TECHNICAL SESSIONS
Technical Sessions:
Wednesday, August 8 | Thursday, August 9 | Friday, August 10
Wednesday, August 8, 2007 |
9:00 a.m.–10:30 a.m.
|
Wednesday
|
Opening Remarks, Awards, and Keynote
Constitution Ballroom
Listen to the opening remarks in MP3 format
Keynote Address
How the iPod Shuffled the World as We Know It
Steven Levy, Senior Editor and Columnist, Newsweek
Steven Levy is a senior editor at Newsweek, writing "The Technologist" column as well as news and features. He has been covering the digital world for more than twenty years and is the author of six books, including Hackers, the classic history of the computer revolution; Artificial Life; Insanely Great, a history of the Macintosh; Crypto; and, most recently, The Perfect Thing, on the economic and cultural impact of the iPod. Before joining Newsweek, he wrote for numerous magazines, including Rolling Stone, The New Yorker, The New York Times Magazine, Esquire, Macworld, and Wired.
|
10:30 a.m.–11:00 a.m. Break
|
|
11:00 a.m.–12:30 p.m.
|
Wednesday
|
REFEREED PAPERS
Independence Ballroom
WWW Security
Session Chair: Wenke Lee, Georgia Institute of Technology
SIF: Enforcing Confidentiality and Integrity in Web Applications
Stephen Chong, K. Vikram, and Andrew C. Myers, Cornell University
Combating Click Fraud via Premium Clicks
Ari Juels, RSA Laboratories; Sid Stamm, Indiana University, Bloomington; Markus Jakobsson, Indiana University, Bloomington, and RavenWhite Inc.
SpyProxy: Execution-based Detection of Malicious Web Content
Alexander Moshchuk, Tanya Bragin, Damien Deville, Steven D. Gribble, and Henry M. Levy, University of Washington
|
INVITED TALKS
Constitution Ballroom
The Human Factor in Online Fraud
Markus Jakobsson, Indiana University
Listen in MP3 format
View the presentation slides
While most Internet security research addresses mathematical and
algorithmic aspects, there is a recent trend towards attempting to
understand the human factor of security. However, since most current
efforts aimed at understanding social aspects of security take the
approach of quantifying the efficacy of technical tools and user
interfaces, they implicitly adopt a techno-centric view. We suggest
that—at times—it may me more suitable to approach the issue from a
human-centric view, and to consider how the human factor of security
could guide the development of technical security measures to combat
online fraud.
In this talk, we discuss what impact deceit and misuse has on online
security, drawing on examples from phishing, click-fraud, and general
privacy intrusions. We believe that a methodology founded on an
improved understanding of human behavior—in particular, in the context
of deceit—may help anticipate trends and steer the development of
structures and heuristics to curb online fraud. Guided by behavioral
aspects of security, we consider technical measures to preemptively
counter some of the threats we describe. An extended abstract is
available at www.human-factor.org.
Dr. Markus Jakobsson is an Associate Professor at Indiana University at
Bloomington, Associate Director of the Center of Applied Cybersecurity
Research, and a founder of RavenWhite Inc. He
is the inventor or co-inventor of over fifty patents, has served as the
vice president of the International Financial Cryptography Association,
and is a research fellow of the Anti-Phishing Working Group. He is an editor of
the International Journal of Applied Cryptography and a group editor of
the ACM Mobile Computing and Communications Review. He is also an
editor of Phishing and Countermeasures (Wiley, 2006), and
editor/co-author of upcoming books on crimeware (Symantec Press, 2007),
click-fraud (Morgan and Claypool, 2007), and cryptographic protocols
(Addison-Wesley, 2007).
|
12:30 p.m.–2:00 p.m. Lunch (on your own)
|
|
2:00 p.m.–3:30 p.m.
|
Wednesday
|
REFEREED PAPERS
Independence Ballroom
Privacy
Session Chair: Paul Van Oorschot, Carleton University
Language Identification of Encrypted VoIP Traffic: Alejandra y Roberto or Alice and Bob?
