TECHNICAL SESSIONS
Conference papers are available to conference registrants immediately and to everyone beginning July 30, 2008. Everyone can view the proceedings front matter immediately.
Proceedings Front Matter: Title Page | Conference Organizers and External Reviewers | Table of Contents | Index of Authors | Message from the Program Chair
|
Tech Sessions:
Wednesday, July 30 |
Thursday, July 31 |
Friday, August 1 | Invited Talk Speakers
|
|
Wednesday, July 30 |
9:00 a.m.–10:30 a.m. |
Wednesday |
Regency Ballroom
Opening Remarks, Awards, and Keynote Address
Program Chair: Paul Van Oorschot, Carleton University
Keynote Address
Dr. Strangevote or: How I Learned to Stop Worrying and Love the Paper Ballot
Debra Bowen, California Secretary of State
View the video
Listen in MP3 format
|
10:30 a.m.–11:00 a.m. Break |
|
11:00 a.m.–12:30 p.m. |
Wednesday |
REFEREED PAPERS
Regency 2
Web Security
Session Chair: Catherine Zhang, IBM Research
All Your iFRAMEs Point to Us
Niels Provos and Panayiotis Mavrommatis, Google Inc.;
Moheeb Abu Rajab and Fabian Monrose, Johns Hopkins University
Paper in HTML |
PDF
Listen in MP3 format
Securing Frame Communication in Browsers
Adam Barth, Collin Jackson, and John C. Mitchell, Stanford University
Paper in HTML |
PDF
Listen in MP3 format
Automatic Generation of XSS and SQL Injection Attacks with
Goal-Directed Model Checking
Michael Martin and Monica S. Lam, Stanford University
Paper in HTML |
PDF
Listen in MP3 format
|
INVITED TALKS
Regency 1
Political DDoS: Estonia and Beyond
Jose Nazario, Senior Security Engineer, Arbor Networks
View the video
Listen in MP3 format
View the presentation slides
In the spring of 2007, the country of Estonia suffered a deluge of distributed denial of service (DDoS) attacks, coordinated to coincide with street-level protests. These attacks caused nationwide problems for the heavily wired country of Estonia and did so again when they recurred in early 2008. These attacks were not the first such politically motivated attacks and they will certainly not be the last. This talk explores the world of DDoS attacks and their growing role as an online political weapon. It also covers how Arbor Networks measured the Estonia attacks, how other attacks are measured, and what these attacks mean for the Internet at large.
|
|
12:30 p.m.–2:00 p.m. Lunch, on your own |
|
2:00 p.m.–3:30 p.m. |
Wednesday |
REFEREED PAPERS
Regency 2
Cryptographic Keys
Session Chair: Dan Boneh, Stanford University
Awarded Best Student Paper!
Lest We Remember: Cold Boot Attacks on Encryption Keys
J. Alex Halderman, Princeton University; Seth D. Schoen,
Electronic Frontier Foundation;
Nadia Heninger and William Clarkson, Princeton University;
William Paul, Wind River Systems;
Joseph A. Calandrino and Ariel J. Feldman, Princeton University;
Jacob Appelbaum; Edward W. Felten, Princeton University
Paper in HTML |
PDF
Listen in MP3 format
The Practical Subtleties of Biometric Key Generation
Lucas Ballard and Seny Kamara, The Johns Hopkins University;
Michael K. Reiter, University of North Carolina at Chapel Hill
Paper in HTML |
PDF
Listen in MP3 format
Unidirectional Key Distribution Across Time and Space with Applications to RFID Security
Ari Juels, RSA Laboratories; Ravikanth Pappu, ThingMagic Inc;
Bryan Parno, Carnegie Mellon University
Paper in HTML |
PDF
Listen in MP3 format
|
INVITED TALKS
Regency 1
Building the Successful Security Software Company
Ted Schlein, Kleiner Perkins Caufield & Byers
View the video
Listen in MP3 format
Ted will discuss the security market, past and present. He will review what it takes to succeed in building a company and will look at current opportunities. Ted will also share with the audience a few of his successes.
|
|
3:30 p.m.–4:00 p.m. Break |
|
4:00 p.m.–5:30 p.m. |
Wednesday |
REFEREED PAPERS
Regency 2
Network Defenses
Session Chair: Angelos Stavrou, George Mason University
CloudAV: N-Version Antivirus in the Network Cloud
Jon Oberheide, Evan Cooke, and Farnam Jahanian, University of
Michigan
Paper in HTML |
PDF
Listen in MP3 format
Awarded Best Paper!
