREED PAPERS
Security Engineering
Session Chair: Carl Ellison, Microsoft
Copilota Coprocessor-based Kernel Runtime Integrity Monitor
Nick L. Petroni, Jr., Timothy Fraser, Jesus Molina, William A.
Arbaugh, University of Maryland
Fixing Races for Fun and Profit: How to Use access(2)
Drew Dean, SRI International; Alan J. Hu, University of British
Columbia
Network-in-a-Box: How to Set Up a Secure Wireless Network in Under a Minute
Dirk Balfanz, Glenn Durfee, Rebecca E. Grinter, Diana K. Smetters,
and Paul Stewart, PARC
Design and Implementation of a TCG-based Integrity Measurement Architecture
Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and
Leendert van Doorn, IBM T. J. Watson Research Center
|
INVITED TALKS
What Biology Can (and Can't) Teach Us About Security
David Evans, University of Virginia
Nature provides an existence proof that complex, robust behavior can be
produced from remarkably simple programs. Nearly all species become
extinct, but some manage to thrive in hostile environments full of
competitors, predators and parasites. I will present some observations
about security problems and solutions found in nature. Successful
natural
solutions provide useful inspiration, but substantial differences
between
the natural and virtual worlds make it challenging to apply nature's
security approaches to computer security problems.
|
6:30 p.m.7:30 p.m. Poster Session and Reception
|
Wednesday, August 11 | Thursday, August 12 | Friday, August 13
9:00 a.m.10:30 a.m.
|
Friday
|
REFEREED PAPERS
Forensics and Response
Session Chair: Niels Provos, Google
Privacy-Preserving Sharing and Correlation of Security Alerts
Patrick Lincoln, Phillip Porras, and Vitaly Shmatikov, SRI
Static Disassembly of Obfuscated Binaries
Christopher Kruegel, William Robertson, Fredrik Valeur, and
Giovanni Vigna, UC Santa Barbara
Autograph: Toward Automated, Distributed Worm Signature Detection
Hyang-Ah Kim, Carnegie Mellon University, and Brad Karp, Intel Research and Carnegie Mellon University
|
INVITED TALKS
Nuclear Weapons, Permissive Action Links, and the History of Public Key Cryptography (PDF)
Steve Bellovin, AT&T LabsResearch
Listen in MP3 format
From a security perspective, command and control of nuclear weapons
presents a challenge. The security mechanisms are supposed to be
so good that they're impossible to bypass. But how do they work?
Beyond that, there are reports linking these mechanisms to the
early history of public key cryptography. We'll explore the
documented history of both fields, and speculate on just how
permissive action linksthe "combination locks" on nuclear
weaponsactually work.
|
10:30 a.m.11:00 a.m. Break
|
|
11:00 a.m.12:30 p.m.
|
Friday
|
REFEREED PAPERS
Data Privacy
Session Chair: William Aiello, AT&T LabsResearch
Awarded Best Student Paper!
FairplayA Secure Two-Party Computation System
Dahlia Malkhi and Noam Nisan, Hebrew University; Benny Pinkas, HP Labs; Yaron Sella, Hebrew University
Tor: The Second-Generation Onion Router
Roger Dingledine and Nick Mathewson, The Free Haven Project; Paul
Syverson, Naval Research Lab
Awarded Best Paper!
Understanding Data Lifetime via Whole System Simulation
Jim Chow, Ben Pfaff, Tal Garfinkel, Kevin Christopher, and Mendel
Rosenblum, Stanford University
|
INVITED TALKS
My Dad's Computer, Microsoft, and the Future of Internet Security
William R. Cheswick, Chief Scientist, Lumeta Corporation
Microsoft claims that they Really Mean It about their host security.
Service Pack 2 is now available. Is it going to help? Are things
going to get better? How are we doing on Internet security, and
what might improve things?
With 13 years of service at Lucent/Bell Labs, Bill Cheswick has worked for nearly 30 years on operating-system security. He is co-author of one of the most highly regarded security books, Firewalls and
Internet Security. Prior to Lucent, Cheswick spent nine years with System Computer Technology Corporation.
|
12:30 p.m.2:00 p.m. Lunch (on your own)
|
|
2:00 p.m.4:00 p.m.
|
Friday
|
Work-in-Progress Reports (WiPs) & Closing Remarks
Session Chair: Erez Zadok, Stony Brook University
Click here for a complete list of WiPs and Poster Sessions
|
|