Charles V. Wright, Lucas Ballard, Fabian Monrose, and Gerald M. Masson, Johns Hopkins University
Devices That Tell on You: Privacy Trends in Consumer Ubiquitous Computing
T. Scott Saponas, Jonathan Lester, Carl Hartung, Sameer Agarwal, and Tadayoshi Kohno, University of Washington
Web-Based Inference Detection
Jessica Staddon and Philippe Golle, Palo Alto Research Center; Bryce Zimny, University of Waterloo
|
INVITED TALKS
Constitution Ballroom
Windows Vista Content Protection
Peter Gutmann, University of Auckland, New Zealand
View the presentation slides
Windows Vista includes an extensive reworking of core OS elements in
order to provide content protection for so-called premium content.
This incurs significant costs in terms of system performance, system
stability, technical support overhead, and hardware and software costs.
These issues affect not only users of Vista, but also the entire PC industry.
This talk looks at the technical details of Vista's content protection
and the collateral damage that this incurs throughout the entire
computer industry.
Peter Gutmann is a researcher in the Department of Computer Science at
the University of Auckland, New Zealand, working on the design and
analysis of cryptographic security architectures. He helped write the
popular PGP encryption package; has authored a number of papers and
RFC's on security and encryption, including the X.509 Style Guide for
certificates; and is the author of Cryptographic Security Architecture:
Design and Verification (published by Springer-Verlag) and the open
source cryptlib security toolkit. In his spare time he pokes holes in
whatever security systems and mechanisms catch his attention and
grumbles about PKIs and the (un-)usability of security applications.
|
3:30 p.m.–4:00 p.m. Break
|
|
4:00 p.m.–5:30 p.m.
|
Wednesday
|
REFEREED PAPERS
Independence Ballroom
Authentication
Session Chair: Tadayoshi Kohno, University of Washington
Awarded Student Best Paper!
Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks
Saar Drimer and Steven J. Murdoch, Computer Laboratory, University of Cambridge
Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords
Julie Thorpe and P.C. van Oorschot, Carleton University
Halting Password Puzzles: Hard-to-break Encryption from Human-memorable Keys
Xavier Boyen, Voltage Security, Inc.
|
INVITED TALKS
Constitution Ballroom
How to Obtain and Assert Composable Security
Ran Canetti, IBM Research
Listen in MP3 format
View the presentation slides
Capturing the security requirements of distributed systems and
applications in a meaningful way is a subtle and tricky business.
Assessing whether given protocols meet these requirements is even
trickier. One major stumbling point is protocol composition, namely the
often unexpected vulnerabilities that result from the interference
between protocols in a multi-protocol system. Indeed, security analysis
of protocols has traditionally been very fragile with respect to
protocol composition. It was even suggested that composable security may
be impossible to achieve in general.
The framework of Universally Composable security, proposed in 2001,
allows one to design and analyze protocols in a way that guarantees
security even when the protocol runs in an arbitrary multi-protocol
system. In particular, it allows one to assert the security of protocols
in unpredictable, complex environments such as the global Internet. It
also enables the security analysis of complex systems to be modular,
hence drastically simpler.
This talk motivates and presents the paradigm of Universally Composable
security. It then briefly reviews some of the recent research done
within this paradigm and on it. Part of this research touches
foundational aspects in security and cryptography. Other parts have
immediate practical implications.
Ran Canetti graduated from the Weizmann Institute of Science in 1995.
He is currently a researcher at the Cryptography group, IBM T.J. Watson
Research Center, and a visiting scientist at the Cryptography and
Information Security group, CSAIL, MIT. Ran's research interests lie in
cryptography and network security, with emphasis on the design and
analysis of cryptographic protocols. Ran has also contributed to the
security work done at the IETF, including co-designing the HMAC
protocol, contributing to the design of the IPSec, TLS, and MSec
protocols, and co-chairing the Multicast Security working group and the
Crypto Forum research group. See also http://people.csail.mit.edu/canetti.
|
6:00 p.m.–7:30 p.m.
|
Wednesday
|
Poster Session Happy Hour
Republic Ballroom
Session Chair: Radu Sion, Stony Brook University
Don't miss the cool new ideas and the latest preliminary research on display at the Poster Session Happy Hour. Take part in discussions with your colleagues over complimentary drinks and snacks. Check out the list of accepted posters.
|
|
|
TECHNICAL SESSIONS: Wednesday, August 8 | Thursday, August 9 | Friday, August 10
Thursday, August 9, 2007 |
9:00 a.m.–10:30 a.m.