Highly Predictive Blacklisting
Jian Zhang and Phillip Porras, SRI International; Johannes Ullrich,
SANS Institute
Paper in HTML |
PDF
Listen in MP3 format
Proactive Surge Protection: A Defense Mechanism for Bandwidth-Based Attacks
Jerry Chou and Bill Lin, University of California, San Diego;
Subhabrata Sen and Oliver Spatscheck, AT&T Labs—Research
Paper in HTML |
PDF
Listen in MP3 format
|
INVITED TALKS
Regency 1
From the Casebooks of . . .
Mark Seiden, Senior Consultant
View the video
Listen in MP3 format
In a field with few design principles ("defense in depth"? separate
duties?), few rules of thumb, no laws named after people more
influential than Murphy, no Plancks or Avogadros to hold Constant, and
little quantification of any sort (we count only bad things), it appears
the best we can do right now is to tell stories.
Over (enough) beer we conjure up lightly anonymized war stories about late-night phone calls, scary devices, hard-to-find bugs that exploiters
somehow found, the backups that didn't, stupid criminals, craven prosecutors,
cute hacks ("but don't try this at home"), and pointy-haired bosses. . . .
There will be a few of these in this talk, but also some cautionary
tales and parables—isomorphs of the Old Stories demonstrating human
frailty and that the Law of Unexpected Consequences operates most
strongly near the intersection of Bleeding Edge and Slippery Slope.
Also, just a bit about the future.
|
|
6:00 p.m.–7:30 p.m. |
Wednesday |
Poster Session & Happy Hour
Imperial Ballroom
Poster Session Chair: Carrie Gates, CA Labs
Don't miss the cool new ideas and the latest preliminary research on display at the Poster Session & Happy Hour. Take part in discussions with your colleagues over complimentary drinks and snacks. Check out the list of accepted posters.
|
|
Tech Sessions:
Wednesday, July 30 |
Thursday, July 31 |
Friday, August 1 | Invited Talk Speakers
|
|
Thursday, July 31 |
9:00 a.m.–10:30 a.m. |
Thursday |
REFEREED PAPERS
Regency 2
Botnet Detection
Session Chair: Wietse Venema, IBM Research
BotMiner: Clustering Analysis of Network Traffic for
Protocol- and Structure-Independent Botnet Detection
Guofei Gu, Georgia Institute of Technology; Roberto Perdisci,
Damballa, Inc.;
Junjie Zhang and Wenke Lee, Georgia Institute of Technology
Paper in HTML |
PDF
Listen in MP3 format
Measurement and Classification of Humans and Bots in Internet Chat
Steven Gianvecchio, Mengjun Xie, Zhengyu Wu, and Haining Wang, The
College of William and Mary
Paper in HTML |
PDF
Listen in MP3 format
To Catch a Predator: A Natural Language Approach
for Eliciting Malicious Payloads
Sam Small, Joshua Mason, and Fabian Monrose, Johns Hopkins
University; Niels Provos, Google Inc.;
Adam Stubblefield, Johns Hopkins University
Paper in HTML |
PDF
Listen in MP3 format
|
INVITED TALKS
Regency 1
Security Analysis of Network Protocols
John Mitchell, Stanford University
View the video
Listen in MP3 format
View the presentation slides
Network security protocols, such as key-exchange and key-management protocols, are notoriously difficult to design and debug. Anomalies and shortcomings have been discovered in standards and proposed standards for a wide range of protocols, including public-key and Diffie-Hellman–based variants of Kerberos, SSL/TLS, and the 802.11i (Wi-Fi2) wireless authentication protocols. Although many of these protocols may seem relatively simple, security protocols must achieve their goals when an arbitrary number of sessions are executed concurrently, and an attacker may use information provided by one session to compromise the security of another.
Since security protocols form the cornerstone of modern secure networked systems, it is important to develop informative, accurate, and deployable methods for finding errors and proving that protocols meet their security requirements. This talk will summarize two methods and discuss some of the case studies carried out over the past several years. One method is a relatively simple automated finite-state approach that has been used by our research group, others, and several years of students in a project course at Stanford to find flaws and develop improvements in a wide range of protocols and security mechanisms. The second method, Protocol Composition Logic (PCL), is a way of thinking about protocols that is designed to make it possible to prove security properties of large practical protocols. The two methods are complemen-
tary, since the first method can find errors, but only the second is suitable for proving their absence. The talk will focus on basic principles and examples from the IEEE and IETF standardization process.