|
Thursday
|
REFEREED PAPERS
Independence Ballroom
Threats
Session Chair: Fabian Monrose, Johns Hopkins University
Spamscatter: Characterizing Internet Scam Hosting Infrastructure
David S. Anderson, Chris Fleizach, Stefan Savage, and Geoffrey M. Voelker, University of California, San Diego
Exploiting Network Structure for Proactive Spam Mitigation
Shobha Venkataraman, Carnegie Mellon University; Subhabrata Sen, Oliver
Spatscheck, and Patrick Haffner, AT&T Research; Dawn Song, Carnegie Mellon University
BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation
Guofei Gu, Georgia Institute of Technology; Phillip Porras, Vinod Yegneswaran, and Martin Fong, SRI International; Wenke Lee, Georgia Institute of Technology
|
INVITED TALKS
Constitution Ballroom
Exploiting Online Games
Gary McGraw, Cigital
Listen in MP3 format
View the presentation slides
View video in MP4 format:
240 by 180 pixels (40.7MB)
320 by 240 pixels (182.5MB)
This talk (based on a book of the same title co-authored by Greg Hoglund) frankly describes controversial security issues surrounding MMORPGs such as World of Warcraft. This no-holds-barred approach is fully loaded with code examples, debuggers, bots, and hacks, of interest whether you are a gamer, a game developer, a software security person, or an interested bystander. I will cover:
- Why online games are a harbinger of software security issues to come
- How millions of gamers have created billion-dollar virtual economies
- How game companies invade your privacy
- Why some gamers cheat
- Techniques for breaking online game security
- How to build a bot to play a game for you
- Methods for total conversion and advanced mods
Ultimately, this talk is mostly about security problems associated with advanced massively distributed software. With hundreds of thousands of interacting users, today's online games are a bellwether of modern software yet to come. The kinds of attack and defense techniques I describe are tomorrow's security techniques on display today.
Gary McGraw is the CTO of Cigital, Inc., a software security and quality
consulting firm with headquarters in the Washington, D.C., area. He is a
globally recognized authority on software security and the author of six
best-selling books on this topic. The latest, Software Security:
Building Security In, was released in 2006, with Exploiting Online Games
slated for release this year. His other titles include Java Security,
Building Secure Software, and Exploiting Software; and he is editor of
the Addison-Wesley Software Security series. Besides serving as a strategic counselor for top business and IT
executives, Gary is on the Advisory Boards of Fortify Software and Raven
White.
|
10:30 a.m.–11:00 a.m. Break
|
|
11:00 a.m.–12:30 p.m.
|
Thursday
|
REFEREED PAPERS
Independence Ballroom
Analysis
Session Chair: Hao Chen, University of California, Davis
Integrity Checking in Cryptographic File Systems with Constant Trusted Storage
Alina Oprea and Michael K. Reiter, Carnegie Mellon University
Discoverer: Automatic Protocol Reverse Engineering from Network Traces
Weidong Cui, Microsoft Research; Jayanthkumar Kannan, University of California, Berkeley; Helen J. Wang, Microsoft Research
Awarded Best Paper!
Towards Automatic Discovery of Deviations in Binary Implementations with Applications to Error Detection and Fingerprint Generation
David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, and Dawn Song, Carnegie Mellon University
|
INVITED TALKS
Constitution Ballroom
Computer Security in a Large Enterprise
Jerry Brady, Morgan Stanley
Listen in MP3 format
Computer security is one of the most complex challenges facing large enterprises today. Securing a multinational enterprise is a balancing act based on solid risk management and technical solutions in a multifaceted, changing environment. Managing risks without securing the enterprise is meaningless, but is there a one-size-fits-all solution or special technology to secure the organization? Will this solution or technology be cost-effective? What about the intersection between IT security, physical security, and information security? Ultimately, tackling computer security within a large enterprise is more than a technical problem; it must be based on people, process, and technology in order to properly manage risks associated with threats.
Jerry Brady, Executive Director, is the Global Head of IT Security for
Morgan Stanley, responsible for IT Security Strategy, Consulting and
Assurances, Security Solutions, and Service Delivery.
Mr. Brady has previously been Chief Technology Officer for Guardent, a
security services firm later acquired by VeriSign, managed the Security
Management Applications business unit and Emerging Technologies for
Internet Security Systems, and was VP of Engineering for CertCo (A
Bankers Trust Spin-off).
Mr. Brady has also held several management roles in financial services
firms including Bankers Trust, JP Morgan, and Touche Ross, and as Chief
Security Officer for Prudential, responsible for the company wide
Information Security program for all divisions.
|
12:30 p.m.–2:00 p.m. Lunch (on your own)
|
|
2:00 p.m.–3:30 p.m.
|
Thursday
|
PANEL
Independence Ballroom
Cellular Network Security
Panelists:
Ron Buskey, Motorola;
John Larson, Sprint Labs;
Simon Mizikovsky, Alcatel-Lucent;
Hao Chen, University of California, Davis;
Thomas La Porta and
Patrick Traynor, The Pennsylvania State University
Listen in MP3 format
|
INVITED TALKS
Constitution Ballroom
Mobile Malware
Mikko Hypponen, F-Secure Corp.
Listen in MP3 format
View the presentation slides
View video in MP4 format:
240 by 180 pixels (35.7MB)
320 by 240 pixels (160.8MB)
The first real viruses for mobile phones were found in June 2004. Since
then, scores of different viruses have been found, most of them
targeting smartphones running different versions of the Symbian
operating system. Many of them are spreading in the wild and have
been reported from all continents. These mobile viruses use new
spreading vectors such as multimedia messages and Bluetooth and pose
special problems for researchers. For example, they can easily escape
during analysis as they use radio connections to spread. As total
count of known mobile malware is now around 350, we know much more
about what types of viruses to expect in the future and about who
writes them. We also know what we should do to prevent this niche
area from becoming a bigger problem.
Mikko Hypponen is the Chief Research Officer at F-Secure Corp. He
has been a globally known computer antivirus guru for the past
decade. He has consulted security issues to IBM, Microsoft, Nokia, FBI,
the U.S. Secret Service, and Scotland Yard.
Mr. Hypponen has been an invited member of CARO (the Computer
Anti-Virus Researchers Organization) since 1995. In November 2006
he wrote an article on the history—and future—of mobile viruses for
Scientific American.
|
3:30 p.m.–4:00 p.m. Break
|
|
4:00 p.m.–5:30 p.m.
|
Thursday
|
REFEREED PAPERS
Independence Ballroom
Low Level
Session Chair: Tal Garfinkel, Stanford University
OSLO: Improving the Security of Trusted Computing
Bernhard Kauer, Technische Universität Dresden
Secretly Monopolizing the CPU Without Superuser Privileges
Dan Tsafrir, The Hebrew University of Jerusalem and IBM T.J. Watson Research Center; Yoav Etsion and Dror G. Feitelson, The Hebrew University of Jerusalem
Memory Performance Attacks: Denial of Memory Service in Multi-Core Systems
Thomas Moscibroda and Onur Mutlu, Microsoft Research
|
INVITED TALKS
Constitution Ballroom
Computer Security and Voting
David Dill, Stanford University
Listen in MP3 format
View video in MP4 format:
240 by 180 pixels (30MB)
320 by 240 pixels (176MB)
It is now quite clear that most electronic voting systems were designed
with only minor concern and rudimentary knowledge of computer security.
Over the past five years, people with more in-depth knowledge of
computer security have helped tremendously in appraising the security of
current systems and, to a lesser extent, in improving the security of
voting systems.
This talk will highlight the ways a computer security perspective might
be able to contribute to more trustworthy voting systems, as well as
some of the ways that voting is different from other computer security
problems.
David Dill is a Professor of Computer Science at Stanford University.
He has over 25 years of research experience developing new formal
verification technologies for hardware, software, and protocols,
including co-founding 0-In Design Automation in 1996.
In 2003, Prof. Dill wrote the "Resolution on Electronic Voting," which
called for voter-verifiable audit trails on all voting systems and
has been endorsed by over 10,000 individuals, including many leading
computer scientists. He is also the founder of VerifiedVoting.org,
which champions reliable and publicly verifiable elections in the United
States. He served on California's Task Force on Touch-Screen Voting,
and has testified before the Federal Election Assistance Commission, the
Carter-Baker Commission, and the U.S. Senate on the security of
electronic voting systems.
|
5:30 p.m.–6:30 p.m.
|
Thursday
|
Constitution Ballroom
Report of the California Voting Systems Review
David Wagner, University of California, Berkeley
Listen in MP3 format
View the presentation slides
Panel: E-Voting
Panelists: Matt Blaze, University of Pennsylvania; Alex Halderman, Princeton University; Giovanni Vigna, University of California, Santa Barbara; Dan Wallach, Rice University
|
|
6:30 p.m.–7:30 p.m.