|
|
10:30 a.m.–11:00 a.m. Break |
|
11:00 a.m.–12:30 p.m. |
Thursday |
REFEREED PAPERS
Regency 2
Hardware and Security
Session Chair: Yoshi Kohno, University of Washington
Reverse-Engineering a Cryptographic RFID Tag
Karsten Nohl and David Evans, University of Virginia;
Starbug and Henryk Plötz, Chaos Computer Club, Berlin
Paper in HTML |
PDF
Listen in MP3 format
Practical Symmetric Key Cryptography on Modern Graphics Hardware
Owen Harrison and John Waldron, Trinity College Dublin
Paper in HTML |
PDF
Listen in MP3 format
An Improved Clock-skew Measurement Technique for Revealing Hidden Services
Sebastian Zander, Swinburne University of Technology, Australia; Steven J. Murdoch, Computer Laboratory, University of Cambridge
Paper in HTML |
PDF
Listen in MP3 format
|
INVITED TALKS
Regency 1
Enterprise Security in the Brave New (Virtual) World
Tal Garfinkel, VMware
View the video
Listen in MP3 format
View the presentation slides
The move to virtual machine–based computing platforms is perhaps the most
significant change in how enterprise computing systems have been built in the past
decade. The benefits of moving to virtual infrastructure are substantial,
from ease of management and better server utilization to transparently
providing a wide range of services from high availability to backup. Despite
this sweeping change, the way that we secure these systems is still largely
unchanged from how we secure today's physical systems. We must rethink
the way we design security in virtual infrastructure, both to cope with the new
challenges it introduces and to take advantage of the opportunities it offers.
I will discuss the growing pains of moving from physical to virtual
infrastructure in the network and the dissonance this can cause in operational
settings: why simply dropping existing firewalls and NIDS into virtual infrastructure
can limit flexibility, how new mechanisms can help overcome these limitations, and
why these elements are better off being virtual instead of physical. Next, I will look
at how virtual machines can affect host security as techniques such as virtual machine
introspection become mainstream and the line between host and network security
gets increasingly blurred. Finally, I will look at some of the odder and more interesting
capabilities virtual platforms will be offering in the next few years which will offer fertile ground for new research.
|
|
12:30 p.m.–2:00 p.m. Lunch, on your own |
|
2:00 p.m.–3:30 p.m. |
Thursday |
REFEREED PAPERS
Regency 2
Systems Security
Session Chair: Wenke Lee, Georgia Institute of Technology
NetAuth: Supporting User-Based Network Services
Manigandan Radhakrishnan and Jon A. Solworth, University of Illinois at
Chicago
Paper in HTML |
PDF
Listen in MP3 format
Hypervisor Support for Identifying Covertly Executing Binaries
Lionel Litty, H. Andrés Lagar-Cavilla, and David Lie, University of
Toronto
Paper in HTML |
PDF
Listen in MP3 format
Selective Versioning in a Secure Disk System
Swaminathan Sundararaman, Gopalan Sivathanu, and Erez Zadok, Stony Brook
University
Paper in HTML |
PDF
Listen in MP3 format
|
INVITED TALKS
Regency 1
Hackernomics
Hugh Thompson, Chief Security Strategist, People Security
View the video
Listen in MP3 format
View the presentation slides
Security processes inside most commercial development teams haven't caught up with the growing threat from organized crime groups that are becoming better financed, are relying more on automation to find vulnerabilities, and have figured out how to drive down the cost of launching a significant attack. This talk looks at why the incentive to attack and the ability to find flaws are outpacing practiced application security techniques. It examines how the economics of software attack and defense ("hackernomics") is changing and looks at some interesting outcomes, such as making vulnerability discovery a viable business. The talk will include several live vulnerability demonstrations to illustrate the exploitation vs. prevention dynamics.
|
|
3:30 p.m.–4:00 p.m. Break |
|
4:00 p.m.–5:30 p.m. |
Thursday |
REFEREED PAPERS
Regency 2
Privacy
Session Chair: Patrick Traynor, Pennsylvania State University
Privacy-Preserving Location Tracking of Lost or Stolen Devices: Cryptographic Techniques and Replacing Trusted Third Parties with DHTs
Thomas Ristenpart, University of California, San Diego; Gabriel
Maganis, Arvind Krishnamurthy, and Tadayoshi Kohno, University of
Washington
Paper in HTML |
PDF
Listen in MP3 format
Panalyst: Privacy-Aware Remote Error Analysis on Commodity Software
Rui Wang and XiaoFeng Wang, Indiana University at Bloomington; Zhuowei Li, Center for Software Excellence, Microsoft
Paper in HTML |
PDF
Listen in MP3 format
Multi-flow Attacks Against Network Flow Watermarking Schemes
Negar Kiyavash, Amir Houmansadr, and Nikita Borisov, University of Illinois at Urbana-Champaign
Paper in
PDF
Listen in MP3 format
|
INVITED TALKS
Regency 1
A Couple Billion Lines of Code Later: Static Checking in the Real World
Dawson Engler, Stanford University; Ben Chelf, Andy Chou, and Seth Hallem, Coverity
View the video
Listen in MP3 format
View the presentation slides
This talk describes lessons learned taking an academic tool that "worked
fine" in the lab and using it to check billions of lines of code across
several hundred companies. Some ubiquitous themes: reality is weird;
what one thinks will matter often doesn't; what one doesn't even
think to reject as a possibility is often a first-order effect.
|
|
5:30 p.m.–6:30 p.m. |
Thursday |
Panel
Regency 2
Setting DNS's Hair on Fire
Moderator: Niels Provos, Google, Inc.