|
Thursday
|
Symposium Reception
Republic Ballroom
Join us at the Security '07 Symposium Reception. Dinner and drinks will be served.
|
|
|
TECHNICAL SESSIONS: Wednesday, August 8 | Thursday, August 9 | Friday, August 10
Friday, August 10, 2007 |
9:30 a.m.–10:30 a.m.
|
Friday
|
REFEREED PAPERS
Independence Ballroom
Obfuscation
Session Chair: Wietse Venema, IBM Research
Binary Obfuscation Using Signals
Igor V. Popov, Saumya K. Debray, and Gregory R. Andrews, The University of Arizona
Active Hardware Metering for Intellectual Property Protection and Security
Yousra M. Alkabani and Farinaz Koushanfar, Rice University
|
INVITED TALKS
Constitution Ballroom
Advanced Rootkits
Greg Hoglund, HBGary
Listen in MP3 format
Rootkits are backdoor programs that can be placed in a computer without detection. Virus scanners and desktop firewalls are woefully inadequate to stop a rootkit attack, which can go undetected for years. This talk will explain how rootkits are built for Microsoft Windows XP. It will cover detailed technical aspects of rootkit development, such as compilation, loading and unloading, function hooking, paged and nonpaged memory, interrupts and inline code injections. You'll also learn the technical aspects of the hardware environment, such as interrupt handling, memory paging, and virtual memory address translation. The talk will also cover how to detect rootkits, including runtime integrity checks and detecting hooks of all kinds, such as IRP hooks, SSDT hooks, and IDT hooks.
Greg Hoglund has been involved with software security for many years, specializing in Windows rootkits and vulnerability exploitation. He founded the Web site www.rootkit.com, and has co-authored several books on software security (Exploiting Software: How to Break Code, Addison-Wesley, 2004; Rootkits: Subverting the Windows Kernel, Addison-Wesley, 2005). Greg is a long-time game hacker and spends much of his free time reverse engineering and tooling exploits for new games. Professionally, Greg offers in-depth training on rootkit developement and software exploit. He is currently CEO of HBGary, Inc., building a world-class product for software reverse engineering and digital forensics.
|
10:30 a.m.–11:00 a.m. Break
|
|
11:00 a.m.–12:30 p.m.
|
Friday
|
REFEREED PAPERS
Independence Ballroom
Network Security
Session Chair: Angelos Stavrou, Columbia University
On Attack Causality in Internet-Connected Cellular Networks
Patrick Traynor, Patrick McDaniel, and Thomas La Porta, The Pennsylvania State University
Proximity Breeds Danger: Emerging Threats in Metro-area Wireless Networks
P. Akritidis, Computer Laboratory, Cambridge University; W.Y. Chin, Institute for Infocomm Research (I2R), Singapore; V.T. Lam, University of California, San Diego; S. Sidiroglou, Columbia University; K.G. Anagnostakis, Institute for Infocomm Research (I2R), Singapore
On Web Browsing Privacy in Anonymized NetFlows
S.E. Coull, Johns Hopkins University; M.P. Collins, Carnegie Mellon University; C.V. Wright and F. Monrose, Johns Hopkins University; M.K. Reiter, Carnegie Mellon University
|
INVITED TALKS
Constitution Ballroom
Covering Computer Security in The New York Times
John Schwartz, The New York Times
Listen in MP3 format
The MSM gets it wrong, the conventional wisdom goes, because the reporters aren't technically adept but are looking for scare stories to sell newspapers or get ratings. John Schwartz debunks a few myths about the mainstream media and explains that it is possible to write about security and other topics without hype to and still keep your job.
|
12:30 p.m.–2:00 p.m. Lunch (on your own)
|
|
2:00 p.m.–3:30 p.m.
|
Friday
|
Work-in-Progress Reports (WiPs) and Closing Remarks
Constitution Ballroom
Session Chair: Martin Casado, Stanford University
Listen in MP3 format
This session offers short presentations about work in progress, new results, or timely topics. The schedule of presentations and accepted abstracts is available here. The time available will be distributed among the presenters, with each speaker allocated between 5 and 10 minutes. The time limit will be strictly enforced.
|
|