Panelists: David Dagon, Georgia Institute of Technology; Paul Vixie, Internet Systems Consortium, Inc.
View the video
Listen in MP3 format
View David Dagon's presentation slides
|
|
6:30 p.m.–8:30 p.m. |
Thursday |
Symposium Reception
Fourth Street Summit Center
|
|
Tech Sessions:
Wednesday, July 30 |
Thursday, July 31 |
Friday, August 1 | Invited Talk Speakers
|
|
Friday, August 1 |
9:00 a.m.–10:30 a.m. |
Friday |
REFEREED PAPERS
Regency 2
Voting and Trusted Systems
Session Chair: Rachna Dhamija, Harvard University
Verifying Compliance of Trusted Programs
Sandra Rueda, Dave King, and Trent Jaeger, The Pennsylvania State
University
Paper in HTML |
PDF
Listen in MP3 format
Helios: Web-based Open-Audit Voting
Ben Adida, Harvard University
Paper in
PDF
Listen in MP3 format
VoteBox: A Tamper-evident, Verifiable Electronic Voting System
Daniel Sandler, Kyle Derr, and Dan S. Wallach, Rice University
Paper in HTML |
PDF
Listen in MP3 format
|
INVITED TALKS
Regency 1
The Ghost in the Browser and Other Frightening Stories About Web Malware
Niels Provos, Google, Inc.
View the video
Listen in MP3 format
While the Web provides information and services that enrich our lives
in many ways, it has also become the primary vehicle for delivering
malware. Once infected with Web-based malware, an unsuspecting user's
machine is converted into a productive member of the Internet
underground. This talk explores Web-based malware and the
infrastructure supporting it, covering an analysis period of almost two
years. It describes trends observed in Web server compromises, as
well as giving an overview of the life cycle of Web-based malware.
The talk shows that Web malware enables a large number of
questionable activities, ranging from the exfiltration of sensitive
information such as email addresses and credit card information to forming
spamming botnets, which are responsible for a significant fraction of the spam
currently seen on the Internet.
|
|
10:30 a.m.–11:00 a.m. Break |
|
11:00 a.m.–12:30 p.m. |
Friday |
REFEREED PAPERS
Regency 2
Software Security
Session Chair: David Lie, University of Toronto
An Empirical Security Study of the Native Code in the JDK
Gang Tan and Jason Croft, Boston College
Paper in HTML |
PDF
Listen in MP3 format
AutoISES: Automatically Inferring Security Specification and Detecting Violations
Lin Tan, University of Illinois, Urbana-Champaign; Xiaolan Zhang,
IBM T.J. Watson Research Center; Xiao Ma, University of Illinois, Urbana-Champaign, and Pattern Insight Inc.; Weiwei Xiong, University of Illinois, Urbana-Champaign; Yuanyuan
Zhou, University of Illinois, Urbana-Champaign, and Pattern Insight Inc.
Paper in HTML |
PDF
Listen in MP3 format
Real-World Buffer Overflow Protection for Userspace & Kernelspace
Michael Dalton, Hari Kannan, and Christos Kozyrakis, Stanford
University
Paper in HTML |
PDF
Listen in MP3 format
|
INVITED TALKS
Regency 1
Managing Insecurity: Practitioner Reflections on Social Costs of Security
Darren Lacey, Chief Information Security Officer, Johns Hopkins University/Johns Hopkins Medicine
View the video
Listen in MP3 format
Nonprofits and local government have experienced more than their share of breaches and notifications over the past several years. The reasons for this are evident: lots of sensitive information, insufficient IT resources, lack of institutional discipline, etc. Clearly more time and resources at these organizations should be dedicated to security.
I discuss whether even identifying the proper balance is a good deal more difficult for public service organizations than has been widely discussed. Will security concerns affect the adoption of electronic medical records, regional health organizations, and nonprofit work? At what point do needed changes in organizational cultures undermine the public mission? What types of security controls and practices are best suited for service agencies? What kinds of research would most help public services?
|
|
12:30 p.m.–2:00 p.m. Lunch, on your own |
|
2:00 p.m.–3:30 p.m. |
Friday |
Work-in-Progress Reports (WiPs) and Closing Remarks
Regency Ballroom
WiPs Session Chair: Hao Chen, University of California, Davis
View the video
The Work-in-Progress reports
(WiPs) session offers short presentations about research in
progress, new results, or timely topics. The schedule of WiPs and their abstracts is available here.
|
|